Mercurial > dropbear
changeset 1209:ab7d9c12caa7
Merge pull request #17 from annulen/kill_proxy_cmd
Client: kill proxy command when exiting application.
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Tue, 15 Dec 2015 21:40:32 +0800 |
parents | 81063d78fe69 (current diff) fb58cf341951 (diff) |
children | 64a50eac1030 61d3f56808a4 |
files | |
diffstat | 3 files changed, 42 insertions(+), 11 deletions(-) [+] |
line wrap: on
line diff
--- a/cli-main.c Tue Dec 15 21:30:59 2015 +0800 +++ b/cli-main.c Tue Dec 15 21:40:32 2015 +0800 @@ -36,7 +36,8 @@ static void cli_dropbear_log(int priority, const char* format, va_list param); #ifdef ENABLE_CLI_PROXYCMD -static void cli_proxy_cmd(int *sock_in, int *sock_out); +static void cli_proxy_cmd(int *sock_in, int *sock_out, pid_t *pid_out); +static void killchild(int signo); #endif #if defined(DBMULTI_dbclient) || !defined(DROPBEAR_MULTI) @@ -66,10 +67,16 @@ dropbear_exit("signal() error"); } + pid_t proxy_cmd_pid = 0; #ifdef ENABLE_CLI_PROXYCMD if (cli_opts.proxycmd) { - cli_proxy_cmd(&sock_in, &sock_out); + cli_proxy_cmd(&sock_in, &sock_out, &proxy_cmd_pid); m_free(cli_opts.proxycmd); + if (signal(SIGINT, killchild) == SIG_ERR || + signal(SIGTERM, killchild) == SIG_ERR || + signal(SIGHUP, killchild) == SIG_ERR) { + dropbear_exit("signal() error"); + } } else #endif { @@ -77,7 +84,7 @@ sock_in = sock_out = -1; } - cli_session(sock_in, sock_out, progress); + cli_session(sock_in, sock_out, progress, proxy_cmd_pid); /* not reached */ return -1; @@ -132,16 +139,24 @@ } #ifdef ENABLE_CLI_PROXYCMD -static void cli_proxy_cmd(int *sock_in, int *sock_out) { +static void cli_proxy_cmd(int *sock_in, int *sock_out, pid_t *pid_out) { int ret; fill_passwd(cli_opts.own_user); ret = spawn_command(exec_proxy_cmd, cli_opts.proxycmd, - sock_out, sock_in, NULL, NULL); + sock_out, sock_in, NULL, pid_out); if (ret == DROPBEAR_FAILURE) { dropbear_exit("Failed running proxy command"); *sock_in = *sock_out = -1; } } + +static void killchild(int signo) +{ + kill_proxy_command(); + if (signo) + _exit(1); + exit(1); +} #endif /* ENABLE_CLI_PROXYCMD */
--- a/cli-session.c Tue Dec 15 21:30:59 2015 +0800 +++ b/cli-session.c Tue Dec 15 21:40:32 2015 +0800 @@ -41,7 +41,7 @@ static void cli_remoteclosed() ATTRIB_NORETURN; static void cli_sessionloop(); -static void cli_session_init(); +static void cli_session_init(pid_t proxy_cmd_pid); static void cli_finished() ATTRIB_NORETURN; static void recv_msg_service_accept(void); static void cli_session_cleanup(void); @@ -104,7 +104,7 @@ update_channel_prio(); } -void cli_session(int sock_in, int sock_out, struct dropbear_progress_connection *progress) { +void cli_session(int sock_in, int sock_out, struct dropbear_progress_connection *progress, pid_t proxy_cmd_pid) { common_session_init(sock_in, sock_out); @@ -115,8 +115,7 @@ chaninitialise(cli_chantypes); /* Set up cli_ses vars */ - cli_session_init(); - + cli_session_init(proxy_cmd_pid); /* Ready to go */ sessinitdone = 1; @@ -140,7 +139,7 @@ } #endif -static void cli_session_init() { +static void cli_session_init(pid_t proxy_cmd_pid) { cli_ses.state = STATE_NOTHING; cli_ses.kex_state = KEX_NOTHING; @@ -159,6 +158,8 @@ cli_ses.retval = EXIT_SUCCESS; /* Assume it's clean if we don't get a specific exit status */ + cli_ses.proxy_cmd_pid = proxy_cmd_pid; + TRACE(("proxy command PID='%d'", proxy_cmd_pid)); /* Auth */ cli_ses.lastprivkey = NULL; @@ -334,12 +335,25 @@ } +void kill_proxy_command(void) { + /* + * Send SIGHUP to proxy command if used. We don't wait() in + * case it hangs and instead rely on init to reap the child + */ + if (cli_ses.proxy_cmd_pid > 1) { + TRACE(("killing proxy command with PID='%d'", cli_ses.proxy_cmd_pid)); + kill(cli_ses.proxy_cmd_pid, SIGHUP); + } +} + static void cli_session_cleanup(void) { if (!sessinitdone) { return; } + kill_proxy_command(); + /* Set std{in,out,err} back to non-blocking - busybox ash dies nastily if * we don't revert the flags */ fcntl(cli_ses.stdincopy, F_SETFL, cli_ses.stdinflags);
--- a/session.h Tue Dec 15 21:30:59 2015 +0800 +++ b/session.h Tue Dec 15 21:40:32 2015 +0800 @@ -61,9 +61,10 @@ void svr_dropbear_log(int priority, const char* format, va_list param); /* Client */ -void cli_session(int sock_in, int sock_out, struct dropbear_progress_connection *progress) ATTRIB_NORETURN; +void cli_session(int sock_in, int sock_out, struct dropbear_progress_connection *progress, pid_t proxy_cmd_pid) ATTRIB_NORETURN; void cli_connected(int result, int sock, void* userdata, const char *errstring); void cleantext(char* dirtytext); +void kill_proxy_command(); /* crypto parameters that are stored individually for transmit and receive */ struct key_context_directional { @@ -304,6 +305,7 @@ struct AgentkeyList *agentkeys; /* Keys to use for public-key auth */ #endif + int proxy_cmd_pid; }; /* Global structs storing the state */