Attachment #1918 for bug #1815

View | Details | Raw Unified | Return to bug 1815
Collapse All | Expand All

Lines 16-21 Aran Cox <acox@cv.telegroup.com> - SCO bugfixes Link Here

(-)a/CREDITS (+1 lines)
16	Arkadiusz Miskiewicz <misiek@pld.org.pl> - IPv6 compat fixes	16	Arkadiusz Miskiewicz <misiek@pld.org.pl> - IPv6 compat fixes
17	Ben Lindstrom <mouring@eviladmin.org> - NeXT support	17	Ben Lindstrom <mouring@eviladmin.org> - NeXT support
18	Ben Taylor <bent@clark.net> - Solaris debugging and fixes	18	Ben Taylor <bent@clark.net> - Solaris debugging and fixes
		19	Björn "Vampire" Kautler <Vampire@Masters-of-Disaster.de> - RemoteCommand and PseudoTTY patch
19	Bratislav ILICH <bilic@zepter.ru> - Configure fix	20	Bratislav ILICH <bilic@zepter.ru> - Configure fix
20	Charles Levert <charles@comm.polymtl.ca> - SunOS 4 & bug fixes	21	Charles Levert <charles@comm.polymtl.ca> - SunOS 4 & bug fixes
21	Chip Salzenberg <chip@valinux.com> - Assorted patches	22	Chip Salzenberg <chip@valinux.com> - Assorted patches

Lines 1-3 Link Here

(-)a/debian/changelog (+6 lines)
		1	openssh (1:5.1p1-6ubuntu3) karmic; urgency=low
		2
		3	* Add RemoteCommand and PseudoTTY to config options
		4
		5	-- BjÃ¶rn "Vampire" Kautler <Vampire@Masters-of-Disaster.de> Mon, 30 Aug 2010 03:00:00 +0200
		6
1	openssh (1:5.1p1-6ubuntu2) karmic; urgency=low	7	openssh (1:5.1p1-6ubuntu2) karmic; urgency=low
2		8
3	* No change rebuild to fix misbuilt binaries on armel.	9	* No change rebuild to fix misbuilt binaries on armel.




#include "clientloop.h"

/* from ssh.c */
extern int tty_flag;
extern Options options;
extern int stdin_null_flag;
extern char *host;
int subsystem_flag;
extern Buffer command;

/* Context for session open confirmation callback */
struct mux_session_confirm_ctx {

	term = getenv("TERM");

	flags = 0;
	if (options.pseudo_tty)
		flags |= SSHMUX_FLAG_TTY;
	if (subsystem_flag)
		flags |= SSHMUX_FLAG_SUBSYS;

			buffer_put_int(&m, 0xffffffff);
		else
			buffer_put_int(&m, options.escape_char);
		buffer_append(&options.remote_command, "\0", 1);
		buffer_put_cstring(&m, buffer_ptr(&options.remote_command));

		if (options.num_send_env == 0 || environ == NULL) {
			buffer_put_int(&m, 0);

	signal(SIGTERM, control_client_sighandler);
	signal(SIGWINCH, control_client_sigrelay);

	if (options.pseudo_tty)
		enter_raw_mode();

	/*

	} else
		debug2("Received exit status from master %d", exitval[0]);

	if (options.pseudo_tty && options.log_level > SYSLOG_LEVEL_QUIET)
		fprintf(stderr, "Shared connection to %s closed.\r\n", host);

	exit(exitval[0]);

Lines 135-141 typedef enum { Link Here

(-)a/readconf.c (-1 / +35 lines)
135	oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,	135	oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
136	oSendEnv, oControlPath, oControlMaster, oHashKnownHosts,	136	oSendEnv, oControlPath, oControlMaster, oHashKnownHosts,
137	oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand,	137	oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand,
138	oVisualHostKey,	138	oRemoteCommand, oPseudoTTY, oVisualHostKey,
139	oProtocolKeepAlives, oSetupTimeOut,	139	oProtocolKeepAlives, oSetupTimeOut,
140	oDeprecated, oUnsupported	140	oDeprecated, oUnsupported
141	} OpCodes;	141	} OpCodes;
Lines 238-243 static struct { Link Here
238	{ "tunneldevice", oTunnelDevice },	238	{ "tunneldevice", oTunnelDevice },
239	{ "localcommand", oLocalCommand },	239	{ "localcommand", oLocalCommand },
240	{ "permitlocalcommand", oPermitLocalCommand },	240	{ "permitlocalcommand", oPermitLocalCommand },
		241	{ "remotecommand", oRemoteCommand },
		242	{ "pseudotty", oPseudoTTY },
241	{ "visualhostkey", oVisualHostKey },	243	{ "visualhostkey", oVisualHostKey },
242	{ "protocolkeepalives", oProtocolKeepAlives },	244	{ "protocolkeepalives", oProtocolKeepAlives },
243	{ "setuptimeout", oSetupTimeOut },	245	{ "setuptimeout", oSetupTimeOut },
Lines 944-949 parse_int: Link Here
944	intptr = &options->permit_local_command;	946	intptr = &options->permit_local_command;
945	goto parse_flag;	947	goto parse_flag;
946		948
		949	case oRemoteCommand:
		950	if (s == NULL)
		951	fatal("%.200s line %d: Missing argument.", filename, linenum);
		952	len = strspn(s, WHITESPACE "=");
		953	if (*activep && (buffer_len(&options->remote_command) == 0)) {
		954	buffer_append(&options->remote_command, s + len, strlen(s + len));
		955	}
		956	return 0;
		957
		958	case oPseudoTTY:
		959	arg = strdelim(&s);
		960	if (!arg \|\| *arg == '\0')
		961	fatal("%.200s line %d: Missing yes/no/force argument.",
		962	filename, linenum);
		963	value = 0; /* To avoid compiler warning... */
		964	if (strcmp(arg, "yes") == 0 \|\| strcmp(arg, "true") == 0)
		965	value = 1;
		966	else if (strcmp(arg, "no") == 0 \|\| strcmp(arg, "false") == 0)
		967	value = 0;
		968	else if (strcmp(arg, "force") == 0)
		969	value = 2;
		970	else
		971	fatal("%.200s line %d: Bad yes/no/force argument.", filename, linenum);
		972	if (*activep && options->pseudo_tty == -1)
		973	options->pseudo_tty = value;
		974	break;
		975
947	case oVisualHostKey:	976	case oVisualHostKey:
948	intptr = &options->visual_host_key;	977	intptr = &options->visual_host_key;
949	goto parse_flag;	978	goto parse_flag;
Lines 1120-1125 initialize_options(Options * options) Link Here
1120	options->tun_remote = -1;	1149	options->tun_remote = -1;
1121	options->local_command = NULL;	1150	options->local_command = NULL;
1122	options->permit_local_command = -1;	1151	options->permit_local_command = -1;
		1152	buffer_init(&options->remote_command);
		1153	options->pseudo_tty = -1;
1123	options->visual_host_key = -1;	1154	options->visual_host_key = -1;
1124	}	1155	}
1125		1156
Lines 1266-1274 fill_default_options(Options * options) Link Here
1266	options->tun_remote = SSH_TUNID_ANY;	1297	options->tun_remote = SSH_TUNID_ANY;
1267	if (options->permit_local_command == -1)	1298	if (options->permit_local_command == -1)
1268	options->permit_local_command = 0;	1299	options->permit_local_command = 0;
		1300	if (options->pseudo_tty == -1)
		1301	options->pseudo_tty = 0;
1269	if (options->visual_host_key == -1)	1302	if (options->visual_host_key == -1)
1270	options->visual_host_key = 0;	1303	options->visual_host_key = 0;
1271	/* options->local_command should not be set by default */	1304	/* options->local_command should not be set by default */
		1305	/* options->remote_command should not be set by default */
1272	/* options->proxy_command should not be set by default */	1306	/* options->proxy_command should not be set by default */
1273	/* options->user will be set in the main program if appropriate */	1307	/* options->user will be set in the main program if appropriate */
1274	/* options->hostname will be set in the main program if appropriate */	1308	/* options->hostname will be set in the main program if appropriate */

Lines 123-128 typedef struct { Link Here

(-)a/readconf.h (+2 lines)
123		123
124	char *local_command;	124	char *local_command;
125	int permit_local_command;	125	int permit_local_command;
		126	Buffer remote_command;
		127	int pseudo_tty;
126	int visual_host_key;	128	int visual_host_key;
127		129
128	} Options;	130	} Options;

Lines 93-98 DESCRIPTION Link Here

(-)a/scp.0 (+1 lines)
93	PreferredAuthentications	93	PreferredAuthentications
94	Protocol	94	Protocol
95	ProxyCommand	95	ProxyCommand
		96	PseudoTTY
96	PubkeyAuthentication	97	PubkeyAuthentication
97	RekeyLimit	98	RekeyLimit
98	RhostsRSAAuthentication	99	RhostsRSAAuthentication

Lines 157-162 For full details of the options listed below, and their possible values, see Link Here

(-)a/scp.1 (+1 lines)
157	.It PreferredAuthentications	157	.It PreferredAuthentications
158	.It Protocol	158	.It Protocol
159	.It ProxyCommand	159	.It ProxyCommand
		160	.It PseudoTTY
160	.It PubkeyAuthentication	161	.It PubkeyAuthentication
161	.It RekeyLimit	162	.It RekeyLimit
162	.It RhostsRSAAuthentication	163	.It RhostsRSAAuthentication

Lines 95-100 DESCRIPTION Link Here

(-)a/sftp.0 (+1 lines)
95	PreferredAuthentications	95	PreferredAuthentications
96	Protocol	96	Protocol
97	ProxyCommand	97	ProxyCommand
		98	PseudoTTY
98	PubkeyAuthentication	99	PubkeyAuthentication
99	RekeyLimit	100	RekeyLimit
100	RhostsRSAAuthentication	101	RhostsRSAAuthentication

Lines 180-185 For full details of the options listed below, and their possible values, see Link Here

(-)a/sftp.1 (+1 lines)
180	.It PreferredAuthentications	180	.It PreferredAuthentications
181	.It Protocol	181	.It Protocol
182	.It ProxyCommand	182	.It ProxyCommand
		183	.It PseudoTTY
183	.It PubkeyAuthentication	184	.It PubkeyAuthentication
184	.It RekeyLimit	185	.It RekeyLimit
185	.It RhostsRSAAuthentication	186	.It RhostsRSAAuthentication

Lines 262-269 DESCRIPTION Link Here

(-)a/ssh.0 (+2 lines)
262	PreferredAuthentications	262	PreferredAuthentications
263	Protocol	263	Protocol
264	ProxyCommand	264	ProxyCommand
		265	PseudoTTY
265	PubkeyAuthentication	266	PubkeyAuthentication
266	RekeyLimit	267	RekeyLimit
		268	RemoteCommand
267	RemoteForward	269	RemoteForward
268	RhostsRSAAuthentication	270	RhostsRSAAuthentication
269	RSAAuthentication	271	RSAAuthentication

Lines 490-497 For full details of the options listed below, and their possible values, see Link Here

(-)a/ssh.1 (+2 lines)
490	.It PreferredAuthentications	490	.It PreferredAuthentications
491	.It Protocol	491	.It Protocol
492	.It ProxyCommand	492	.It ProxyCommand
		493	.It PseudoTTY
493	.It PubkeyAuthentication	494	.It PubkeyAuthentication
494	.It RekeyLimit	495	.It RekeyLimit
		496	.It RemoteCommand
495	.It RemoteForward	497	.It RemoteForward
496	.It RhostsRSAAuthentication	498	.It RhostsRSAAuthentication
497	.It RSAAuthentication	499	.It RSAAuthentication




uid_t original_real_uid;
uid_t original_effective_uid;

/* command to be executed */
Buffer command;

/* Should we execute a command or invoke a subsystem? */
int subsystem_flag = 0;


	SSLeay_add_all_algorithms();
	ERR_load_crypto_strings();

	/* Initialize the command to execute on remote host. */
	buffer_init(&command);

	/*
	 * Save the command to execute on the remote host in a buffer. There
	 * is no limit on the length of the command, except by the maximum
	 * packet size.
	 */
	if (!ac) {
		/* No command specified - execute shell on a tty. */
		tty_flag = 1;
		if (subsystem_flag) {
			fprintf(stderr,
			    "You must specify a subsystem to invoke.\n");

		/* A command has been specified.  Store it into the buffer. */
		for (i = 0; i < ac; i++) {
			if (i)
				buffer_append(&options.remote_command, " ", 1);
			buffer_append(&options.remote_command, av[i], strlen(av[i]));
		}
	}

	/* Cannot fork to background if no command. */
	if (fork_after_authentication_flag && buffer_len(&options.remote_command) == 0 &&
	    !no_shell_flag)
		fatal("Cannot fork into background without a command "
		    "to execute.");

	/* Allocate a tty by default if no command specified. */
	if (buffer_len(&command) == 0)
		tty_flag = 1;

	/* Force no tty */
	if (no_tty_flag)
		tty_flag = 0;
	/* Do not allocate a tty if stdin is not a tty. */
	if ((!isatty(fileno(stdin)) || stdin_null_flag) && !force_tty_flag) {
		if (tty_flag && options.log_level > SYSLOG_LEVEL_QUIET)
			logit("Pseudo-terminal will not be allocated because "
			    "stdin is not a terminal.");
		tty_flag = 0;
	}

	/*
	 * Initialize "log" output.  Since we are the client all output
	 * actually goes to stderr.

		    &options, 0);
	}

	if (buffer_len(&options.remote_command) > 0) {
		buffer_append(&options.remote_command, "\0", 1);
		if (strcmp((u_char*)buffer_ptr(&options.remote_command), "none") == 0) {
			buffer_clear(&options.remote_command);
		}
	}

	if (no_tty_flag) {
		options.pseudo_tty = 0;
	} else if (force_tty_flag) {
		options.pseudo_tty = 2;
	} else if (tty_flag) {
		options.pseudo_tty = 1;
	}

	/* Allocate a tty by default if no command specified. */
	if (buffer_len(&options.remote_command) == 0 && options.pseudo_tty == -1)
		options.pseudo_tty = 1;

	/* Fill configuration defaults. */
	fill_default_options(&options);


		options.control_path = NULL;
	}

	/* Do not allocate a tty if stdin is not a tty. */
	if ((!isatty(fileno(stdin)) || stdin_null_flag) && options.pseudo_tty < 2) {
		if (options.pseudo_tty && options.log_level > SYSLOG_LEVEL_QUIET)
			logit("Pseudo-terminal will not be allocated because "
			      "stdin is not a terminal.");
		options.pseudo_tty = 0;
	}

	if (options.pseudo_tty == 2)
		options.pseudo_tty = 1;

	if (options.control_path != NULL) {
		char thishost[NI_MAXHOST];


			    "compression response.");
	}
	/* Allocate a pseudo tty if appropriate. */
	if (options.pseudo_tty) {
		debug("Requesting pty.");

		/* Start the packet. */

	 * If a command was specified on the command line, execute the
	 * command now. Otherwise request the server to start a shell.
	 */
	if (buffer_len(&options.remote_command) > 0) {
		int len = buffer_len(&options.remote_command);
		if (len > 900)
			len = 900;
		debug("Sending command: %.*s", len,
		    (u_char *)buffer_ptr(&options.remote_command));
		packet_start(SSH_CMSG_EXEC_CMD);
		packet_put_string(buffer_ptr(&options.remote_command), buffer_len(&options.remote_command));
		packet_send();
		packet_write_wait();
	} else {

	}

	/* Enter the interactive session. */
	return client_loop(have_tty, options.pseudo_tty ?
	    options.escape_char : SSH_ESCAPECHAR_NONE, 0);
}


{
	extern char **environ;
	const char *display;
	int interactive = options.pseudo_tty;

	display = getenv("DISPLAY");
	if (options.forward_x11 && display != NULL) {

		packet_send();
	}

	client_session2_setup(id, options.pseudo_tty, subsystem_flag, getenv("TERM"),
	    NULL, fileno(stdin), &options.remote_command, environ);

	packet_set_interactive(interactive);
}


	window = CHAN_SES_WINDOW_DEFAULT;
	packetmax = CHAN_SES_PACKET_DEFAULT;
	if (options.pseudo_tty) {
		window >>= 1;
		packetmax >>= 1;
	}

			fatal("daemon() failed: %.200s", strerror(errno));
	}

	return client_loop(options.pseudo_tty, options.pseudo_tty ?
	    options.escape_char : SSH_ESCAPECHAR_NONE, id);
}


Lines 442-447 DESCRIPTION Link Here

(-)a/ssh_config.0 (+19 lines)
442		442
443	ProxyCommand /usr/bin/nc -X connect -x 192.0.2.0:8080 %h %p	443	ProxyCommand /usr/bin/nc -X connect -x 192.0.2.0:8080 %h %p
444		444
		445	PseudoTTY
		446	Specifies whether to allocate a pseudo terminal. The argument to
		447	this keyword must be ``yes'', ``no'' or ``force''. If ``yes'' is
		448	given but stdin is no terminal, no pseudo terminal will be
		449	allocated. If ``force'' is given, even without a terminal at stdin
		450	a pseudo terminal is allocated. The default is ``no'' if a command
		451	is given as last parameter or via RemoteCommand keyword. If no
		452	command is given and thus a shell started, the default is ``yes''.
		453
445	PubkeyAuthentication	454	PubkeyAuthentication
446	Specifies whether to try public key authentication. The argument	455	Specifies whether to try public key authentication. The argument
447	to this keyword must be ``yes'' or ``no''. The default is	456	to this keyword must be ``yes'' or ``no''. The default is
Lines 455-460 DESCRIPTION Link Here
455	between `1G' and `4G', depending on the cipher. This option ap-	464	between `1G' and `4G', depending on the cipher. This option ap-
456	plies to protocol version 2 only.	465	plies to protocol version 2 only.
457		466
		467	RemoteCommand
		468	Specifies the command to execute on the server once connected if
		469	none was given on the command line. Setting the command to
		470	``none'' (e. g. to overwrite later config blocks) is the same as
		471	supplying no command at all. If no command is supplied, PseudoTTY
		472	is set to ``yes'' if it is set to ``no'' and a shell is executed
		473	as remote command. If something named ``none'' needs to be
		474	executed you can use a syntax trick like ``none;''. The default
		475	is unset.
		476
458	RemoteForward	477	RemoteForward
459	Specifies that a TCP port on the remote machine be forwarded over	478	Specifies that a TCP port on the remote machine be forwarded over
460	the secure channel to the specified host and port from the local	479	the secure channel to the specified host and port from the local




.Bd -literal -offset 3n
ProxyCommand /usr/bin/nc -X connect -x 192.0.2.0:8080 %h %p
.Ed
.It Cm PseudoTTY
Specifies whether to allocate a pseudo terminal.
The argument to this keyword must be
.Dq yes
,
.Dq no
or
.Dq force .
If
.Dq yes
is given but stdin is no terminal, no pseudo terminal will be allocated. If
.Dq force
is given, even without a terminal at stdin a pseudo terminal is allocated.
The default is
.Dq no
if a command is given as last parameter or via
.Cm RemoteCommand
keyword. If no command is given and thus a shell started, the default is
.Dq yes .
.It Cm PubkeyAuthentication
Specifies whether to try public key authentication.
The argument to this keyword must be

.Sq 4G ,
depending on the cipher.
This option applies to protocol version 2 only.
.It Cm RemoteCommand
Specifies the command to execute on the server once connected if
none was given on the command line. Setting the command to
.Dq none
(e. g. to overwrite later config blocks) is the same as
supplying no command at all. If no command is supplied,
.Cm PseudoTTY
is set to
.Dq yes
if it is set to
.Dq no
and a shell is executed as remote command. If something named
.Dq none
needs to be executed you can use a syntax trick like
.Dq none; .
The default is unset.
.It Cm RemoteForward
Specifies that a TCP port on the remote machine be forwarded over
the secure channel to the specified host and port from the local machine.

Return to bug 1815

Lines 157-165 Sensitive sensitive_data; Link Here

(-)a/ssh.c (-38 / +45 lines)
157	uid_t original_real_uid;	157	uid_t original_real_uid;
158	uid_t original_effective_uid;	158	uid_t original_effective_uid;
159		159
160	/* command to be executed */
161	Buffer command;
162
163	/* Should we execute a command or invoke a subsystem? */	160	/* Should we execute a command or invoke a subsystem? */
164	int subsystem_flag = 0;	161	int subsystem_flag = 0;
165		162
Lines 567-583 main(int ac, char **av) Link Here
567	SSLeay_add_all_algorithms();	564	SSLeay_add_all_algorithms();
568	ERR_load_crypto_strings();	565	ERR_load_crypto_strings();
569		566
570	/* Initialize the command to execute on remote host. */
571	buffer_init(&command);
572
573	/*	567	/*
574	* Save the command to execute on the remote host in a buffer. There	568	* Save the command to execute on the remote host in a buffer. There
575	* is no limit on the length of the command, except by the maximum	569	* is no limit on the length of the command, except by the maximum
576	* packet size. Also sets the tty flag if there is no command.	570	* packet size.
577	*/	571	*/
578	if (!ac) {	572	if (!ac) {
579	/* No command specified - execute shell on a tty. */
580	tty_flag = 1;
581	if (subsystem_flag) {	573	if (subsystem_flag) {
582	fprintf(stderr,	574	fprintf(stderr,
583	"You must specify a subsystem to invoke.\n");	575	"You must specify a subsystem to invoke.\n");
Lines 587-618 main(int ac, char **av) Link Here
587	/* A command has been specified. Store it into the buffer. */	579	/* A command has been specified. Store it into the buffer. */
588	for (i = 0; i < ac; i++) {	580	for (i = 0; i < ac; i++) {
589	if (i)	581	if (i)
590	buffer_append(&command, " ", 1);	582	buffer_append(&options.remote_command, " ", 1);
591	buffer_append(&command, av[i], strlen(av[i]));	583	buffer_append(&options.remote_command, av[i], strlen(av[i]));
592	}	584	}
593	}	585	}
594		586
595	/* Cannot fork to background if no command. */	587	/* Cannot fork to background if no command. */
596	if (fork_after_authentication_flag && buffer_len(&command) == 0 &&	588	if (fork_after_authentication_flag && buffer_len(&options.remote_command) == 0 &&
597	!no_shell_flag)	589	!no_shell_flag)
598	fatal("Cannot fork into background without a command "	590	fatal("Cannot fork into background without a command "
599	"to execute.");	591	"to execute.");
600		592
601	/* Allocate a tty by default if no command specified. */
602	if (buffer_len(&command) == 0)
603	tty_flag = 1;
604
605	/* Force no tty */
606	if (no_tty_flag)
607	tty_flag = 0;
608	/* Do not allocate a tty if stdin is not a tty. */
609	if ((!isatty(fileno(stdin)) \|\| stdin_null_flag) && !force_tty_flag) {
610	if (tty_flag && options.log_level > SYSLOG_LEVEL_QUIET)
611	logit("Pseudo-terminal will not be allocated because "
612	"stdin is not a terminal.");
613	tty_flag = 0;
614	}
615
616	/*	593	/*
617	* Initialize "log" output. Since we are the client all output	594	* Initialize "log" output. Since we are the client all output
618	* actually goes to stderr.	595	* actually goes to stderr.
Lines 639-644 main(int ac, char **av) Link Here
639	&options, 0);	616	&options, 0);
640	}	617	}
641		618
		619	if (buffer_len(&options.remote_command) > 0) {
		620	buffer_append(&options.remote_command, "\0", 1);
		621	if (strcmp((u_char*)buffer_ptr(&options.remote_command), "none") == 0) {
		622	buffer_clear(&options.remote_command);
		623	}
		624	}
		625
		626	if (no_tty_flag) {
		627	options.pseudo_tty = 0;
		628	} else if (force_tty_flag) {
		629	options.pseudo_tty = 2;
		630	} else if (tty_flag) {
		631	options.pseudo_tty = 1;
		632	}
		633
		634	/* Allocate a tty by default if no command specified. */
		635	if (buffer_len(&options.remote_command) == 0 && options.pseudo_tty == -1)
		636	options.pseudo_tty = 1;
		637
642	/* Fill configuration defaults. */	638	/* Fill configuration defaults. */
643	fill_default_options(&options);	639	fill_default_options(&options);
644		640
Lines 695-700 main(int ac, char **av) Link Here
695	options.control_path = NULL;	691	options.control_path = NULL;
696	}	692	}
697		693
		694	/* Do not allocate a tty if stdin is not a tty. */
		695	if ((!isatty(fileno(stdin)) \|\| stdin_null_flag) && options.pseudo_tty < 2) {
		696	if (options.pseudo_tty && options.log_level > SYSLOG_LEVEL_QUIET)
		697	logit("Pseudo-terminal will not be allocated because "
		698	"stdin is not a terminal.");
		699	options.pseudo_tty = 0;
		700	}
		701
		702	if (options.pseudo_tty == 2)
		703	options.pseudo_tty = 1;
		704
698	if (options.control_path != NULL) {	705	if (options.control_path != NULL) {
699	char thishost[NI_MAXHOST];	706	char thishost[NI_MAXHOST];
700		707
Lines 985-991 ssh_session(void) Link Here
985	"compression response.");	992	"compression response.");
986	}	993	}
987	/* Allocate a pseudo tty if appropriate. */	994	/* Allocate a pseudo tty if appropriate. */
988	if (tty_flag) {	995	if (options.pseudo_tty) {
989	debug("Requesting pty.");	996	debug("Requesting pty.");
990		997
991	/* Start the packet. */	998	/* Start the packet. */
Lines 1089-1102 ssh_session(void) Link Here
1089	* If a command was specified on the command line, execute the	1096	* If a command was specified on the command line, execute the
1090	* command now. Otherwise request the server to start a shell.	1097	* command now. Otherwise request the server to start a shell.
1091	*/	1098	*/
1092	if (buffer_len(&command) > 0) {	1099	if (buffer_len(&options.remote_command) > 0) {
1093	int len = buffer_len(&command);	1100	int len = buffer_len(&options.remote_command);
1094	if (len > 900)	1101	if (len > 900)
1095	len = 900;	1102	len = 900;
1096	debug("Sending command: %.*s", len,	1103	debug("Sending command: %.*s", len,
1097	(u_char *)buffer_ptr(&command));	1104	(u_char *)buffer_ptr(&options.remote_command));
1098	packet_start(SSH_CMSG_EXEC_CMD);	1105	packet_start(SSH_CMSG_EXEC_CMD);
1099	packet_put_string(buffer_ptr(&command), buffer_len(&command));	1106	packet_put_string(buffer_ptr(&options.remote_command), buffer_len(&options.remote_command));
1100	packet_send();	1107	packet_send();
1101	packet_write_wait();	1108	packet_write_wait();
1102	} else {	1109	} else {
Lines 1107-1113 ssh_session(void) Link Here
1107	}	1114	}
1108		1115
1109	/* Enter the interactive session. */	1116	/* Enter the interactive session. */
1110	return client_loop(have_tty, tty_flag ?	1117	return client_loop(have_tty, options.pseudo_tty ?
1111	options.escape_char : SSH_ESCAPECHAR_NONE, 0);	1118	options.escape_char : SSH_ESCAPECHAR_NONE, 0);
1112	}	1119	}
1113		1120
Lines 1117-1123 ssh_session2_setup(int id, void *arg) Link Here
1117	{	1124	{
1118	extern char **environ;	1125	extern char **environ;
1119	const char *display;	1126	const char *display;
1120	int interactive = tty_flag;	1127	int interactive = options.pseudo_tty;
1121		1128
1122	display = getenv("DISPLAY");	1129	display = getenv("DISPLAY");
1123	if (options.forward_x11 && display != NULL) {	1130	if (options.forward_x11 && display != NULL) {
Lines 1140-1147 ssh_session2_setup(int id, void *arg) Link Here
1140	packet_send();	1147	packet_send();
1141	}	1148	}
1142		1149
1143	client_session2_setup(id, tty_flag, subsystem_flag, getenv("TERM"),	1150	client_session2_setup(id, options.pseudo_tty, subsystem_flag, getenv("TERM"),
1144	NULL, fileno(stdin), &command, environ);	1151	NULL, fileno(stdin), &options.remote_command, environ);
1145		1152
1146	packet_set_interactive(interactive);	1153	packet_set_interactive(interactive);
1147	}	1154	}
Lines 1174-1180 ssh_session2_open(void) Link Here
1174		1181
1175	window = CHAN_SES_WINDOW_DEFAULT;	1182	window = CHAN_SES_WINDOW_DEFAULT;
1176	packetmax = CHAN_SES_PACKET_DEFAULT;	1183	packetmax = CHAN_SES_PACKET_DEFAULT;
1177	if (tty_flag) {	1184	if (options.pseudo_tty) {
1178	window >>= 1;	1185	window >>= 1;
1179	packetmax >>= 1;	1186	packetmax >>= 1;
1180	}	1187	}
Lines 1229-1235 ssh_session2(void) Link Here
1229	fatal("daemon() failed: %.200s", strerror(errno));	1236	fatal("daemon() failed: %.200s", strerror(errno));
1230	}	1237	}
1231		1238
1232	return client_loop(tty_flag, tty_flag ?	1239	return client_loop(options.pseudo_tty, options.pseudo_tty ?
1233	options.escape_char : SSH_ESCAPECHAR_NONE, id);	1240	options.escape_char : SSH_ESCAPECHAR_NONE, id);
1234	}	1241	}
1235		1242

Lines 81-92 Link Here

(-)a/mux.c (-7 / +5 lines)
81	#include "clientloop.h"	81	#include "clientloop.h"
82		82
83	/* from ssh.c */	83	/* from ssh.c */
84	extern int tty_flag;
85	extern Options options;	84	extern Options options;
86	extern int stdin_null_flag;	85	extern int stdin_null_flag;
87	extern char *host;	86	extern char *host;
88	int subsystem_flag;	87	int subsystem_flag;
89	extern Buffer command;
90		88
91	/* Context for session open confirmation callback */	89	/* Context for session open confirmation callback */
92	struct mux_session_confirm_ctx {	90	struct mux_session_confirm_ctx {
Lines 561-567 muxclient(const char *path) Link Here
561	term = getenv("TERM");	559	term = getenv("TERM");
562		560
563	flags = 0;	561	flags = 0;
564	if (tty_flag)	562	if (options.pseudo_tty)
565	flags \|= SSHMUX_FLAG_TTY;	563	flags \|= SSHMUX_FLAG_TTY;
566	if (subsystem_flag)	564	if (subsystem_flag)
567	flags \|= SSHMUX_FLAG_SUBSYS;	565	flags \|= SSHMUX_FLAG_SUBSYS;
Lines 627-634 muxclient(const char *path) Link Here
627	buffer_put_int(&m, 0xffffffff);	625	buffer_put_int(&m, 0xffffffff);
628	else	626	else
629	buffer_put_int(&m, options.escape_char);	627	buffer_put_int(&m, options.escape_char);
630	buffer_append(&command, "\0", 1);	628	buffer_append(&options.remote_command, "\0", 1);
631	buffer_put_cstring(&m, buffer_ptr(&command));	629	buffer_put_cstring(&m, buffer_ptr(&options.remote_command));
632		630
633	if (options.num_send_env == 0 \|\| environ == NULL) {	631	if (options.num_send_env == 0 \|\| environ == NULL) {
634	buffer_put_int(&m, 0);	632	buffer_put_int(&m, 0);
Lines 682-688 muxclient(const char *path) Link Here
682	signal(SIGTERM, control_client_sighandler);	680	signal(SIGTERM, control_client_sighandler);
683	signal(SIGWINCH, control_client_sigrelay);	681	signal(SIGWINCH, control_client_sigrelay);
684		682
685	if (tty_flag)	683	if (options.pseudo_tty)
686	enter_raw_mode();	684	enter_raw_mode();
687		685
688	/*	686	/*
Lines 721-727 muxclient(const char *path) Link Here
721	} else	719	} else
722	debug2("Received exit status from master %d", exitval[0]);	720	debug2("Received exit status from master %d", exitval[0]);
723		721
724	if (tty_flag && options.log_level > SYSLOG_LEVEL_QUIET)	722	if (options.pseudo_tty && options.log_level > SYSLOG_LEVEL_QUIET)
725	fprintf(stderr, "Shared connection to %s closed.\r\n", host);	723	fprintf(stderr, "Shared connection to %s closed.\r\n", host);
726		724
727	exit(exitval[0]);	725	exit(exitval[0]);

Lines 812-817 For example, the following directive would connect via an HTTP proxy at Link Here

(-)a/ssh_config.5 (+35 lines)
812	.Bd -literal -offset 3n	812	.Bd -literal -offset 3n
813	ProxyCommand /usr/bin/nc -X connect -x 192.0.2.0:8080 %h %p	813	ProxyCommand /usr/bin/nc -X connect -x 192.0.2.0:8080 %h %p
814	.Ed	814	.Ed
		815	.It Cm PseudoTTY
		816	Specifies whether to allocate a pseudo terminal.
		817	The argument to this keyword must be
		818	.Dq yes
		819	,
		820	.Dq no
		821	or
		822	.Dq force .
		823	If
		824	.Dq yes
		825	is given but stdin is no terminal, no pseudo terminal will be allocated. If
		826	.Dq force
		827	is given, even without a terminal at stdin a pseudo terminal is allocated.
		828	The default is
		829	.Dq no
		830	if a command is given as last parameter or via
		831	.Cm RemoteCommand
		832	keyword. If no command is given and thus a shell started, the default is
		833	.Dq yes .
815	.It Cm PubkeyAuthentication	834	.It Cm PubkeyAuthentication
816	Specifies whether to try public key authentication.	835	Specifies whether to try public key authentication.
817	The argument to this keyword must be	836	The argument to this keyword must be
Lines 836-841 and Link Here
836	.Sq 4G ,	855	.Sq 4G ,
837	depending on the cipher.	856	depending on the cipher.
838	This option applies to protocol version 2 only.	857	This option applies to protocol version 2 only.
		858	.It Cm RemoteCommand
		859	Specifies the command to execute on the server once connected if
		860	none was given on the command line. Setting the command to
		861	.Dq none
		862	(e. g. to overwrite later config blocks) is the same as
		863	supplying no command at all. If no command is supplied,
		864	.Cm PseudoTTY
		865	is set to
		866	.Dq yes
		867	if it is set to
		868	.Dq no
		869	and a shell is executed as remote command. If something named
		870	.Dq none
		871	needs to be executed you can use a syntax trick like
		872	.Dq none; .
		873	The default is unset.
839	.It Cm RemoteForward	874	.It Cm RemoteForward
840	Specifies that a TCP port on the remote machine be forwarded over	875	Specifies that a TCP port on the remote machine be forwarded over
841	the secure channel to the specified host and port from the local machine.	876	the secure channel to the specified host and port from the local machine.