upstream: make ssh -f (fork after authentication) work properly in

multiplexed cases (inc. ControlPersist). bz3589 bz3589 Based on patches by
Peter Chubb; ok dtucker@

OpenBSD-Commit-ID: a7a2976a54b93e6767dc846b85647e6ec26969ac

diff --git a/mux.c b/mux.c
index 416fef8eb3fb5563dc0da01acf6ea25fb76bd91d..66d9698300e4dc97353ddf5ae52a8bafd5f4eb85 100644 (file)
--- a/mux.c
+++ b/mux.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: mux.c,v 1.97 2023/06/20 23:59:33 djm Exp $ */
+/* $OpenBSD: mux.c,v 1.98 2023/07/26 23:06:00 djm Exp $ */
 /*
  * Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org>
  *
@@ -1881,7 +1881,7 @@ mux_client_request_session(int fd)
        const char *term = NULL;
        u_int i, echar, rid, sid, esid, exitval, type, exitval_seen;
        extern char **environ;
-       int r, rawmode;
+       int r, rawmode = 0;
 
        debug3_f("entering");
 
@@ -1991,9 +1991,15 @@ mux_client_request_session(int fd)
        ssh_signal(SIGTERM, control_client_sighandler);
        ssh_signal(SIGWINCH, control_client_sigrelay);
 
-       rawmode = tty_flag;
-       if (tty_flag)
-               enter_raw_mode(options.request_tty == REQUEST_TTY_FORCE);
+       if (options.fork_after_authentication)
+               daemon(1, 1);
+       else {
+               rawmode = tty_flag;
+               if (tty_flag) {
+                       enter_raw_mode(
+                           options.request_tty == REQUEST_TTY_FORCE);
+               }
+       }
 
        /*
         * Stick around until the controlee closes the client_fd.

diff --git a/ssh.c b/ssh.c
index c8fcfb2b9fd6262e59f2f458bcbdb2c27510d480..caf3c692c7ddc44f49ab9ffa7ece6194a8f4b4fd 100644 (file)
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.592 2023/07/17 05:41:53 jmc Exp $ */
+/* $OpenBSD: ssh.c,v 1.593 2023/07/26 23:06:00 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -130,10 +130,11 @@ int tty_flag = 0;
  * Flag indicating that the current process should be backgrounded and
  * a new mux-client launched in the foreground for ControlPersist.
  */
-int need_controlpersist_detach = 0;
+static int need_controlpersist_detach = 0;
 
 /* Copies of flags for ControlPersist foreground mux-client */
-int ostdin_null_flag, osession_type, otty_flag, orequest_tty;
+static int ostdin_null_flag, osession_type, otty_flag, orequest_tty;
+static int ofork_after_authentication;
 
 /*
  * General data structure for command line options and options configurable
@@ -1757,11 +1758,15 @@ control_persist_detach(void)
                /* Child: master process continues mainloop */
                break;
        default:
-               /* Parent: set up mux client to connect to backgrounded master */
+               /*
+                * Parent: set up mux client to connect to backgrounded
+                * master.
+                */
                debug2_f("background process is %ld", (long)pid);
                options.stdin_null = ostdin_null_flag;
                options.request_tty = orequest_tty;
                tty_flag = otty_flag;
+               options.fork_after_authentication = ofork_after_authentication;
                options.session_type = osession_type;
                close(muxserver_sock);
                muxserver_sock = -1;
@@ -2173,11 +2178,11 @@ ssh_session2(struct ssh *ssh, const struct ssh_conn_info *cinfo)
                osession_type = options.session_type;
                orequest_tty = options.request_tty;
                otty_flag = tty_flag;
+               ofork_after_authentication = options.fork_after_authentication;
                options.stdin_null = 1;
                options.session_type = SESSION_TYPE_NONE;
                tty_flag = 0;
-               if (!options.fork_after_authentication &&
-                   (osession_type != SESSION_TYPE_NONE ||
+               if ((osession_type != SESSION_TYPE_NONE ||
                    options.stdio_forward_host != NULL))
                        need_controlpersist_detach = 1;
                options.fork_after_authentication = 1;