3 files changed, 30 insertions, 5 deletions

diff --git a/ChangeLog b/ChangeLog
index 64b36b57c..938a39181 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -24,6 +24,10 @@
      don't quit while creating X11 listening socket.
      http://mail-index.netbsd.org/current-users/2002/09/16/0005.html
      got from portable.  markus ok
+   - djm@cvs.openbsd.org 2002/09/19 01:58:18
+     [ssh.c sshconnect.c]
+     bugzilla.mindrot.org #223 - ProxyCommands don't exit.
+     Patch from dtucker@zip.com.au; ok markus@
 
 20020912
  - (djm) Made GNOME askpass programs return non-zero if cancel button is 
@@ -674,4 +678,4 @@
      save auth method before monitor_reset_key_state(); bugzilla bug #284;
      ok provos@
 
-$Id: ChangeLog,v 1.2470 2002/09/19 01:54:54 djm Exp $
+$Id: ChangeLog,v 1.2471 2002/09/19 02:05:02 djm Exp $
diff --git a/ssh.c b/ssh.c
index 7cef5e5ac..2c589de82 100644
--- a/ssh.c
+++ b/ssh.c
@@ -40,7 +40,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh.c,v 1.185 2002/09/11 18:27:26 stevesk Exp $");
+RCSID("$OpenBSD: ssh.c,v 1.186 2002/09/19 01:58:18 djm Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/err.h>
@@ -146,6 +146,9 @@ int subsystem_flag = 0;
 /* # of replies received for global requests */
 static int client_global_request_id = 0;
 
+/* pid of proxycommand child process */
+pid_t proxy_command_pid = 0;
+
 /* Prints a help message to the user.  This function never returns. */
 
 static void
@@ -722,6 +725,14 @@ again:
 
         exit_status = compat20 ? ssh_session2() : ssh_session();
         packet_close();
+
+        /*
+         * Send SIGHUP to proxy command if used. We don't wait() in 
+         * case it hangs and instead rely on init to reap the child
+         */
+        if (proxy_command_pid > 1)
+                kill(proxy_command_pid, SIGHUP);
+
         return exit_status;
 }
 
diff --git a/sshconnect.c b/sshconnect.c
index 0cb824852..776d72065 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -13,7 +13,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect.c,v 1.134 2002/09/13 19:23:09 stevesk Exp $");
+RCSID("$OpenBSD: sshconnect.c,v 1.135 2002/09/19 01:58:18 djm Exp $");
 
 #include <openssl/bn.h>
 
@@ -41,6 +41,7 @@ extern Options options;
 extern char *__progname;
 extern uid_t original_real_uid;
 extern uid_t original_effective_uid;
+extern pid_t proxy_command_pid;
 
 #ifndef INET6_ADDRSTRLEN                /* for non IPv6 machines */
 #define INET6_ADDRSTRLEN 46
@@ -64,9 +65,16 @@ ssh_proxy_connect(const char *host, u_short port, const char *proxy_command)
         /* Convert the port number into a string. */
         snprintf(strport, sizeof strport, "%hu", port);
 
-        /* Build the final command string in the buffer by making the
-           appropriate substitutions to the given proxy command. */
+        /*
+         * Build the final command string in the buffer by making the
+         * appropriate substitutions to the given proxy command.
+         *
+         * Use "exec" to avoid "sh -c" processes on some platforms 
+         * (e.g. Solaris)
+         */
         buffer_init(&command);
+        buffer_append(&command, "exec ", 5);
+
         for (cp = proxy_command; *cp; cp++) {
                 if (cp[0] == '%' && cp[1] == '%') {
                         buffer_append(&command, "%", 1);
@@ -134,6 +142,8 @@ ssh_proxy_connect(const char *host, u_short port, const char *proxy_command)
         /* Parent. */
         if (pid < 0)
                 fatal("fork failed: %.100s", strerror(errno));
+        else
+                proxy_command_pid = pid; /* save pid to clean up later */
 
         /* Close child side of the descriptors. */
         close(pin[0]);