Attachment #274 for bug #207




	oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication,
	oHostKeyAlgorithms, oBindAddress, oSmartcardDevice,
	oClearAllForwardings, oNoHostAuthenticationForLocalhost,
	oEnableSSHKeysign, oConnectTimeout,
	oDeprecated
} OpCodes;


	{ "clearallforwardings", oClearAllForwardings },
	{ "enablesshkeysign", oEnableSSHKeysign },
	{ "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost },
	{ "connecttimeout", oConnectTimeout },
	{ NULL, oBadOption }
};


		/* don't panic, but count bad options */
		return -1;
		/* NOTREACHED */
	case oConnectTimeout:
		intptr = &options->connection_timeout;
parse_time:
		arg = strdelim(&s);
		if (!arg || *arg == '\0')
			fatal("%.200s line %d: Missing time argument.", filename, linenum);
		if ((value = convtime(arg)) == -1)
			fatal("%.200s line %d: Invalid time argument.", filename, linenum);
		if (*intptr == -1)
			*intptr = value;
		break;

	case oForwardAgent:
		intptr = &options->forward_agent;
parse_flag:

	options->compression_level = -1;
	options->port = -1;
	options->connection_attempts = -1;
	options->connection_timeout = -1;
	options->number_of_password_prompts = -1;
	options->cipher = -1;
	options->ciphers = NULL;

Lines 66-71 Link Here

(-)ssh/readconf.h.ORIG (+2 lines)
66	int port; /* Port to connect. */	66	int port; /* Port to connect. */
67	int connection_attempts; /* Max attempts (seconds) before	67	int connection_attempts; /* Max attempts (seconds) before
68	* giving up */	68	* giving up */
		69	int connection_timeout; /* Max time (seconds) before
		70	* aborting connection attempt */
69	int number_of_password_prompts; /* Max number of password	71	int number_of_password_prompts; /* Max number of password
70	* prompts. */	72	* prompts. */
71	int cipher; /* Cipher to use. */	73	int cipher; /* Cipher to use. */

Lines 599-605 Link Here

(-)ssh/ssh.c.ORIG (-1 / +1 lines)
599	/* Open a connection to the remote host. */	599	/* Open a connection to the remote host. */
600		600
601	if (ssh_connect(host, &hostaddr, options.port, IPv4or6,	601	if (ssh_connect(host, &hostaddr, options.port, IPv4or6,
602	options.connection_attempts,	602	options.connection_attempts, options.connection_timeout,
603	original_effective_uid == 0 && options.use_privileged_port,	603	original_effective_uid == 0 && options.use_privileged_port,
604	options.proxy_command) != 0)	604	options.proxy_command) != 0)
605	exit(1);	605	exit(1);

Lines 227-232 Link Here

(-)ssh/ssh_config.5.ORIG (+6 lines)
227	The argument must be an integer.	227	The argument must be an integer.
228	This may be useful in scripts if the connection sometimes fails.	228	This may be useful in scripts if the connection sometimes fails.
229	The default is 1.	229	The default is 1.
		230	.It Cm ConnectTimeout
		231	Specifies the timeout used when connecting to the ssh
		232	server, instead of using default system values. This value is used
		233	only when the target is down or really unreachable, not when it
		234	refuses the connection. This may be usefull for tools using ssh
		235	for communication, as it avoid long TCP timeouts.
230	.It Cm DynamicForward	236	.It Cm DynamicForward
231	Specifies that a TCP/IP port on the local machine be forwarded	237	Specifies that a TCP/IP port on the local machine be forwarded
232	over the secure channel, and the application	238	over the secure channel, and the application




	return sock;
}

int
timeout_connect(int sockfd, const struct sockaddr *serv_addr,
	socklen_t addrlen, int timeout)
{
	fd_set *fdset;
	struct timeval tv;
	socklen_t optlen;
	int fdsetsz, optval, rc;

	if (timeout <= 0)
		return(connect(sockfd, serv_addr, addrlen));

	if (fcntl(sockfd, F_SETFL, O_NONBLOCK) < 0)
		return -1;

	rc = connect(sockfd, serv_addr, addrlen);
	if (rc == 0)
		return 0;
	if (errno != EINPROGRESS)
		return -1;

	fdsetsz = howmany(sockfd+1, NFDBITS) * sizeof(fd_mask);
	fdset = (fd_set *)xmalloc(fdsetsz);
	memset(fdset, 0, fdsetsz);
	FD_SET(sockfd, fdset);
	tv.tv_sec = timeout;
	tv.tv_usec = 0;
	rc=select(sockfd+1, NULL, fdset, NULL, &tv);

	switch(rc) {
	case 0:
		errno = ETIMEDOUT;
	case -1:
		return -1;
		break;
	case 1:
		optval = 0;
		optlen = sizeof(optval);
		if (getsockopt(sockfd, SOL_SOCKET, SO_ERROR, &optval, &optlen) == -1)
			return -1;
		if (optval != 0)
		{
			errno = optval;
			return -1;
		}
		return 0;

	default:
		/* Should not occur */
		return -1;
		break;
	}
	return -1;
}

/*
 * Opens a TCP/IP connection to the remote server on the given host.
 * The address of the remote host will be returned in hostaddr.

 */
int
ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
    u_short port, int family, int connection_attempts, int connection_timeout,
    int needpriv, const char *proxy_command)
{
	int gaierr;

				/* Any error is already output */
				continue;

			if (timeout_connect(sock, ai->ai_addr, ai->ai_addrlen,
					connection_timeout) >= 0) {
				/* Successful connection. */
				memcpy(hostaddr, ai->ai_addr, ai->ai_addrlen);
				break;

Lines 35-41 Link Here

(-)ssh/sshconnect.h.ORIG (-1 / +1 lines)
35		35
36	int	36	int
37	ssh_connect(const char , struct sockaddr_storage , u_short, int, int,	37	ssh_connect(const char , struct sockaddr_storage , u_short, int, int,
38	int, const char *);	38	int, int, const char *);
39		39
40	void	40	void
41	ssh_login(Sensitive , const char , struct sockaddr , struct passwd );	41	ssh_login(Sensitive , const char , struct sockaddr , struct passwd );

Return to bug 207

Lines 114-120 Link Here

(-)ssh/readconf.c.ORIG (-1 / +15 lines)
114	oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication,	114	oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication,
115	oHostKeyAlgorithms, oBindAddress, oSmartcardDevice,	115	oHostKeyAlgorithms, oBindAddress, oSmartcardDevice,
116	oClearAllForwardings, oNoHostAuthenticationForLocalhost,	116	oClearAllForwardings, oNoHostAuthenticationForLocalhost,
117	oEnableSSHKeysign,	117	oEnableSSHKeysign, oConnectTimeout,
118	oDeprecated	118	oDeprecated
119	} OpCodes;	119	} OpCodes;
120		120
Lines 188-193 Link Here
188	{ "clearallforwardings", oClearAllForwardings },	188	{ "clearallforwardings", oClearAllForwardings },
189	{ "enablesshkeysign", oEnableSSHKeysign },	189	{ "enablesshkeysign", oEnableSSHKeysign },
190	{ "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost },	190	{ "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost },
		191	{ "connecttimeout", oConnectTimeout },
191	{ NULL, oBadOption }	192	{ NULL, oBadOption }
192	};	193	};
193		194
Lines 295-300 Link Here
295	/* don't panic, but count bad options */	296	/* don't panic, but count bad options */
296	return -1;	297	return -1;
297	/* NOTREACHED */	298	/* NOTREACHED */
		299	case oConnectTimeout:
		300	intptr = &options->connection_timeout;
		301	parse_time:
		302	arg = strdelim(&s);
		303	if (!arg \|\| *arg == '\0')
		304	fatal("%.200s line %d: Missing time argument.", filename, linenum);
		305	if ((value = convtime(arg)) == -1)
		306	fatal("%.200s line %d: Invalid time argument.", filename, linenum);
		307	if (*intptr == -1)
		308	*intptr = value;
		309	break;
		310
298	case oForwardAgent:	311	case oForwardAgent:
299	intptr = &options->forward_agent;	312	intptr = &options->forward_agent;
300	parse_flag:	313	parse_flag:
Lines 768-773 Link Here
768	options->compression_level = -1;	781	options->compression_level = -1;
769	options->port = -1;	782	options->port = -1;
770	options->connection_attempts = -1;	783	options->connection_attempts = -1;
		784	options->connection_timeout = -1;
771	options->number_of_password_prompts = -1;	785	options->number_of_password_prompts = -1;
772	options->cipher = -1;	786	options->cipher = -1;
773	options->ciphers = NULL;	787	options->ciphers = NULL;

Lines 208-213 Link Here

(-)ssh/sshconnect.c.ORIG (-2 / +58 lines)
208	return sock;	208	return sock;
209	}	209	}
210		210
		211	int
		212	timeout_connect(int sockfd, const struct sockaddr *serv_addr,
		213	socklen_t addrlen, int timeout)
		214	{
		215	fd_set *fdset;
		216	struct timeval tv;
		217	socklen_t optlen;
		218	int fdsetsz, optval, rc;
		219
		220	if (timeout <= 0)
		221	return(connect(sockfd, serv_addr, addrlen));
		222
		223	if (fcntl(sockfd, F_SETFL, O_NONBLOCK) < 0)
		224	return -1;
		225
		226	rc = connect(sockfd, serv_addr, addrlen);
		227	if (rc == 0)
		228	return 0;
		229	if (errno != EINPROGRESS)
		230	return -1;
		231
		232	fdsetsz = howmany(sockfd+1, NFDBITS) * sizeof(fd_mask);
		233	fdset = (fd_set *)xmalloc(fdsetsz);
		234	memset(fdset, 0, fdsetsz);
		235	FD_SET(sockfd, fdset);
		236	tv.tv_sec = timeout;
		237	tv.tv_usec = 0;
		238	rc=select(sockfd+1, NULL, fdset, NULL, &tv);
		239
		240	switch(rc) {
		241	case 0:
		242	errno = ETIMEDOUT;
		243	case -1:
		244	return -1;
		245	break;
		246	case 1:
		247	optval = 0;
		248	optlen = sizeof(optval);
		249	if (getsockopt(sockfd, SOL_SOCKET, SO_ERROR, &optval, &optlen) == -1)
		250	return -1;
		251	if (optval != 0)
		252	{
		253	errno = optval;
		254	return -1;
		255	}
		256	return 0;
		257
		258	default:
		259	/* Should not occur */
		260	return -1;
		261	break;
		262	}
		263	return -1;
		264	}
		265
211	/*	266	/*
212	* Opens a TCP/IP connection to the remote server on the given host.	267	* Opens a TCP/IP connection to the remote server on the given host.
213	* The address of the remote host will be returned in hostaddr.	268	* The address of the remote host will be returned in hostaddr.
Lines 227-233 Link Here
227	*/	282	*/
228	int	283	int
229	ssh_connect(const char host, struct sockaddr_storage hostaddr,	284	ssh_connect(const char host, struct sockaddr_storage hostaddr,
230	u_short port, int family, int connection_attempts,	285	u_short port, int family, int connection_attempts, int connection_timeout,
231	int needpriv, const char *proxy_command)	286	int needpriv, const char *proxy_command)
232	{	287	{
233	int gaierr;	288	int gaierr;
Lines 296-302 Link Here
296	/* Any error is already output */	351	/* Any error is already output */
297	continue;	352	continue;
298		353
299	if (connect(sock, ai->ai_addr, ai->ai_addrlen) >= 0) {	354	if (timeout_connect(sock, ai->ai_addr, ai->ai_addrlen,
		355	connection_timeout) >= 0) {
300	/* Successful connection. */	356	/* Successful connection. */
301	memcpy(hostaddr, ai->ai_addr, ai->ai_addrlen);	357	memcpy(hostaddr, ai->ai_addr, ai->ai_addrlen);
302	break;	358	break;