7 files changed, 116 insertions, 32 deletions
diff --git a/ChangeLog b/ChangeLog
index a68559b66..e3f68e504 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -118,6 +118,10 @@
   - jmc@cvs.openbsd.org 2008/06/12 19:10:09
     [ssh_config.5 ssh-keygen.1]
     tweak the ascii art text; ok grunk
+   - dtucker@cvs.openbsd.org 2008/06/12 20:38:28
+     [sshd.c sshconnect.c packet.h misc.c misc.h packet.c]
+     Make keepalive timeouts apply while waiting for a packet, particularly
+     during key renegotiation (bz #1363).  With djm and Matt Day, ok djm@
  - (dtucker) [clientloop.c serverloop.c]  channel_register_filter now
    takes 2 more args.  with djm@
@@ -4282,4 +4286,4 @@
   OpenServer 6 and add osr5bigcrypt support so when someone migrates
   passwords between UnixWare and OpenServer they will still work. OK dtucker@
-$Id: ChangeLog,v 1.4987 2008/06/12 19:18:03 dtucker Exp $
+$Id: ChangeLog,v 1.4988 2008/06/12 20:42:45 dtucker Exp $
diff --git a/misc.c b/misc.c
index b4fe489af..01986e8c1 100644
--- a/misc.c
+++ b/misc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: misc.c,v 1.67 2008/01/01 08:47:04 dtucker Exp $ */
+/* $OpenBSD: misc.c,v 1.68 2008/06/12 20:38:28 dtucker Exp $ */
 /*
 * Copyright (c) 2000 Markus Friedl.  All rights reserved.
 * Copyright (c) 2005,2006 Damien Miller.  All rights reserved.
@@ -832,3 +832,23 @@ put_u16(void *vp, u_int16_t v)
        p[0] = (u_char)(v >> 8) & 0xff;
        p[1] = (u_char)v & 0xff;
 }
+void
+ms_subtract_diff(struct timeval *start, int *ms)
+{
+        struct timeval diff, finish;
+        gettimeofday(&finish, NULL);
+        timersub(&finish, start, &diff);        
+        *ms -= (diff.tv_sec * 1000) + (diff.tv_usec / 1000);
+}
+void
+ms_to_timeval(struct timeval *tv, int ms)
+{
+        if (ms < 0)
+                ms = 0;
+        tv->tv_sec = ms / 1000;
+        tv->tv_usec = (ms % 1000) * 1000;
+}
diff --git a/misc.h b/misc.h
index be05e806b..5da170d2f 100644
--- a/misc.h
+++ b/misc.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: misc.h,v 1.37 2007/12/27 14:22:08 dtucker Exp $ */
+/* $OpenBSD: misc.h,v 1.38 2008/06/12 20:38:28 dtucker Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -33,6 +33,8 @@ char	*tilde_expand_filename(const char *, uid_t);
 char    *percent_expand(const char *, ...) __attribute__((__sentinel__));
 char    *tohex(const void *, size_t);
 void     sanitise_stdfd(void);
+void     ms_subtract_diff(struct timeval *, int *);
+void     ms_to_timeval(struct timeval *, int);
 struct passwd *pwcopy(struct passwd *);
 const char *ssh_gai_strerror(int);
diff --git a/packet.c b/packet.c
index c0e91b2d6..9fd43ec68 100644
--- a/packet.c
+++ b/packet.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.c,v 1.153 2008/05/19 06:14:02 djm Exp $ */
+/* $OpenBSD: packet.c,v 1.154 2008/06/12 20:38:28 dtucker Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -138,6 +138,9 @@ static int after_authentication = 0;
 int keep_alive_timeouts = 0;
+/* Set to the maximum time that we will wait to send or receive a packet */
+static int packet_timeout_ms = -1;
 /* Session key information for Encryption and MAC */
 Newkeys *newkeys[MODE_MAX];
 static struct packet_state {
@@ -191,6 +194,19 @@ packet_set_connection(int fd_in, int fd_out)
        }
 }
+void
+packet_set_timeout(int timeout, int count)
+{
+        if (timeout == 0 || count == 0) {
+                packet_timeout_ms = -1;
+                return;
+        }
+        if ((INT_MAX / 1000) / count < timeout)
+                packet_timeout_ms = INT_MAX;
+        else
+                packet_timeout_ms = timeout * count * 1000;
+}
 /* Returns 1 if remote host is connected via socket, 0 if not. */
 int
@@ -891,10 +907,11 @@ packet_send(void)
 int
 packet_read_seqnr(u_int32_t *seqnr_p)
 {
-        int type, len;
+        int type, len, ret, ms_remain;
        fd_set *setp;
        char buf[8192];
        DBG(debug("packet_read()"));
+        struct timeval timeout, start, *timeoutp = NULL;
        setp = (fd_set *)xcalloc(howmany(connection_in+1, NFDBITS),
            sizeof(fd_mask));
@@ -925,11 +942,34 @@ packet_read_seqnr(u_int32_t *seqnr_p)
                    sizeof(fd_mask));
                FD_SET(connection_in, setp);
+                if (packet_timeout_ms > 0) {
+                        ms_remain = packet_timeout_ms;
+                        timeoutp = &timeout;
+                }
                /* Wait for some data to arrive. */
-                while (select(connection_in + 1, setp, NULL, NULL, NULL) == -1 &&
+                for (;;) {
-                    (errno == EAGAIN || errno == EINTR))
+                        if (packet_timeout_ms != -1) {
-                        ;
+                                ms_to_timeval(&timeout, ms_remain);
+                                gettimeofday(&start, NULL);
+                        }
+                        if ((ret = select(connection_in + 1, setp, NULL,
+                            NULL, timeoutp)) >= 0)
+                                break;
+                        if (errno != EAGAIN && errno != EINTR)
+                                break;
+                        if (packet_timeout_ms == -1)
+                                continue;
+                        ms_subtract_diff(&start, &ms_remain);
+                        if (ms_remain <= 0) {
+                                ret = 0;
+                                break;
+                        }
+                }
+                if (ret == 0) {
+                        logit("Connection to %.200s timed out while "
+                            "waiting to read", get_remote_ipaddr());
+                        cleanup_exit(255);
+                }
                /* Read data from the socket. */
                len = read(connection_in, buf, sizeof(buf));
                if (len == 0) {
@@ -1452,6 +1492,8 @@ void
 packet_write_wait(void)
 {
        fd_set *setp;
+        int ret, ms_remain;
+        struct timeval start, timeout, *timeoutp = NULL;
        setp = (fd_set *)xcalloc(howmany(connection_out + 1, NFDBITS),
            sizeof(fd_mask));
@@ -1460,9 +1502,34 @@ packet_write_wait(void)
                memset(setp, 0, howmany(connection_out + 1, NFDBITS) *
                    sizeof(fd_mask));
                FD_SET(connection_out, setp);
-                while (select(connection_out + 1, NULL, setp, NULL, NULL) == -1 &&
-                    (errno == EAGAIN || errno == EINTR))
+                if (packet_timeout_ms > 0) {
-                        ;
+                        ms_remain = packet_timeout_ms;
+                        timeoutp = &timeout;
+                }
+                for (;;) {
+                        if (packet_timeout_ms != -1) {
+                                ms_to_timeval(&timeout, ms_remain);
+                                gettimeofday(&start, NULL);
+                        }
+                        if ((ret = select(connection_out + 1, NULL, setp,
+                            NULL, timeoutp)) >= 0)
+                                break;
+                        if (errno != EAGAIN && errno != EINTR)
+                                break;
+                        if (packet_timeout_ms == -1)
+                                continue;
+                        ms_subtract_diff(&start, &ms_remain);
+                        if (ms_remain <= 0) {
+                                ret = 0;
+                                break;
+                        }
+                }
+                if (ret == 0) {
+                        logit("Connection to %.200s timed out while "
+                            "waiting to write", get_remote_ipaddr());
+                        cleanup_exit(255);
+                }
                packet_write_poll();
        }
        xfree(setp);
diff --git a/packet.h b/packet.h
index 927e0831c..fd4e1ac7a 100644
--- a/packet.h
+++ b/packet.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.h,v 1.47 2008/05/08 06:59:01 markus Exp $ */
+/* $OpenBSD: packet.h,v 1.48 2008/06/12 20:38:28 dtucker Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -21,6 +21,7 @@
 #include <openssl/bn.h>
 void     packet_set_connection(int, int);
+void     packet_set_timeout(int, int);
 void     packet_set_nonblocking(void);
 int      packet_get_connection_in(void);
 int      packet_get_connection_out(void);
diff --git a/sshconnect.c b/sshconnect.c
index 7602da340..c99874285 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect.c,v 1.206 2008/06/12 00:13:55 grunk Exp $ */
+/* $OpenBSD: sshconnect.c,v 1.207 2008/06/12 20:38:28 dtucker Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -77,23 +77,6 @@ extern pid_t proxy_command_pid;
 static int show_other_keys(const char *, Key *);
 static void warn_changed_key(Key *);
-static void
-ms_subtract_diff(struct timeval *start, int *ms)
-{
-        struct timeval diff, finish;
-        gettimeofday(&finish, NULL);
-        timersub(&finish, start, &diff);        
-        *ms -= (diff.tv_sec * 1000) + (diff.tv_usec / 1000);
-}
-static void
-ms_to_timeval(struct timeval *tv, int ms)
-{
-        tv->tv_sec = ms / 1000;
-        tv->tv_usec = (ms % 1000) * 1000;
-}
 /*
 * Connect to the given ssh server using a proxy command.
 */
@@ -178,6 +161,8 @@ ssh_proxy_connect(const char *host, u_short port, const char *proxy_command)
        /* Set the connection file descriptors. */
        packet_set_connection(pout[0], pin[1]);
+        packet_set_timeout(options.server_alive_interval,
+            options.server_alive_count_max);
        /* Indicate OK return */
        return 0;
@@ -422,6 +407,8 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
        /* Set the connection. */
        packet_set_connection(sock, sock);
+        packet_set_timeout(options.server_alive_interval,
+            options.server_alive_count_max);
        return 0;
 }
diff --git a/sshd.c b/sshd.c
index 3e03a8e18..f9b87ea1c 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshd.c,v 1.359 2008/06/10 08:17:40 jmc Exp $ */
+/* $OpenBSD: sshd.c,v 1.360 2008/06/12 20:38:28 dtucker Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1903,6 +1903,9 @@ main(int ac, char **av)
                        destroy_sensitive_data();
        }
+        packet_set_timeout(options.client_alive_interval,
+            options.client_alive_count_max);
        /* Start session. */
        do_authenticated(authctxt);

diff --git a/ChangeLog b/ChangeLog index a68559b66..e3f68e504 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -118,6 +118,10 @@
118	- jmc@cvs.openbsd.org 2008/06/12 19:10:09	118	- jmc@cvs.openbsd.org 2008/06/12 19:10:09
119	[ssh_config.5 ssh-keygen.1]	119	[ssh_config.5 ssh-keygen.1]
120	tweak the ascii art text; ok grunk	120	tweak the ascii art text; ok grunk
		121	- dtucker@cvs.openbsd.org 2008/06/12 20:38:28
		122	[sshd.c sshconnect.c packet.h misc.c misc.h packet.c]
		123	Make keepalive timeouts apply while waiting for a packet, particularly
		124	during key renegotiation (bz #1363). With djm and Matt Day, ok djm@
121	- (dtucker) [clientloop.c serverloop.c] channel_register_filter now	125	- (dtucker) [clientloop.c serverloop.c] channel_register_filter now
122	takes 2 more args. with djm@	126	takes 2 more args. with djm@
123		127
@@ -4282,4 +4286,4 @@
4282	OpenServer 6 and add osr5bigcrypt support so when someone migrates	4286	OpenServer 6 and add osr5bigcrypt support so when someone migrates
4283	passwords between UnixWare and OpenServer they will still work. OK dtucker@	4287	passwords between UnixWare and OpenServer they will still work. OK dtucker@
4284		4288
4285	$Id: ChangeLog,v 1.4987 2008/06/12 19:18:03 dtucker Exp $	4289	$Id: ChangeLog,v 1.4988 2008/06/12 20:42:45 dtucker Exp $


diff --git a/misc.c b/misc.c index b4fe489af..01986e8c1 100644 --- a/misc.c +++ b/misc.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: misc.c,v 1.67 2008/01/01 08:47:04 dtucker Exp $ */	1	/* $OpenBSD: misc.c,v 1.68 2008/06/12 20:38:28 dtucker Exp $ */
2	/*	2	/*
3	* Copyright (c) 2000 Markus Friedl. All rights reserved.	3	* Copyright (c) 2000 Markus Friedl. All rights reserved.
4	* Copyright (c) 2005,2006 Damien Miller. All rights reserved.	4	* Copyright (c) 2005,2006 Damien Miller. All rights reserved.
@@ -832,3 +832,23 @@ put_u16(void *vp, u_int16_t v)
832	p[0] = (u_char)(v >> 8) & 0xff;	832	p[0] = (u_char)(v >> 8) & 0xff;
833	p[1] = (u_char)v & 0xff;	833	p[1] = (u_char)v & 0xff;
834	}	834	}
		835
		836	void
		837	ms_subtract_diff(struct timeval start, int ms)
		838	{
		839	struct timeval diff, finish;
		840
		841	gettimeofday(&finish, NULL);
		842	timersub(&finish, start, &diff);
		843	ms -= (diff.tv_sec 1000) + (diff.tv_usec / 1000);
		844	}
		845
		846	void
		847	ms_to_timeval(struct timeval *tv, int ms)
		848	{
		849	if (ms < 0)
		850	ms = 0;
		851	tv->tv_sec = ms / 1000;
		852	tv->tv_usec = (ms % 1000) * 1000;
		853	}
		854


diff --git a/misc.h b/misc.h index be05e806b..5da170d2f 100644 --- a/misc.h +++ b/misc.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: misc.h,v 1.37 2007/12/27 14:22:08 dtucker Exp $ */	1	/* $OpenBSD: misc.h,v 1.38 2008/06/12 20:38:28 dtucker Exp $ */
2		2
3	/*	3	/*
4	* Author: Tatu Ylonen <ylo@cs.hut.fi>	4	* Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -33,6 +33,8 @@ char tilde_expand_filename(const char , uid_t);
33	char percent_expand(const char , ...) __attribute__((__sentinel__));	33	char percent_expand(const char , ...) __attribute__((__sentinel__));
34	char tohex(const void , size_t);	34	char tohex(const void , size_t);
35	void sanitise_stdfd(void);	35	void sanitise_stdfd(void);
		36	void ms_subtract_diff(struct timeval , int );
		37	void ms_to_timeval(struct timeval *, int);
36		38
37	struct passwd pwcopy(struct passwd );	39	struct passwd pwcopy(struct passwd );
38	const char *ssh_gai_strerror(int);	40	const char *ssh_gai_strerror(int);


diff --git a/packet.c b/packet.c index c0e91b2d6..9fd43ec68 100644 --- a/packet.c +++ b/packet.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: packet.c,v 1.153 2008/05/19 06:14:02 djm Exp $ */	1	/* $OpenBSD: packet.c,v 1.154 2008/06/12 20:38:28 dtucker Exp $ */
2	/*	2	/*
3	* Author: Tatu Ylonen <ylo@cs.hut.fi>	3	* Author: Tatu Ylonen <ylo@cs.hut.fi>
4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -138,6 +138,9 @@ static int after_authentication = 0;
138		138
139	int keep_alive_timeouts = 0;	139	int keep_alive_timeouts = 0;
140		140
		141	/* Set to the maximum time that we will wait to send or receive a packet */
		142	static int packet_timeout_ms = -1;
		143
141	/* Session key information for Encryption and MAC */	144	/* Session key information for Encryption and MAC */
142	Newkeys *newkeys[MODE_MAX];	145	Newkeys *newkeys[MODE_MAX];
143	static struct packet_state {	146	static struct packet_state {
@@ -191,6 +194,19 @@ packet_set_connection(int fd_in, int fd_out)
191	}	194	}
192	}	195	}
193		196
		197	void
		198	packet_set_timeout(int timeout, int count)
		199	{
		200	if (timeout == 0 \|\| count == 0) {
		201	packet_timeout_ms = -1;
		202	return;
		203	}
		204	if ((INT_MAX / 1000) / count < timeout)
		205	packet_timeout_ms = INT_MAX;
		206	else
		207	packet_timeout_ms = timeout * count * 1000;
		208	}
		209
194	/* Returns 1 if remote host is connected via socket, 0 if not. */	210	/* Returns 1 if remote host is connected via socket, 0 if not. */
195		211
196	int	212	int
@@ -891,10 +907,11 @@ packet_send(void)
891	int	907	int
892	packet_read_seqnr(u_int32_t *seqnr_p)	908	packet_read_seqnr(u_int32_t *seqnr_p)
893	{	909	{
894	int type, len;	910	int type, len, ret, ms_remain;
895	fd_set *setp;	911	fd_set *setp;
896	char buf[8192];	912	char buf[8192];
897	DBG(debug("packet_read()"));	913	DBG(debug("packet_read()"));
		914	struct timeval timeout, start, *timeoutp = NULL;
898		915
899	setp = (fd_set *)xcalloc(howmany(connection_in+1, NFDBITS),	916	setp = (fd_set *)xcalloc(howmany(connection_in+1, NFDBITS),
900	sizeof(fd_mask));	917	sizeof(fd_mask));
@@ -925,11 +942,34 @@ packet_read_seqnr(u_int32_t *seqnr_p)
925	sizeof(fd_mask));	942	sizeof(fd_mask));
926	FD_SET(connection_in, setp);	943	FD_SET(connection_in, setp);
927		944
		945	if (packet_timeout_ms > 0) {
		946	ms_remain = packet_timeout_ms;
		947	timeoutp = &timeout;
		948	}
928	/* Wait for some data to arrive. */	949	/* Wait for some data to arrive. */
929	while (select(connection_in + 1, setp, NULL, NULL, NULL) == -1 &&	950	for (;;) {
930	(errno == EAGAIN \|\| errno == EINTR))	951	if (packet_timeout_ms != -1) {
931	;	952	ms_to_timeval(&timeout, ms_remain);
932		953	gettimeofday(&start, NULL);
		954	}
		955	if ((ret = select(connection_in + 1, setp, NULL,
		956	NULL, timeoutp)) >= 0)
		957	break;
		958	if (errno != EAGAIN && errno != EINTR)
		959	break;
		960	if (packet_timeout_ms == -1)
		961	continue;
		962	ms_subtract_diff(&start, &ms_remain);
		963	if (ms_remain <= 0) {
		964	ret = 0;
		965	break;
		966	}
		967	}
		968	if (ret == 0) {
		969	logit("Connection to %.200s timed out while "
		970	"waiting to read", get_remote_ipaddr());
		971	cleanup_exit(255);
		972	}
933	/* Read data from the socket. */	973	/* Read data from the socket. */
934	len = read(connection_in, buf, sizeof(buf));	974	len = read(connection_in, buf, sizeof(buf));
935	if (len == 0) {	975	if (len == 0) {
@@ -1452,6 +1492,8 @@ void
1452	packet_write_wait(void)	1492	packet_write_wait(void)
1453	{	1493	{
1454	fd_set *setp;	1494	fd_set *setp;
		1495	int ret, ms_remain;
		1496	struct timeval start, timeout, *timeoutp = NULL;
1455		1497
1456	setp = (fd_set *)xcalloc(howmany(connection_out + 1, NFDBITS),	1498	setp = (fd_set *)xcalloc(howmany(connection_out + 1, NFDBITS),
1457	sizeof(fd_mask));	1499	sizeof(fd_mask));
@@ -1460,9 +1502,34 @@ packet_write_wait(void)
1460	memset(setp, 0, howmany(connection_out + 1, NFDBITS) *	1502	memset(setp, 0, howmany(connection_out + 1, NFDBITS) *
1461	sizeof(fd_mask));	1503	sizeof(fd_mask));
1462	FD_SET(connection_out, setp);	1504	FD_SET(connection_out, setp);
1463	while (select(connection_out + 1, NULL, setp, NULL, NULL) == -1 &&	1505
1464	(errno == EAGAIN \|\| errno == EINTR))	1506	if (packet_timeout_ms > 0) {
1465	;	1507	ms_remain = packet_timeout_ms;
		1508	timeoutp = &timeout;
		1509	}
		1510	for (;;) {
		1511	if (packet_timeout_ms != -1) {
		1512	ms_to_timeval(&timeout, ms_remain);
		1513	gettimeofday(&start, NULL);
		1514	}
		1515	if ((ret = select(connection_out + 1, NULL, setp,
		1516	NULL, timeoutp)) >= 0)
		1517	break;
		1518	if (errno != EAGAIN && errno != EINTR)
		1519	break;
		1520	if (packet_timeout_ms == -1)
		1521	continue;
		1522	ms_subtract_diff(&start, &ms_remain);
		1523	if (ms_remain <= 0) {
		1524	ret = 0;
		1525	break;
		1526	}
		1527	}
		1528	if (ret == 0) {
		1529	logit("Connection to %.200s timed out while "
		1530	"waiting to write", get_remote_ipaddr());
		1531	cleanup_exit(255);
		1532	}
1466	packet_write_poll();	1533	packet_write_poll();
1467	}	1534	}
1468	xfree(setp);	1535	xfree(setp);


diff --git a/packet.h b/packet.h index 927e0831c..fd4e1ac7a 100644 --- a/packet.h +++ b/packet.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: packet.h,v 1.47 2008/05/08 06:59:01 markus Exp $ */	1	/* $OpenBSD: packet.h,v 1.48 2008/06/12 20:38:28 dtucker Exp $ */
2		2
3	/*	3	/*
4	* Author: Tatu Ylonen <ylo@cs.hut.fi>	4	* Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -21,6 +21,7 @@
21	#include <openssl/bn.h>	21	#include <openssl/bn.h>
22		22
23	void packet_set_connection(int, int);	23	void packet_set_connection(int, int);
		24	void packet_set_timeout(int, int);
24	void packet_set_nonblocking(void);	25	void packet_set_nonblocking(void);
25	int packet_get_connection_in(void);	26	int packet_get_connection_in(void);
26	int packet_get_connection_out(void);	27	int packet_get_connection_out(void);


diff --git a/sshconnect.c b/sshconnect.c index 7602da340..c99874285 100644 --- a/sshconnect.c +++ b/sshconnect.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: sshconnect.c,v 1.206 2008/06/12 00:13:55 grunk Exp $ */	1	/* $OpenBSD: sshconnect.c,v 1.207 2008/06/12 20:38:28 dtucker Exp $ */
2	/*	2	/*
3	* Author: Tatu Ylonen <ylo@cs.hut.fi>	3	* Author: Tatu Ylonen <ylo@cs.hut.fi>
4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -77,23 +77,6 @@ extern pid_t proxy_command_pid;
77	static int show_other_keys(const char , Key );	77	static int show_other_keys(const char , Key );
78	static void warn_changed_key(Key *);	78	static void warn_changed_key(Key *);
79		79
80	static void
81	ms_subtract_diff(struct timeval start, int ms)
82	{
83	struct timeval diff, finish;
84
85	gettimeofday(&finish, NULL);
86	timersub(&finish, start, &diff);
87	ms -= (diff.tv_sec 1000) + (diff.tv_usec / 1000);
88	}
89
90	static void
91	ms_to_timeval(struct timeval *tv, int ms)
92	{
93	tv->tv_sec = ms / 1000;
94	tv->tv_usec = (ms % 1000) * 1000;
95	}
96
97	/*	80	/*
98	* Connect to the given ssh server using a proxy command.	81	* Connect to the given ssh server using a proxy command.
99	*/	82	*/
@@ -178,6 +161,8 @@ ssh_proxy_connect(const char host, u_short port, const char proxy_command)
178		161
179	/* Set the connection file descriptors. */	162	/* Set the connection file descriptors. */
180	packet_set_connection(pout[0], pin[1]);	163	packet_set_connection(pout[0], pin[1]);
		164	packet_set_timeout(options.server_alive_interval,
		165	options.server_alive_count_max);
181		166
182	/* Indicate OK return */	167	/* Indicate OK return */
183	return 0;	168	return 0;
@@ -422,6 +407,8 @@ ssh_connect(const char host, struct sockaddr_storage hostaddr,
422		407
423	/* Set the connection. */	408	/* Set the connection. */
424	packet_set_connection(sock, sock);	409	packet_set_connection(sock, sock);
		410	packet_set_timeout(options.server_alive_interval,
		411	options.server_alive_count_max);
425		412
426	return 0;	413	return 0;
427	}	414	}


diff --git a/sshd.c b/sshd.c index 3e03a8e18..f9b87ea1c 100644 --- a/sshd.c +++ b/sshd.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: sshd.c,v 1.359 2008/06/10 08:17:40 jmc Exp $ */	1	/* $OpenBSD: sshd.c,v 1.360 2008/06/12 20:38:28 dtucker Exp $ */
2	/*	2	/*
3	* Author: Tatu Ylonen <ylo@cs.hut.fi>	3	* Author: Tatu Ylonen <ylo@cs.hut.fi>
4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1903,6 +1903,9 @@ main(int ac, char **av)
1903	destroy_sensitive_data();	1903	destroy_sensitive_data();
1904	}	1904	}
1905		1905
		1906	packet_set_timeout(options.client_alive_interval,
		1907	options.client_alive_count_max);
		1908
1906	/* Start session. */	1909	/* Start session. */
1907	do_authenticated(authctxt);	1910	do_authenticated(authctxt);
1908		1911