Bugzilla – Attachment 1918 Details for
Bug 1815
RemoteCommand and PseudoTTY config options
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch to add RemoteCommand and PseudoTTY to openssh-5.1p1-6ubuntu2
add_RemoteCommand_and_PseudoTTY_to_openssh-5.1p1-6ubuntu2.patch (text/plain), 16.88 KB, created by
Björn "Vampire" Kautler
on 2010-09-04 10:13:36 AEST
(
hide
)
Description:
Patch to add RemoteCommand and PseudoTTY to openssh-5.1p1-6ubuntu2
Filename:
MIME Type:
Creator:
Björn "Vampire" Kautler
Created:
2010-09-04 10:13:36 AEST
Size:
16.88 KB
patch
obsolete
>diff --git a/CREDITS b/CREDITS >index eaf105a..c08f959 100644 >--- a/CREDITS >+++ b/CREDITS >@@ -16,6 +16,7 @@ Aran Cox <acox@cv.telegroup.com> - SCO bugfixes > Arkadiusz Miskiewicz <misiek@pld.org.pl> - IPv6 compat fixes > Ben Lindstrom <mouring@eviladmin.org> - NeXT support > Ben Taylor <bent@clark.net> - Solaris debugging and fixes >+Björn "Vampire" Kautler <Vampire@Masters-of-Disaster.de> - RemoteCommand and PseudoTTY patch > Bratislav ILICH <bilic@zepter.ru> - Configure fix > Charles Levert <charles@comm.polymtl.ca> - SunOS 4 & bug fixes > Chip Salzenberg <chip@valinux.com> - Assorted patches >diff --git a/debian/changelog b/debian/changelog >index 8057d53..588c7cc 100644 >--- a/debian/changelog >+++ b/debian/changelog >@@ -1,3 +1,9 @@ >+openssh (1:5.1p1-6ubuntu3) karmic; urgency=low >+ >+ * Add RemoteCommand and PseudoTTY to config options >+ >+ -- Björn "Vampire" Kautler <Vampire@Masters-of-Disaster.de> Mon, 30 Aug 2010 03:00:00 +0200 >+ > openssh (1:5.1p1-6ubuntu2) karmic; urgency=low > > * No change rebuild to fix misbuilt binaries on armel. >diff --git a/mux.c b/mux.c >index 4669e53..72a0d89 100644 >--- a/mux.c >+++ b/mux.c >@@ -81,12 +81,10 @@ > #include "clientloop.h" > > /* from ssh.c */ >-extern int tty_flag; > extern Options options; > extern int stdin_null_flag; > extern char *host; > int subsystem_flag; >-extern Buffer command; > > /* Context for session open confirmation callback */ > struct mux_session_confirm_ctx { >@@ -561,7 +559,7 @@ muxclient(const char *path) > term = getenv("TERM"); > > flags = 0; >- if (tty_flag) >+ if (options.pseudo_tty) > flags |= SSHMUX_FLAG_TTY; > if (subsystem_flag) > flags |= SSHMUX_FLAG_SUBSYS; >@@ -627,8 +625,8 @@ muxclient(const char *path) > buffer_put_int(&m, 0xffffffff); > else > buffer_put_int(&m, options.escape_char); >- buffer_append(&command, "\0", 1); >- buffer_put_cstring(&m, buffer_ptr(&command)); >+ buffer_append(&options.remote_command, "\0", 1); >+ buffer_put_cstring(&m, buffer_ptr(&options.remote_command)); > > if (options.num_send_env == 0 || environ == NULL) { > buffer_put_int(&m, 0); >@@ -682,7 +680,7 @@ muxclient(const char *path) > signal(SIGTERM, control_client_sighandler); > signal(SIGWINCH, control_client_sigrelay); > >- if (tty_flag) >+ if (options.pseudo_tty) > enter_raw_mode(); > > /* >@@ -721,7 +719,7 @@ muxclient(const char *path) > } else > debug2("Received exit status from master %d", exitval[0]); > >- if (tty_flag && options.log_level > SYSLOG_LEVEL_QUIET) >+ if (options.pseudo_tty && options.log_level > SYSLOG_LEVEL_QUIET) > fprintf(stderr, "Shared connection to %s closed.\r\n", host); > > exit(exitval[0]); >diff --git a/readconf.c b/readconf.c >index 043673c..f2c8d6c 100644 >--- a/readconf.c >+++ b/readconf.c >@@ -135,7 +135,7 @@ typedef enum { > oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, > oSendEnv, oControlPath, oControlMaster, oHashKnownHosts, > oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand, >- oVisualHostKey, >+ oRemoteCommand, oPseudoTTY, oVisualHostKey, > oProtocolKeepAlives, oSetupTimeOut, > oDeprecated, oUnsupported > } OpCodes; >@@ -238,6 +238,8 @@ static struct { > { "tunneldevice", oTunnelDevice }, > { "localcommand", oLocalCommand }, > { "permitlocalcommand", oPermitLocalCommand }, >+ { "remotecommand", oRemoteCommand }, >+ { "pseudotty", oPseudoTTY }, > { "visualhostkey", oVisualHostKey }, > { "protocolkeepalives", oProtocolKeepAlives }, > { "setuptimeout", oSetupTimeOut }, >@@ -944,6 +946,33 @@ parse_int: > intptr = &options->permit_local_command; > goto parse_flag; > >+ case oRemoteCommand: >+ if (s == NULL) >+ fatal("%.200s line %d: Missing argument.", filename, linenum); >+ len = strspn(s, WHITESPACE "="); >+ if (*activep && (buffer_len(&options->remote_command) == 0)) { >+ buffer_append(&options->remote_command, s + len, strlen(s + len)); >+ } >+ return 0; >+ >+ case oPseudoTTY: >+ arg = strdelim(&s); >+ if (!arg || *arg == '\0') >+ fatal("%.200s line %d: Missing yes/no/force argument.", >+ filename, linenum); >+ value = 0; /* To avoid compiler warning... */ >+ if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0) >+ value = 1; >+ else if (strcmp(arg, "no") == 0 || strcmp(arg, "false") == 0) >+ value = 0; >+ else if (strcmp(arg, "force") == 0) >+ value = 2; >+ else >+ fatal("%.200s line %d: Bad yes/no/force argument.", filename, linenum); >+ if (*activep && options->pseudo_tty == -1) >+ options->pseudo_tty = value; >+ break; >+ > case oVisualHostKey: > intptr = &options->visual_host_key; > goto parse_flag; >@@ -1120,6 +1149,8 @@ initialize_options(Options * options) > options->tun_remote = -1; > options->local_command = NULL; > options->permit_local_command = -1; >+ buffer_init(&options->remote_command); >+ options->pseudo_tty = -1; > options->visual_host_key = -1; > } > >@@ -1266,9 +1297,12 @@ fill_default_options(Options * options) > options->tun_remote = SSH_TUNID_ANY; > if (options->permit_local_command == -1) > options->permit_local_command = 0; >+ if (options->pseudo_tty == -1) >+ options->pseudo_tty = 0; > if (options->visual_host_key == -1) > options->visual_host_key = 0; > /* options->local_command should not be set by default */ >+ /* options->remote_command should not be set by default */ > /* options->proxy_command should not be set by default */ > /* options->user will be set in the main program if appropriate */ > /* options->hostname will be set in the main program if appropriate */ >diff --git a/readconf.h b/readconf.h >index 42bfdf6..3cd9cb7 100644 >--- a/readconf.h >+++ b/readconf.h >@@ -123,6 +123,8 @@ typedef struct { > > char *local_command; > int permit_local_command; >+ Buffer remote_command; >+ int pseudo_tty; > int visual_host_key; > > } Options; >diff --git a/scp.0 b/scp.0 >index b6b9d91..b84e13c 100644 >--- a/scp.0 >+++ b/scp.0 >@@ -93,6 +93,7 @@ DESCRIPTION > PreferredAuthentications > Protocol > ProxyCommand >+ PseudoTTY > PubkeyAuthentication > RekeyLimit > RhostsRSAAuthentication >diff --git a/scp.1 b/scp.1 >index 5033d84..0eae6c3 100644 >--- a/scp.1 >+++ b/scp.1 >@@ -157,6 +157,7 @@ For full details of the options listed below, and their possible values, see > .It PreferredAuthentications > .It Protocol > .It ProxyCommand >+.It PseudoTTY > .It PubkeyAuthentication > .It RekeyLimit > .It RhostsRSAAuthentication >diff --git a/sftp.0 b/sftp.0 >index 965e1fa..f2fdb52 100644 >--- a/sftp.0 >+++ b/sftp.0 >@@ -95,6 +95,7 @@ DESCRIPTION > PreferredAuthentications > Protocol > ProxyCommand >+ PseudoTTY > PubkeyAuthentication > RekeyLimit > RhostsRSAAuthentication >diff --git a/sftp.1 b/sftp.1 >index b4f9a68..a558dc5 100644 >--- a/sftp.1 >+++ b/sftp.1 >@@ -180,6 +180,7 @@ For full details of the options listed below, and their possible values, see > .It PreferredAuthentications > .It Protocol > .It ProxyCommand >+.It PseudoTTY > .It PubkeyAuthentication > .It RekeyLimit > .It RhostsRSAAuthentication >diff --git a/ssh.0 b/ssh.0 >index 21e5ac9..1537b2d 100644 >--- a/ssh.0 >+++ b/ssh.0 >@@ -262,8 +262,10 @@ DESCRIPTION > PreferredAuthentications > Protocol > ProxyCommand >+ PseudoTTY > PubkeyAuthentication > RekeyLimit >+ RemoteCommand > RemoteForward > RhostsRSAAuthentication > RSAAuthentication >diff --git a/ssh.1 b/ssh.1 >index 1229201..9d12a7a 100644 >--- a/ssh.1 >+++ b/ssh.1 >@@ -490,8 +490,10 @@ For full details of the options listed below, and their possible values, see > .It PreferredAuthentications > .It Protocol > .It ProxyCommand >+.It PseudoTTY > .It PubkeyAuthentication > .It RekeyLimit >+.It RemoteCommand > .It RemoteForward > .It RhostsRSAAuthentication > .It RSAAuthentication >diff --git a/ssh.c b/ssh.c >index 2b55e63..dcda5a5 100644 >--- a/ssh.c >+++ b/ssh.c >@@ -157,9 +157,6 @@ Sensitive sensitive_data; > uid_t original_real_uid; > uid_t original_effective_uid; > >-/* command to be executed */ >-Buffer command; >- > /* Should we execute a command or invoke a subsystem? */ > int subsystem_flag = 0; > >@@ -567,17 +564,12 @@ main(int ac, char **av) > SSLeay_add_all_algorithms(); > ERR_load_crypto_strings(); > >- /* Initialize the command to execute on remote host. */ >- buffer_init(&command); >- > /* > * Save the command to execute on the remote host in a buffer. There > * is no limit on the length of the command, except by the maximum >- * packet size. Also sets the tty flag if there is no command. >+ * packet size. > */ > if (!ac) { >- /* No command specified - execute shell on a tty. */ >- tty_flag = 1; > if (subsystem_flag) { > fprintf(stderr, > "You must specify a subsystem to invoke.\n"); >@@ -587,32 +579,17 @@ main(int ac, char **av) > /* A command has been specified. Store it into the buffer. */ > for (i = 0; i < ac; i++) { > if (i) >- buffer_append(&command, " ", 1); >- buffer_append(&command, av[i], strlen(av[i])); >+ buffer_append(&options.remote_command, " ", 1); >+ buffer_append(&options.remote_command, av[i], strlen(av[i])); > } > } > > /* Cannot fork to background if no command. */ >- if (fork_after_authentication_flag && buffer_len(&command) == 0 && >+ if (fork_after_authentication_flag && buffer_len(&options.remote_command) == 0 && > !no_shell_flag) > fatal("Cannot fork into background without a command " > "to execute."); > >- /* Allocate a tty by default if no command specified. */ >- if (buffer_len(&command) == 0) >- tty_flag = 1; >- >- /* Force no tty */ >- if (no_tty_flag) >- tty_flag = 0; >- /* Do not allocate a tty if stdin is not a tty. */ >- if ((!isatty(fileno(stdin)) || stdin_null_flag) && !force_tty_flag) { >- if (tty_flag && options.log_level > SYSLOG_LEVEL_QUIET) >- logit("Pseudo-terminal will not be allocated because " >- "stdin is not a terminal."); >- tty_flag = 0; >- } >- > /* > * Initialize "log" output. Since we are the client all output > * actually goes to stderr. >@@ -639,6 +616,25 @@ main(int ac, char **av) > &options, 0); > } > >+ if (buffer_len(&options.remote_command) > 0) { >+ buffer_append(&options.remote_command, "\0", 1); >+ if (strcmp((u_char*)buffer_ptr(&options.remote_command), "none") == 0) { >+ buffer_clear(&options.remote_command); >+ } >+ } >+ >+ if (no_tty_flag) { >+ options.pseudo_tty = 0; >+ } else if (force_tty_flag) { >+ options.pseudo_tty = 2; >+ } else if (tty_flag) { >+ options.pseudo_tty = 1; >+ } >+ >+ /* Allocate a tty by default if no command specified. */ >+ if (buffer_len(&options.remote_command) == 0 && options.pseudo_tty == -1) >+ options.pseudo_tty = 1; >+ > /* Fill configuration defaults. */ > fill_default_options(&options); > >@@ -695,6 +691,17 @@ main(int ac, char **av) > options.control_path = NULL; > } > >+ /* Do not allocate a tty if stdin is not a tty. */ >+ if ((!isatty(fileno(stdin)) || stdin_null_flag) && options.pseudo_tty < 2) { >+ if (options.pseudo_tty && options.log_level > SYSLOG_LEVEL_QUIET) >+ logit("Pseudo-terminal will not be allocated because " >+ "stdin is not a terminal."); >+ options.pseudo_tty = 0; >+ } >+ >+ if (options.pseudo_tty == 2) >+ options.pseudo_tty = 1; >+ > if (options.control_path != NULL) { > char thishost[NI_MAXHOST]; > >@@ -985,7 +992,7 @@ ssh_session(void) > "compression response."); > } > /* Allocate a pseudo tty if appropriate. */ >- if (tty_flag) { >+ if (options.pseudo_tty) { > debug("Requesting pty."); > > /* Start the packet. */ >@@ -1089,14 +1096,14 @@ ssh_session(void) > * If a command was specified on the command line, execute the > * command now. Otherwise request the server to start a shell. > */ >- if (buffer_len(&command) > 0) { >- int len = buffer_len(&command); >+ if (buffer_len(&options.remote_command) > 0) { >+ int len = buffer_len(&options.remote_command); > if (len > 900) > len = 900; > debug("Sending command: %.*s", len, >- (u_char *)buffer_ptr(&command)); >+ (u_char *)buffer_ptr(&options.remote_command)); > packet_start(SSH_CMSG_EXEC_CMD); >- packet_put_string(buffer_ptr(&command), buffer_len(&command)); >+ packet_put_string(buffer_ptr(&options.remote_command), buffer_len(&options.remote_command)); > packet_send(); > packet_write_wait(); > } else { >@@ -1107,7 +1114,7 @@ ssh_session(void) > } > > /* Enter the interactive session. */ >- return client_loop(have_tty, tty_flag ? >+ return client_loop(have_tty, options.pseudo_tty ? > options.escape_char : SSH_ESCAPECHAR_NONE, 0); > } > >@@ -1117,7 +1124,7 @@ ssh_session2_setup(int id, void *arg) > { > extern char **environ; > const char *display; >- int interactive = tty_flag; >+ int interactive = options.pseudo_tty; > > display = getenv("DISPLAY"); > if (options.forward_x11 && display != NULL) { >@@ -1140,8 +1147,8 @@ ssh_session2_setup(int id, void *arg) > packet_send(); > } > >- client_session2_setup(id, tty_flag, subsystem_flag, getenv("TERM"), >- NULL, fileno(stdin), &command, environ); >+ client_session2_setup(id, options.pseudo_tty, subsystem_flag, getenv("TERM"), >+ NULL, fileno(stdin), &options.remote_command, environ); > > packet_set_interactive(interactive); > } >@@ -1174,7 +1181,7 @@ ssh_session2_open(void) > > window = CHAN_SES_WINDOW_DEFAULT; > packetmax = CHAN_SES_PACKET_DEFAULT; >- if (tty_flag) { >+ if (options.pseudo_tty) { > window >>= 1; > packetmax >>= 1; > } >@@ -1229,7 +1236,7 @@ ssh_session2(void) > fatal("daemon() failed: %.200s", strerror(errno)); > } > >- return client_loop(tty_flag, tty_flag ? >+ return client_loop(options.pseudo_tty, options.pseudo_tty ? > options.escape_char : SSH_ESCAPECHAR_NONE, id); > } > >diff --git a/ssh_config.0 b/ssh_config.0 >index e2e6458..1fd8cce 100644 >--- a/ssh_config.0 >+++ b/ssh_config.0 >@@ -442,6 +442,15 @@ DESCRIPTION > > ProxyCommand /usr/bin/nc -X connect -x 192.0.2.0:8080 %h %p > >+ PseudoTTY >+ Specifies whether to allocate a pseudo terminal. The argument to >+ this keyword must be ``yes'', ``no'' or ``force''. If ``yes'' is >+ given but stdin is no terminal, no pseudo terminal will be >+ allocated. If ``force'' is given, even without a terminal at stdin >+ a pseudo terminal is allocated. The default is ``no'' if a command >+ is given as last parameter or via RemoteCommand keyword. If no >+ command is given and thus a shell started, the default is ``yes''. >+ > PubkeyAuthentication > Specifies whether to try public key authentication. The argument > to this keyword must be ``yes'' or ``no''. The default is >@@ -455,6 +464,16 @@ DESCRIPTION > between `1G' and `4G', depending on the cipher. This option ap- > plies to protocol version 2 only. > >+ RemoteCommand >+ Specifies the command to execute on the server once connected if >+ none was given on the command line. Setting the command to >+ ``none'' (e. g. to overwrite later config blocks) is the same as >+ supplying no command at all. If no command is supplied, PseudoTTY >+ is set to ``yes'' if it is set to ``no'' and a shell is executed >+ as remote command. If something named ``none'' needs to be >+ executed you can use a syntax trick like ``none;''. The default >+ is unset. >+ > RemoteForward > Specifies that a TCP port on the remote machine be forwarded over > the secure channel to the specified host and port from the local >diff --git a/ssh_config.5 b/ssh_config.5 >index 1b8b8da..9989f41 100644 >--- a/ssh_config.5 >+++ b/ssh_config.5 >@@ -812,6 +812,25 @@ For example, the following directive would connect via an HTTP proxy at > .Bd -literal -offset 3n > ProxyCommand /usr/bin/nc -X connect -x 192.0.2.0:8080 %h %p > .Ed >+.It Cm PseudoTTY >+Specifies whether to allocate a pseudo terminal. >+The argument to this keyword must be >+.Dq yes >+, >+.Dq no >+or >+.Dq force . >+If >+.Dq yes >+is given but stdin is no terminal, no pseudo terminal will be allocated. If >+.Dq force >+is given, even without a terminal at stdin a pseudo terminal is allocated. >+The default is >+.Dq no >+if a command is given as last parameter or via >+.Cm RemoteCommand >+keyword. If no command is given and thus a shell started, the default is >+.Dq yes . > .It Cm PubkeyAuthentication > Specifies whether to try public key authentication. > The argument to this keyword must be >@@ -836,6 +855,22 @@ and > .Sq 4G , > depending on the cipher. > This option applies to protocol version 2 only. >+.It Cm RemoteCommand >+Specifies the command to execute on the server once connected if >+none was given on the command line. Setting the command to >+.Dq none >+(e. g. to overwrite later config blocks) is the same as >+supplying no command at all. If no command is supplied, >+.Cm PseudoTTY >+is set to >+.Dq yes >+if it is set to >+.Dq no >+and a shell is executed as remote command. If something named >+.Dq none >+needs to be executed you can use a syntax trick like >+.Dq none; . >+The default is unset. > .It Cm RemoteForward > Specifies that a TCP port on the remote machine be forwarded over > the secure channel to the specified host and port from the local machine.
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=1918">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 1815
: 1918