upstream: Activate UnusedConnectionTimeout only after last channel

has closed. Previously UnusedConnectionTimeout could fire early after a
ChannelTimeout.

This was not a problem for the OpenSSH client because it terminates
once all channels have closed but could cause problems for other
clients (e.g. API clients) that do things differently.

bz3827; ok dtucker

OpenBSD-Commit-ID: ff2e4607cbd4e600de3c8a5ece3b0e4bb641ed8f

diff --git a/serverloop.c b/serverloop.c
index 5d3b194d128f643ec7ccfb69cf9e91e52b08477a..dba2fc3053e90a106f001fa2f21d6fc7c282004b 100644 (file)
--- a/serverloop.c
+++ b/serverloop.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: serverloop.c,v 1.244 2025/09/25 06:23:19 jsg Exp $ */
+/* $OpenBSD: serverloop.c,v 1.245 2025/10/30 03:19:54 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -178,12 +178,15 @@ wait_until_can_do_something(struct ssh *ssh,
         * start the clock to terminate the connection.
         */
        if (options.unused_connection_timeout != 0) {
-               if (channel_still_open(ssh) || unused_connection_expiry == 0) {
+               if (channel_still_open(ssh))
+                       unused_connection_expiry = 0;
+               else if (unused_connection_expiry == 0) {
                        unused_connection_expiry = now +
                            options.unused_connection_timeout;
                }
-               ptimeout_deadline_monotime(&timeout, unused_connection_expiry);
        }
+       if (unused_connection_expiry != 0)
+               ptimeout_deadline_monotime(&timeout, unused_connection_expiry);
 
        /*
         * if using client_alive, set the max timeout accordingly,