6 files changed, 699 insertions, 596 deletions
diff --git a/ChangeLog b/ChangeLog
index 9e683143a..90ee86ac8 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -111,6 +111,12 @@
     was to try the first address and give up.
     Reported by stig AT venaas.com in bz#343
     great feedback and ok markus@
+   - djm@cvs.openbsd.org 2008/05/09 14:18:44
+     [clientloop.c clientloop.h ssh.c mux.c]
+     tidy up session multiplexing code, moving it into its own file and
+     making the function names more consistent - making ssh.c and
+     clientloop.c a fair bit more readable.
+     ok markus@
 20080403
 - (djm) [openbsd-compat/bsd-poll.c] Include stdlib.h to avoid compile-
@@ -3971,4 +3977,4 @@
   OpenServer 6 and add osr5bigcrypt support so when someone migrates
   passwords between UnixWare and OpenServer they will still work. OK dtucker@
-$Id: ChangeLog,v 1.4925 2008/05/19 05:37:09 djm Exp $
+$Id: ChangeLog,v 1.4926 2008/05/19 06:00:08 djm Exp $
diff --git a/Makefile.in b/Makefile.in
index 6b488feca..b57b9b72d 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -1,4 +1,4 @@
-# $Id: Makefile.in,v 1.289 2008/03/13 01:41:31 djm Exp $
+# $Id: Makefile.in,v 1.290 2008/05/19 06:00:08 djm Exp $
 # uncomment if you run a non bourne compatable shell. Ie. csh
 #SHELL = @SH@
@@ -74,7 +74,7 @@ LIBSSH_OBJS=acss.o authfd.o authfile.o bufaux.o bufbn.o buffer.o \
        entropy.o scard-opensc.o gss-genr.o umac.o
 SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \
-        sshconnect.o sshconnect1.o sshconnect2.o
+        sshconnect.o sshconnect1.o sshconnect2.o mux.o
 SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \
        sshpty.o sshlogin.o servconf.o serverloop.o \
diff --git a/clientloop.c b/clientloop.c
index 7bd1af60c..c87aa5a0a 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: clientloop.c,v 1.191 2008/05/09 04:55:56 djm Exp $ */
+/* $OpenBSD: clientloop.c,v 1.192 2008/05/09 14:18:44 djm Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -121,7 +121,7 @@ extern int stdin_null_flag;
 extern int no_shell_flag;
 /* Control socket */
-extern int control_fd;
+extern int muxserver_sock;
 /*
 * Name of the host we are connecting to.  This is the name given on the
@@ -162,17 +162,6 @@ static int session_closed = 0;	/* In SSH2: login session closed. */
 static void client_init_dispatch(void);
 int     session_ident = -1;
-struct confirm_ctx {
-        int want_tty;
-        int want_subsys;
-        int want_x_fwd;
-        int want_agent_fwd;
-        Buffer cmd;
-        char *term;
-        struct termios tio;
-        char **env;
-};
 struct channel_reply_ctx {
        const char *request_type;
        int id, do_close;
@@ -538,8 +527,8 @@ client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp,
        if (packet_have_data_to_write())
                FD_SET(connection_out, *writesetp);
-        if (control_fd != -1)
+        if (muxserver_sock != -1)
-                FD_SET(control_fd, *readsetp);
+                FD_SET(muxserver_sock, *readsetp);
        /*
         * Wait for something to happen.  This will suspend the process until
@@ -707,284 +696,6 @@ client_expect_confirm(int id, const char *request, int do_close)
 }
 static void
-client_extra_session2_setup(int id, void *arg)
-{
-        struct confirm_ctx *cctx = arg;
-        const char *display;
-        Channel *c;
-        int i;
-        if (cctx == NULL)
-                fatal("%s: cctx == NULL", __func__);
-        if ((c = channel_lookup(id)) == NULL)
-                fatal("%s: no channel for id %d", __func__, id);
-        display = getenv("DISPLAY");
-        if (cctx->want_x_fwd && options.forward_x11 && display != NULL) {
-                char *proto, *data;
-                /* Get reasonable local authentication information. */
-                client_x11_get_proto(display, options.xauth_location,
-                    options.forward_x11_trusted, &proto, &data);
-                /* Request forwarding with authentication spoofing. */
-                debug("Requesting X11 forwarding with authentication spoofing.");
-                x11_request_forwarding_with_spoofing(id, display, proto, data);
-                /* XXX wait for reply */
-        }
-        if (cctx->want_agent_fwd && options.forward_agent) {
-                debug("Requesting authentication agent forwarding.");
-                channel_request_start(id, "auth-agent-req@openssh.com", 0);
-                packet_send();
-        }
-        client_session2_setup(id, cctx->want_tty, cctx->want_subsys,
-            cctx->term, &cctx->tio, c->rfd, &cctx->cmd, cctx->env);
-        c->open_confirm_ctx = NULL;
-        buffer_free(&cctx->cmd);
-        xfree(cctx->term);
-        if (cctx->env != NULL) {
-                for (i = 0; cctx->env[i] != NULL; i++)
-                        xfree(cctx->env[i]);
-                xfree(cctx->env);
-        }
-        xfree(cctx);
-}
-static void
-client_process_control(fd_set *readset)
-{
-        Buffer m;
-        Channel *c;
-        int client_fd, new_fd[3], ver, allowed, window, packetmax;
-        socklen_t addrlen;
-        struct sockaddr_storage addr;
-        struct confirm_ctx *cctx;
-        char *cmd;
-        u_int i, j, len, env_len, command, flags;
-        uid_t euid;
-        gid_t egid;
-        /*
-         * Accept connection on control socket
-         */
-        if (control_fd == -1 || !FD_ISSET(control_fd, readset))
-                return;
-        memset(&addr, 0, sizeof(addr));
-        addrlen = sizeof(addr);
-        if ((client_fd = accept(control_fd,
-            (struct sockaddr*)&addr, &addrlen)) == -1) {
-                error("%s accept: %s", __func__, strerror(errno));
-                return;
-        }
-        if (getpeereid(client_fd, &euid, &egid) < 0) {
-                error("%s getpeereid failed: %s", __func__, strerror(errno));
-                close(client_fd);
-                return;
-        }
-        if ((euid != 0) && (getuid() != euid)) {
-                error("control mode uid mismatch: peer euid %u != uid %u",
-                    (u_int) euid, (u_int) getuid());
-                close(client_fd);
-                return;
-        }
-        unset_nonblock(client_fd);
-        /* Read command */
-        buffer_init(&m);
-        if (ssh_msg_recv(client_fd, &m) == -1) {
-                error("%s: client msg_recv failed", __func__);
-                close(client_fd);
-                buffer_free(&m);
-                return;
-        }
-        if ((ver = buffer_get_char(&m)) != SSHMUX_VER) {
-                error("%s: wrong client version %d", __func__, ver);
-                buffer_free(&m);
-                close(client_fd);
-                return;
-        }
-        allowed = 1;
-        command = buffer_get_int(&m);
-        flags = buffer_get_int(&m);
-        buffer_clear(&m);
-        switch (command) {
-        case SSHMUX_COMMAND_OPEN:
-                if (options.control_master == SSHCTL_MASTER_ASK ||
-                    options.control_master == SSHCTL_MASTER_AUTO_ASK)
-                        allowed = ask_permission("Allow shared connection "
-                            "to %s? ", host);
-                /* continue below */
-                break;
-        case SSHMUX_COMMAND_TERMINATE:
-                if (options.control_master == SSHCTL_MASTER_ASK ||
-                    options.control_master == SSHCTL_MASTER_AUTO_ASK)
-                        allowed = ask_permission("Terminate shared connection "
-                            "to %s? ", host);
-                if (allowed)
-                        quit_pending = 1;
-                /* FALLTHROUGH */
-        case SSHMUX_COMMAND_ALIVE_CHECK:
-                /* Reply for SSHMUX_COMMAND_TERMINATE and ALIVE_CHECK */
-                buffer_clear(&m);
-                buffer_put_int(&m, allowed);
-                buffer_put_int(&m, getpid());
-                if (ssh_msg_send(client_fd, SSHMUX_VER, &m) == -1) {
-                        error("%s: client msg_send failed", __func__);
-                        close(client_fd);
-                        buffer_free(&m);
-                        return;
-                }
-                buffer_free(&m);
-                close(client_fd);
-                return;
-        default:
-                error("Unsupported command %d", command);
-                buffer_free(&m);
-                close(client_fd);
-                return;
-        }
-        /* Reply for SSHMUX_COMMAND_OPEN */
-        buffer_clear(&m);
-        buffer_put_int(&m, allowed);
-        buffer_put_int(&m, getpid());
-        if (ssh_msg_send(client_fd, SSHMUX_VER, &m) == -1) {
-                error("%s: client msg_send failed", __func__);
-                close(client_fd);
-                buffer_free(&m);
-                return;
-        }
-        if (!allowed) {
-                error("Refused control connection");
-                close(client_fd);
-                buffer_free(&m);
-                return;
-        }
-        buffer_clear(&m);
-        if (ssh_msg_recv(client_fd, &m) == -1) {
-                error("%s: client msg_recv failed", __func__);
-                close(client_fd);
-                buffer_free(&m);
-                return;
-        }
-        if ((ver = buffer_get_char(&m)) != SSHMUX_VER) {
-                error("%s: wrong client version %d", __func__, ver);
-                buffer_free(&m);
-                close(client_fd);
-                return;
-        }
-        cctx = xcalloc(1, sizeof(*cctx));
-        cctx->want_tty = (flags & SSHMUX_FLAG_TTY) != 0;
-        cctx->want_subsys = (flags & SSHMUX_FLAG_SUBSYS) != 0;
-        cctx->want_x_fwd = (flags & SSHMUX_FLAG_X11_FWD) != 0;
-        cctx->want_agent_fwd = (flags & SSHMUX_FLAG_AGENT_FWD) != 0;
-        cctx->term = buffer_get_string(&m, &len);
-        cmd = buffer_get_string(&m, &len);
-        buffer_init(&cctx->cmd);
-        buffer_append(&cctx->cmd, cmd, strlen(cmd));
-        env_len = buffer_get_int(&m);
-        env_len = MIN(env_len, 4096);
-        debug3("%s: receiving %d env vars", __func__, env_len);
-        if (env_len != 0) {
-                cctx->env = xcalloc(env_len + 1, sizeof(*cctx->env));
-                for (i = 0; i < env_len; i++)
-                        cctx->env[i] = buffer_get_string(&m, &len);
-                cctx->env[i] = NULL;
-        }
-        debug2("%s: accepted tty %d, subsys %d, cmd %s", __func__,
-            cctx->want_tty, cctx->want_subsys, cmd);
-        xfree(cmd);
-        /* Gather fds from client */
-        for(i = 0; i < 3; i++) {
-                if ((new_fd[i] = mm_receive_fd(client_fd)) == -1) {
-                        error("%s: failed to receive fd %d from slave",
-                            __func__, i);
-                        for (j = 0; j < i; j++)
-                                close(new_fd[j]);
-                        for (j = 0; j < env_len; j++)
-                                xfree(cctx->env[j]);
-                        if (env_len > 0)
-                                xfree(cctx->env);
-                        xfree(cctx->term);
-                        buffer_free(&cctx->cmd);
-                        close(client_fd);
-                        xfree(cctx);
-                        return;
-                }
-        }
-        debug2("%s: got fds stdin %d, stdout %d, stderr %d", __func__,
-            new_fd[0], new_fd[1], new_fd[2]);
-        /* Try to pick up ttymodes from client before it goes raw */
-        if (cctx->want_tty && tcgetattr(new_fd[0], &cctx->tio) == -1)
-                error("%s: tcgetattr: %s", __func__, strerror(errno));
-        /* This roundtrip is just for synchronisation of ttymodes */
-        buffer_clear(&m);
-        if (ssh_msg_send(client_fd, SSHMUX_VER, &m) == -1) {
-                error("%s: client msg_send failed", __func__);
-                close(client_fd);
-                close(new_fd[0]);
-                close(new_fd[1]);
-                close(new_fd[2]);
-                buffer_free(&m);
-                xfree(cctx->term);
-                if (env_len != 0) {
-                        for (i = 0; i < env_len; i++)
-                                xfree(cctx->env[i]);
-                        xfree(cctx->env);
-                }
-                return;
-        }
-        buffer_free(&m);
-        /* enable nonblocking unless tty */
-        if (!isatty(new_fd[0]))
-                set_nonblock(new_fd[0]);
-        if (!isatty(new_fd[1]))
-                set_nonblock(new_fd[1]);
-        if (!isatty(new_fd[2]))
-                set_nonblock(new_fd[2]);
-        set_nonblock(client_fd);
-        window = CHAN_SES_WINDOW_DEFAULT;
-        packetmax = CHAN_SES_PACKET_DEFAULT;
-        if (cctx->want_tty) {
-                window >>= 1;
-                packetmax >>= 1;
-        }
-        
-        c = channel_new("session", SSH_CHANNEL_OPENING,
-            new_fd[0], new_fd[1], new_fd[2], window, packetmax,
-            CHAN_EXTENDED_WRITE, "client-session", /*nonblock*/0);
-        /* XXX */
-        c->ctl_fd = client_fd;
-        debug3("%s: channel_new: %d", __func__, c->self);
-        channel_send_open(c->self);
-        channel_register_open_confirm(c->self,
-            client_extra_session2_setup, cctx);
-}
-static void
 process_cmdline(void)
 {
        void (*handler)(int);
@@ -1448,8 +1159,8 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
        connection_in = packet_get_connection_in();
        connection_out = packet_get_connection_out();
        max_fd = MAX(connection_in, connection_out);
-        if (control_fd != -1)
+        if (muxserver_sock != -1)
-                max_fd = MAX(max_fd, control_fd);
+                max_fd = MAX(max_fd, muxserver_sock);
        if (!compat20) {
                /* enable nonblocking unless tty */
@@ -1569,7 +1280,10 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
                client_process_net_input(readset);
                /* Accept control connections.  */
-                client_process_control(readset);
+                if (muxserver_sock != -1 &&FD_ISSET(muxserver_sock, readset)) {
+                        if (muxserver_accept_control())
+                                quit_pending = 1;
+                }
                if (quit_pending)
                        break;
@@ -2157,7 +1871,7 @@ cleanup_exit(int i)
 {
        leave_raw_mode();
        leave_non_blocking();
-        if (options.control_path != NULL && control_fd != -1)
+        if (options.control_path != NULL && muxserver_sock != -1)
                unlink(options.control_path);
        _exit(i);
 }
diff --git a/clientloop.h b/clientloop.h
index cb2d7c089..6f8e70123 100644
--- a/clientloop.h
+++ b/clientloop.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: clientloop.h,v 1.18 2008/05/08 13:06:11 djm Exp $ */
+/* $OpenBSD: clientloop.h,v 1.19 2008/05/09 14:18:44 djm Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -58,3 +58,21 @@ int	 client_request_tun_fwd(int, int, int);
 #define SSHMUX_FLAG_SUBSYS              (1<<1)  /* Subsystem request on open */
 #define SSHMUX_FLAG_X11_FWD             (1<<2)  /* Request X11 forwarding */
 #define SSHMUX_FLAG_AGENT_FWD           (1<<3)  /* Request agent forwarding */
+/* Multiplexing routines */
+struct mux_session_confirm_ctx {
+        int want_tty;
+        int want_subsys;
+        int want_x_fwd;
+        int want_agent_fwd;
+        Buffer cmd;
+        char *term;
+        struct termios tio;
+        char **env;
+};
+/* mux.c */
+void    muxserver_listen(void);
+int     muxserver_accept_control(void);
+void    muxclient(const char *);
diff --git a/mux.c b/mux.c
new file mode 100644
index 000000000..78ba63153
--- /dev/null
+++ b/mux.c
@@ -0,0 +1,646 @@
+/* $OpenBSD: mux.c,v 1.1 2008/05/09 14:18:44 djm Exp $ */
+/*
+ * Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+/* ssh session multiplexing support */
+#include <sys/types.h>
+#include <sys/param.h>
+#include <sys/stat.h>
+#include <sys/socket.h>
+#include <sys/un.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <signal.h>
+#include <stdarg.h>
+#include <stddef.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+#include <util.h>
+#include <paths.h>
+#include "openbsd-compat/sys-queue.h"
+#include "xmalloc.h"
+#include "log.h"
+#include "ssh.h"
+#include "pathnames.h"
+#include "misc.h"
+#include "match.h"
+#include "buffer.h"
+#include "channels.h"
+#include "msg.h"
+#include "packet.h"
+#include "monitor_fdpass.h"
+#include "sshpty.h"
+#include "key.h"
+#include "readconf.h"
+#include "clientloop.h"
+/* from ssh.c */
+extern int tty_flag;
+extern Options options;
+extern int stdin_null_flag;
+extern char *host;
+int subsystem_flag;
+extern Buffer command;
+/* fd to control socket */
+int muxserver_sock = -1;
+/* Multiplexing control command */
+u_int muxclient_command = 0;
+/* Set when signalled. */
+static volatile sig_atomic_t muxclient_terminate = 0;
+/* PID of multiplex server */
+static u_int muxserver_pid = 0;
+/* ** Multiplexing master support */
+/* Prepare a mux master to listen on a Unix domain socket. */
+void
+muxserver_listen(void)
+{
+        struct sockaddr_un addr;
+        mode_t old_umask;
+        int addr_len;
+        if (options.control_path == NULL ||
+            options.control_master == SSHCTL_MASTER_NO)
+                return;
+        debug("setting up multiplex master socket");
+        memset(&addr, '\0', sizeof(addr));
+        addr.sun_family = AF_UNIX;
+        addr_len = offsetof(struct sockaddr_un, sun_path) +
+            strlen(options.control_path) + 1;
+        if (strlcpy(addr.sun_path, options.control_path,
+            sizeof(addr.sun_path)) >= sizeof(addr.sun_path))
+                fatal("ControlPath too long");
+        if ((muxserver_sock = socket(PF_UNIX, SOCK_STREAM, 0)) < 0)
+                fatal("%s socket(): %s", __func__, strerror(errno));
+        old_umask = umask(0177);
+        if (bind(muxserver_sock, (struct sockaddr *)&addr, addr_len) == -1) {
+                muxserver_sock = -1;
+                if (errno == EINVAL || errno == EADDRINUSE)
+                        fatal("ControlSocket %s already exists",
+                            options.control_path);
+                else
+                        fatal("%s bind(): %s", __func__, strerror(errno));
+        }
+        umask(old_umask);
+        if (listen(muxserver_sock, 64) == -1)
+                fatal("%s listen(): %s", __func__, strerror(errno));
+        set_nonblock(muxserver_sock);
+}
+/* Callback on open confirmation in mux master for a mux client session. */
+static void
+client_extra_session2_setup(int id, void *arg)
+{
+        struct mux_session_confirm_ctx *cctx = arg;
+        const char *display;
+        Channel *c;
+        int i;
+        if (cctx == NULL)
+                fatal("%s: cctx == NULL", __func__);
+        if ((c = channel_lookup(id)) == NULL)
+                fatal("%s: no channel for id %d", __func__, id);
+        display = getenv("DISPLAY");
+        if (cctx->want_x_fwd && options.forward_x11 && display != NULL) {
+                char *proto, *data;
+                /* Get reasonable local authentication information. */
+                client_x11_get_proto(display, options.xauth_location,
+                    options.forward_x11_trusted, &proto, &data);
+                /* Request forwarding with authentication spoofing. */
+                debug("Requesting X11 forwarding with authentication spoofing.");
+                x11_request_forwarding_with_spoofing(id, display, proto, data);
+                /* XXX wait for reply */
+        }
+        if (cctx->want_agent_fwd && options.forward_agent) {
+                debug("Requesting authentication agent forwarding.");
+                channel_request_start(id, "auth-agent-req@openssh.com", 0);
+                packet_send();
+        }
+        client_session2_setup(id, cctx->want_tty, cctx->want_subsys,
+            cctx->term, &cctx->tio, c->rfd, &cctx->cmd, cctx->env);
+        c->open_confirm_ctx = NULL;
+        buffer_free(&cctx->cmd);
+        xfree(cctx->term);
+        if (cctx->env != NULL) {
+                for (i = 0; cctx->env[i] != NULL; i++)
+                        xfree(cctx->env[i]);
+                xfree(cctx->env);
+        }
+        xfree(cctx);
+}
+/*
+ * Accept a connection on the mux master socket and process the
+ * client's request. Returns flag indicating whether mux master should
+ * begin graceful close.
+ */
+int
+muxserver_accept_control(void)
+{
+        Buffer m;
+        Channel *c;
+        int client_fd, new_fd[3], ver, allowed, window, packetmax;
+        socklen_t addrlen;
+        struct sockaddr_storage addr;
+        struct mux_session_confirm_ctx *cctx;
+        char *cmd;
+        u_int i, j, len, env_len, mux_command, flags;
+        uid_t euid;
+        gid_t egid;
+        int start_close = 0;
+        /*
+         * Accept connection on control socket
+         */
+        memset(&addr, 0, sizeof(addr));
+        addrlen = sizeof(addr);
+        if ((client_fd = accept(muxserver_sock,
+            (struct sockaddr*)&addr, &addrlen)) == -1) {
+                error("%s accept: %s", __func__, strerror(errno));
+                return 0;
+        }
+        if (getpeereid(client_fd, &euid, &egid) < 0) {
+                error("%s getpeereid failed: %s", __func__, strerror(errno));
+                close(client_fd);
+                return 0;
+        }
+        if ((euid != 0) && (getuid() != euid)) {
+                error("control mode uid mismatch: peer euid %u != uid %u",
+                    (u_int) euid, (u_int) getuid());
+                close(client_fd);
+                return 0;
+        }
+        /* XXX handle asynchronously */
+        unset_nonblock(client_fd);
+        /* Read command */
+        buffer_init(&m);
+        if (ssh_msg_recv(client_fd, &m) == -1) {
+                error("%s: client msg_recv failed", __func__);
+                close(client_fd);
+                buffer_free(&m);
+                return 0;
+        }
+        if ((ver = buffer_get_char(&m)) != SSHMUX_VER) {
+                error("%s: wrong client version %d", __func__, ver);
+                buffer_free(&m);
+                close(client_fd);
+                return 0;
+        }
+        allowed = 1;
+        mux_command = buffer_get_int(&m);
+        flags = buffer_get_int(&m);
+        buffer_clear(&m);
+        switch (mux_command) {
+        case SSHMUX_COMMAND_OPEN:
+                if (options.control_master == SSHCTL_MASTER_ASK ||
+                    options.control_master == SSHCTL_MASTER_AUTO_ASK)
+                        allowed = ask_permission("Allow shared connection "
+                            "to %s? ", host);
+                /* continue below */
+                break;
+        case SSHMUX_COMMAND_TERMINATE:
+                if (options.control_master == SSHCTL_MASTER_ASK ||
+                    options.control_master == SSHCTL_MASTER_AUTO_ASK)
+                        allowed = ask_permission("Terminate shared connection "
+                            "to %s? ", host);
+                if (allowed)
+                        start_close = 1;
+                /* FALLTHROUGH */
+        case SSHMUX_COMMAND_ALIVE_CHECK:
+                /* Reply for SSHMUX_COMMAND_TERMINATE and ALIVE_CHECK */
+                buffer_clear(&m);
+                buffer_put_int(&m, allowed);
+                buffer_put_int(&m, getpid());
+                if (ssh_msg_send(client_fd, SSHMUX_VER, &m) == -1) {
+                        error("%s: client msg_send failed", __func__);
+                        close(client_fd);
+                        buffer_free(&m);
+                        return start_close;
+                }
+                buffer_free(&m);
+                close(client_fd);
+                return start_close;
+        default:
+                error("Unsupported command %d", mux_command);
+                buffer_free(&m);
+                close(client_fd);
+                return 0;
+        }
+        /* Reply for SSHMUX_COMMAND_OPEN */
+        buffer_clear(&m);
+        buffer_put_int(&m, allowed);
+        buffer_put_int(&m, getpid());
+        if (ssh_msg_send(client_fd, SSHMUX_VER, &m) == -1) {
+                error("%s: client msg_send failed", __func__);
+                close(client_fd);
+                buffer_free(&m);
+                return 0;
+        }
+        if (!allowed) {
+                error("Refused control connection");
+                close(client_fd);
+                buffer_free(&m);
+                return 0;
+        }
+        buffer_clear(&m);
+        if (ssh_msg_recv(client_fd, &m) == -1) {
+                error("%s: client msg_recv failed", __func__);
+                close(client_fd);
+                buffer_free(&m);
+                return 0;
+        }
+        if ((ver = buffer_get_char(&m)) != SSHMUX_VER) {
+                error("%s: wrong client version %d", __func__, ver);
+                buffer_free(&m);
+                close(client_fd);
+                return 0;
+        }
+        cctx = xcalloc(1, sizeof(*cctx));
+        cctx->want_tty = (flags & SSHMUX_FLAG_TTY) != 0;
+        cctx->want_subsys = (flags & SSHMUX_FLAG_SUBSYS) != 0;
+        cctx->want_x_fwd = (flags & SSHMUX_FLAG_X11_FWD) != 0;
+        cctx->want_agent_fwd = (flags & SSHMUX_FLAG_AGENT_FWD) != 0;
+        cctx->term = buffer_get_string(&m, &len);
+        cmd = buffer_get_string(&m, &len);
+        buffer_init(&cctx->cmd);
+        buffer_append(&cctx->cmd, cmd, strlen(cmd));
+        env_len = buffer_get_int(&m);
+        env_len = MIN(env_len, 4096);
+        debug3("%s: receiving %d env vars", __func__, env_len);
+        if (env_len != 0) {
+                cctx->env = xcalloc(env_len + 1, sizeof(*cctx->env));
+                for (i = 0; i < env_len; i++)
+                        cctx->env[i] = buffer_get_string(&m, &len);
+                cctx->env[i] = NULL;
+        }
+        debug2("%s: accepted tty %d, subsys %d, cmd %s", __func__,
+            cctx->want_tty, cctx->want_subsys, cmd);
+        xfree(cmd);
+        /* Gather fds from client */
+        for(i = 0; i < 3; i++) {
+                if ((new_fd[i] = mm_receive_fd(client_fd)) == -1) {
+                        error("%s: failed to receive fd %d from slave",
+                            __func__, i);
+                        for (j = 0; j < i; j++)
+                                close(new_fd[j]);
+                        for (j = 0; j < env_len; j++)
+                                xfree(cctx->env[j]);
+                        if (env_len > 0)
+                                xfree(cctx->env);
+                        xfree(cctx->term);
+                        buffer_free(&cctx->cmd);
+                        close(client_fd);
+                        xfree(cctx);
+                        return 0;
+                }
+        }
+        debug2("%s: got fds stdin %d, stdout %d, stderr %d", __func__,
+            new_fd[0], new_fd[1], new_fd[2]);
+        /* Try to pick up ttymodes from client before it goes raw */
+        if (cctx->want_tty && tcgetattr(new_fd[0], &cctx->tio) == -1)
+                error("%s: tcgetattr: %s", __func__, strerror(errno));
+        /* This roundtrip is just for synchronisation of ttymodes */
+        buffer_clear(&m);
+        if (ssh_msg_send(client_fd, SSHMUX_VER, &m) == -1) {
+                error("%s: client msg_send failed", __func__);
+                close(client_fd);
+                close(new_fd[0]);
+                close(new_fd[1]);
+                close(new_fd[2]);
+                buffer_free(&m);
+                xfree(cctx->term);
+                if (env_len != 0) {
+                        for (i = 0; i < env_len; i++)
+                                xfree(cctx->env[i]);
+                        xfree(cctx->env);
+                }
+                return 0;
+        }
+        buffer_free(&m);
+        /* enable nonblocking unless tty */
+        if (!isatty(new_fd[0]))
+                set_nonblock(new_fd[0]);
+        if (!isatty(new_fd[1]))
+                set_nonblock(new_fd[1]);
+        if (!isatty(new_fd[2]))
+                set_nonblock(new_fd[2]);
+        set_nonblock(client_fd);
+        window = CHAN_SES_WINDOW_DEFAULT;
+        packetmax = CHAN_SES_PACKET_DEFAULT;
+        if (cctx->want_tty) {
+                window >>= 1;
+                packetmax >>= 1;
+        }
+        
+        c = channel_new("session", SSH_CHANNEL_OPENING,
+            new_fd[0], new_fd[1], new_fd[2], window, packetmax,
+            CHAN_EXTENDED_WRITE, "client-session", /*nonblock*/0);
+        /* XXX */
+        c->ctl_fd = client_fd;
+        debug3("%s: channel_new: %d", __func__, c->self);
+        channel_send_open(c->self);
+        channel_register_open_confirm(c->self,
+            client_extra_session2_setup, cctx);
+        return 0;
+}
+/* ** Multiplexing client support */
+/* Exit signal handler */
+static void
+control_client_sighandler(int signo)
+{
+        muxclient_terminate = signo;
+}
+/*
+ * Relay signal handler - used to pass some signals from mux client to
+ * mux master.
+ */
+static void
+control_client_sigrelay(int signo)
+{
+        int save_errno = errno;
+        if (muxserver_pid > 1)
+                kill(muxserver_pid, signo);
+        errno = save_errno;
+}
+/* Check mux client environment variables before passing them to mux master. */
+static int
+env_permitted(char *env)
+{
+        int i, ret;
+        char name[1024], *cp;
+        if ((cp = strchr(env, '=')) == NULL || cp == env)
+                return (0);
+        ret = snprintf(name, sizeof(name), "%.*s", (int)(cp - env), env);
+        if (ret <= 0 || (size_t)ret >= sizeof(name))
+                fatal("env_permitted: name '%.100s...' too long", env);
+        for (i = 0; i < options.num_send_env; i++)
+                if (match_pattern(name, options.send_env[i]))
+                        return (1);
+        return (0);
+}
+/* Multiplex client main loop. */
+void
+muxclient(const char *path)
+{
+        struct sockaddr_un addr;
+        int i, r, fd, sock, exitval[2], num_env, addr_len;
+        Buffer m;
+        char *term;
+        extern char **environ;
+        u_int  flags;
+        if (muxclient_command == 0)
+                muxclient_command = SSHMUX_COMMAND_OPEN;
+        switch (options.control_master) {
+        case SSHCTL_MASTER_AUTO:
+        case SSHCTL_MASTER_AUTO_ASK:
+                debug("auto-mux: Trying existing master");
+                /* FALLTHROUGH */
+        case SSHCTL_MASTER_NO:
+                break;
+        default:
+                return;
+        }
+        memset(&addr, '\0', sizeof(addr));
+        addr.sun_family = AF_UNIX;
+        addr_len = offsetof(struct sockaddr_un, sun_path) +
+            strlen(path) + 1;
+        if (strlcpy(addr.sun_path, path,
+            sizeof(addr.sun_path)) >= sizeof(addr.sun_path))
+                fatal("ControlPath too long");
+        if ((sock = socket(PF_UNIX, SOCK_STREAM, 0)) < 0)
+                fatal("%s socket(): %s", __func__, strerror(errno));
+        if (connect(sock, (struct sockaddr *)&addr, addr_len) == -1) {
+                if (muxclient_command != SSHMUX_COMMAND_OPEN) {
+                        fatal("Control socket connect(%.100s): %s", path,
+                            strerror(errno));
+                }
+                if (errno == ENOENT)
+                        debug("Control socket \"%.100s\" does not exist", path);
+                else {
+                        error("Control socket connect(%.100s): %s", path,
+                            strerror(errno));
+                }
+                close(sock);
+                return;
+        }
+        if (stdin_null_flag) {
+                if ((fd = open(_PATH_DEVNULL, O_RDONLY)) == -1)
+                        fatal("open(/dev/null): %s", strerror(errno));
+                if (dup2(fd, STDIN_FILENO) == -1)
+                        fatal("dup2: %s", strerror(errno));
+                if (fd > STDERR_FILENO)
+                        close(fd);
+        }
+        term = getenv("TERM");
+        flags = 0;
+        if (tty_flag)
+                flags |= SSHMUX_FLAG_TTY;
+        if (subsystem_flag)
+                flags |= SSHMUX_FLAG_SUBSYS;
+        if (options.forward_x11)
+                flags |= SSHMUX_FLAG_X11_FWD;
+        if (options.forward_agent)
+                flags |= SSHMUX_FLAG_AGENT_FWD;
+        signal(SIGPIPE, SIG_IGN);
+        buffer_init(&m);
+        /* Send our command to server */
+        buffer_put_int(&m, muxclient_command);
+        buffer_put_int(&m, flags);
+        if (ssh_msg_send(sock, SSHMUX_VER, &m) == -1)
+                fatal("%s: msg_send", __func__);
+        buffer_clear(&m);
+        /* Get authorisation status and PID of controlee */
+        if (ssh_msg_recv(sock, &m) == -1)
+                fatal("%s: msg_recv", __func__);
+        if (buffer_get_char(&m) != SSHMUX_VER)
+                fatal("%s: wrong version", __func__);
+        if (buffer_get_int(&m) != 1)
+                fatal("Connection to master denied");
+        muxserver_pid = buffer_get_int(&m);
+        buffer_clear(&m);
+        switch (muxclient_command) {
+        case SSHMUX_COMMAND_ALIVE_CHECK:
+                fprintf(stderr, "Master running (pid=%d)\r\n",
+                    muxserver_pid);
+                exit(0);
+        case SSHMUX_COMMAND_TERMINATE:
+                fprintf(stderr, "Exit request sent.\r\n");
+                exit(0);
+        case SSHMUX_COMMAND_OPEN:
+                /* continue below */
+                break;
+        default:
+                fatal("silly muxclient_command %d", muxclient_command);
+        }
+        /* SSHMUX_COMMAND_OPEN */
+        buffer_put_cstring(&m, term ? term : "");
+        buffer_append(&command, "\0", 1);
+        buffer_put_cstring(&m, buffer_ptr(&command));
+        if (options.num_send_env == 0 || environ == NULL) {
+                buffer_put_int(&m, 0);
+        } else {
+                /* Pass environment */
+                num_env = 0;
+                for (i = 0; environ[i] != NULL; i++)
+                        if (env_permitted(environ[i]))
+                                num_env++; /* Count */
+                buffer_put_int(&m, num_env);
+                for (i = 0; environ[i] != NULL && num_env >= 0; i++)
+                        if (env_permitted(environ[i])) {
+                                num_env--;
+                                buffer_put_cstring(&m, environ[i]);
+                        }
+        }
+        if (ssh_msg_send(sock, SSHMUX_VER, &m) == -1)
+                fatal("%s: msg_send", __func__);
+        if (mm_send_fd(sock, STDIN_FILENO) == -1 ||
+            mm_send_fd(sock, STDOUT_FILENO) == -1 ||
+            mm_send_fd(sock, STDERR_FILENO) == -1)
+                fatal("%s: send fds failed", __func__);
+        /* Wait for reply, so master has a chance to gather ttymodes */
+        buffer_clear(&m);
+        if (ssh_msg_recv(sock, &m) == -1)
+                fatal("%s: msg_recv", __func__);
+        if (buffer_get_char(&m) != SSHMUX_VER)
+                fatal("%s: wrong version", __func__);
+        buffer_free(&m);
+        signal(SIGHUP, control_client_sighandler);
+        signal(SIGINT, control_client_sighandler);
+        signal(SIGTERM, control_client_sighandler);
+        signal(SIGWINCH, control_client_sigrelay);
+        if (tty_flag)
+                enter_raw_mode();
+        /*
+         * Stick around until the controlee closes the client_fd.
+         * Before it does, it is expected to write this process' exit
+         * value (one int). This process must read the value and wait for
+         * the closure of the client_fd; if this one closes early, the 
+         * multiplex master will terminate early too (possibly losing data).
+         */
+        exitval[0] = 0;
+        for (i = 0; !muxclient_terminate && i < (int)sizeof(exitval);) {
+                r = read(sock, (char *)exitval + i, sizeof(exitval) - i);
+                if (r == 0) {
+                        debug2("Received EOF from master");
+                        break;
+                }
+                if (r == -1) {
+                        if (errno == EINTR)
+                                continue;
+                        fatal("%s: read %s", __func__, strerror(errno));
+                }
+                i += r;
+        }
+        close(sock);
+        leave_raw_mode();
+        if (i > (int)sizeof(int))
+                fatal("%s: master returned too much data (%d > %lu)",
+                    __func__, i, sizeof(int));
+        if (muxclient_terminate) {
+                debug2("Exiting on signal %d", muxclient_terminate);
+                exitval[0] = 255;
+        } else if (i < (int)sizeof(int)) {
+                debug2("Control master terminated unexpectedly");
+                exitval[0] = 255;
+        } else
+                debug2("Received exit status from master %d", exitval[0]);
+        if (tty_flag && options.log_level != SYSLOG_LEVEL_QUIET)
+                fprintf(stderr, "Shared connection to %s closed.\r\n", host);
+        exit(exitval[0]);
+}
diff --git a/ssh.c b/ssh.c
index cfefadef9..c944d0ad6 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.311 2008/05/08 13:06:11 djm Exp $ */
+/* $OpenBSD: ssh.c,v 1.312 2008/05/09 14:18:44 djm Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -49,7 +49,6 @@
 #include <sys/resource.h>
 #include <sys/ioctl.h>
 #include <sys/socket.h>
-#include <sys/un.h>
 #include <ctype.h>
 #include <errno.h>
@@ -99,7 +98,6 @@
 #include "sshpty.h"
 #include "match.h"
 #include "msg.h"
-#include "monitor_fdpass.h"
 #include "uidswap.h"
 #include "version.h"
@@ -171,15 +169,9 @@ static int client_global_request_id = 0;
 /* pid of proxycommand child process */
 pid_t proxy_command_pid = 0;
-/* fd to control socket */
+/* mux.c */
-int control_fd = -1;
+extern int muxserver_sock;
+extern u_int muxclient_command;
-/* Multiplexing control command */
-static u_int mux_command = 0;
-/* Only used in control client mode */
-volatile sig_atomic_t control_client_terminate = 0;
-u_int control_server_pid = 0;
 /* Prints a help message to the user.  This function never returns. */
@@ -200,7 +192,10 @@ usage(void)
 static int ssh_session(void);
 static int ssh_session2(void);
 static void load_public_identity_files(void);
-static void control_client(const char *path);
+/* from muxclient.c */
+void muxclient(const char *);
+void muxserver_listen(void);
 /*
 * Main program for the ssh client.
@@ -310,9 +305,9 @@ main(int ac, char **av)
                        break;
                case 'O':
                        if (strcmp(optarg, "check") == 0)
-                                mux_command = SSHMUX_COMMAND_ALIVE_CHECK;
+                                muxclient_command = SSHMUX_COMMAND_ALIVE_CHECK;
                        else if (strcmp(optarg, "exit") == 0)
-                                mux_command = SSHMUX_COMMAND_TERMINATE;
+                                muxclient_command = SSHMUX_COMMAND_TERMINATE;
                        else
                                fatal("Invalid multiplex command.");
                        break;
@@ -683,10 +678,10 @@ main(int ac, char **av)
                    "r", options.user, "l", thishost, (char *)NULL);
                xfree(cp);
        }
-        if (mux_command != 0 && options.control_path == NULL)
+        if (muxclient_command != 0 && options.control_path == NULL)
                fatal("No ControlPath specified for \"-O\" command");
        if (options.control_path != NULL)
-                control_client(options.control_path);
+                muxclient(options.control_path);
        timeout_ms = options.connection_timeout * 1000;
@@ -809,7 +804,7 @@ main(int ac, char **av)
        exit_status = compat20 ? ssh_session2() : ssh_session();
        packet_close();
-        if (options.control_path != NULL && control_fd != -1)
+        if (options.control_path != NULL && muxserver_sock != -1)
                unlink(options.control_path);
        /*
@@ -1064,48 +1059,6 @@ client_global_request_reply_fwd(int type, u_int32_t seq, void *ctxt)
        }
 }
-static void
-ssh_control_listener(void)
-{
-        struct sockaddr_un addr;
-        mode_t old_umask;
-        int addr_len;
-        if (options.control_path == NULL ||
-            options.control_master == SSHCTL_MASTER_NO)
-                return;
-        debug("setting up multiplex master socket");
-        memset(&addr, '\0', sizeof(addr));
-        addr.sun_family = AF_UNIX;
-        addr_len = offsetof(struct sockaddr_un, sun_path) +
-            strlen(options.control_path) + 1;
-        if (strlcpy(addr.sun_path, options.control_path,
-            sizeof(addr.sun_path)) >= sizeof(addr.sun_path))
-                fatal("ControlPath too long");
-        if ((control_fd = socket(PF_UNIX, SOCK_STREAM, 0)) < 0)
-                fatal("%s socket(): %s", __func__, strerror(errno));
-        old_umask = umask(0177);
-        if (bind(control_fd, (struct sockaddr *)&addr, addr_len) == -1) {
-                control_fd = -1;
-                if (errno == EINVAL || errno == EADDRINUSE)
-                        fatal("ControlSocket %s already exists",
-                            options.control_path);
-                else
-                        fatal("%s bind(): %s", __func__, strerror(errno));
-        }
-        umask(old_umask);
-        if (listen(control_fd, 64) == -1)
-                fatal("%s listen(): %s", __func__, strerror(errno));
-        set_nonblock(control_fd);
-}
 /* request pty/x11/agent/tcpfwd/shell for channel */
 static void
 ssh_session2_setup(int id, void *arg)
@@ -1204,7 +1157,7 @@ ssh_session2(void)
                ssh_local_cmd(options.local_command);
        /* Start listening for multiplex clients */
-        ssh_control_listener();
+        muxserver_listen();
        /* If requested, let ssh continue in the background. */
        if (fork_after_authentication_flag)
@@ -1272,237 +1225,3 @@ load_public_identity_files(void)
        bzero(pwdir, strlen(pwdir));
        xfree(pwdir);
 }
-static void
-control_client_sighandler(int signo)
-{
-        control_client_terminate = signo;
-}
-static void
-control_client_sigrelay(int signo)
-{
-        int save_errno = errno;
-        if (control_server_pid > 1)
-                kill(control_server_pid, signo);
-        errno = save_errno;
-}
-static int
-env_permitted(char *env)
-{
-        int i, ret;
-        char name[1024], *cp;
-        if ((cp = strchr(env, '=')) == NULL || cp == env)
-                return (0);
-        ret = snprintf(name, sizeof(name), "%.*s", (int)(cp - env), env);
-        if (ret <= 0 || (size_t)ret >= sizeof(name))
-                fatal("env_permitted: name '%.100s...' too long", env);
-        for (i = 0; i < options.num_send_env; i++)
-                if (match_pattern(name, options.send_env[i]))
-                        return (1);
-        return (0);
-}
-static void
-control_client(const char *path)
-{
-        struct sockaddr_un addr;
-        int i, r, fd, sock, exitval[2], num_env, addr_len;
-        Buffer m;
-        char *term;
-        extern char **environ;
-        u_int  flags;
-        if (mux_command == 0)
-                mux_command = SSHMUX_COMMAND_OPEN;
-        switch (options.control_master) {
-        case SSHCTL_MASTER_AUTO:
-        case SSHCTL_MASTER_AUTO_ASK:
-                debug("auto-mux: Trying existing master");
-                /* FALLTHROUGH */
-        case SSHCTL_MASTER_NO:
-                break;
-        default:
-                return;
-        }
-        memset(&addr, '\0', sizeof(addr));
-        addr.sun_family = AF_UNIX;
-        addr_len = offsetof(struct sockaddr_un, sun_path) +
-            strlen(path) + 1;
-        if (strlcpy(addr.sun_path, path,
-            sizeof(addr.sun_path)) >= sizeof(addr.sun_path))
-                fatal("ControlPath too long");
-        if ((sock = socket(PF_UNIX, SOCK_STREAM, 0)) < 0)
-                fatal("%s socket(): %s", __func__, strerror(errno));
-        if (connect(sock, (struct sockaddr *)&addr, addr_len) == -1) {
-                if (mux_command != SSHMUX_COMMAND_OPEN) {
-                        fatal("Control socket connect(%.100s): %s", path,
-                            strerror(errno));
-                }
-                if (errno == ENOENT)
-                        debug("Control socket \"%.100s\" does not exist", path);
-                else {
-                        error("Control socket connect(%.100s): %s", path,
-                            strerror(errno));
-                }
-                close(sock);
-                return;
-        }
-        if (stdin_null_flag) {
-                if ((fd = open(_PATH_DEVNULL, O_RDONLY)) == -1)
-                        fatal("open(/dev/null): %s", strerror(errno));
-                if (dup2(fd, STDIN_FILENO) == -1)
-                        fatal("dup2: %s", strerror(errno));
-                if (fd > STDERR_FILENO)
-                        close(fd);
-        }
-        term = getenv("TERM");
-        flags = 0;
-        if (tty_flag)
-                flags |= SSHMUX_FLAG_TTY;
-        if (subsystem_flag)
-                flags |= SSHMUX_FLAG_SUBSYS;
-        if (options.forward_x11)
-                flags |= SSHMUX_FLAG_X11_FWD;
-        if (options.forward_agent)
-                flags |= SSHMUX_FLAG_AGENT_FWD;
-        signal(SIGPIPE, SIG_IGN);
-        buffer_init(&m);
-        /* Send our command to server */
-        buffer_put_int(&m, mux_command);
-        buffer_put_int(&m, flags);
-        if (ssh_msg_send(sock, SSHMUX_VER, &m) == -1)
-                fatal("%s: msg_send", __func__);
-        buffer_clear(&m);
-        /* Get authorisation status and PID of controlee */
-        if (ssh_msg_recv(sock, &m) == -1)
-                fatal("%s: msg_recv", __func__);
-        if (buffer_get_char(&m) != SSHMUX_VER)
-                fatal("%s: wrong version", __func__);
-        if (buffer_get_int(&m) != 1)
-                fatal("Connection to master denied");
-        control_server_pid = buffer_get_int(&m);
-        buffer_clear(&m);
-        switch (mux_command) {
-        case SSHMUX_COMMAND_ALIVE_CHECK:
-                fprintf(stderr, "Master running (pid=%d)\r\n",
-                    control_server_pid);
-                exit(0);
-        case SSHMUX_COMMAND_TERMINATE:
-                fprintf(stderr, "Exit request sent.\r\n");
-                exit(0);
-        case SSHMUX_COMMAND_OPEN:
-                /* continue below */
-                break;
-        default:
-                fatal("silly mux_command %d", mux_command);
-        }
-        /* SSHMUX_COMMAND_OPEN */
-        buffer_put_cstring(&m, term ? term : "");
-        buffer_append(&command, "\0", 1);
-        buffer_put_cstring(&m, buffer_ptr(&command));
-        if (options.num_send_env == 0 || environ == NULL) {
-                buffer_put_int(&m, 0);
-        } else {
-                /* Pass environment */
-                num_env = 0;
-                for (i = 0; environ[i] != NULL; i++)
-                        if (env_permitted(environ[i]))
-                                num_env++; /* Count */
-                buffer_put_int(&m, num_env);
-                for (i = 0; environ[i] != NULL && num_env >= 0; i++)
-                        if (env_permitted(environ[i])) {
-                                num_env--;
-                                buffer_put_cstring(&m, environ[i]);
-                        }
-        }
-        if (ssh_msg_send(sock, SSHMUX_VER, &m) == -1)
-                fatal("%s: msg_send", __func__);
-        if (mm_send_fd(sock, STDIN_FILENO) == -1 ||
-            mm_send_fd(sock, STDOUT_FILENO) == -1 ||
-            mm_send_fd(sock, STDERR_FILENO) == -1)
-                fatal("%s: send fds failed", __func__);
-        /* Wait for reply, so master has a chance to gather ttymodes */
-        buffer_clear(&m);
-        if (ssh_msg_recv(sock, &m) == -1)
-                fatal("%s: msg_recv", __func__);
-        if (buffer_get_char(&m) != SSHMUX_VER)
-                fatal("%s: wrong version", __func__);
-        buffer_free(&m);
-        signal(SIGHUP, control_client_sighandler);
-        signal(SIGINT, control_client_sighandler);
-        signal(SIGTERM, control_client_sighandler);
-        signal(SIGWINCH, control_client_sigrelay);
-        if (tty_flag)
-                enter_raw_mode();
-        /*
-         * Stick around until the controlee closes the client_fd.
-         * Before it does, it is expected to write this process' exit
-         * value (one int). This process must read the value and wait for
-         * the closure of the client_fd; if this one closes early, the 
-         * multiplex master will terminate early too (possibly losing data).
-         */
-        exitval[0] = 0;
-        for (i = 0; !control_client_terminate && i < (int)sizeof(exitval);) {
-                r = read(sock, (char *)exitval + i, sizeof(exitval) - i);
-                if (r == 0) {
-                        debug2("Received EOF from master");
-                        break;
-                }
-                if (r == -1) {
-                        if (errno == EINTR)
-                                continue;
-                        fatal("%s: read %s", __func__, strerror(errno));
-                }
-                i += r;
-        }
-        close(sock);
-        leave_raw_mode();
-        if (i > (int)sizeof(int))
-                fatal("%s: master returned too much data (%d > %lu)",
-                    __func__, i, sizeof(int));
-        if (control_client_terminate) {
-                debug2("Exiting on signal %d", control_client_terminate);
-                exitval[0] = 255;
-        } else if (i < (int)sizeof(int)) {
-                debug2("Control master terminated unexpectedly");
-                exitval[0] = 255;
-        } else
-                debug2("Received exit status from master %d", exitval[0]);
-        if (tty_flag && options.log_level != SYSLOG_LEVEL_QUIET)
-                fprintf(stderr, "Shared connection to %s closed.\r\n", host);
-        exit(exitval[0]);
-}