diff options
author | Darren Tucker <dtucker@cvs.openbsd.org> | 2007-12-31 15:27:05 +0000 |
---|---|---|
committer | Darren Tucker <dtucker@cvs.openbsd.org> | 2007-12-31 15:27:05 +0000 |
commit | 92db87af8a449cc2c6b2dd7ad4ec93d73c1d96f9 (patch) | |
tree | 6951b279095ff7a57087cb2cb7fbbd4b7b7cf5f9 | |
parent | c5245a7cf6f93ec974f7211383092fb1d19b5d70 (diff) |
When in inetd mode, have sshd generate a Protocol 1 ephemeral server
key only for connections where the client chooses Protocol 1 as opposed
to when it's enabled in the server's config. Speeds up Protocol 2
connections to inetd-mode servers that also allow Protocol 1. bz #440,
based on a patch from bruno at wolff.to, ok markus@
-rw-r--r-- | usr.bin/ssh/sshd.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c index 8d547f47b39..3b67e1514e8 100644 --- a/usr.bin/ssh/sshd.c +++ b/usr.bin/ssh/sshd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.352 2007/12/27 14:22:08 dtucker Exp $ */ +/* $OpenBSD: sshd.c,v 1.353 2007/12/31 15:27:04 dtucker Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -1506,10 +1506,6 @@ main(int ac, char **av) /* Get a connection, either from inetd or a listening TCP socket */ if (inetd_flag) { server_accept_inetd(&sock_in, &sock_out); - - if ((options.protocol & SSH_PROTO_1) && - sensitive_data.server_key == NULL) - generate_ephemeral_server_key(); } else { server_listen(); @@ -1668,6 +1664,10 @@ main(int ac, char **av) sshd_exchange_identification(sock_in, sock_out); + /* In inetd mode, generate ephemeral key only for proto 1 connections */ + if (!compat20 && inetd_flag && sensitive_data.server_key == NULL) + generate_ephemeral_server_key(); + packet_set_nonblocking(); /* allocate authentication context */ |