diff --git a/ChangeLog b/ChangeLog index 64b36b57c..938a39181 100644 --- a/ChangeLog +++ b/ChangeLog @@ -24,6 +24,10 @@ don't quit while creating X11 listening socket. http://mail-index.netbsd.org/current-users/2002/09/16/0005.html got from portable. markus ok + - djm@cvs.openbsd.org 2002/09/19 01:58:18 + [ssh.c sshconnect.c] + bugzilla.mindrot.org #223 - ProxyCommands don't exit. + Patch from dtucker@zip.com.au; ok markus@ 20020912 - (djm) Made GNOME askpass programs return non-zero if cancel button is @@ -674,4 +678,4 @@ save auth method before monitor_reset_key_state(); bugzilla bug #284; ok provos@ -$Id: ChangeLog,v 1.2470 2002/09/19 01:54:54 djm Exp $ +$Id: ChangeLog,v 1.2471 2002/09/19 02:05:02 djm Exp $ diff --git a/ssh.c b/ssh.c index 7cef5e5ac..2c589de82 100644 --- a/ssh.c +++ b/ssh.c @@ -40,7 +40,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh.c,v 1.185 2002/09/11 18:27:26 stevesk Exp $"); +RCSID("$OpenBSD: ssh.c,v 1.186 2002/09/19 01:58:18 djm Exp $"); #include #include @@ -146,6 +146,9 @@ int subsystem_flag = 0; /* # of replies received for global requests */ static int client_global_request_id = 0; +/* pid of proxycommand child process */ +pid_t proxy_command_pid = 0; + /* Prints a help message to the user. This function never returns. */ static void @@ -722,6 +725,14 @@ again: exit_status = compat20 ? ssh_session2() : ssh_session(); packet_close(); + + /* + * Send SIGHUP to proxy command if used. We don't wait() in + * case it hangs and instead rely on init to reap the child + */ + if (proxy_command_pid > 1) + kill(proxy_command_pid, SIGHUP); + return exit_status; } diff --git a/sshconnect.c b/sshconnect.c index 0cb824852..776d72065 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -13,7 +13,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect.c,v 1.134 2002/09/13 19:23:09 stevesk Exp $"); +RCSID("$OpenBSD: sshconnect.c,v 1.135 2002/09/19 01:58:18 djm Exp $"); #include @@ -41,6 +41,7 @@ extern Options options; extern char *__progname; extern uid_t original_real_uid; extern uid_t original_effective_uid; +extern pid_t proxy_command_pid; #ifndef INET6_ADDRSTRLEN /* for non IPv6 machines */ #define INET6_ADDRSTRLEN 46 @@ -64,9 +65,16 @@ ssh_proxy_connect(const char *host, u_short port, const char *proxy_command) /* Convert the port number into a string. */ snprintf(strport, sizeof strport, "%hu", port); - /* Build the final command string in the buffer by making the - appropriate substitutions to the given proxy command. */ + /* + * Build the final command string in the buffer by making the + * appropriate substitutions to the given proxy command. + * + * Use "exec" to avoid "sh -c" processes on some platforms + * (e.g. Solaris) + */ buffer_init(&command); + buffer_append(&command, "exec ", 5); + for (cp = proxy_command; *cp; cp++) { if (cp[0] == '%' && cp[1] == '%') { buffer_append(&command, "%", 1); @@ -134,6 +142,8 @@ ssh_proxy_connect(const char *host, u_short port, const char *proxy_command) /* Parent. */ if (pid < 0) fatal("fork failed: %.100s", strerror(errno)); + else + proxy_command_pid = pid; /* save pid to clean up later */ /* Close child side of the descriptors. */ close(pin[0]);