Mercurial > dropbear
comparison common-session.c @ 970:0bb16232e7c4
Make keepalive handling more robust, this should now match what OpenSSH does
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Tue, 19 Aug 2014 23:08:56 +0800 |
| parents | f7f6c15b0ec3 |
| children | 73ea0dce9a57 363c0feca5d4 |
comparison
equal
deleted
inserted
replaced
| 969:939944f0fca9 | 970:0bb16232e7c4 |
|---|---|
| 392 buf[pos] = '\0'; | 392 buf[pos] = '\0'; |
| 393 TRACE(("leave ident_readln: return %d", pos+1)) | 393 TRACE(("leave ident_readln: return %d", pos+1)) |
| 394 return pos+1; | 394 return pos+1; |
| 395 } | 395 } |
| 396 | 396 |
| 397 void ignore_recv_msg_request_failure() { | 397 void ignore_recv_response() { |
| 398 // Do nothing | 398 // Do nothing |
| 399 TRACE(("Ignored msg_request_failure")) | 399 TRACE(("Ignored msg_request_response")) |
| 400 } | 400 } |
| 401 | 401 |
| 402 static void send_msg_keepalive() { | 402 static void send_msg_keepalive() { |
| 403 CHECKCLEARTOWRITE(); | 403 CHECKCLEARTOWRITE(); |
| 404 time_t old_time_idle = ses.last_packet_time_idle; | 404 time_t old_time_idle = ses.last_packet_time_idle; |
| 405 /* Try to force a response from the other end. Some peers will | 405 |
| 406 reply with SSH_MSG_REQUEST_FAILURE, some will reply with SSH_MSG_UNIMPLEMENTED */ | 406 struct Channel *chan = get_any_ready_channel(); |
| 407 buf_putbyte(ses.writepayload, SSH_MSG_GLOBAL_REQUEST); | 407 |
| 408 /* A short string */ | 408 if (chan) { |
| 409 buf_putstring(ses.writepayload, "[email protected]", 0); | 409 /* Channel requests are preferable, more implementations |
| 410 handle them than SSH_MSG_GLOBAL_REQUEST */ | |
| 411 TRACE(("keepalive channel request %d", chan->index)) | |
| 412 start_send_channel_request(chan, DROPBEAR_KEEPALIVE_STRING); | |
| 413 } else { | |
| 414 TRACE(("keepalive global request")) | |
| 415 /* Some peers will reply with SSH_MSG_REQUEST_FAILURE, | |
| 416 some will reply with SSH_MSG_UNIMPLEMENTED, some will exit. */ | |
| 417 buf_putbyte(ses.writepayload, SSH_MSG_GLOBAL_REQUEST); | |
| 418 buf_putstring(ses.writepayload, DROPBEAR_KEEPALIVE_STRING, | |
| 419 strlen(DROPBEAR_KEEPALIVE_STRING)); | |
| 420 } | |
| 410 buf_putbyte(ses.writepayload, 1); /* want_reply */ | 421 buf_putbyte(ses.writepayload, 1); /* want_reply */ |
| 411 encrypt_packet(); | 422 encrypt_packet(); |
| 412 | 423 |
| 413 ses.last_packet_time_keepalive_sent = monotonic_now(); | 424 ses.last_packet_time_keepalive_sent = monotonic_now(); |
| 414 | 425 |
| 433 || ses.kexstate.datarecv+ses.kexstate.datatrans >= KEX_REKEY_DATA)) { | 444 || ses.kexstate.datarecv+ses.kexstate.datatrans >= KEX_REKEY_DATA)) { |
| 434 TRACE(("rekeying after timeout or max data reached")) | 445 TRACE(("rekeying after timeout or max data reached")) |
| 435 send_msg_kexinit(); | 446 send_msg_kexinit(); |
| 436 } | 447 } |
| 437 | 448 |
| 438 if (opts.keepalive_secs > 0) { | 449 if (opts.keepalive_secs > 0 && ses.authstate.authdone) { |
| 450 /* Avoid sending keepalives prior to auth - those are | |
| 451 not valid pre-auth packet types */ | |
| 452 | |
| 439 /* Send keepalives if we've been idle */ | 453 /* Send keepalives if we've been idle */ |
| 440 if (now - ses.last_packet_time_any_sent >= opts.keepalive_secs) { | 454 if (now - ses.last_packet_time_any_sent >= opts.keepalive_secs) { |
| 441 send_msg_keepalive(); | 455 send_msg_keepalive(); |
| 442 } | 456 } |
| 443 | 457 |