make ssh -f (fork after authentication) work properly in multiplexed

cases (inc. ControlPersist). bz3589 bz3589
Based on patches by Peter Chubb; ok dtucker@

diff --git a/usr.bin/ssh/mux.c b/usr.bin/ssh/mux.c
index 9968bf9..d2a8e24 100644 (file)
--- a/usr.bin/ssh/mux.c
+++ b/usr.bin/ssh/mux.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: mux.c,v 1.97 2023/06/20 23:59:33 djm Exp $ */
+/* $OpenBSD: mux.c,v 1.98 2023/07/26 23:06:00 djm Exp $ */
 /*
  * Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org>
  *
@@ -1862,7 +1862,7 @@ mux_client_request_session(int fd)
        const char *term = NULL;
        u_int i, echar, rid, sid, esid, exitval, type, exitval_seen;
        extern char **environ;
-       int r, rawmode;
+       int r, rawmode = 0;
 
        debug3_f("entering");
 
@@ -1971,9 +1971,15 @@ mux_client_request_session(int fd)
        ssh_signal(SIGTERM, control_client_sighandler);
        ssh_signal(SIGWINCH, control_client_sigrelay);
 
-       rawmode = tty_flag;
-       if (tty_flag)
-               enter_raw_mode(options.request_tty == REQUEST_TTY_FORCE);
+       if (options.fork_after_authentication)
+               daemon(1, 1);
+       else {
+               rawmode = tty_flag;
+               if (tty_flag) {
+                       enter_raw_mode(
+                           options.request_tty == REQUEST_TTY_FORCE);
+               }
+       }
 
        /*
         * Stick around until the controlee closes the client_fd.

diff --git a/usr.bin/ssh/ssh.c b/usr.bin/ssh/ssh.c
index 448e99d..5933b0a 100644 (file)
--- a/usr.bin/ssh/ssh.c
+++ b/usr.bin/ssh/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.592 2023/07/17 05:41:53 jmc Exp $ */
+/* $OpenBSD: ssh.c,v 1.593 2023/07/26 23:06:00 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -114,10 +114,11 @@ int tty_flag = 0;
  * Flag indicating that the current process should be backgrounded and
  * a new mux-client launched in the foreground for ControlPersist.
  */
-int need_controlpersist_detach = 0;
+static int need_controlpersist_detach = 0;
 
 /* Copies of flags for ControlPersist foreground mux-client */
-int ostdin_null_flag, osession_type, otty_flag, orequest_tty;
+static int ostdin_null_flag, osession_type, otty_flag, orequest_tty;
+static int ofork_after_authentication;
 
 /*
  * General data structure for command line options and options configurable
@@ -1736,11 +1737,15 @@ control_persist_detach(void)
                /* Child: master process continues mainloop */
                break;
        default:
-               /* Parent: set up mux client to connect to backgrounded master */
+               /*
+                * Parent: set up mux client to connect to backgrounded
+                * master.
+                */
                debug2_f("background process is %ld", (long)pid);
                options.stdin_null = ostdin_null_flag;
                options.request_tty = orequest_tty;
                tty_flag = otty_flag;
+               options.fork_after_authentication = ofork_after_authentication;
                options.session_type = osession_type;
                close(muxserver_sock);
                muxserver_sock = -1;
@@ -2152,11 +2157,11 @@ ssh_session2(struct ssh *ssh, const struct ssh_conn_info *cinfo)
                osession_type = options.session_type;
                orequest_tty = options.request_tty;
                otty_flag = tty_flag;
+               ofork_after_authentication = options.fork_after_authentication;
                options.stdin_null = 1;
                options.session_type = SESSION_TYPE_NONE;
                tty_flag = 0;
-               if (!options.fork_after_authentication &&
-                   (osession_type != SESSION_TYPE_NONE ||
+               if ((osession_type != SESSION_TYPE_NONE ||
                    options.stdio_forward_host != NULL))
                        need_controlpersist_detach = 1;
                options.fork_after_authentication = 1;