src - OpenBSD base system

diff options


context:
space:
mode:

author	Damien Miller <djm@cvs.openbsd.org>	2005-06-08 11:25:10 +0000
committer	Damien Miller <djm@cvs.openbsd.org>	2005-06-08 11:25:10 +0000
commit	6dff772c930271922b90dab25fbf9c7a0f94f50f (patch)
tree	11fcd6374feb0f67c1643a224a8a2fca13affb5a /usr.bin
parent	af2fdbe35f7dd292d78dfcc90e7dc08e7b0fc2f8 (diff)

add ControlMaster=auto/autoask options to support opportunistic multiplexing;

tested avsm@ and jakob@, ok markus@

Diffstat (limited to 'usr.bin')

-rw-r--r--

usr.bin/ssh/clientloop.c

-rw-r--r--

usr.bin/ssh/readconf.c

-rw-r--r--

usr.bin/ssh/readconf.h

-rw-r--r--

usr.bin/ssh/ssh.c

-rw-r--r--

usr.bin/ssh/ssh_config.5

5 files changed, 74 insertions, 15 deletions

diff --git a/usr.bin/ssh/clientloop.c b/usr.bin/ssh/clientloop.c
index 1591215bdab..ae4dce820a9 100644
--- a/usr.bin/ssh/clientloop.c
+++ b/usr.bin/ssh/clientloop.c

@@ -59,7 +59,7 @@

#include "includes.h"

-RCSID("$OpenBSD: clientloop.c,v 1.136 2005/03/10 22:01:05 deraadt Exp $");

+RCSID("$OpenBSD: clientloop.c,v 1.137 2005/06/08 11:25:09 djm Exp $");

#include "ssh.h"

#include "ssh1.h"

@@ -616,13 +616,15 @@ client_process_control(fd_set * readset)

switch (command) {

case SSHMUX_COMMAND_OPEN:

- if (options.control_master == 2)

+ if (options.control_master == SSHCTL_MASTER_ASK ||

+ options.control_master == SSHCTL_MASTER_AUTO_ASK)

allowed = ask_permission("Allow shared connection "

"to %s? ", host);

/* continue below */

break;

case SSHMUX_COMMAND_TERMINATE:

- if (options.control_master == 2)

+ if (options.control_master == SSHCTL_MASTER_ASK ||

+ options.control_master == SSHCTL_MASTER_AUTO_ASK)

allowed = ask_permission("Terminate shared connection "

"to %s? ", host);

if (allowed)

diff --git a/usr.bin/ssh/readconf.c b/usr.bin/ssh/readconf.c
index ab7b2baf884..3445db79100 100644
--- a/usr.bin/ssh/readconf.c
+++ b/usr.bin/ssh/readconf.c

@@ -12,7 +12,7 @@

#include "includes.h"

-RCSID("$OpenBSD: readconf.c,v 1.140 2005/05/16 15:30:51 markus Exp $");

+RCSID("$OpenBSD: readconf.c,v 1.141 2005/06/08 11:25:09 djm Exp $");

#include "ssh.h"

#include "xmalloc.h"

@@ -794,7 +794,27 @@ parse_int:

case oControlMaster:

intptr = &options->control_master;

- goto parse_yesnoask;

+ arg = strdelim(&s);

+ if (!arg || *arg == '\0')

+ fatal("%.200s line %d: Missing ControlMaster argument.",

+ filename, linenum);

+ value = 0; /* To avoid compiler warning... */

+ if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0)

+ value = SSHCTL_MASTER_YES;

+ else if (strcmp(arg, "no") == 0 || strcmp(arg, "false") == 0)

+ value = SSHCTL_MASTER_NO;

+ else if (strcmp(arg, "auto") == 0)

+ value = SSHCTL_MASTER_AUTO;

+ else if (strcmp(arg, "ask") == 0)

+ value = SSHCTL_MASTER_ASK;

+ else if (strcmp(arg, "autoask") == 0)

+ value = SSHCTL_MASTER_AUTO_ASK;

+ else

+ fatal("%.200s line %d: Bad ControlMaster argument.",

+ filename, linenum);

+ if (*activep && *intptr == -1)

+ *intptr = value;

+ break;

case oHashKnownHosts:

intptr = &options->hash_known_hosts;

diff --git a/usr.bin/ssh/readconf.h b/usr.bin/ssh/readconf.h
index de4b4cb2787..2b9deb9db39 100644
--- a/usr.bin/ssh/readconf.h
+++ b/usr.bin/ssh/readconf.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: readconf.h,v 1.66 2005/03/01 10:40:27 djm Exp $ */

+/* $OpenBSD: readconf.h,v 1.67 2005/06/08 11:25:09 djm Exp $ */

* Author: Tatu Ylonen <ylo@cs.hut.fi>

@@ -116,6 +116,11 @@ typedef struct {

int hash_known_hosts;

} Options;

+#define SSHCTL_MASTER_NO 0

+#define SSHCTL_MASTER_YES 1

+#define SSHCTL_MASTER_AUTO 2

+#define SSHCTL_MASTER_ASK 3

+#define SSHCTL_MASTER_AUTO_ASK 4

void initialize_options(Options *);

void fill_default_options(Options *);

diff --git a/usr.bin/ssh/ssh.c b/usr.bin/ssh/ssh.c
index cd2b82cd99f..a6e7e75778b 100644
--- a/usr.bin/ssh/ssh.c
+++ b/usr.bin/ssh/ssh.c

@@ -40,7 +40,7 @@

#include "includes.h"

-RCSID("$OpenBSD: ssh.c,v 1.241 2005/06/06 11:20:36 djm Exp $");

+RCSID("$OpenBSD: ssh.c,v 1.242 2005/06/08 11:25:09 djm Exp $");

#include <openssl/evp.h>

#include <openssl/err.h>

@@ -381,8 +381,10 @@ again:

}

break;

case 'M':

- options.control_master =

- (options.control_master >= 1) ? 2 : 1;

+ if (options.control_master == SSHCTL_MASTER_YES)

+ options.control_master = SSHCTL_MASTER_ASK;

+ else

+ options.control_master = SSHCTL_MASTER_YES;

break;

case 'p':

options.port = a2port(optarg);

@@ -611,11 +613,8 @@ again:

}

if (mux_command != 0 && options.control_path == NULL)

fatal("No ControlPath specified for \"-O\" command");

- if (options.control_path != NULL && options.control_master == 0) {

- if (mux_command == 0)

- mux_command = SSHMUX_COMMAND_OPEN;

+ if (options.control_path != NULL)

control_client(options.control_path);

- }

/* Open a connection to the remote host. */

if (ssh_connect(host, &hostaddr, options.port,

@@ -1074,9 +1073,12 @@ ssh_control_listener(void)

struct sockaddr_un addr;

mode_t old_umask;

- if (options.control_path == NULL || options.control_master <= 0)

+ if (options.control_path == NULL ||

+ options.control_master == SSHCTL_MASTER_NO)

return;

+ debug("setting up multiplex master socket");

memset(&addr, '\0', sizeof(addr));

addr.sun_family = AF_UNIX;

addr.sun_len = offsetof(struct sockaddr_un, sun_path) +

@@ -1287,6 +1289,20 @@ control_client(const char *path)

extern char **environ;

u_int flags;

+ if (mux_command == 0)

+ mux_command = SSHMUX_COMMAND_OPEN;

+ switch (options.control_master) {

+ case SSHCTL_MASTER_AUTO:

+ case SSHCTL_MASTER_AUTO_ASK:

+ debug("auto-mux: Trying existing master");

+ /* FALLTHROUGH */

+ case SSHCTL_MASTER_NO:

+ break;

+ default:

+ return;

+ }

memset(&addr, '\0', sizeof(addr));

addr.sun_family = AF_UNIX;

addr.sun_len = offsetof(struct sockaddr_un, sun_path) +

diff --git a/usr.bin/ssh/ssh_config.5 b/usr.bin/ssh/ssh_config.5
index 2afc3c09391..a04ffc288f0 100644
--- a/usr.bin/ssh/ssh_config.5
+++ b/usr.bin/ssh/ssh_config.5

@@ -34,7 +34,7 @@

.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF

.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

.\"

-.\" $OpenBSD: ssh_config.5,v 1.55 2005/06/06 11:20:36 djm Exp $

+.\" $OpenBSD: ssh_config.5,v 1.56 2005/06/08 11:25:09 djm Exp $

.Dd September 25, 1999

.Dt SSH_CONFIG 5

.Os

@@ -278,6 +278,17 @@ If the

can not be opened,

.Nm ssh

will continue without connecting to a master instance.

+.Pp

+Two additional options allow for opportunistic multiplexing: try to use a

+master connection but fall back to creating a new one if one does not already

+exist.

+These options are:

+.Dq auto

+and

+.Dq autoask .

+The latter requires confirmation like the

+.Dq ask

+option.

.It Cm ControlPath

Specify the path to the control socket used for connection sharing as described

in the

@@ -290,6 +301,11 @@ will be substituted by the target host name,

the port and

.Ql %r

by the remote login username.

+It is recommended that any

+.Cm ControlPath

+used for opportunistic connection sharing include

+all three of these escape sequences.

+This ensures that shared connections are uniquely identified.

.It Cm DynamicForward

Specifies that a TCP/IP port on the local machine be forwarded

over the secure channel, and the application