Try to continue running local I/O for channels in state OPEN during

SSH transport rekeying. The most visible benefit is that it should make
~-escapes work in the client (e.g. to exit) if the connection happened
to have stalled during a rekey event. Based work by and ok dtucker@

diff --git a/usr.bin/ssh/channels.c b/usr.bin/ssh/channels.c
index 97d7178..f2f6267 100644 (file)
--- a/usr.bin/ssh/channels.c
+++ b/usr.bin/ssh/channels.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: channels.c,v 1.416 2022/04/11 22:52:08 djm Exp $ */
+/* $OpenBSD: channels.c,v 1.417 2022/04/20 04:19:11 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -2378,6 +2378,9 @@ channel_handler(struct ssh *ssh, int table, time_t *unpause_secs)
                c = sc->channels[i];
                if (c == NULL)
                        continue;
+               /* Try to keep IO going while rekeying */
+               if (ssh_packet_is_rekeying(ssh) && c->type != SSH_CHANNEL_OPEN)
+                       continue;
                if (c->delayed) {
                        if (table == CHAN_PRE)
                                c->delayed = 0;
@@ -2568,17 +2571,13 @@ channel_prepare_poll(struct ssh *ssh, struct pollfd **pfdp, u_int *npfd_allocp,
        /* Allocate 4x pollfd for each channel (rfd, wfd, efd, sock) */
        if (sc->channels_alloc >= (INT_MAX / 4) - npfd_reserved)
                fatal_f("too many channels"); /* shouldn't happen */
-       if (!ssh_packet_is_rekeying(ssh))
-               npfd += sc->channels_alloc * 4;
+       npfd += sc->channels_alloc * 4;
        if (npfd > *npfd_allocp) {
                *pfdp = xrecallocarray(*pfdp, *npfd_allocp,
                    npfd, sizeof(**pfdp));
                *npfd_allocp = npfd;
        }
        *npfd_activep = npfd_reserved;
-       if (ssh_packet_is_rekeying(ssh))
-               return;
-
        oalloc = sc->channels_alloc;
 
        channel_handler(ssh, CHAN_PRE, minwait_secs);

diff --git a/usr.bin/ssh/clientloop.c b/usr.bin/ssh/clientloop.c
index 6e799da..8807d23 100644 (file)
--- a/usr.bin/ssh/clientloop.c
+++ b/usr.bin/ssh/clientloop.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: clientloop.c,v 1.378 2022/01/22 00:49:34 djm Exp $ */
+/* $OpenBSD: clientloop.c,v 1.379 2022/04/20 04:19:11 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1339,9 +1339,8 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg,
                if (quit_pending)
                        break;
 
-               /* Do channel operations unless rekeying in progress. */
-               if (!ssh_packet_is_rekeying(ssh))
-                       channel_after_poll(ssh, pfd, npfd_active);
+               /* Do channel operations. */
+               channel_after_poll(ssh, pfd, npfd_active);
 
                /* Buffer input from the connection.  */
                if (conn_in_ready)

diff --git a/usr.bin/ssh/serverloop.c b/usr.bin/ssh/serverloop.c
index 3b49719..2210436 100644 (file)
--- a/usr.bin/ssh/serverloop.c
+++ b/usr.bin/ssh/serverloop.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: serverloop.c,v 1.231 2022/01/22 00:49:34 djm Exp $ */
+/* $OpenBSD: serverloop.c,v 1.232 2022/04/20 04:19:11 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -386,8 +386,7 @@ server_loop2(struct ssh *ssh, Authctxt *authctxt)
                        cleanup_exit(255);
                }
 
-               if (!ssh_packet_is_rekeying(ssh))
-                       channel_after_poll(ssh, pfd, npfd_active);
+               channel_after_poll(ssh, pfd, npfd_active);
                if (conn_in_ready &&
                    process_input(ssh, connection_in) < 0)
                        break;