Attachment #63 for bug #207




	oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias,
	oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication,
	oHostKeyAlgorithms, oBindAddress, oSmartcardDevice,
	oClearAllForwardings, oNoHostAuthenticationForLocalhost,
	oConnectTimeout
} OpCodes;

/* Textual representations of the tokens. */

	{ "smartcarddevice", oSmartcardDevice },
	{ "clearallforwardings", oClearAllForwardings },
	{ "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost },
	{ "connecttimeout", oConnectTimeout },
	{ NULL, oBadOption }
};


		/* don't panic, but count bad options */
		return -1;
		/* NOTREACHED */

	case oConnectTimeout:
		intptr = &options->connection_timeout;
parse_time:
		arg = strdelim(&s);
		if (!arg || *arg == '\0')
			fatal("%.200s line %d: Missing time argument.", filename, linenum);
		if ((value = convtime(arg)) == -1)
			fatal("%.200s line %d: Invalid time argument.", filename, linenum);
		if (*intptr == -1)
		*intptr = value;
		break;

	case oForwardAgent:
		intptr = &options->forward_agent;
parse_flag:

	options->compression_level = -1;
	options->port = -1;
	options->connection_attempts = -1;
	options->connection_timeout = -1;
	options->number_of_password_prompts = -1;
	options->cipher = -1;
	options->ciphers = NULL;

Lines 68-73 Link Here

(-)openssh-3.1p1/readconf.h.ORIG (+2 lines)
68	int port; /* Port to connect. */	68	int port; /* Port to connect. */
69	int connection_attempts; /* Max attempts (seconds) before	69	int connection_attempts; /* Max attempts (seconds) before
70	* giving up */	70	* giving up */
		71	int connection_timeout; /* Max time (seconds) before
		72	* aborting connection attempt */
71	int number_of_password_prompts; /* Max number of password	73	int number_of_password_prompts; /* Max number of password
72	* prompts. */	74	* prompts. */
73	int cipher; /* Cipher to use. */	75	int cipher; /* Cipher to use. */

Lines 807-812 Link Here

(-)openssh-3.1p1/ssh.1.ORIG (+6 lines)
807	The argument must be an integer.	807	The argument must be an integer.
808	This may be useful in scripts if the connection sometimes fails.	808	This may be useful in scripts if the connection sometimes fails.
809	The default is 1.	809	The default is 1.
		810	.It Cm ConnectTimeout
		811	Specifies the timeout used when connecting to the ssh
		812	server, instead of using default system values. This value is used
		813	only when the target is down or really unreachable, not when it
		814	refuses the connection. This may be usefull for tools using ssh
		815	for communication, as it avoid long TCP timeouts.
810	.It Cm DynamicForward	816	.It Cm DynamicForward
811	Specifies that a TCP/IP port on the local machine be forwarded	817	Specifies that a TCP/IP port on the local machine be forwarded
812	over the secure channel, and the application	818	over the secure channel, and the application

Lines 674-680 Link Here

(-)openssh-3.1p1/ssh.c.ORIG (-1 / +1 lines)
674	/* Open a connection to the remote host. */	674	/* Open a connection to the remote host. */
675		675
676	cerr = ssh_connect(host, &hostaddr, options.port, IPv4or6,	676	cerr = ssh_connect(host, &hostaddr, options.port, IPv4or6,
677	options.connection_attempts,	677	options.connection_attempts, options.connection_timeout,
678	original_effective_uid != 0 \|\| !options.use_privileged_port,	678	original_effective_uid != 0 \|\| !options.use_privileged_port,
679	pw, options.proxy_command);	679	pw, options.proxy_command);
680		680




	return sock;
}

int
timeout_connect(int sockfd, const struct sockaddr *serv_addr,
    socklen_t addrlen, int timeout)
{
	fd_set *fdset;
	struct timeval tv;
	socklen_t optlen;
	int fdsetsz, optval, rc;

	if (timeout <= 0)
		return(connect(sockfd, serv_addr, addrlen));

	if (fcntl(sockfd, F_SETFL, O_NONBLOCK) < 0)
		return -1;

	rc = connect(sockfd, serv_addr, addrlen);
	if (rc == 0)
		return 0;
	if (errno != EINPROGRESS)
		return -1;

	fdsetsz = howmany(sockfd+1, NFDBITS) * sizeof(fd_mask);
	fdset = (fd_set *)xmalloc(fdsetsz);
	memset(fdset, 0, fdsetsz);
	FD_SET(sockfd, fdset);
	tv.tv_sec = timeout;
	tv.tv_usec = 0;
	rc=select(sockfd+1, NULL, fdset, NULL, &tv);

	switch(rc) {
	case 0:
		errno = ETIMEDOUT;
	case -1:
		return -1;
		break;
	case 1:
		optval = 0;
		optlen = sizeof(optval);
		if (getsockopt(sockfd, SOL_SOCKET, SO_ERROR, &optval, &optlen) == -1)
			return -1;
		if (optval != 0)
		{
			errno = optval;
			return -1;
		}
		return 0;

	default:
		/* Should not occur */
		return -1;
		break;
	}

	return -1;

}

/*
 * Opens a TCP/IP connection to the remote server on the given host.
 * The address of the remote host will be returned in hostaddr.

 */
int
ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
    u_short port, int family, int connection_attempts, int connection_timeout,
    int anonymous, struct passwd *pw, const char *proxy_command)
{
	int gaierr;

			 * the remote uid as root.
			 */
			temporarily_use_uid(pw);
			if (timeout_connect(sock, ai->ai_addr, ai->ai_addrlen,
					connection_timeout) >= 0) {
				/* Successful connection. */
				memcpy(hostaddr, ai->ai_addr, ai->ai_addrlen);
				restore_uid();

Lines 28-34 Link Here

(-)openssh-3.1p1/sshconnect.h.ORIG (-1 / +1 lines)
28		28
29	int	29	int
30	ssh_connect(const char , struct sockaddr_storage , u_short, int, int,	30	ssh_connect(const char , struct sockaddr_storage , u_short, int, int,
31	int, struct passwd , const char );	31	int, int, struct passwd , const char );
32		32
33	void	33	void
34	ssh_login(Key *, int, const char , struct sockaddr , struct passwd );	34	ssh_login(Key *, int, const char , struct sockaddr , struct passwd );

Return to bug 207

Lines 115-121 Link Here

(-)openssh-3.1p1/readconf.c.ORIG (-1 / +17 lines)
115	oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias,	115	oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias,
116	oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication,	116	oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication,
117	oHostKeyAlgorithms, oBindAddress, oSmartcardDevice,	117	oHostKeyAlgorithms, oBindAddress, oSmartcardDevice,
118	oClearAllForwardings, oNoHostAuthenticationForLocalhost	118	oClearAllForwardings, oNoHostAuthenticationForLocalhost,
		119	oConnectTimeout
119	} OpCodes;	120	} OpCodes;
120		121
121	/* Textual representations of the tokens. */	122	/* Textual representations of the tokens. */
Lines 187-192 Link Here
187	{ "smartcarddevice", oSmartcardDevice },	188	{ "smartcarddevice", oSmartcardDevice },
188	{ "clearallforwardings", oClearAllForwardings },	189	{ "clearallforwardings", oClearAllForwardings },
189	{ "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost },	190	{ "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost },
		191	{ "connecttimeout", oConnectTimeout },
190	{ NULL, oBadOption }	192	{ NULL, oBadOption }
191	};	193	};
192		194
Lines 294-299 Link Here
294	/* don't panic, but count bad options */	296	/* don't panic, but count bad options */
295	return -1;	297	return -1;
296	/* NOTREACHED */	298	/* NOTREACHED */
		299
		300	case oConnectTimeout:
		301	intptr = &options->connection_timeout;
		302	parse_time:
		303	arg = strdelim(&s);
		304	if (!arg \|\| *arg == '\0')
		305	fatal("%.200s line %d: Missing time argument.", filename, linenum);
		306	if ((value = convtime(arg)) == -1)
		307	fatal("%.200s line %d: Invalid time argument.", filename, linenum);
		308	if (*intptr == -1)
		309	*intptr = value;
		310	break;
		311
297	case oForwardAgent:	312	case oForwardAgent:
298	intptr = &options->forward_agent;	313	intptr = &options->forward_agent;
299	parse_flag:	314	parse_flag:
Lines 775-780 Link Here
775	options->compression_level = -1;	790	options->compression_level = -1;
776	options->port = -1;	791	options->port = -1;
777	options->connection_attempts = -1;	792	options->connection_attempts = -1;
		793	options->connection_timeout = -1;
778	options->number_of_password_prompts = -1;	794	options->number_of_password_prompts = -1;
779	options->cipher = -1;	795	options->cipher = -1;
780	options->ciphers = NULL;	796	options->ciphers = NULL;

Lines 222-227 Link Here

(-)openssh-3.1p1/sshconnect.c.ORIG (-2 / +60 lines)
222	return sock;	222	return sock;
223	}	223	}
224		224
		225	int
		226	timeout_connect(int sockfd, const struct sockaddr *serv_addr,
		227	socklen_t addrlen, int timeout)
		228	{
		229	fd_set *fdset;
		230	struct timeval tv;
		231	socklen_t optlen;
		232	int fdsetsz, optval, rc;
		233
		234	if (timeout <= 0)
		235	return(connect(sockfd, serv_addr, addrlen));
		236
		237	if (fcntl(sockfd, F_SETFL, O_NONBLOCK) < 0)
		238	return -1;
		239
		240	rc = connect(sockfd, serv_addr, addrlen);
		241	if (rc == 0)
		242	return 0;
		243	if (errno != EINPROGRESS)
		244	return -1;
		245
		246	fdsetsz = howmany(sockfd+1, NFDBITS) * sizeof(fd_mask);
		247	fdset = (fd_set *)xmalloc(fdsetsz);
		248	memset(fdset, 0, fdsetsz);
		249	FD_SET(sockfd, fdset);
		250	tv.tv_sec = timeout;
		251	tv.tv_usec = 0;
		252	rc=select(sockfd+1, NULL, fdset, NULL, &tv);
		253
		254	switch(rc) {
		255	case 0:
		256	errno = ETIMEDOUT;
		257	case -1:
		258	return -1;
		259	break;
		260	case 1:
		261	optval = 0;
		262	optlen = sizeof(optval);
		263	if (getsockopt(sockfd, SOL_SOCKET, SO_ERROR, &optval, &optlen) == -1)
		264	return -1;
		265	if (optval != 0)
		266	{
		267	errno = optval;
		268	return -1;
		269	}
		270	return 0;
		271
		272	default:
		273	/* Should not occur */
		274	return -1;
		275	break;
		276	}
		277
		278	return -1;
		279
		280	}
		281
225	/*	282	/*
226	* Opens a TCP/IP connection to the remote server on the given host.	283	* Opens a TCP/IP connection to the remote server on the given host.
227	* The address of the remote host will be returned in hostaddr.	284	* The address of the remote host will be returned in hostaddr.
Lines 241-247 Link Here
241	*/	298	*/
242	int	299	int
243	ssh_connect(const char host, struct sockaddr_storage hostaddr,	300	ssh_connect(const char host, struct sockaddr_storage hostaddr,
244	u_short port, int family, int connection_attempts,	301	u_short port, int family, int connection_attempts, int connection_timeout,
245	int anonymous, struct passwd pw, const char proxy_command)	302	int anonymous, struct passwd pw, const char proxy_command)
246	{	303	{
247	int gaierr;	304	int gaierr;
Lines 323-329 Link Here
323	* the remote uid as root.	380	* the remote uid as root.
324	*/	381	*/
325	temporarily_use_uid(pw);	382	temporarily_use_uid(pw);
326	if (connect(sock, ai->ai_addr, ai->ai_addrlen) >= 0) {	383	if (timeout_connect(sock, ai->ai_addr, ai->ai_addrlen,
		384	connection_timeout) >= 0) {
327	/* Successful connection. */	385	/* Successful connection. */
328	memcpy(hostaddr, ai->ai_addr, ai->ai_addrlen);	386	memcpy(hostaddr, ai->ai_addr, ai->ai_addrlen);
329	restore_uid();	387	restore_uid();