diff options
| author | Darren Tucker <dtucker@zip.com.au> | 2013-05-16 20:28:16 +1000 |
|---|---|---|
| committer | Darren Tucker <dtucker@zip.com.au> | 2013-05-16 20:28:16 +1000 |
| commit | c53c2af173cf67fd1c26f98e7900299b1b65b6ec (patch) | |
| tree | 1c83d4abcdec31e4be6d8a2955fdad33b985b976 /clientloop.c | |
| parent | 64c6fceecd27e1739040b42de8f3759454260b39 (diff) | |
- dtucker@cvs.openbsd.org 2013/05/16 02:00:34
[ssh_config sshconnect2.c packet.c readconf.h readconf.c clientloop.c
ssh_config.5 packet.h]
Add an optional second argument to RekeyLimit in the client to allow
rekeying based on elapsed time in addition to amount of traffic.
with djm@ jmc@, ok djm
Diffstat (limited to 'clientloop.c')
| -rw-r--r-- | clientloop.c | 23 |
1 files changed, 17 insertions, 6 deletions
diff --git a/clientloop.c b/clientloop.c index c1d1d4472..f1b108fcd 100644 --- a/clientloop.c +++ b/clientloop.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: clientloop.c,v 1.248 2013/01/02 00:32:07 djm Exp $ */ | 1 | /* $OpenBSD: clientloop.c,v 1.249 2013/05/16 02:00:34 dtucker Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -583,7 +583,7 @@ client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, | |||
| 583 | { | 583 | { |
| 584 | struct timeval tv, *tvp; | 584 | struct timeval tv, *tvp; |
| 585 | int timeout_secs; | 585 | int timeout_secs; |
| 586 | time_t minwait_secs = 0; | 586 | time_t minwait_secs = 0, server_alive_time = 0, now = time(NULL); |
| 587 | int ret; | 587 | int ret; |
| 588 | 588 | ||
| 589 | /* Add any selections by the channel mechanism. */ | 589 | /* Add any selections by the channel mechanism. */ |
| @@ -632,12 +632,16 @@ client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, | |||
| 632 | */ | 632 | */ |
| 633 | 633 | ||
| 634 | timeout_secs = INT_MAX; /* we use INT_MAX to mean no timeout */ | 634 | timeout_secs = INT_MAX; /* we use INT_MAX to mean no timeout */ |
| 635 | if (options.server_alive_interval > 0 && compat20) | 635 | if (options.server_alive_interval > 0 && compat20) { |
| 636 | timeout_secs = options.server_alive_interval; | 636 | timeout_secs = options.server_alive_interval; |
| 637 | server_alive_time = now + options.server_alive_interval; | ||
| 638 | } | ||
| 639 | if (options.rekey_interval > 0 && compat20 && !rekeying) | ||
| 640 | timeout_secs = MIN(timeout_secs, packet_get_rekey_timeout()); | ||
| 637 | set_control_persist_exit_time(); | 641 | set_control_persist_exit_time(); |
| 638 | if (control_persist_exit_time > 0) { | 642 | if (control_persist_exit_time > 0) { |
| 639 | timeout_secs = MIN(timeout_secs, | 643 | timeout_secs = MIN(timeout_secs, |
| 640 | control_persist_exit_time - time(NULL)); | 644 | control_persist_exit_time - now); |
| 641 | if (timeout_secs < 0) | 645 | if (timeout_secs < 0) |
| 642 | timeout_secs = 0; | 646 | timeout_secs = 0; |
| 643 | } | 647 | } |
| @@ -669,8 +673,15 @@ client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, | |||
| 669 | snprintf(buf, sizeof buf, "select: %s\r\n", strerror(errno)); | 673 | snprintf(buf, sizeof buf, "select: %s\r\n", strerror(errno)); |
| 670 | buffer_append(&stderr_buffer, buf, strlen(buf)); | 674 | buffer_append(&stderr_buffer, buf, strlen(buf)); |
| 671 | quit_pending = 1; | 675 | quit_pending = 1; |
| 672 | } else if (ret == 0) | 676 | } else if (ret == 0) { |
| 673 | server_alive_check(); | 677 | /* |
| 678 | * Timeout. Could have been either keepalive or rekeying. | ||
| 679 | * Keepalive we check here, rekeying is checked in clientloop. | ||
| 680 | */ | ||
| 681 | if (server_alive_time != 0 && server_alive_time <= time(NULL)) | ||
| 682 | server_alive_check(); | ||
| 683 | } | ||
| 684 | |||
| 674 | } | 685 | } |
| 675 | 686 | ||
| 676 | static void | 687 | static void |