Bugzilla – Attachment 297 Details for
Bug 207
Connect timeout patch
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
ConnectTimeout patch for OpenBSD CVS head
connect-timeout.diff (text/plain), 7.45 KB, created by
Damien Miller
on 2003-05-15 18:05:29 AEST
(
hide
)
Description:
ConnectTimeout patch for OpenBSD CVS head
Filename:
MIME Type:
Creator:
Damien Miller
Created:
2003-05-15 18:05:29 AEST
Size:
7.45 KB
patch
obsolete
>? connect-timeout.diff >? scard/Ssh.bin >? scp/scp >? scp/scp.cat1 >? sftp/sftp >? sftp/sftp.cat1 >? sftp-server/sftp-server >? sftp-server/sftp-server.cat8 >? ssh/ssh >? ssh/ssh.cat1 >? ssh/ssh_config.cat5 >? ssh-add/ssh-add >? ssh-add/ssh-add.cat1 >? ssh-agent/ssh-agent >? ssh-agent/ssh-agent.cat1 >? ssh-keygen/ssh-keygen >? ssh-keygen/ssh-keygen.cat1 >? ssh-keyscan/ssh-keyscan >? ssh-keyscan/ssh-keyscan.cat1 >? ssh-keysign/ssh-keysign >? ssh-keysign/ssh-keysign.cat8 >? sshd/sshd >? sshd/sshd.cat8 >? sshd/sshd_config.cat5 >Index: readconf.c >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/readconf.c,v >retrieving revision 1.109 >diff -u -r1.109 readconf.c >--- readconf.c 15 May 2003 04:08:44 -0000 1.109 >+++ readconf.c 15 May 2003 08:07:57 -0000 >@@ -106,7 +106,7 @@ > oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication, > oHostKeyAlgorithms, oBindAddress, oSmartcardDevice, > oClearAllForwardings, oNoHostAuthenticationForLocalhost, >- oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, >+ oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, > oDeprecated > } OpCodes; > >@@ -176,6 +176,7 @@ > { "verifyhostkeydns", oVerifyHostKeyDNS }, > { "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost }, > { "rekeylimit", oRekeyLimit }, >+ { "connecttimeout", oConnectTimeout }, > { NULL, oBadOption } > }; > >@@ -290,6 +291,20 @@ > /* don't panic, but count bad options */ > return -1; > /* NOTREACHED */ >+ case oConnectTimeout: >+ intptr = &options->connection_timeout; >+/* parse_time: */ >+ arg = strdelim(&s); >+ if (!arg || *arg == '\0') >+ fatal("%s line %d: missing time value.", >+ filename, linenum); >+ if ((value = convtime(arg)) == -1) >+ fatal("%s line %d: invalid time value.", >+ filename, linenum); >+ if (*intptr == -1) >+ *intptr = value; >+ break; >+ > case oForwardAgent: > intptr = &options->forward_agent; > parse_flag: >@@ -784,6 +799,7 @@ > options->compression_level = -1; > options->port = -1; > options->connection_attempts = -1; >+ options->connection_timeout = -1; > options->number_of_password_prompts = -1; > options->cipher = -1; > options->ciphers = NULL; >Index: readconf.h >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/readconf.h,v >retrieving revision 1.49 >diff -u -r1.49 readconf.h >--- readconf.h 15 May 2003 01:48:10 -0000 1.49 >+++ readconf.h 15 May 2003 08:07:57 -0000 >@@ -60,6 +60,8 @@ > int port; /* Port to connect. */ > int connection_attempts; /* Max attempts (seconds) before > * giving up */ >+ int connection_timeout; /* Max time (seconds) before >+ * aborting connection attempt */ > int number_of_password_prompts; /* Max number of password > * prompts. */ > int cipher; /* Cipher to use. */ >Index: ssh.c >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/ssh.c,v >retrieving revision 1.192 >diff -u -r1.192 ssh.c >--- ssh.c 11 May 2003 20:30:25 -0000 1.192 >+++ ssh.c 15 May 2003 08:07:57 -0000 >@@ -599,7 +599,7 @@ > /* Open a connection to the remote host. */ > > if (ssh_connect(host, &hostaddr, options.port, IPv4or6, >- options.connection_attempts, >+ options.connection_attempts, options.connection_timeout, > original_effective_uid == 0 && options.use_privileged_port, > options.proxy_command) != 0) > exit(1); >Index: ssh_config >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/ssh_config,v >retrieving revision 1.16 >diff -u -r1.16 ssh_config >--- ssh_config 3 Jul 2002 14:21:05 -0000 1.16 >+++ ssh_config 15 May 2003 08:07:57 -0000 >@@ -25,6 +25,7 @@ > # HostbasedAuthentication no > # BatchMode no > # CheckHostIP yes >+# ConnectTimeout 0 > # StrictHostKeyChecking ask > # IdentityFile ~/.ssh/identity > # IdentityFile ~/.ssh/id_rsa >Index: ssh_config.5 >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/ssh_config.5,v >retrieving revision 1.8 >diff -u -r1.8 ssh_config.5 >--- ssh_config.5 14 May 2003 18:16:20 -0000 1.8 >+++ ssh_config.5 15 May 2003 08:07:58 -0000 >@@ -227,6 +227,11 @@ > The argument must be an integer. > This may be useful in scripts if the connection sometimes fails. > The default is 1. >+.It Cm ConnectTimeout >+Specifies the timeout (in seconds) used when connecting to the ssh >+server, instead of using the default system TCP timeout. This value is >+used only when the target is down or really unreachable, not when it >+refuses the connection. > .It Cm DynamicForward > Specifies that a TCP/IP port on the local machine be forwarded > over the secure channel, and the application >Index: sshconnect.c >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/sshconnect.c,v >retrieving revision 1.140 >diff -u -r1.140 sshconnect.c >--- sshconnect.c 14 May 2003 18:16:21 -0000 1.140 >+++ sshconnect.c 15 May 2003 08:08:00 -0000 >@@ -214,6 +214,71 @@ > return sock; > } > >+int >+timeout_connect(int sockfd, const struct sockaddr *serv_addr, >+ socklen_t addrlen, int timeout) >+{ >+ fd_set *fdset; >+ struct timeval tv; >+ socklen_t optlen; >+ int fdsetsz, optval, rc; >+ >+ if (timeout <= 0) >+ return connect(sockfd, serv_addr, addrlen); >+ >+ if (fcntl(sockfd, F_SETFL, O_NONBLOCK) < 0) >+ return -1; >+ >+ rc = connect(sockfd, serv_addr, addrlen); >+ if (rc == 0) >+ return 0; >+ if (errno != EINPROGRESS) >+ return -1; >+ >+ fdsetsz = howmany(sockfd + 1, NFDBITS) * sizeof(fd_mask); >+ fdset = (fd_set *)xmalloc(fdsetsz); >+ >+ memset(fdset, '\0', fdsetsz); >+ FD_SET(sockfd, fdset); >+ tv.tv_sec = timeout; >+ tv.tv_usec = 0; >+ >+ for(;;) { >+ rc = select(sockfd + 1, NULL, fdset, NULL, &tv); >+ if (rc != -1 || errno != EINTR) >+ break; >+ } >+ >+ switch(rc) { >+ case 0: >+ /* Timed out */ >+ errno = ETIMEDOUT; >+ return -1; >+ case -1: >+ /* Select error */ >+ debug("select: %s", strerror(errno)); >+ return -1; >+ case 1: >+ /* Completed or failed */ >+ optval = 0; >+ optlen = sizeof(optval); >+ if (getsockopt(sockfd, SOL_SOCKET, SO_ERROR, &optval, >+ &optlen) == -1) >+ debug("getsockopt: %s", strerror(errno)); >+ return -1; >+ if (optval != 0) { >+ errno = optval; >+ return -1; >+ } >+ break; >+ default: >+ /* Should not occur */ >+ fatal("Bogus return (%d) from select()", rc); >+ } >+ >+ return 0; >+} >+ > /* > * Opens a TCP/IP connection to the remote server on the given host. > * The address of the remote host will be returned in hostaddr. >@@ -233,7 +298,7 @@ > */ > int > ssh_connect(const char *host, struct sockaddr_storage * hostaddr, >- u_short port, int family, int connection_attempts, >+ u_short port, int family, int connection_attempts, int connection_timeout, > int needpriv, const char *proxy_command) > { > int gaierr; >@@ -302,7 +367,8 @@ > /* Any error is already output */ > continue; > >- if (connect(sock, ai->ai_addr, ai->ai_addrlen) >= 0) { >+ if (timeout_connect(sock, ai->ai_addr, ai->ai_addrlen, >+ connection_timeout) >= 0) { > /* Successful connection. */ > memcpy(hostaddr, ai->ai_addr, ai->ai_addrlen); > break; >Index: sshconnect.h >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/sshconnect.h,v >retrieving revision 1.17 >diff -u -r1.17 sshconnect.h >--- sshconnect.h 19 Jun 2002 00:27:55 -0000 1.17 >+++ sshconnect.h 15 May 2003 08:08:00 -0000 >@@ -35,7 +35,7 @@ > > int > ssh_connect(const char *, struct sockaddr_storage *, u_short, int, int, >- int, const char *); >+ int, int, const char *); > > void > ssh_login(Sensitive *, const char *, struct sockaddr *, struct passwd *);
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=297">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 207
:
63
|
101
|
102
|
118
|
154
|
273
|
274
| 297