rcolebaugh / rpms / openssh

Forked from rpms/openssh 2 years ago
Clone
7afad6
diff -up openssh-8.0p1/channels.c.restore-nonblock openssh-8.0p1/channels.c
7afad6
--- openssh-8.0p1/channels.c.restore-nonblock	2021-06-21 10:44:26.380559612 +0200
7afad6
+++ openssh-8.0p1/channels.c	2021-06-21 10:48:47.754579151 +0200
7afad6
@@ -333,7 +333,27 @@ channel_register_fds(struct ssh *ssh, Ch
7afad6
 #endif
7afad6
 
7afad6
 	/* enable nonblocking mode */
7afad6
-	if (nonblock) {
7afad6
+	c->restore_block = 0;
7afad6
+	if (nonblock == CHANNEL_NONBLOCK_STDIO) {
7afad6
+		/*
7afad6
+		 * Special handling for stdio file descriptors: do not set
7afad6
+		 * non-blocking mode if they are TTYs. Otherwise prepare to
7afad6
+		 * restore their blocking state on exit to avoid interfering
7afad6
+		 * with other programs that follow.
7afad6
+		 */
7afad6
+		if (rfd != -1 && !isatty(rfd) && fcntl(rfd, F_GETFL) == 0) {
7afad6
+			c->restore_block |= CHANNEL_RESTORE_RFD;
7afad6
+			set_nonblock(rfd);
7afad6
+		}
7afad6
+		if (wfd != -1 && !isatty(wfd) && fcntl(wfd, F_GETFL) == 0) {
7afad6
+			c->restore_block |= CHANNEL_RESTORE_WFD;
7afad6
+			set_nonblock(wfd);
7afad6
+		}
7afad6
+		if (efd != -1 && !isatty(efd) && fcntl(efd, F_GETFL) == 0) {
7afad6
+			c->restore_block |= CHANNEL_RESTORE_EFD;
7afad6
+			set_nonblock(efd);
7afad6
+		}
7afad6
+	} else if (nonblock) {
7afad6
 		if (rfd != -1)
7afad6
 			set_nonblock(rfd);
7afad6
 		if (wfd != -1)
7afad6
@@ -422,17 +442,23 @@ channel_find_maxfd(struct ssh_channels *
7afad6
 }
7afad6
 
7afad6
 int
7afad6
-channel_close_fd(struct ssh *ssh, int *fdp)
7afad6
+channel_close_fd(struct ssh *ssh, Channel *c, int *fdp)
7afad6
 {
7afad6
 	struct ssh_channels *sc = ssh->chanctxt;
7afad6
-	int ret = 0, fd = *fdp;
7afad6
+	int ret, fd = *fdp;
7afad6
 
7afad6
-	if (fd != -1) {
7afad6
-		ret = close(fd);
7afad6
-		*fdp = -1;
7afad6
-		if (fd == sc->channel_max_fd)
7afad6
-			channel_find_maxfd(sc);
7afad6
-	}
7afad6
+	if (fd == -1)
7afad6
+		return 0;
7afad6
+
7afad6
+	if ((*fdp == c->rfd && (c->restore_block & CHANNEL_RESTORE_RFD) != 0) ||
7afad6
+	   (*fdp == c->wfd && (c->restore_block & CHANNEL_RESTORE_WFD) != 0) ||
7afad6
+	   (*fdp == c->efd && (c->restore_block & CHANNEL_RESTORE_EFD) != 0))
7afad6
+		(void)fcntl(*fdp, F_SETFL, 0);	/* restore blocking */
7afad6
+
7afad6
+	ret = close(fd);
7afad6
+	*fdp = -1;
7afad6
+	if (fd == sc->channel_max_fd)
7afad6
+		channel_find_maxfd(sc);
7afad6
 	return ret;
7afad6
 }
7afad6
 
7afad6
@@ -442,13 +468,13 @@ channel_close_fds(struct ssh *ssh, Chann
7afad6
 {
7afad6
 	int sock = c->sock, rfd = c->rfd, wfd = c->wfd, efd = c->efd;
7afad6
 
7afad6
-	channel_close_fd(ssh, &c->sock);
7afad6
+	channel_close_fd(ssh, c, &c->sock);
7afad6
 	if (rfd != sock)
7afad6
-		channel_close_fd(ssh, &c->rfd);
7afad6
+		channel_close_fd(ssh, c, &c->rfd);
7afad6
 	if (wfd != sock && wfd != rfd)
7afad6
-		channel_close_fd(ssh, &c->wfd);
7afad6
+		channel_close_fd(ssh, c, &c->wfd);
7afad6
 	if (efd != sock && efd != rfd && efd != wfd)
7afad6
-		channel_close_fd(ssh, &c->efd);
7afad6
+		channel_close_fd(ssh, c, &c->efd);
7afad6
 }
7afad6
 
7afad6
 static void
7afad6
@@ -681,7 +707,7 @@ channel_stop_listening(struct ssh *ssh)
7afad6
 			case SSH_CHANNEL_X11_LISTENER:
7afad6
 			case SSH_CHANNEL_UNIX_LISTENER:
7afad6
 			case SSH_CHANNEL_RUNIX_LISTENER:
7afad6
-				channel_close_fd(ssh, &c->sock);
7afad6
+				channel_close_fd(ssh, c, &c->sock);
7afad6
 				channel_free(ssh, c);
7afad6
 				break;
7afad6
 			}
7afad6
@@ -1487,7 +1513,8 @@ channel_decode_socks5(Channel *c, struct
7afad6
 
7afad6
 Channel *
7afad6
 channel_connect_stdio_fwd(struct ssh *ssh,
7afad6
-    const char *host_to_connect, u_short port_to_connect, int in, int out)
7afad6
+    const char *host_to_connect, u_short port_to_connect,
7afad6
+    int in, int out, int nonblock)
7afad6
 {
7afad6
 	Channel *c;
7afad6
 
7afad6
@@ -1495,7 +1522,7 @@ channel_connect_stdio_fwd(struct ssh *ss
7afad6
 
7afad6
 	c = channel_new(ssh, "stdio-forward", SSH_CHANNEL_OPENING, in, out,
7afad6
 	    -1, CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT,
7afad6
-	    0, "stdio-forward", /*nonblock*/0);
7afad6
+	    0, "stdio-forward", nonblock);
7afad6
 
7afad6
 	c->path = xstrdup(host_to_connect);
7afad6
 	c->host_port = port_to_connect;
7afad6
@@ -1650,7 +1677,7 @@ channel_post_x11_listener(struct ssh *ss
7afad6
 	if (c->single_connection) {
7afad6
 		oerrno = errno;
7afad6
 		debug2("single_connection: closing X11 listener.");
7afad6
-		channel_close_fd(ssh, &c->sock);
7afad6
+		channel_close_fd(ssh, c, &c->sock);
7afad6
 		chan_mark_dead(ssh, c);
7afad6
 		errno = oerrno;
7afad6
 	}
7afad6
@@ -2087,7 +2114,7 @@ channel_handle_efd_write(struct ssh *ssh
7afad6
 		return 1;
7afad6
 	if (len <= 0) {
7afad6
 		debug2("channel %d: closing write-efd %d", c->self, c->efd);
7afad6
-		channel_close_fd(ssh, &c->efd);
7afad6
+		channel_close_fd(ssh, c, &c->efd);
7afad6
 	} else {
7afad6
 		if ((r = sshbuf_consume(c->extended, len)) != 0) {
7afad6
 			fatal("%s: channel %d: consume: %s",
7afad6
@@ -2119,7 +2146,7 @@ channel_handle_efd_read(struct ssh *ssh,
7afad6
 	if (len <= 0) {
7afad6
 		debug2("channel %d: closing read-efd %d",
7afad6
 		    c->self, c->efd);
7afad6
-		channel_close_fd(ssh, &c->efd);
7afad6
+		channel_close_fd(ssh, c, &c->efd);
7afad6
 	} else {
7afad6
 		if (c->extended_usage == CHAN_EXTENDED_IGNORE) {
7afad6
 			debug3("channel %d: discard efd",
7afad6
diff -up openssh-8.0p1/channels.h.restore-nonblock openssh-8.0p1/channels.h
7afad6
--- openssh-8.0p1/channels.h.restore-nonblock	2021-06-21 10:44:26.380559612 +0200
7afad6
+++ openssh-8.0p1/channels.h	2021-06-21 10:44:26.387559665 +0200
7afad6
@@ -63,6 +63,16 @@
7afad6
 
7afad6
 #define CHANNEL_CANCEL_PORT_STATIC	-1
7afad6
 
7afad6
+/* nonblocking flags for channel_new */
7afad6
+#define CHANNEL_NONBLOCK_LEAVE	0 /* don't modify non-blocking state */
7afad6
+#define CHANNEL_NONBLOCK_SET	1 /* set non-blocking state */
7afad6
+#define CHANNEL_NONBLOCK_STDIO	2 /* set non-blocking and restore on close */
7afad6
+
7afad6
+/* c->restore_block mask flags */
7afad6
+#define CHANNEL_RESTORE_RFD	0x01
7afad6
+#define CHANNEL_RESTORE_WFD	0x02
7afad6
+#define CHANNEL_RESTORE_EFD	0x04
7afad6
+
7afad6
 /* TCP forwarding */
7afad6
 #define FORWARD_DENY		0
7afad6
 #define FORWARD_REMOTE		(1)
7afad6
@@ -131,6 +141,7 @@ struct Channel {
7afad6
 				 * to a matching pre-select handler.
7afad6
 				 * this way post-select handlers are not
7afad6
 				 * accidentally called if a FD gets reused */
7afad6
+	int	restore_block;	/* fd mask to restore blocking status */
7afad6
 	struct sshbuf *input;	/* data read from socket, to be sent over
7afad6
 				 * encrypted connection */
7afad6
 	struct sshbuf *output;	/* data received over encrypted connection for
7afad6
@@ -258,7 +269,7 @@ void	 channel_register_filter(struct ssh
7afad6
 void	 channel_register_status_confirm(struct ssh *, int,
7afad6
 	    channel_confirm_cb *, channel_confirm_abandon_cb *, void *);
7afad6
 void	 channel_cancel_cleanup(struct ssh *, int);
7afad6
-int	 channel_close_fd(struct ssh *, int *);
7afad6
+int	 channel_close_fd(struct ssh *, Channel *, int *);
7afad6
 void	 channel_send_window_changes(struct ssh *);
7afad6
 
7afad6
 /* mux proxy support */
7afad6
@@ -305,7 +316,7 @@ Channel	*channel_connect_to_port(struct
7afad6
 	    char *, char *, int *, const char **);
7afad6
 Channel *channel_connect_to_path(struct ssh *, const char *, char *, char *);
7afad6
 Channel	*channel_connect_stdio_fwd(struct ssh *, const char*,
7afad6
-	    u_short, int, int);
7afad6
+	    u_short, int, int, int);
7afad6
 Channel	*channel_connect_by_listen_address(struct ssh *, const char *,
7afad6
 	    u_short, char *, char *);
7afad6
 Channel	*channel_connect_by_listen_path(struct ssh *, const char *,
7afad6
diff -up openssh-8.0p1/clientloop.c.restore-nonblock openssh-8.0p1/clientloop.c
7afad6
--- openssh-8.0p1/clientloop.c.restore-nonblock	2021-06-21 10:44:26.290558923 +0200
7afad6
+++ openssh-8.0p1/clientloop.c	2021-06-21 10:44:26.387559665 +0200
7afad6
@@ -1436,14 +1436,6 @@ client_loop(struct ssh *ssh, int have_pt
7afad6
 	if (have_pty)
7afad6
 		leave_raw_mode(options.request_tty == REQUEST_TTY_FORCE);
7afad6
 
7afad6
-	/* restore blocking io */
7afad6
-	if (!isatty(fileno(stdin)))
7afad6
-		unset_nonblock(fileno(stdin));
7afad6
-	if (!isatty(fileno(stdout)))
7afad6
-		unset_nonblock(fileno(stdout));
7afad6
-	if (!isatty(fileno(stderr)))
7afad6
-		unset_nonblock(fileno(stderr));
7afad6
-
7afad6
 	/*
7afad6
 	 * If there was no shell or command requested, there will be no remote
7afad6
 	 * exit status to be returned.  In that case, clear error code if the
7afad6
diff -up openssh-8.0p1/mux.c.restore-nonblock openssh-8.0p1/mux.c
7afad6
--- openssh-8.0p1/mux.c.restore-nonblock	2019-04-18 00:52:57.000000000 +0200
7afad6
+++ openssh-8.0p1/mux.c	2021-06-21 10:50:51.007537336 +0200
7afad6
@@ -454,14 +454,6 @@ mux_master_process_new_session(struct ss
7afad6
 	if (cctx->want_tty && tcgetattr(new_fd[0], &cctx->tio) == -1)
7afad6
 		error("%s: tcgetattr: %s", __func__, strerror(errno));
7afad6
 
7afad6
-	/* enable nonblocking unless tty */
7afad6
-	if (!isatty(new_fd[0]))
7afad6
-		set_nonblock(new_fd[0]);
7afad6
-	if (!isatty(new_fd[1]))
7afad6
-		set_nonblock(new_fd[1]);
7afad6
-	if (!isatty(new_fd[2]))
7afad6
-		set_nonblock(new_fd[2]);
7afad6
-
7afad6
 	window = CHAN_SES_WINDOW_DEFAULT;
7afad6
 	packetmax = CHAN_SES_PACKET_DEFAULT;
7afad6
 	if (cctx->want_tty) {
7afad6
@@ -471,7 +463,7 @@ mux_master_process_new_session(struct ss
7afad6
 
7afad6
 	nc = channel_new(ssh, "session", SSH_CHANNEL_OPENING,
7afad6
 	    new_fd[0], new_fd[1], new_fd[2], window, packetmax,
7afad6
-	    CHAN_EXTENDED_WRITE, "client-session", /*nonblock*/0);
7afad6
+	    CHAN_EXTENDED_WRITE, "client-session", CHANNEL_NONBLOCK_STDIO);
7afad6
 
7afad6
 	nc->ctl_chan = c->self;		/* link session -> control channel */
7afad6
 	c->remote_id = nc->self; 	/* link control -> session channel */
7afad6
@@ -1033,13 +1025,8 @@ mux_master_process_stdio_fwd(struct ssh
7afad6
 		}
7afad6
 	}
7afad6
 
7afad6
-	/* enable nonblocking unless tty */
7afad6
-	if (!isatty(new_fd[0]))
7afad6
-		set_nonblock(new_fd[0]);
7afad6
-	if (!isatty(new_fd[1]))
7afad6
-		set_nonblock(new_fd[1]);
7afad6
-
7afad6
-	nc = channel_connect_stdio_fwd(ssh, chost, cport, new_fd[0], new_fd[1]);
7afad6
+	nc = channel_connect_stdio_fwd(ssh, chost, cport, new_fd[0], new_fd[1],
7afad6
+	    CHANNEL_NONBLOCK_STDIO);
7afad6
 	free(chost);
7afad6
 
7afad6
 	nc->ctl_chan = c->self;		/* link session -> control channel */
7afad6
diff -up openssh-8.0p1/nchan.c.restore-nonblock openssh-8.0p1/nchan.c
7afad6
--- openssh-8.0p1/nchan.c.restore-nonblock	2021-06-21 10:44:26.388559673 +0200
7afad6
+++ openssh-8.0p1/nchan.c	2021-06-21 10:52:42.685405537 +0200
7afad6
@@ -387,7 +387,7 @@ chan_shutdown_write(struct ssh *ssh, Cha
7afad6
 			    strerror(errno));
7afad6
 		}
7afad6
 	} else {
7afad6
-		if (channel_close_fd(ssh, &c->wfd) < 0) {
7afad6
+		if (channel_close_fd(ssh, c, &c->wfd) < 0) {
7afad6
 			logit("channel %d: %s: close() failed for "
7afad6
 			    "fd %d [i%d o%d]: %.100s",
7afad6
 			    c->self, __func__, c->wfd, c->istate, c->ostate,
7afad6
@@ -417,7 +417,7 @@ chan_shutdown_read(struct ssh *ssh, Chan
7afad6
  			    strerror(errno));
7afad6
 		}
7afad6
 	} else {
7afad6
-		if (channel_close_fd(ssh, &c->rfd) < 0) {
7afad6
+		if (channel_close_fd(ssh, c, &c->rfd) < 0) {
7afad6
 			logit("channel %d: %s: close() failed for "
7afad6
 			    "fd %d [i%d o%d]: %.100s",
7afad6
 			    c->self, __func__, c->rfd, c->istate, c->ostate,
7afad6
@@ -437,7 +437,7 @@ chan_shutdown_extended_read(struct ssh *
7afad6
 	debug2("channel %d: %s (i%d o%d sock %d wfd %d efd %d [%s])",
7afad6
 	    c->self, __func__, c->istate, c->ostate, c->sock, c->rfd, c->efd,
7afad6
 	    channel_format_extended_usage(c));
7afad6
-	if (channel_close_fd(ssh, &c->efd) < 0) {
7afad6
+	if (channel_close_fd(ssh, c, &c->efd) < 0) {
7afad6
 		logit("channel %d: %s: close() failed for "
7afad6
 		    "extended fd %d [i%d o%d]: %.100s",
7afad6
 		    c->self, __func__, c->efd, c->istate, c->ostate,
7afad6
diff -up openssh-8.0p1/ssh.c.restore-nonblock openssh-8.0p1/ssh.c
7afad6
--- openssh-8.0p1/ssh.c.restore-nonblock	2021-06-21 10:44:26.389559681 +0200
7afad6
+++ openssh-8.0p1/ssh.c	2021-06-21 10:54:47.651377045 +0200
7afad6
@@ -1709,7 +1709,8 @@ ssh_init_stdio_forwarding(struct ssh *ss
7afad6
 	    (out = dup(STDOUT_FILENO)) < 0)
7afad6
 		fatal("channel_connect_stdio_fwd: dup() in/out failed");
7afad6
 	if ((c = channel_connect_stdio_fwd(ssh, options.stdio_forward_host,
7afad6
-	    options.stdio_forward_port, in, out)) == NULL)
7afad6
+	    options.stdio_forward_port, in, out,
7afad6
+	    CHANNEL_NONBLOCK_STDIO)) == NULL)
7afad6
 		fatal("%s: channel_connect_stdio_fwd failed", __func__);
7afad6
 	channel_register_cleanup(ssh, c->self, client_cleanup_stdio_fwd, 0);
7afad6
 	channel_register_open_confirm(ssh, c->self, ssh_stdio_confirm, NULL);
7afad6
@@ -1862,14 +1863,6 @@ ssh_session2_open(struct ssh *ssh)
7afad6
 	if (in < 0 || out < 0 || err < 0)
7afad6
 		fatal("dup() in/out/err failed");
7afad6
 
7afad6
-	/* enable nonblocking unless tty */
7afad6
-	if (!isatty(in))
7afad6
-		set_nonblock(in);
7afad6
-	if (!isatty(out))
7afad6
-		set_nonblock(out);
7afad6
-	if (!isatty(err))
7afad6
-		set_nonblock(err);
7afad6
-
7afad6
 	window = CHAN_SES_WINDOW_DEFAULT;
7afad6
 	packetmax = CHAN_SES_PACKET_DEFAULT;
7afad6
 	if (tty_flag) {
7afad6
@@ -1879,7 +1872,7 @@ ssh_session2_open(struct ssh *ssh)
7afad6
 	c = channel_new(ssh,
7afad6
 	    "session", SSH_CHANNEL_OPENING, in, out, err,
7afad6
 	    window, packetmax, CHAN_EXTENDED_WRITE,
7afad6
-	    "client-session", /*nonblock*/0);
7afad6
+	    "client-session", CHANNEL_NONBLOCK_STDIO);
7afad6
 
7afad6
 	debug3("%s: channel_new: %d", __func__, c->self);
7afad6