src - OpenBSD base system

diff options


context:
space:
mode:

author	Damien Miller <djm@cvs.openbsd.org>	2011-05-06 21:34:33 +0000
committer	Damien Miller <djm@cvs.openbsd.org>	2011-05-06 21:34:33 +0000
commit	2c06b341f0944bbedfddcf8153c370152ae1e82f (patch)
tree	a10eda5767e3f003ba1c32cb8b7530aff5d1b01d /usr.bin
parent	dee1c204721a0d2467af0b9b46d6dec8b06dd515 (diff)

Add a RequestTTY ssh_config option to allow configuration-based

control over tty allocation (like -t/-T); ok markus@

Diffstat (limited to 'usr.bin')

-rw-r--r--

usr.bin/ssh/clientloop.c

-rw-r--r--

usr.bin/ssh/mux.c

-rw-r--r--

usr.bin/ssh/readconf.c

-rw-r--r--

usr.bin/ssh/readconf.h

-rw-r--r--

usr.bin/ssh/ssh.c

-rw-r--r--

usr.bin/ssh/ssh_config.5

6 files changed, 87 insertions, 40 deletions

diff --git a/usr.bin/ssh/clientloop.c b/usr.bin/ssh/clientloop.c
index f3f68ca2b42..7df1fb652bc 100644
--- a/usr.bin/ssh/clientloop.c
+++ b/usr.bin/ssh/clientloop.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: clientloop.c,v 1.232 2011/04/17 22:42:41 djm Exp $ */

+/* $OpenBSD: clientloop.c,v 1.233 2011/05/06 21:34:32 djm Exp $ */

* Author: Tatu Ylonen <ylo@cs.hut.fi>

@@ -122,9 +122,6 @@ extern int muxserver_sock; /* XXX use mux_client_cleanup() instead */

extern char *host;

-/* Force TTY allocation */

-extern int force_tty_flag;

* Flag to indicate that we have received a window change signal which has

* not yet been processed. This will cause a message indicating the new

@@ -654,7 +651,7 @@ client_suspend_self(Buffer *bin, Buffer *bout, Buffer *berr)

atomicio(vwrite, fileno(stderr), buffer_ptr(berr),

buffer_len(berr));

- leave_raw_mode(force_tty_flag);

+ leave_raw_mode(options.request_tty == REQUEST_TTY_FORCE);

* Free (and clear) the buffer to reduce the amount of data that gets

@@ -675,7 +672,7 @@ client_suspend_self(Buffer *bin, Buffer *bout, Buffer *berr)

buffer_init(bout);

buffer_init(berr);

- enter_raw_mode(force_tty_flag);

+ enter_raw_mode(options.request_tty == REQUEST_TTY_FORCE);

}

static void

@@ -817,7 +814,7 @@ process_cmdline(void)

bzero(&fwd, sizeof(fwd));

fwd.listen_host = fwd.connect_host = NULL;

- leave_raw_mode(force_tty_flag);

+ leave_raw_mode(options.request_tty == REQUEST_TTY_FORCE);

handler = signal(SIGINT, SIG_IGN);

cmd = s = read_passphrase("\r\nssh> ", RP_ECHO);

if (s == NULL)

@@ -921,7 +918,7 @@ process_cmdline(void)

out:

signal(SIGINT, handler);

- enter_raw_mode(force_tty_flag);

+ enter_raw_mode(options.request_tty == REQUEST_TTY_FORCE);

if (cmd)

xfree(cmd);

if (fwd.listen_host != NULL)

@@ -1040,7 +1037,8 @@ process_escapes(Channel *c, Buffer *bin, Buffer *bout, Buffer *berr,

* more new connections).

/* Restore tty modes. */

- leave_raw_mode(force_tty_flag);

+ leave_raw_mode(

+ options.request_tty == REQUEST_TTY_FORCE);

/* Stop listening for new connections. */

channel_stop_listening();

@@ -1332,7 +1330,7 @@ client_channel_closed(int id, void *arg)

{

channel_cancel_cleanup(id);

session_closed = 1;

- leave_raw_mode(force_tty_flag);

+ leave_raw_mode(options.request_tty == REQUEST_TTY_FORCE);

}

@@ -1403,7 +1401,7 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)

signal(SIGWINCH, window_change_handler);

if (have_pty)

- enter_raw_mode(force_tty_flag);

+ enter_raw_mode(options.request_tty == REQUEST_TTY_FORCE);

if (compat20) {

session_ident = ssh2_chan_id;

@@ -1547,7 +1545,7 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)

channel_free_all();

if (have_pty)

- leave_raw_mode(force_tty_flag);

+ leave_raw_mode(options.request_tty == REQUEST_TTY_FORCE);

/* restore blocking io */

if (!isatty(fileno(stdin)))

@@ -2124,7 +2122,7 @@ client_stop_mux(void)

void

cleanup_exit(int i)

{

- leave_raw_mode(force_tty_flag);

+ leave_raw_mode(options.request_tty == REQUEST_TTY_FORCE);

leave_non_blocking();

if (options.control_path != NULL && muxserver_sock != -1)

unlink(options.control_path);

diff --git a/usr.bin/ssh/mux.c b/usr.bin/ssh/mux.c
index 879546211fa..4f18f196322 100644
--- a/usr.bin/ssh/mux.c
+++ b/usr.bin/ssh/mux.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: mux.c,v 1.26 2011/05/05 05:12:08 djm Exp $ */

+/* $OpenBSD: mux.c,v 1.27 2011/05/06 21:34:32 djm Exp $ */

@@ -70,7 +70,6 @@

/* from ssh.c */

extern int tty_flag;

-extern int force_tty_flag;

extern Options options;

extern int stdin_null_flag;

extern char *host;

@@ -1686,7 +1685,7 @@ mux_client_request_session(int fd)

signal(SIGWINCH, control_client_sigrelay);

if (tty_flag)

- enter_raw_mode(force_tty_flag);

+ enter_raw_mode(options.request_tty == REQUEST_TTY_FORCE);

* Stick around until the controlee closes the client_fd.

@@ -1715,7 +1714,7 @@ mux_client_request_session(int fd)

}

close(fd);

- leave_raw_mode(force_tty_flag);

+ leave_raw_mode(options.request_tty == REQUEST_TTY_FORCE);

if (muxclient_terminate) {

debug2("Exiting on signal %d", muxclient_terminate);

diff --git a/usr.bin/ssh/readconf.c b/usr.bin/ssh/readconf.c
index 1f9ecee2f6c..b7ca3961330 100644
--- a/usr.bin/ssh/readconf.c
+++ b/usr.bin/ssh/readconf.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: readconf.c,v 1.191 2011/05/06 21:31:38 djm Exp $ */

+/* $OpenBSD: readconf.c,v 1.192 2011/05/06 21:34:32 djm Exp $ */

* Author: Tatu Ylonen <ylo@cs.hut.fi>

@@ -131,7 +131,7 @@ typedef enum {

oHashKnownHosts,

oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand,

oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication,

- oKexAlgorithms, oIPQoS,

+ oKexAlgorithms, oIPQoS, oRequestTTY,

oDeprecated, oUnsupported

} OpCodes;

@@ -242,6 +242,7 @@ static struct {

#endif

{ "kexalgorithms", oKexAlgorithms },

{ "ipqos", oIPQoS },

+ { "requesttty", oRequestTTY },

{ NULL, oBadOption }

};

@@ -1009,6 +1010,26 @@ parse_int:

intptr = &options->use_roaming;

goto parse_flag;

+ case oRequestTTY:

+ arg = strdelim(&s);

+ if (!arg || *arg == '\0')

+ fatal("%s line %d: missing argument.",

+ filename, linenum);

+ intptr = &options->request_tty;

+ if (strcasecmp(arg, "yes") == 0)

+ value = REQUEST_TTY_YES;

+ else if (strcasecmp(arg, "no") == 0)

+ value = REQUEST_TTY_NO;

+ else if (strcasecmp(arg, "force") == 0)

+ value = REQUEST_TTY_FORCE;

+ else if (strcasecmp(arg, "auto") == 0)

+ value = REQUEST_TTY_AUTO;

+ else

+ fatal("Unsupported RequestTTY \"%s\"", arg);

+ if (*activep && *intptr == -1)

+ *intptr = value;

+ break;

case oDeprecated:

debug("%s line %d: Deprecated option \"%s\"",

filename, linenum, keyword);

@@ -1169,6 +1190,7 @@ initialize_options(Options * options)

options->zero_knowledge_password_authentication = -1;

options->ip_qos_interactive = -1;

options->ip_qos_bulk = -1;

+ options->request_tty = -1;

}

@@ -1326,6 +1348,8 @@ fill_default_options(Options * options)

options->ip_qos_interactive = IPTOS_LOWDELAY;

if (options->ip_qos_bulk == -1)

options->ip_qos_bulk = IPTOS_THROUGHPUT;

+ if (options->request_tty == -1)

+ options->request_tty = REQUEST_TTY_AUTO;

/* options->local_command should not be set by default */

/* options->proxy_command should not be set by default */

/* options->user will be set in the main program if appropriate */

diff --git a/usr.bin/ssh/readconf.h b/usr.bin/ssh/readconf.h
index ee160dfe7b1..bc3e8c1bb08 100644
--- a/usr.bin/ssh/readconf.h
+++ b/usr.bin/ssh/readconf.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: readconf.h,v 1.88 2010/11/13 23:27:50 djm Exp $ */

+/* $OpenBSD: readconf.h,v 1.89 2011/05/06 21:34:32 djm Exp $ */

* Author: Tatu Ylonen <ylo@cs.hut.fi>

@@ -132,6 +132,7 @@ typedef struct {

int use_roaming;

+ int request_tty;

} Options;

#define SSHCTL_MASTER_NO 0

@@ -140,6 +141,11 @@ typedef struct {

#define SSHCTL_MASTER_ASK 3

#define SSHCTL_MASTER_AUTO_ASK 4

+#define REQUEST_TTY_AUTO 0

+#define REQUEST_TTY_NO 1

+#define REQUEST_TTY_YES 2

+#define REQUEST_TTY_FORCE 3

void initialize_options(Options *);

void fill_default_options(Options *);

int read_config_file(const char *, const char *, Options *, int);

diff --git a/usr.bin/ssh/ssh.c b/usr.bin/ssh/ssh.c
index b3efce3026c..a0c5991e52f 100644
--- a/usr.bin/ssh/ssh.c
+++ b/usr.bin/ssh/ssh.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: ssh.c,v 1.358 2011/05/06 21:18:02 djm Exp $ */

+/* $OpenBSD: ssh.c,v 1.359 2011/05/06 21:34:32 djm Exp $ */

* Author: Tatu Ylonen <ylo@cs.hut.fi>

@@ -105,10 +105,8 @@ extern char *__progname;

/* Flag indicating whether debug mode is on. May be set on the command line. */

int debug_flag = 0;

-/* Flag indicating whether a tty should be allocated */

+/* Flag indicating whether a tty should be requested */

int tty_flag = 0;

-int no_tty_flag = 0;

-int force_tty_flag = 0;

/* don't exec a shell */

int no_shell_flag = 0;

@@ -126,7 +124,7 @@ int stdin_null_flag = 0;

int need_controlpersist_detach = 0;

/* Copies of flags for ControlPersist foreground slave */

-int ostdin_null_flag, ono_shell_flag, ono_tty_flag, otty_flag;

+int ostdin_null_flag, ono_shell_flag, otty_flag, orequest_tty;

* Flag indicating that ssh should fork after authentication. This is useful

@@ -377,9 +375,10 @@ main(int ac, char **av)

#endif

break;

case 't':

- if (tty_flag)

- force_tty_flag = 1;

- tty_flag = 1;

+ if (options.request_tty == REQUEST_TTY_YES)

+ options.request_tty = REQUEST_TTY_FORCE;

+ else

+ options.request_tty = REQUEST_TTY_YES;

break;

case 'v':

if (debug_flag == 0) {

@@ -422,7 +421,7 @@ main(int ac, char **av)

optarg);

exit(255);

}

- no_tty_flag = 1;

+ options.request_tty = REQUEST_TTY_NO;

no_shell_flag = 1;

options.clear_forwardings = 1;

options.exit_on_forward_failure = 1;

@@ -531,10 +530,10 @@ main(int ac, char **av)

break;

case 'N':

no_shell_flag = 1;

- no_tty_flag = 1;

+ options.request_tty = REQUEST_TTY_NO;

break;

case 'T':

- no_tty_flag = 1;

+ options.request_tty = REQUEST_TTY_NO;

break;

case 'o':

dummy = 1;

@@ -594,6 +593,10 @@ main(int ac, char **av)

/* Initialize the command to execute on remote host. */

buffer_init(&command);

+ if (options.request_tty == REQUEST_TTY_YES ||

+ options.request_tty == REQUEST_TTY_FORCE)

+ tty_flag = 1;

* Save the command to execute on the remote host in a buffer. There

* is no limit on the length of the command, except by the maximum

@@ -601,7 +604,7 @@ main(int ac, char **av)

if (!ac) {

/* No command specified - execute shell on a tty. */

- tty_flag = 1;

+ tty_flag = options.request_tty != REQUEST_TTY_NO;

if (subsystem_flag) {

fprintf(stderr,

"You must specify a subsystem to invoke.\n");

@@ -624,13 +627,14 @@ main(int ac, char **av)

/* Allocate a tty by default if no command specified. */

if (buffer_len(&command) == 0)

- tty_flag = 1;

+ tty_flag = options.request_tty != REQUEST_TTY_NO;

/* Force no tty */

- if (no_tty_flag || muxclient_command != 0)

+ if (options.request_tty == REQUEST_TTY_NO || muxclient_command != 0)

tty_flag = 0;

/* Do not allocate a tty if stdin is not a tty. */

- if ((!isatty(fileno(stdin)) || stdin_null_flag) && !force_tty_flag) {

+ if ((!isatty(fileno(stdin)) || stdin_null_flag) &&

+ options.request_tty != REQUEST_TTY_FORCE) {

if (tty_flag)

logit("Pseudo-terminal will not be allocated because "

"stdin is not a terminal.");

@@ -912,8 +916,7 @@ control_persist_detach(void)

/* Parent: set up mux slave to connect to backgrounded master */

debug2("%s: background process is %ld", __func__, (long)pid);

stdin_null_flag = ostdin_null_flag;

- no_shell_flag = ono_shell_flag;

- no_tty_flag = ono_tty_flag;

+ options.request_tty = orequest_tty;

tty_flag = otty_flag;

close(muxserver_sock);

muxserver_sock = -1;

@@ -1360,11 +1363,11 @@ ssh_session2(void)

if (options.control_persist && muxserver_sock != -1) {

ostdin_null_flag = stdin_null_flag;

ono_shell_flag = no_shell_flag;

- ono_tty_flag = no_tty_flag;

+ orequest_tty = options.request_tty;

otty_flag = tty_flag;

stdin_null_flag = 1;

no_shell_flag = 1;

- no_tty_flag = 1;

+ options.request_tty == REQUEST_TTY_NO;

tty_flag = 0;

if (!fork_after_authentication_flag)

need_controlpersist_detach = 1;

diff --git a/usr.bin/ssh/ssh_config.5 b/usr.bin/ssh/ssh_config.5
index 5bdc7fec150..83baa82b194 100644
--- a/usr.bin/ssh/ssh_config.5
+++ b/usr.bin/ssh/ssh_config.5

@@ -33,7 +33,7 @@

.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF

.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

.\"

-.\" $OpenBSD: ssh_config.5,v 1.148 2011/05/06 21:31:38 djm Exp $

+.\" $OpenBSD: ssh_config.5,v 1.149 2011/05/06 21:34:32 djm Exp $

.Dd $Mdocdate: May 6 2011 $

.Dt SSH_CONFIG 5

.Os

@@ -959,6 +959,23 @@ will only succeed if the server's

.Cm GatewayPorts

option is enabled (see

.Xr sshd_config 5 ) .

+.It Cm RequestTTY

+Specifies whether to request a pseudo-tty for the session.

+The argument may be one of:

+.Dq no

+(never request a TTY),

+.Dq yes

+(always request a TTY when standard input is a TTY),

+.Dq force

+(always request a TTY) or

+.Dq auto

+(request a TTY when opening a login session).

+This option mirrors the

+.Fl t

+and

+.Fl T

+flags for

+.Xr ssh 1 .

.It Cm RhostsRSAAuthentication

Specifies whether to try rhosts based authentication with RSA host

authentication.