Bug#539412: ssh -oExitOnForwardFailure=yes -R... -f fails too late

tags 539412 patch
thanks

[Peter Samuelson]
> Three ssh client features, that work individually, fail in combination.
> 
> 1) -f, to fork and exit after initial connection
> 2) -R, to bind remote ports and forward to the local network
> 3) -o ExitOnForwardFailure=yes, to immediately indicate failure of -L or -R
> 
> Unfortunately, -f causes the session to fork-and-exit before the
> forwarding happens.  So even if it does fail, we get an exit status 0
> instead of 255.

Inspired by the patch Damien (CC'd) already applied to 5.1, as seen in
https://bugzilla.mindrot.org/show_bug.cgi?id=92, the following patch
seems to fix this bug.  So far I haven't found any problems with it.
Given that Damien's patch already touches this exact code, I wonder why
he didn't already do this.
-- 
Peter Samuelson | org-tld!p12n!peter | http://p12n.org/


--- openssh-5.1p1/ssh.c
+++ openssh-5.1p1/ssh.c
@@ -1223,7 +1223,9 @@
        muxserver_listen();
 
        /* If requested, let ssh continue in the background. */
-       if (fork_after_authentication_flag) {
+       if (fork_after_authentication_flag &&
+           (!options.exit_on_forward_failure ||
+           options.num_remote_forwards == 0)) {
                fork_after_authentication_flag = 0;
                if (daemon(1, 1) < 0)
                        fatal("daemon() failed: %.200s", strerror(errno));



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-REQUEST@xxxxxxxxxxxxxxxx
with a subject of "unsubscribe". Trouble? Contact listmaster@xxxxxxxxxxxxxxxx