- djm@cvs.openbsd.org 2005/06/08 11:25:09

[clientloop.c readconf.c readconf.h ssh.c ssh_config.5] add ControlMaster=auto/autoask options to support opportunistic multiplexing; tested avsm@ and jakob@, ok markus@
author: Damien Miller <djm@mindrot.org> 2005-06-16 13:19:41 +1000
committer: Damien Miller <djm@mindrot.org> 2005-06-16 13:19:41 +1000
commit: d14b1e731cf4cb79c3ff5ced9315cc11f1fceced (patch)
tree: 9ae43dce762d8452154b48d4a5b792ecd2db487e
parent: ac7ef6a7360f7b1e417790d288f42f474c4ceb55 (diff)
6 files changed, 79 insertions, 16 deletions
diff --git a/ChangeLog b/ChangeLog
index 728026a62..35249dd85 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -11,6 +11,10 @@
     [ssh-keygen.1 ssh-keygen.c sshd.8]
     increase default rsa/dsa key length from 1024 to 2048 bits;
     ok markus@ deraadt@
+   - djm@cvs.openbsd.org 2005/06/08 11:25:09
+     [clientloop.c readconf.c readconf.h ssh.c ssh_config.5]
+     add ControlMaster=auto/autoask options to support opportunistic
+     multiplexing; tested avsm@ and jakob@, ok markus@
 20050609
 - (dtucker) [cipher.c openbsd-compat/Makefile.in
@@ -2706,4 +2710,4 @@
   - (djm) Trim deprecated options from INSTALL. Mention UsePAM
   - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
-$Id: ChangeLog,v 1.3818 2005/06/16 03:19:06 djm Exp $
+$Id: ChangeLog,v 1.3819 2005/06/16 03:19:41 djm Exp $
diff --git a/clientloop.c b/clientloop.c
index 1591215bd..ae4dce820 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -59,7 +59,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: clientloop.c,v 1.136 2005/03/10 22:01:05 deraadt Exp $");
+RCSID("$OpenBSD: clientloop.c,v 1.137 2005/06/08 11:25:09 djm Exp $");
 #include "ssh.h"
 #include "ssh1.h"
@@ -616,13 +616,15 @@ client_process_control(fd_set * readset)
        switch (command) {
        case SSHMUX_COMMAND_OPEN:
-                if (options.control_master == 2)
+                if (options.control_master == SSHCTL_MASTER_ASK ||
+                    options.control_master == SSHCTL_MASTER_AUTO_ASK)
                        allowed = ask_permission("Allow shared connection "
                            "to %s? ", host);
                /* continue below */
                break;
        case SSHMUX_COMMAND_TERMINATE:
-                if (options.control_master == 2)
+                if (options.control_master == SSHCTL_MASTER_ASK ||
+                    options.control_master == SSHCTL_MASTER_AUTO_ASK)
                        allowed = ask_permission("Terminate shared connection "
                            "to %s? ", host);
                if (allowed)
diff --git a/readconf.c b/readconf.c
index d41220807..5ec89e2f0 100644
--- a/readconf.c
+++ b/readconf.c
@@ -12,7 +12,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: readconf.c,v 1.140 2005/05/16 15:30:51 markus Exp $");
+RCSID("$OpenBSD: readconf.c,v 1.141 2005/06/08 11:25:09 djm Exp $");
 #include "ssh.h"
 #include "xmalloc.h"
@@ -796,7 +796,27 @@ parse_int:
        case oControlMaster:
                intptr = &options->control_master;
-                goto parse_yesnoask;
+                arg = strdelim(&s);
+                if (!arg || *arg == '\0')
+                        fatal("%.200s line %d: Missing ControlMaster argument.",
+                            filename, linenum);
+                value = 0;      /* To avoid compiler warning... */
+                if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0)
+                        value = SSHCTL_MASTER_YES;
+                else if (strcmp(arg, "no") == 0 || strcmp(arg, "false") == 0)
+                        value = SSHCTL_MASTER_NO;
+                else if (strcmp(arg, "auto") == 0)
+                        value = SSHCTL_MASTER_AUTO;
+                else if (strcmp(arg, "ask") == 0)
+                        value = SSHCTL_MASTER_ASK;
+                else if (strcmp(arg, "autoask") == 0)
+                        value = SSHCTL_MASTER_AUTO_ASK;
+                else
+                        fatal("%.200s line %d: Bad ControlMaster argument.",
+                            filename, linenum);
+                if (*activep && *intptr == -1)
+                        *intptr = value;
+                break;
        case oHashKnownHosts:
                intptr = &options->hash_known_hosts;
diff --git a/readconf.h b/readconf.h
index de4b4cb27..2b9deb9db 100644
--- a/readconf.h
+++ b/readconf.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: readconf.h,v 1.66 2005/03/01 10:40:27 djm Exp $       */
+/*      $OpenBSD: readconf.h,v 1.67 2005/06/08 11:25:09 djm Exp $       */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -116,6 +116,11 @@ typedef struct {
        int     hash_known_hosts;
 }       Options;
+#define SSHCTL_MASTER_NO        0
+#define SSHCTL_MASTER_YES       1
+#define SSHCTL_MASTER_AUTO      2
+#define SSHCTL_MASTER_ASK       3
+#define SSHCTL_MASTER_AUTO_ASK  4
 void     initialize_options(Options *);
 void     fill_default_options(Options *);
diff --git a/ssh.c b/ssh.c
index 0871d06de..a27c45725 100644
--- a/ssh.c
+++ b/ssh.c
@@ -40,7 +40,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: ssh.c,v 1.241 2005/06/06 11:20:36 djm Exp $");
+RCSID("$OpenBSD: ssh.c,v 1.242 2005/06/08 11:25:09 djm Exp $");
 #include <openssl/evp.h>
 #include <openssl/err.h>
@@ -386,8 +386,10 @@ again:
                        }
                        break;
                case 'M':
-                        options.control_master =
+                        if (options.control_master == SSHCTL_MASTER_YES)
-                            (options.control_master >= 1) ? 2 : 1;
+                                options.control_master = SSHCTL_MASTER_ASK;
+                        else
+                                options.control_master = SSHCTL_MASTER_YES;
                        break;
                case 'p':
                        options.port = a2port(optarg);
@@ -618,11 +620,8 @@ again:
        }
        if (mux_command != 0 && options.control_path == NULL)
                fatal("No ControlPath specified for \"-O\" command");
-        if (options.control_path != NULL && options.control_master == 0) {
+        if (options.control_path != NULL)
-                if (mux_command == 0)
-                        mux_command = SSHMUX_COMMAND_OPEN;
                control_client(options.control_path);
-        }
        /* Open a connection to the remote host. */
        if (ssh_connect(host, &hostaddr, options.port,
@@ -1086,9 +1085,12 @@ ssh_control_listener(void)
        mode_t old_umask;
        int addr_len;
-        if (options.control_path == NULL || options.control_master <= 0)
+        if (options.control_path == NULL ||
+            options.control_master == SSHCTL_MASTER_NO)
                return;
+        debug("setting up multiplex master socket");
        memset(&addr, '\0', sizeof(addr));
        addr.sun_family = AF_UNIX;
        addr_len = offsetof(struct sockaddr_un, sun_path) +
@@ -1299,6 +1301,20 @@ control_client(const char *path)
        extern char **environ;
        u_int  flags;
+        if (mux_command == 0)
+                mux_command = SSHMUX_COMMAND_OPEN;
+        switch (options.control_master) {
+        case SSHCTL_MASTER_AUTO:
+        case SSHCTL_MASTER_AUTO_ASK:
+                debug("auto-mux: Trying existing master");
+                /* FALLTHROUGH */
+        case SSHCTL_MASTER_NO:
+                break;
+        default:
+                return;
+        }
        memset(&addr, '\0', sizeof(addr));
        addr.sun_family = AF_UNIX;
        addr_len = offsetof(struct sockaddr_un, sun_path) +
diff --git a/ssh_config.5 b/ssh_config.5
index 2afc3c093..a04ffc288 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh_config.5,v 1.55 2005/06/06 11:20:36 djm Exp $
+.\" $OpenBSD: ssh_config.5,v 1.56 2005/06/08 11:25:09 djm Exp $
 .Dd September 25, 1999
 .Dt SSH_CONFIG 5
 .Os
@@ -278,6 +278,17 @@ If the
 can not be opened,
 .Nm ssh
 will continue without connecting to a master instance.
+.Pp
+Two additional options allow for opportunistic multiplexing: try to use a
+master connection but fall back to creating a new one if one does not already
+exist.
+These options are:
+.Dq auto
+and
+.Dq autoask .
+The latter requires confirmation like the
+.Dq ask
+option.
 .It Cm ControlPath
 Specify the path to the control socket used for connection sharing as described
 in the
@@ -290,6 +301,11 @@ will be substituted by the target host name,
 the port and
 .Ql %r
 by the remote login username.
+It is recommended that any
+.Cm ControlPath
+used for opportunistic connection sharing include
+all three of these escape sequences.
+This ensures that shared connections are uniquely identified.
 .It Cm DynamicForward
 Specifies that a TCP/IP port on the local machine be forwarded
 over the secure channel, and the application
author	Damien Miller <djm@mindrot.org>	2005-06-16 13:19:41 +1000
committer	Damien Miller <djm@mindrot.org>	2005-06-16 13:19:41 +1000
commit	d14b1e731cf4cb79c3ff5ced9315cc11f1fceced (patch)
tree	9ae43dce762d8452154b48d4a5b792ecd2db487e
parent	ac7ef6a7360f7b1e417790d288f42f474c4ceb55 (diff)