diff options
| author | Damien Miller <djm@mindrot.org> | 2010-08-17 01:59:31 +1000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2010-08-17 01:59:31 +1000 |
| commit | 00d9ae26db2a8176f8ff511c207fa0bc7fadd562 (patch) | |
| tree | a47c806a16673f2fd2c735a750bb7cf9b9343a58 /ssh.c | |
| parent | aa74f6754aa3696cf15abb3f27b00a7274e062dd (diff) | |
- djm@cvs.openbsd.org 2010/08/12 21:49:44
[ssh.c]
close any extra file descriptors inherited from parent at start and
reopen stdin/stdout to /dev/null when forking for ControlPersist.
prevents tools that fork and run a captive ssh for communication from
failing to exit when the ssh completes while they wait for these fds to
close. The inherited fds may persist arbitrarily long if a background
mux master has been started by ControlPersist. cvs and scp were effected
by this.
"please commit" markus@
Diffstat (limited to 'ssh.c')
| -rw-r--r-- | ssh.c | 19 |
1 files changed, 18 insertions, 1 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssh.c,v 1.345 2010/08/04 05:42:47 djm Exp $ */ | 1 | /* $OpenBSD: ssh.c,v 1.346 2010/08/12 21:49:44 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -238,6 +238,12 @@ main(int ac, char **av) | |||
| 238 | init_rng(); | 238 | init_rng(); |
| 239 | 239 | ||
| 240 | /* | 240 | /* |
| 241 | * Discard other fds that are hanging around. These can cause problem | ||
| 242 | * with backgrounded ssh processes started by ControlPersist. | ||
| 243 | */ | ||
| 244 | closefrom(STDERR_FILENO + 1); | ||
| 245 | |||
| 246 | /* | ||
| 241 | * Save the original real uid. It will be needed later (uid-swapping | 247 | * Save the original real uid. It will be needed later (uid-swapping |
| 242 | * may clobber the real uid). | 248 | * may clobber the real uid). |
| 243 | */ | 249 | */ |
| @@ -898,6 +904,7 @@ static void | |||
| 898 | control_persist_detach(void) | 904 | control_persist_detach(void) |
| 899 | { | 905 | { |
| 900 | pid_t pid; | 906 | pid_t pid; |
| 907 | int devnull; | ||
| 901 | 908 | ||
| 902 | debug("%s: backgrounding master process", __func__); | 909 | debug("%s: backgrounding master process", __func__); |
| 903 | 910 | ||
| @@ -924,6 +931,16 @@ control_persist_detach(void) | |||
| 924 | /* muxclient() doesn't return on success. */ | 931 | /* muxclient() doesn't return on success. */ |
| 925 | fatal("Failed to connect to new control master"); | 932 | fatal("Failed to connect to new control master"); |
| 926 | } | 933 | } |
| 934 | if ((devnull = open(_PATH_DEVNULL, O_RDWR)) == -1) { | ||
| 935 | error("%s: open(\"/dev/null\"): %s", __func__, | ||
| 936 | strerror(errno)); | ||
| 937 | } else { | ||
| 938 | if (dup2(devnull, STDIN_FILENO) == -1 || | ||
| 939 | dup2(devnull, STDOUT_FILENO) == -1) | ||
| 940 | error("%s: dup2: %s", __func__, strerror(errno)); | ||
| 941 | if (devnull > STDERR_FILENO) | ||
| 942 | close(devnull); | ||
| 943 | } | ||
| 927 | } | 944 | } |
| 928 | 945 | ||
| 929 | /* Do fork() after authentication. Used by "ssh -f" */ | 946 | /* Do fork() after authentication. Used by "ssh -f" */ |