diff options
| author | Patrick Mooney <pmooney@pfmooney.com> | 2016-06-10 17:22:07 +0000 |
|---|---|---|
| committer | Patrick Mooney <pmooney@pfmooney.com> | 2016-06-10 18:27:55 +0000 |
| commit | 8e12eae230baeada3a9b14e8bf1e65203f8344f5 (patch) | |
| tree | 615ea0417ba6bed99cab183dabf3dabc0af8e80e /usr/src | |
| parent | 0f70e4e962f4fb06a29565b595bb50659d077f04 (diff) | |
| download | illumos-joyent-8e12eae230baeada3a9b14e8bf1e65203f8344f5.tar.gz | |
OS-5320 libsmartsshd sleeps unnecessarily
Reviewed by: Robert Mustacchi <rm@joyent.com>
Diffstat (limited to 'usr/src')
| -rw-r--r-- | usr/src/lib/libsmartsshd/common/sshd-plugin.c | 48 |
1 files changed, 34 insertions, 14 deletions
diff --git a/usr/src/lib/libsmartsshd/common/sshd-plugin.c b/usr/src/lib/libsmartsshd/common/sshd-plugin.c index 4f0f0bc1ad..fdb279b817 100644 --- a/usr/src/lib/libsmartsshd/common/sshd-plugin.c +++ b/usr/src/lib/libsmartsshd/common/sshd-plugin.c @@ -18,13 +18,11 @@ * * CDDL HEADER END */ + /* - * Copyright 2011 Joyent, Inc. All rights reserved. - * Use is subject to license terms. + * Copyright 2016 Joyent, Inc. */ -#pragma ident "%Z%%M% %I% %E% SMI" - #include <alloca.h> #include <door.h> #include <errno.h> @@ -44,7 +42,7 @@ extern "C" { #endif -#define LOG_OOM(SZ) fprintf(stderr, "Unable to alloca %d bytes\n", SZ) +#define LOG_OOM(SZ) (void) fprintf(stderr, "Cannot alloca %d bytes\n", SZ) static const char *DOOR = "/var/tmp/._joyent_sshd_key_is_authorized"; static const char *REQ_FMT_STR = "%s %d %s"; /* name uid fp */ @@ -84,37 +82,59 @@ sshd_allowed_in_capi(struct passwd *pw, const char *fp) LOG_OOM(RETURN_SZ); return (0); } - memset(door_args.rbuf, 0, RETURN_SZ); + (void) memset(door_args.rbuf, 0, RETURN_SZ); do { fd = open(DOOR, O_RDWR); - if (fd < 0) + if (fd < 0) { + if (errno == ENOENT) { + /* + * On systems which are not running SmartLogin, + * such as vanilla SmartOS, the door will be + * completely absent. The sleep/retry loop is + * skipped in this case to keep the login + * process more lively. + */ + perror("smartplugin: door does not exist"); + return (0); + } perror("smartplugin: open (of door FD) failed"); - - if (door_call(fd, &door_args) < 0) { + } else if (door_call(fd, &door_args) < 0) { perror("smartplugin: door_call failed"); } else { allowed = atoi(door_args.rbuf); - munmap(door_args.rbuf, door_args.rsize); + if (door_args.rsize > RETURN_SZ) { + /* + * Given what we know about the SmartLogin + * daemon on the other end of the door, this + * should never occur. An assert might be + * preferable, but that is avoided since the + * error can be handled. + */ + (void) munmap(door_args.rbuf, door_args.rsize); + } return (allowed); } - if (++attempts < MAX_ATTEMPTS) - sleep(SLEEP_PERIOD); + if (++attempts < MAX_ATTEMPTS) { + (void) sleep(SLEEP_PERIOD); + } } while (attempts < MAX_ATTEMPTS); return (0); } +/* ARGSUSED */ int sshd_user_rsa_key_allowed(struct passwd *pw, RSA *key, const char *fp) { - return sshd_allowed_in_capi(pw, fp); + return (sshd_allowed_in_capi(pw, fp)); } +/* ARGSUSED */ int sshd_user_dsa_key_allowed(struct passwd *pw, DSA *key, const char *fp) { - return sshd_allowed_in_capi(pw, fp); + return (sshd_allowed_in_capi(pw, fp)); } |