- djm@cvs.openbsd.org 2002/09/19 01:58:18
[ssh.c sshconnect.c]
bugzilla.mindrot.org #223 - ProxyCommands don't exit.
Patch from dtucker@zip.com.au; ok markus@
diff --git a/ChangeLog b/ChangeLog
index 64b36b5..938a391 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -24,6 +24,10 @@
don't quit while creating X11 listening socket.
http://mail-index.netbsd.org/current-users/2002/09/16/0005.html
got from portable. markus ok
+ - djm@cvs.openbsd.org 2002/09/19 01:58:18
+ [ssh.c sshconnect.c]
+ bugzilla.mindrot.org #223 - ProxyCommands don't exit.
+ Patch from dtucker@zip.com.au; ok markus@
20020912
- (djm) Made GNOME askpass programs return non-zero if cancel button is
@@ -674,4 +678,4 @@
save auth method before monitor_reset_key_state(); bugzilla bug #284;
ok provos@
-$Id: ChangeLog,v 1.2470 2002/09/19 01:54:54 djm Exp $
+$Id: ChangeLog,v 1.2471 2002/09/19 02:05:02 djm Exp $
diff --git a/ssh.c b/ssh.c
index 7cef5e5..2c589de 100644
--- a/ssh.c
+++ b/ssh.c
@@ -40,7 +40,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: ssh.c,v 1.185 2002/09/11 18:27:26 stevesk Exp $");
+RCSID("$OpenBSD: ssh.c,v 1.186 2002/09/19 01:58:18 djm Exp $");
#include <openssl/evp.h>
#include <openssl/err.h>
@@ -146,6 +146,9 @@
/* # of replies received for global requests */
static int client_global_request_id = 0;
+/* pid of proxycommand child process */
+pid_t proxy_command_pid = 0;
+
/* Prints a help message to the user. This function never returns. */
static void
@@ -722,6 +725,14 @@
exit_status = compat20 ? ssh_session2() : ssh_session();
packet_close();
+
+ /*
+ * Send SIGHUP to proxy command if used. We don't wait() in
+ * case it hangs and instead rely on init to reap the child
+ */
+ if (proxy_command_pid > 1)
+ kill(proxy_command_pid, SIGHUP);
+
return exit_status;
}
diff --git a/sshconnect.c b/sshconnect.c
index 0cb8248..776d720 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -13,7 +13,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: sshconnect.c,v 1.134 2002/09/13 19:23:09 stevesk Exp $");
+RCSID("$OpenBSD: sshconnect.c,v 1.135 2002/09/19 01:58:18 djm Exp $");
#include <openssl/bn.h>
@@ -41,6 +41,7 @@
extern char *__progname;
extern uid_t original_real_uid;
extern uid_t original_effective_uid;
+extern pid_t proxy_command_pid;
#ifndef INET6_ADDRSTRLEN /* for non IPv6 machines */
#define INET6_ADDRSTRLEN 46
@@ -64,9 +65,16 @@
/* Convert the port number into a string. */
snprintf(strport, sizeof strport, "%hu", port);
- /* Build the final command string in the buffer by making the
- appropriate substitutions to the given proxy command. */
+ /*
+ * Build the final command string in the buffer by making the
+ * appropriate substitutions to the given proxy command.
+ *
+ * Use "exec" to avoid "sh -c" processes on some platforms
+ * (e.g. Solaris)
+ */
buffer_init(&command);
+ buffer_append(&command, "exec ", 5);
+
for (cp = proxy_command; *cp; cp++) {
if (cp[0] == '%' && cp[1] == '%') {
buffer_append(&command, "%", 1);
@@ -134,6 +142,8 @@
/* Parent. */
if (pid < 0)
fatal("fork failed: %.100s", strerror(errno));
+ else
+ proxy_command_pid = pid; /* save pid to clean up later */
/* Close child side of the descriptors. */
close(pin[0]);