Bugzilla – Attachment 104 Details for
Bug 223
ProxyCommand commands don't exit
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Updated patch to kill proxycommand child process
openssh-proxycommand.patch (text/plain), 4.17 KB, created by
Darren Tucker
on 2002-05-25 19:33:34 AEST
(
hide
)
Description:
Updated patch to kill proxycommand child process
Filename:
MIME Type:
Creator:
Darren Tucker
Created:
2002-05-25 19:33:34 AEST
Size:
4.17 KB
patch
obsolete
>Index: ssh.c >=================================================================== >RCS file: /cvs/openssh/ssh.c,v >retrieving revision 1.145 >diff -u -r1.145 ssh.c >--- ssh.c 23 Apr 2002 11:09:46 -0000 1.145 >+++ ssh.c 25 May 2002 09:30:24 -0000 >@@ -149,6 +149,12 @@ > /* # of replies received for global requests */ > static int client_global_request_id = 0; > >+/* pid of proxycommand child process */ >+pid_t proxy_command_pid = 0; >+ >+/* last signal sent to proxycommand child process */ >+int proxy_command_signal_level = 0; >+ > /* Prints a help message to the user. This function never returns. */ > > static void >@@ -244,6 +250,8 @@ > static int ssh_session(void); > static int ssh_session2(void); > static void load_public_identity_files(void); >+static void terminate_proxy_command(pid_t); >+static void inc_proxy_command_signal(int); > > /* > * Main program for the ssh client. >@@ -786,6 +794,11 @@ > > exit_status = compat20 ? ssh_session2() : ssh_session(); > packet_close(); >+ >+ /* Terminate proxy command if used */ >+ if (proxy_command_pid) >+ terminate_proxy_command(proxy_command_pid); >+ > return exit_status; > } > >@@ -1246,4 +1259,69 @@ > options.identity_files[i] = filename; > options.identity_keys[i] = public; > } >+} >+ >+static void >+terminate_proxy_command(pid_t pid) >+{ >+ debug("Terminating ProxyCommand child process pid:%d", (int)pid); >+ >+ /* Try to kill proxycommand child process. >+ Loop will terminate if process is killed (proxy_command_pid = 0) or >+ it runs out of signals to try (proxy_command_signal_level = -1). >+ The latter should never happen as it means SIGKILL didn't work. >+ >+ The waitpid() will be interrupted by either the child terminating >+ or SIGALRM. >+ */ >+ proxy_command_signal_level = SIGHUP; /* try sighup first */ >+ while (proxy_command_pid > 0 && proxy_command_signal_level > 0) { >+ kill(pid, proxy_command_signal_level); >+ debug2("Sent signal %d to ProxyCommand child process", >+ proxy_command_signal_level); >+ >+ signal(SIGALRM, inc_proxy_command_signal); >+ alarm(2); /* Give time to exit */ >+ if (waitpid(pid, NULL, 0) > 0) { >+ debug("ProxyCommand terminated with signal %d", >+ proxy_command_signal_level); >+ proxy_command_pid = 0; >+ } >+ } >+ >+ if (proxy_command_signal_level == -1) { >+ debug("Couldn't terminate ProxyCommand pid:%d (shouldn't happen!)", (int)pid); >+ } >+} >+ >+static void >+inc_proxy_command_signal(int sigreceived) >+{ >+ /* This handler increases the nastiness of the signal >+ to be sent to the ProxyCommand child. >+ HUP -> INT -> QUIT -> TERM -> KILL >+ */ >+ switch(proxy_command_signal_level) { >+ case SIGHUP: >+ proxy_command_signal_level = SIGINT; >+ break; >+ case SIGINT: >+ proxy_command_signal_level = SIGQUIT; >+ break; >+ case SIGQUIT: >+ proxy_command_signal_level = SIGTERM; >+ break; >+ case SIGTERM: >+ proxy_command_signal_level = SIGKILL; >+ break; >+ case SIGKILL: >+ proxy_command_signal_level = -1; /* no more to try */ >+ break; >+ default: >+ debug("inc_proxy_command_signal: unknown signal level (%d)!", >+ proxy_command_signal_level); >+ } >+ >+ debug2("inc_proxy_command_signal called, signal set to %d", >+ proxy_command_signal_level); > } >Index: sshconnect.c >=================================================================== >RCS file: /cvs/openssh/sshconnect.c,v >retrieving revision 1.85 >diff -u -r1.85 sshconnect.c >--- sshconnect.c 5 Mar 2002 18:59:46 -0000 1.85 >+++ sshconnect.c 25 May 2002 09:30:28 -0000 >@@ -38,6 +38,7 @@ > > extern Options options; > extern char *__progname; >+extern pid_t proxy_command_pid; > > #ifndef INET6_ADDRSTRLEN /* for non IPv6 machines */ > #define INET6_ADDRSTRLEN 46 >@@ -84,6 +85,11 @@ > /* Build the final command string in the buffer by making the > appropriate substitutions to the given proxy command. */ > buffer_init(&command); >+ >+ /* have shell exec proxy command to prevent extra sh -c processes >+ on some platforms (eg Solaris) */ >+ buffer_append(&command, "exec ", 5); >+ > for (cp = proxy_command; *cp; cp++) { > if (cp[0] == '%' && cp[1] == '%') { > buffer_append(&command, "%", 1); >@@ -150,6 +156,8 @@ > /* Parent. */ > if (pid < 0) > fatal("fork failed: %.100s", strerror(errno)); >+ else >+ proxy_command_pid = pid; /* save pid to clean up later */ > > /* Close child side of the descriptors. */ > close(pin[0]);
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=104">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 223
:
103
|
104
|
146