aboutsummaryrefslogtreecommitdiff
path: root/sftp_server
diff options
context:
space:
mode:
authorAris Adamantiadis <aris@0xbadc0de.be>2005-08-29 00:55:27 +0000
committerAris Adamantiadis <aris@0xbadc0de.be>2005-08-29 00:55:27 +0000
commitb81c66ee8f785d56eea7ebf3c8d741704c4f2b1b (patch)
tree2adfa966f2b303b4adebae2d5727096b31036c0d /sftp_server
parent0de0dca16d1caf6c712fb4b50d4ff7c7e25d5129 (diff)
downloadlibssh-b81c66ee8f785d56eea7ebf3c8d741704c4f2b1b.tar.gz
libssh-b81c66ee8f785d56eea7ebf3c8d741704c4f2b1b.tar.xz
libssh-b81c66ee8f785d56eea7ebf3c8d741704c4f2b1b.zip
pam samples files to put into /etc/pam.d
ssh_silent_disconnect() and server forking. I still have to add a -D command line to avoid the forking. password auth works, but there is no uid change yet. I'll have to make the configuration stuff really being respected by the server. (like keys, ports, users, ...) git-svn-id: svn+ssh://svn.berlios.de/svnroot/repos/libssh/trunk@23 7dcaeef0-15fb-0310-b436-a5af3365683c
Diffstat (limited to 'sftp_server')
-rw-r--r--sftp_server/main.c18
-rw-r--r--sftp_server/pam/sftp.pam.freebsd5
-rw-r--r--sftp_server/pam/sftp.pam.generic8
-rw-r--r--sftp_server/pam/sftp.pam.gentoo6
4 files changed, 33 insertions, 4 deletions
diff --git a/sftp_server/main.c b/sftp_server/main.c
index c7e8c866..7b276d2e 100644
--- a/sftp_server/main.c
+++ b/sftp_server/main.c
@@ -33,6 +33,7 @@ MA 02111-1307, USA. */
#include <errno.h>
#include <fcntl.h>
#include <stdio.h>
+#include <signal.h>
#include <security/pam_appl.h>
#include "server.h"
@@ -546,11 +547,20 @@ int main(int argc, char **argv){
printf("Error listening to socket: %s\n",ssh_get_error(ssh_bind));
return 1;
}
- session=ssh_bind_accept(ssh_bind);
- if(!session){
- printf("error accepting a connection : %s\n",ssh_get_error(ssh_bind));
- return 1;
+ signal(SIGCHLD,SIG_IGN);
+ while(1){
+ session=ssh_bind_accept(ssh_bind);
+ if(!session){
+ printf("error accepting a connection : %s\n",ssh_get_error(ssh_bind));
+ return 1;
+ }
+ if(fork()==0){
+ break;
+ }
+ ssh_silent_disconnect(session);
}
+ ssh_bind_free(ssh_bind);
+
printf("Socket connected : %d\n",ssh_get_fd(session));
if(ssh_accept(session)){
printf("ssh_accept : %s\n",ssh_get_error(session));
diff --git a/sftp_server/pam/sftp.pam.freebsd b/sftp_server/pam/sftp.pam.freebsd
new file mode 100644
index 00000000..72d27bd7
--- /dev/null
+++ b/sftp_server/pam/sftp.pam.freebsd
@@ -0,0 +1,5 @@
+sftp auth required pam_unix.so try_first_pass
+sftp account required pam_unix.so
+sftp password required pam_permit.so
+sftp session required pam_permit.so
+
diff --git a/sftp_server/pam/sftp.pam.generic b/sftp_server/pam/sftp.pam.generic
new file mode 100644
index 00000000..cf5af302
--- /dev/null
+++ b/sftp_server/pam/sftp.pam.generic
@@ -0,0 +1,8 @@
+#%PAM-1.0
+auth required /lib/security/pam_unix.so shadow nodelay
+auth required /lib/security/pam_nologin.so
+account required /lib/security/pam_unix.so
+password required /lib/security/pam_cracklib.so
+password required /lib/security/pam_unix.so shadow nullok use_authtok
+session required /lib/security/pam_unix.so
+session required /lib/security/pam_limits.so
diff --git a/sftp_server/pam/sftp.pam.gentoo b/sftp_server/pam/sftp.pam.gentoo
new file mode 100644
index 00000000..b135c444
--- /dev/null
+++ b/sftp_server/pam/sftp.pam.gentoo
@@ -0,0 +1,6 @@
+#%PAM-1.0
+
+auth include system-auth
+account include system-auth
+password include system-auth
+