diff options
author | Damien Miller <djm@mindrot.org> | 2010-08-17 01:59:31 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2010-08-17 01:59:31 +1000 |
commit | 00d9ae26db2a8176f8ff511c207fa0bc7fadd562 (patch) | |
tree | a47c806a16673f2fd2c735a750bb7cf9b9343a58 /ssh.c | |
parent | aa74f6754aa3696cf15abb3f27b00a7274e062dd (diff) |
- djm@cvs.openbsd.org 2010/08/12 21:49:44
[ssh.c]
close any extra file descriptors inherited from parent at start and
reopen stdin/stdout to /dev/null when forking for ControlPersist.
prevents tools that fork and run a captive ssh for communication from
failing to exit when the ssh completes while they wait for these fds to
close. The inherited fds may persist arbitrarily long if a background
mux master has been started by ControlPersist. cvs and scp were effected
by this.
"please commit" markus@
Diffstat (limited to 'ssh.c')
-rw-r--r-- | ssh.c | 19 |
1 files changed, 18 insertions, 1 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh.c,v 1.345 2010/08/04 05:42:47 djm Exp $ */ | 1 | /* $OpenBSD: ssh.c,v 1.346 2010/08/12 21:49:44 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -238,6 +238,12 @@ main(int ac, char **av) | |||
238 | init_rng(); | 238 | init_rng(); |
239 | 239 | ||
240 | /* | 240 | /* |
241 | * Discard other fds that are hanging around. These can cause problem | ||
242 | * with backgrounded ssh processes started by ControlPersist. | ||
243 | */ | ||
244 | closefrom(STDERR_FILENO + 1); | ||
245 | |||
246 | /* | ||
241 | * Save the original real uid. It will be needed later (uid-swapping | 247 | * Save the original real uid. It will be needed later (uid-swapping |
242 | * may clobber the real uid). | 248 | * may clobber the real uid). |
243 | */ | 249 | */ |
@@ -898,6 +904,7 @@ static void | |||
898 | control_persist_detach(void) | 904 | control_persist_detach(void) |
899 | { | 905 | { |
900 | pid_t pid; | 906 | pid_t pid; |
907 | int devnull; | ||
901 | 908 | ||
902 | debug("%s: backgrounding master process", __func__); | 909 | debug("%s: backgrounding master process", __func__); |
903 | 910 | ||
@@ -924,6 +931,16 @@ control_persist_detach(void) | |||
924 | /* muxclient() doesn't return on success. */ | 931 | /* muxclient() doesn't return on success. */ |
925 | fatal("Failed to connect to new control master"); | 932 | fatal("Failed to connect to new control master"); |
926 | } | 933 | } |
934 | if ((devnull = open(_PATH_DEVNULL, O_RDWR)) == -1) { | ||
935 | error("%s: open(\"/dev/null\"): %s", __func__, | ||
936 | strerror(errno)); | ||
937 | } else { | ||
938 | if (dup2(devnull, STDIN_FILENO) == -1 || | ||
939 | dup2(devnull, STDOUT_FILENO) == -1) | ||
940 | error("%s: dup2: %s", __func__, strerror(errno)); | ||
941 | if (devnull > STDERR_FILENO) | ||
942 | close(devnull); | ||
943 | } | ||
927 | } | 944 | } |
928 | 945 | ||
929 | /* Do fork() after authentication. Used by "ssh -f" */ | 946 | /* Do fork() after authentication. Used by "ssh -f" */ |