[PATCH] dropbear-051: idle_timeout command line option
Farrell Aultman
fja0568 at gmail.com
Sat Sep 20 05:45:34 WST 2008
This adds a command line option for specifying an idle_timeout. The command
line is:
-I <secs>. If dropbear doesn't receive any data packets within <secs>, the
dropbear process
associated with that session will exit.
diff -up ../../dropbear-vanilla/dropbear-0.51/cli-runopts.c
../../dropbear-idle_timeout/dropbear-0.51/cli-runopts.c
--- ../../dropbear-vanilla/dropbear-0.51/cli-runopts.c 2008-03-27
09:17:14.000000000 -0400
+++ ../../dropbear-idle_timeout/dropbear-0.51/cli-runopts.c 2008-09-19
13:52:58.000000000 -0400
@@ -65,11 +65,12 @@ static void printhelp() {
#endif
"-W <receive_window_buffer> (default %d, larger may be
faster, max 1MB)\n"
"-K <keepalive> (0 is never, default %d)\n"
+ "-I <idle_timeout> (0 is never, default %d)\n"
#ifdef DEBUG_TRACE
"-v verbose\n"
#endif
,DROPBEAR_VERSION, cli_opts.progname,
- DEFAULT_RECV_WINDOW, DEFAULT_KEEPALIVE);
+ DEFAULT_RECV_WINDOW, DEFAULT_KEEPALIVE,
DEFAULT_IDLE_TIMEOUT);
}
@@ -91,6 +92,7 @@ void cli_getopts(int argc, char ** argv)
char* recv_window_arg = NULL;
char* keepalive_arg = NULL;
+ char* idle_timeout_arg = NULL;
/* see printhelp() for options */
cli_opts.progname = argv[0];
@@ -215,6 +217,9 @@ void cli_getopts(int argc, char ** argv)
case 'K':
next = &keepalive_arg;
break;
+ case 'I':
+ next = &idle_timeout_arg;
+ break;
#ifdef DEBUG_TRACE
case 'v':
debug_trace = 1;
@@ -322,7 +327,12 @@ void cli_getopts(int argc, char ** argv)
dropbear_exit("Bad keepalive '%s'", keepalive_arg);
}
}
-
+ if (idle_timeout_arg) {
+ opts.idle_timeout_secs = strtoul(idle_timeout_arg, NULL, 10);
+ if (opts.idle_timeout_secs == 0 && errno == EINVAL) {
+ dropbear_exit("Bad idle_timeout '%s'", idle_timeout_arg);
+ }
+ }
}
#ifdef ENABLE_CLI_PUBKEY_AUTH
diff -up ../../dropbear-vanilla/dropbear-0.51/common-session.c
../../dropbear-idle_timeout/dropbear-0.51/common-session.c
--- ../../dropbear-vanilla/dropbear-0.51/common-session.c 2008-03-27
09:17:14.000000000 -0400
+++ ../../dropbear-idle_timeout/dropbear-0.51/common-session.c 2008-09-19
11:24:18.000000000 -0400
@@ -63,6 +63,7 @@ void common_session_init(int sock, char*
ses.connect_time = 0;
ses.last_packet_time = 0;
+ ses.last_recv_packet_time = 0;
if (pipe(ses.signal_pipe) < 0) {
dropbear_exit("signal pipe failed");
@@ -397,6 +398,11 @@ static void checktimeouts() {
&& now - ses.last_packet_time >= opts.keepalive_secs) {
send_msg_ignore();
}
+
+ if (opts.idle_timeout_secs > 0 && ses.last_recv_packet_time > 0
+ && now - ses.last_recv_packet_time >= opts.idle_timeout_secs) {
+ dropbear_close("Idle timeout");
+ }
}
static long select_timeout() {
@@ -409,5 +415,7 @@ static long select_timeout() {
ret = MIN(AUTH_TIMEOUT, ret);
if (opts.keepalive_secs > 0)
ret = MIN(opts.keepalive_secs, ret);
+ if (opts.idle_timeout_secs > 0)
+ ret = MIN(opts.idle_timeout_secs, ret);
return ret;
}
Common subdirectories: ../../dropbear-vanilla/dropbear-0.51/debian and
../../dropbear-idle_timeout/dropbear-0.51/debian
Common subdirectories: ../../dropbear-vanilla/dropbear-0.51/libtomcrypt and
../../dropbear-idle_timeout/dropbear-0.51/libtomcrypt
Common subdirectories: ../../dropbear-vanilla/dropbear-0.51/libtommath and
../../dropbear-idle_timeout/dropbear-0.51/libtommath
Common subdirectories: ../../dropbear-vanilla/dropbear-0.51/_MTN and
../../dropbear-idle_timeout/dropbear-0.51/_MTN
diff -up ../../dropbear-vanilla/dropbear-0.51/options.h
../../dropbear-idle_timeout/dropbear-0.51/options.h
--- ../../dropbear-vanilla/dropbear-0.51/options.h 2008-03-27
09:34:39.000000000 -0400
+++ ../../dropbear-idle_timeout/dropbear-0.51/options.h 2008-09-19
11:26:04.000000000 -0400
@@ -235,6 +235,10 @@ etc) slower (perhaps by 50%). Recommende
be overridden at runtime with -K. 0 disables keepalives */
#define DEFAULT_KEEPALIVE 0
+/* Ensure that data is received within IDLE_TIMEOUT seconds. This can
+be overridden at runtime with -I. 0 disables idle timeouts */
+#define DEFAULT_IDLE_TIMEOUT 0
+
/*******************************************************************
* You shouldn't edit below here unless you know you need to.
*******************************************************************/
Only in ../../dropbear-idle_timeout/dropbear-0.51: patch051.idle_timeout
diff -up ../../dropbear-vanilla/dropbear-0.51/process-packet.c
../../dropbear-idle_timeout/dropbear-0.51/process-packet.c
--- ../../dropbear-vanilla/dropbear-0.51/process-packet.c 2008-03-27
09:17:15.000000000 -0400
+++ ../../dropbear-idle_timeout/dropbear-0.51/process-packet.c 2008-09-19
11:26:58.000000000 -0400
@@ -51,6 +51,7 @@ void process_packet() {
TRACE(("process_packet: packet type = %d", type))
ses.lastpacket = type;
+ ses.last_recv_packet_time = time(NULL);
/* These packets we can receive at any time */
switch(type) {
diff -up ../../dropbear-vanilla/dropbear-0.51/runopts.h
../../dropbear-idle_timeout/dropbear-0.51/runopts.h
--- ../../dropbear-vanilla/dropbear-0.51/runopts.h 2008-03-27
09:17:15.000000000 -0400
+++ ../../dropbear-idle_timeout/dropbear-0.51/runopts.h 2008-09-19
11:29:17.000000000 -0400
@@ -38,6 +38,7 @@ typedef struct runopts {
#endif
unsigned int recv_window;
time_t keepalive_secs;
+ time_t idle_timeout_secs;
} runopts;
diff -up ../../dropbear-vanilla/dropbear-0.51/session.h
../../dropbear-idle_timeout/dropbear-0.51/session.h
--- ../../dropbear-vanilla/dropbear-0.51/session.h 2008-03-27
09:17:15.000000000 -0400
+++ ../../dropbear-idle_timeout/dropbear-0.51/session.h 2008-09-19
11:30:56.000000000 -0400
@@ -137,6 +137,10 @@ struct sshsession {
time_t last_packet_time; /* time of the last packet transmission, for
keepalive purposes */
+ time_t last_recv_packet_time; /* time of the last packet received, for
+ idle timeout purposes */
+
+
/* KEX/encryption related */
struct KEXState kexstate;
struct key_context *keys;
diff -up ../../dropbear-vanilla/dropbear-0.51/svr-runopts.c
../../dropbear-idle_timeout/dropbear-0.51/svr-runopts.c
--- ../../dropbear-vanilla/dropbear-0.51/svr-runopts.c 2008-03-27
09:17:16.000000000 -0400
+++ ../../dropbear-idle_timeout/dropbear-0.51/svr-runopts.c 2008-09-19
11:34:15.000000000 -0400
@@ -82,6 +82,7 @@ static void printhelp(const char * progn
#endif
"-W <receive_window_buffer> (default %d, larger may be
faster, max 1MB)\n"
"-K <keepalive> (0 is never, default %d)\n"
+ "-I <idle_timeout> (0 is never, default %d)\n"
#ifdef DEBUG_TRACE
"-v verbose\n"
#endif
@@ -93,7 +94,7 @@ static void printhelp(const char * progn
RSA_PRIV_FILENAME,
#endif
DROPBEAR_MAX_PORTS, DROPBEAR_DEFPORT, DROPBEAR_PIDFILE,
- DEFAULT_RECV_WINDOW, DEFAULT_KEEPALIVE);
+ DEFAULT_RECV_WINDOW, DEFAULT_KEEPALIVE,
DEFAULT_IDLE_TIMEOUT);
}
void svr_getopts(int argc, char ** argv) {
@@ -103,6 +104,7 @@ void svr_getopts(int argc, char ** argv)
int nextisport = 0;
char* recv_window_arg = NULL;
char* keepalive_arg = NULL;
+ char* idle_timeout_arg = NULL;
/* see printhelp() for options */
svr_opts.rsakeyfile = NULL;
@@ -134,7 +136,8 @@ void svr_getopts(int argc, char ** argv)
svr_opts.usingsyslog = 1;
#endif
opts.recv_window = DEFAULT_RECV_WINDOW;
- opts.keepalive_secs = DEFAULT_KEEPALIVE;
+ opts.keepalive_secs = DEFAULT_KEEPALIVE;
+ opts.idle_timeout_secs = DEFAULT_IDLE_TIMEOUT;
#ifdef ENABLE_SVR_REMOTETCPFWD
opts.listen_fwd_all = 0;
@@ -218,6 +221,9 @@ void svr_getopts(int argc, char ** argv)
case 'K':
next = &keepalive_arg;
break;
+ case 'I':
+ next = &idle_timeout_arg;
+ break;
#if defined(ENABLE_SVR_PASSWORD_AUTH) || defined(ENABLE_SVR_PAM_AUTH)
case 's':
svr_opts.noauthpass = 1;
@@ -297,6 +303,13 @@ void svr_getopts(int argc, char ** argv)
dropbear_exit("Bad keepalive '%s'", keepalive_arg);
}
}
+
+ if (idle_timeout_arg) {
+ opts.idle_timeout_secs = strtoul(idle_timeout_arg, NULL, 10);
+ if (opts.idle_timeout_secs == 0 && errno == EINVAL) {
+ dropbear_exit("Bad idle_timeout '%s'", idle_timeout_arg);
+ }
+ }
}
static void addportandaddress(char* spec) {
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/attachments/20080919/b09eedfc/attachment.htm
More information about the Dropbear
mailing list