Bugzilla – Attachment 1918 Details for
Bug 1815
RemoteCommand and PseudoTTY config options
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch to add RemoteCommand and PseudoTTY to openssh-5.1p1-6ubuntu2
add_RemoteCommand_and_PseudoTTY_to_openssh-5.1p1-6ubuntu2.patch (text/plain), 16.88 KB, created by
Björn "Vampire" Kautler
on 2010-09-04 10:13:36 AEST
(
hide
)
Description:
Patch to add RemoteCommand and PseudoTTY to openssh-5.1p1-6ubuntu2
Filename:
MIME Type:
Creator:
Björn "Vampire" Kautler
Created:
2010-09-04 10:13:36 AEST
Size:
16.88 KB
patch
obsolete
>diff --git a/CREDITS b/CREDITS >index eaf105a..c08f959 100644 >--- a/CREDITS >+++ b/CREDITS >@@ -16,6 +16,7 @@ Aran Cox <acox@cv.telegroup.com> - SCO bugfixes > Arkadiusz Miskiewicz <misiek@pld.org.pl> - IPv6 compat fixes > Ben Lindstrom <mouring@eviladmin.org> - NeXT support > Ben Taylor <bent@clark.net> - Solaris debugging and fixes >+Björn "Vampire" Kautler <Vampire@Masters-of-Disaster.de> - RemoteCommand and PseudoTTY patch > Bratislav ILICH <bilic@zepter.ru> - Configure fix > Charles Levert <charles@comm.polymtl.ca> - SunOS 4 & bug fixes > Chip Salzenberg <chip@valinux.com> - Assorted patches >diff --git a/debian/changelog b/debian/changelog >index 8057d53..588c7cc 100644 >--- a/debian/changelog >+++ b/debian/changelog >@@ -1,3 +1,9 @@ >+openssh (1:5.1p1-6ubuntu3) karmic; urgency=low >+ >+ * Add RemoteCommand and PseudoTTY to config options >+ >+ -- Björn "Vampire" Kautler <Vampire@Masters-of-Disaster.de> Mon, 30 Aug 2010 03:00:00 +0200 >+ > openssh (1:5.1p1-6ubuntu2) karmic; urgency=low > > * No change rebuild to fix misbuilt binaries on armel. >diff --git a/mux.c b/mux.c >index 4669e53..72a0d89 100644 >--- a/mux.c >+++ b/mux.c >@@ -81,12 +81,10 @@ > #include "clientloop.h" > > /* from ssh.c */ >-extern int tty_flag; > extern Options options; > extern int stdin_null_flag; > extern char *host; > int subsystem_flag; >-extern Buffer command; > > /* Context for session open confirmation callback */ > struct mux_session_confirm_ctx { >@@ -561,7 +559,7 @@ muxclient(const char *path) > term = getenv("TERM"); > > flags = 0; >- if (tty_flag) >+ if (options.pseudo_tty) > flags |= SSHMUX_FLAG_TTY; > if (subsystem_flag) > flags |= SSHMUX_FLAG_SUBSYS; >@@ -627,8 +625,8 @@ muxclient(const char *path) > buffer_put_int(&m, 0xffffffff); > else > buffer_put_int(&m, options.escape_char); >- buffer_append(&command, "\0", 1); >- buffer_put_cstring(&m, buffer_ptr(&command)); >+ buffer_append(&options.remote_command, "\0", 1); >+ buffer_put_cstring(&m, buffer_ptr(&options.remote_command)); > > if (options.num_send_env == 0 || environ == NULL) { > buffer_put_int(&m, 0); >@@ -682,7 +680,7 @@ muxclient(const char *path) > signal(SIGTERM, control_client_sighandler); > signal(SIGWINCH, control_client_sigrelay); > >- if (tty_flag) >+ if (options.pseudo_tty) > enter_raw_mode(); > > /* >@@ -721,7 +719,7 @@ muxclient(const char *path) > } else > debug2("Received exit status from master %d", exitval[0]); > >- if (tty_flag && options.log_level > SYSLOG_LEVEL_QUIET) >+ if (options.pseudo_tty && options.log_level > SYSLOG_LEVEL_QUIET) > fprintf(stderr, "Shared connection to %s closed.\r\n", host); > > exit(exitval[0]); >diff --git a/readconf.c b/readconf.c >index 043673c..f2c8d6c 100644 >--- a/readconf.c >+++ b/readconf.c >@@ -135,7 +135,7 @@ typedef enum { > oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, > oSendEnv, oControlPath, oControlMaster, oHashKnownHosts, > oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand, >- oVisualHostKey, >+ oRemoteCommand, oPseudoTTY, oVisualHostKey, > oProtocolKeepAlives, oSetupTimeOut, > oDeprecated, oUnsupported > } OpCodes; >@@ -238,6 +238,8 @@ static struct { > { "tunneldevice", oTunnelDevice }, > { "localcommand", oLocalCommand }, > { "permitlocalcommand", oPermitLocalCommand }, >+ { "remotecommand", oRemoteCommand }, >+ { "pseudotty", oPseudoTTY }, > { "visualhostkey", oVisualHostKey }, > { "protocolkeepalives", oProtocolKeepAlives }, > { "setuptimeout", oSetupTimeOut }, >@@ -944,6 +946,33 @@ parse_int: > intptr = &options->permit_local_command; > goto parse_flag; > >+ case oRemoteCommand: >+ if (s == NULL) >+ fatal("%.200s line %d: Missing argument.", filename, linenum); >+ len = strspn(s, WHITESPACE "="); >+ if (*activep && (buffer_len(&options->remote_command) == 0)) { >+ buffer_append(&options->remote_command, s + len, strlen(s + len)); >+ } >+ return 0; >+ >+ case oPseudoTTY: >+ arg = strdelim(&s); >+ if (!arg || *arg == '\0') >+ fatal("%.200s line %d: Missing yes/no/force argument.", >+ filename, linenum); >+ value = 0; /* To avoid compiler warning... */ >+ if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0) >+ value = 1; >+ else if (strcmp(arg, "no") == 0 || strcmp(arg, "false") == 0) >+ value = 0; >+ else if (strcmp(arg, "force") == 0) >+ value = 2; >+ else >+ fatal("%.200s line %d: Bad yes/no/force argument.", filename, linenum); >+ if (*activep && options->pseudo_tty == -1) >+ options->pseudo_tty = value; >+ break; >+ > case oVisualHostKey: > intptr = &options->visual_host_key; > goto parse_flag; >@@ -1120,6 +1149,8 @@ initialize_options(Options * options) > options->tun_remote = -1; > options->local_command = NULL; > options->permit_local_command = -1; >+ buffer_init(&options->remote_command); >+ options->pseudo_tty = -1; > options->visual_host_key = -1; > } > >@@ -1266,9 +1297,12 @@ fill_default_options(Options * options) > options->tun_remote = SSH_TUNID_ANY; > if (options->permit_local_command == -1) > options->permit_local_command = 0; >+ if (options->pseudo_tty == -1) >+ options->pseudo_tty = 0; > if (options->visual_host_key == -1) > options->visual_host_key = 0; > /* options->local_command should not be set by default */ >+ /* options->remote_command should not be set by default */ > /* options->proxy_command should not be set by default */ > /* options->user will be set in the main program if appropriate */ > /* options->hostname will be set in the main program if appropriate */ >diff --git a/readconf.h b/readconf.h >index 42bfdf6..3cd9cb7 100644 >--- a/readconf.h >+++ b/readconf.h >@@ -123,6 +123,8 @@ typedef struct { > > char *local_command; > int permit_local_command; >+ Buffer remote_command; >+ int pseudo_tty; > int visual_host_key; > > } Options; >diff --git a/scp.0 b/scp.0 >index b6b9d91..b84e13c 100644 >--- a/scp.0 >+++ b/scp.0 >@@ -93,6 +93,7 @@ DESCRIPTION > PreferredAuthentications > Protocol > ProxyCommand >+ PseudoTTY > PubkeyAuthentication > RekeyLimit > RhostsRSAAuthentication >diff --git a/scp.1 b/scp.1 >index 5033d84..0eae6c3 100644 >--- a/scp.1 >+++ b/scp.1 >@@ -157,6 +157,7 @@ For full details of the options listed below, and their possible values, see > .It PreferredAuthentications > .It Protocol > .It ProxyCommand >+.It PseudoTTY > .It PubkeyAuthentication > .It RekeyLimit > .It RhostsRSAAuthentication >diff --git a/sftp.0 b/sftp.0 >index 965e1fa..f2fdb52 100644 >--- a/sftp.0 >+++ b/sftp.0 >@@ -95,6 +95,7 @@ DESCRIPTION > PreferredAuthentications > Protocol > ProxyCommand >+ PseudoTTY > PubkeyAuthentication > RekeyLimit > RhostsRSAAuthentication >diff --git a/sftp.1 b/sftp.1 >index b4f9a68..a558dc5 100644 >--- a/sftp.1 >+++ b/sftp.1 >@@ -180,6 +180,7 @@ For full details of the options listed below, and their possible values, see > .It PreferredAuthentications > .It Protocol > .It ProxyCommand >+.It PseudoTTY > .It PubkeyAuthentication > .It RekeyLimit > .It RhostsRSAAuthentication >diff --git a/ssh.0 b/ssh.0 >index 21e5ac9..1537b2d 100644 >--- a/ssh.0 >+++ b/ssh.0 >@@ -262,8 +262,10 @@ DESCRIPTION > PreferredAuthentications > Protocol > ProxyCommand >+ PseudoTTY > PubkeyAuthentication > RekeyLimit >+ RemoteCommand > RemoteForward > RhostsRSAAuthentication > RSAAuthentication >diff --git a/ssh.1 b/ssh.1 >index 1229201..9d12a7a 100644 >--- a/ssh.1 >+++ b/ssh.1 >@@ -490,8 +490,10 @@ For full details of the options listed below, and their possible values, see > .It PreferredAuthentications > .It Protocol > .It ProxyCommand >+.It PseudoTTY > .It PubkeyAuthentication > .It RekeyLimit >+.It RemoteCommand > .It RemoteForward > .It RhostsRSAAuthentication > .It RSAAuthentication >diff --git a/ssh.c b/ssh.c >index 2b55e63..dcda5a5 100644 >--- a/ssh.c >+++ b/ssh.c >@@ -157,9 +157,6 @@ Sensitive sensitive_data; > uid_t original_real_uid; > uid_t original_effective_uid; > >-/* command to be executed */ >-Buffer command; >- > /* Should we execute a command or invoke a subsystem? */ > int subsystem_flag = 0; > >@@ -567,17 +564,12 @@ main(int ac, char **av) > SSLeay_add_all_algorithms(); > ERR_load_crypto_strings(); > >- /* Initialize the command to execute on remote host. */ >- buffer_init(&command); >- > /* > * Save the command to execute on the remote host in a buffer. There > * is no limit on the length of the command, except by the maximum >- * packet size. Also sets the tty flag if there is no command. >+ * packet size. > */ > if (!ac) { >- /* No command specified - execute shell on a tty. */ >- tty_flag = 1; > if (subsystem_flag) { > fprintf(stderr, > "You must specify a subsystem to invoke.\n"); >@@ -587,32 +579,17 @@ main(int ac, char **av) > /* A command has been specified. Store it into the buffer. */ > for (i = 0; i < ac; i++) { > if (i) >- buffer_append(&command, " ", 1); >- buffer_append(&command, av[i], strlen(av[i])); >+ buffer_append(&options.remote_command, " ", 1); >+ buffer_append(&options.remote_command, av[i], strlen(av[i])); > } > } > > /* Cannot fork to background if no command. */ >- if (fork_after_authentication_flag && buffer_len(&command) == 0 && >+ if (fork_after_authentication_flag && buffer_len(&options.remote_command) == 0 && > !no_shell_flag) > fatal("Cannot fork into background without a command " > "to execute."); > >- /* Allocate a tty by default if no command specified. */ >- if (buffer_len(&command) == 0) >- tty_flag = 1; >- >- /* Force no tty */ >- if (no_tty_flag) >- tty_flag = 0; >- /* Do not allocate a tty if stdin is not a tty. */ >- if ((!isatty(fileno(stdin)) || stdin_null_flag) && !force_tty_flag) { >- if (tty_flag && options.log_level > SYSLOG_LEVEL_QUIET) >- logit("Pseudo-terminal will not be allocated because " >- "stdin is not a terminal."); >- tty_flag = 0; >- } >- > /* > * Initialize "log" output. Since we are the client all output > * actually goes to stderr. >@@ -639,6 +616,25 @@ main(int ac, char **av) > &options, 0); > } > >+ if (buffer_len(&options.remote_command) > 0) { >+ buffer_append(&options.remote_command, "\0", 1); >+ if (strcmp((u_char*)buffer_ptr(&options.remote_command), "none") == 0) { >+ buffer_clear(&options.remote_command); >+ } >+ } >+ >+ if (no_tty_flag) { >+ options.pseudo_tty = 0; >+ } else if (force_tty_flag) { >+ options.pseudo_tty = 2; >+ } else if (tty_flag) { >+ options.pseudo_tty = 1; >+ } >+ >+ /* Allocate a tty by default if no command specified. */ >+ if (buffer_len(&options.remote_command) == 0 && options.pseudo_tty == -1) >+ options.pseudo_tty = 1; >+ > /* Fill configuration defaults. */ > fill_default_options(&options); > >@@ -695,6 +691,17 @@ main(int ac, char **av) > options.control_path = NULL; > } > >+ /* Do not allocate a tty if stdin is not a tty. */ >+ if ((!isatty(fileno(stdin)) || stdin_null_flag) && options.pseudo_tty < 2) { >+ if (options.pseudo_tty && options.log_level > SYSLOG_LEVEL_QUIET) >+ logit("Pseudo-terminal will not be allocated because " >+ "stdin is not a terminal."); >+ options.pseudo_tty = 0; >+ } >+ >+ if (options.pseudo_tty == 2) >+ options.pseudo_tty = 1; >+ > if (options.control_path != NULL) { > char thishost[NI_MAXHOST]; > >@@ -985,7 +992,7 @@ ssh_session(void) > "compression response."); > } > /* Allocate a pseudo tty if appropriate. */ >- if (tty_flag) { >+ if (options.pseudo_tty) { > debug("Requesting pty."); > > /* Start the packet. */ >@@ -1089,14 +1096,14 @@ ssh_session(void) > * If a command was specified on the command line, execute the > * command now. Otherwise request the server to start a shell. > */ >- if (buffer_len(&command) > 0) { >- int len = buffer_len(&command); >+ if (buffer_len(&options.remote_command) > 0) { >+ int len = buffer_len(&options.remote_command); > if (len > 900) > len = 900; > debug("Sending command: %.*s", len, >- (u_char *)buffer_ptr(&command)); >+ (u_char *)buffer_ptr(&options.remote_command)); > packet_start(SSH_CMSG_EXEC_CMD); >- packet_put_string(buffer_ptr(&command), buffer_len(&command)); >+ packet_put_string(buffer_ptr(&options.remote_command), buffer_len(&options.remote_command)); > packet_send(); > packet_write_wait(); > } else { >@@ -1107,7 +1114,7 @@ ssh_session(void) > } > > /* Enter the interactive session. */ >- return client_loop(have_tty, tty_flag ? >+ return client_loop(have_tty, options.pseudo_tty ? > options.escape_char : SSH_ESCAPECHAR_NONE, 0); > } > >@@ -1117,7 +1124,7 @@ ssh_session2_setup(int id, void *arg) > { > extern char **environ; > const char *display; >- int interactive = tty_flag; >+ int interactive = options.pseudo_tty; > > display = getenv("DISPLAY"); > if (options.forward_x11 && display != NULL) { >@@ -1140,8 +1147,8 @@ ssh_session2_setup(int id, void *arg) > packet_send(); > } > >- client_session2_setup(id, tty_flag, subsystem_flag, getenv("TERM"), >- NULL, fileno(stdin), &command, environ); >+ client_session2_setup(id, options.pseudo_tty, subsystem_flag, getenv("TERM"), >+ NULL, fileno(stdin), &options.remote_command, environ); > > packet_set_interactive(interactive); > } >@@ -1174,7 +1181,7 @@ ssh_session2_open(void) > > window = CHAN_SES_WINDOW_DEFAULT; > packetmax = CHAN_SES_PACKET_DEFAULT; >- if (tty_flag) { >+ if (options.pseudo_tty) { > window >>= 1; > packetmax >>= 1; > } >@@ -1229,7 +1236,7 @@ ssh_session2(void) > fatal("daemon() failed: %.200s", strerror(errno)); > } > >- return client_loop(tty_flag, tty_flag ? >+ return client_loop(options.pseudo_tty, options.pseudo_tty ? > options.escape_char : SSH_ESCAPECHAR_NONE, id); > } > >diff --git a/ssh_config.0 b/ssh_config.0 >index e2e6458..1fd8cce 100644 >--- a/ssh_config.0 >+++ b/ssh_config.0 >@@ -442,6 +442,15 @@ DESCRIPTION > > ProxyCommand /usr/bin/nc -X connect -x 192.0.2.0:8080 %h %p > >+ PseudoTTY >+ Specifies whether to allocate a pseudo terminal. The argument to >+ this keyword must be ``yes'', ``no'' or ``force''. If ``yes'' is >+ given but stdin is no terminal, no pseudo terminal will be >+ allocated. If ``force'' is given, even without a terminal at stdin >+ a pseudo terminal is allocated. The default is ``no'' if a command >+ is given as last parameter or via RemoteCommand keyword. If no >+ command is given and thus a shell started, the default is ``yes''. >+ > PubkeyAuthentication > Specifies whether to try public key authentication. The argument > to this keyword must be ``yes'' or ``no''. The default is >@@ -455,6 +464,16 @@ DESCRIPTION > between `1G' and `4G', depending on the cipher. This option ap- > plies to protocol version 2 only. > >+ RemoteCommand >+ Specifies the command to execute on the server once connected if >+ none was given on the command line. Setting the command to >+ ``none'' (e. g. to overwrite later config blocks) is the same as >+ supplying no command at all. If no command is supplied, PseudoTTY >+ is set to ``yes'' if it is set to ``no'' and a shell is executed >+ as remote command. If something named ``none'' needs to be >+ executed you can use a syntax trick like ``none;''. The default >+ is unset. >+ > RemoteForward > Specifies that a TCP port on the remote machine be forwarded over > the secure channel to the specified host and port from the local >diff --git a/ssh_config.5 b/ssh_config.5 >index 1b8b8da..9989f41 100644 >--- a/ssh_config.5 >+++ b/ssh_config.5 >@@ -812,6 +812,25 @@ For example, the following directive would connect via an HTTP proxy at > .Bd -literal -offset 3n > ProxyCommand /usr/bin/nc -X connect -x 192.0.2.0:8080 %h %p > .Ed >+.It Cm PseudoTTY >+Specifies whether to allocate a pseudo terminal. >+The argument to this keyword must be >+.Dq yes >+, >+.Dq no >+or >+.Dq force . >+If >+.Dq yes >+is given but stdin is no terminal, no pseudo terminal will be allocated. If >+.Dq force >+is given, even without a terminal at stdin a pseudo terminal is allocated. >+The default is >+.Dq no >+if a command is given as last parameter or via >+.Cm RemoteCommand >+keyword. If no command is given and thus a shell started, the default is >+.Dq yes . > .It Cm PubkeyAuthentication > Specifies whether to try public key authentication. > The argument to this keyword must be >@@ -836,6 +855,22 @@ and > .Sq 4G , > depending on the cipher. > This option applies to protocol version 2 only. >+.It Cm RemoteCommand >+Specifies the command to execute on the server once connected if >+none was given on the command line. Setting the command to >+.Dq none >+(e. g. to overwrite later config blocks) is the same as >+supplying no command at all. If no command is supplied, >+.Cm PseudoTTY >+is set to >+.Dq yes >+if it is set to >+.Dq no >+and a shell is executed as remote command. If something named >+.Dq none >+needs to be executed you can use a syntax trick like >+.Dq none; . >+The default is unset. > .It Cm RemoteForward > Specifies that a TCP port on the remote machine be forwarded over > the secure channel to the specified host and port from the local machine.
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 1815
: 1918