- dtucker@cvs.openbsd.org 2007/12/28 15:32:24

[clientloop.c serverloop.c packet.c]
     Make SSH2_MSG_UNIMPLEMENTED and SSH2_MSG_IGNORE messages reset the
     ServerAlive and ClientAlive timers.  Prevents dropping a connection
     when these are enabled but the peer does not support our keepalives.
     bz #1307, ok djm@.

ChangeLog

@@ -10,6 +10,12 @@
      Add a small helper function to consistently handle the EAI_SYSTEM error
      code of getaddrinfo.  Prompted by vgiffin at apple com via bz #1417.
      ok markus@ stevesk@
+   - dtucker@cvs.openbsd.org 2007/12/28 15:32:24
+     [clientloop.c serverloop.c packet.c]
+     Make SSH2_MSG_UNIMPLEMENTED and SSH2_MSG_IGNORE messages reset the
+     ServerAlive and ClientAlive timers.  Prevents dropping a connection
+     when these are enabled but the peer does not support our keepalives.
+     bz #1307, ok djm@.
 
 20071202
  - (dtucker) [configure.ac] Enable -fstack-protector-all on systems where
@@ -3471,4 +3477,4 @@
    OpenServer 6 and add osr5bigcrypt support so when someone migrates
    passwords between UnixWare and OpenServer they will still work. OK dtucker@
 
-$Id: ChangeLog,v 1.4808 2007/12/28 15:43:51 dtucker Exp $
+$Id: ChangeLog,v 1.4809 2007/12/28 15:45:07 dtucker Exp $

clientloop.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: clientloop.c,v 1.183 2007/11/03 00:36:14 djm Exp $ */
+/* $OpenBSD: clientloop.c,v 1.184 2007/12/28 15:32:24 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -464,6 +464,12 @@ client_check_window_change(void)
 	}
 }
 
+static void
+client_global_keepalive(int type, u_int32_t seq, void *ctxt)
+{
+	server_alive_timeouts = 0;
+}
+
 static void
 client_global_request_reply(int type, u_int32_t seq, void *ctxt)
 {
@@ -2076,6 +2082,8 @@ client_init_dispatch_20(void)
 	/* global request reply messages */
 	dispatch_set(SSH2_MSG_REQUEST_FAILURE, &client_global_request_reply);
 	dispatch_set(SSH2_MSG_REQUEST_SUCCESS, &client_global_request_reply);
+	dispatch_set(SSH2_MSG_IGNORE, &client_global_keepalive);
+	dispatch_set(SSH2_MSG_UNIMPLEMENTED, &client_global_keepalive);
 }
 static void
 client_init_dispatch_13(void)

packet.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.c,v 1.148 2007/06/07 19:37:34 pvalchev Exp $ */
+/* $OpenBSD: packet.c,v 1.149 2007/12/28 15:32:24 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -968,9 +968,10 @@ packet_read_expect(int expected_type)
  * packet_process_incoming.  If so, reads the packet; otherwise returns
  * SSH_MSG_NONE.  This does not wait for data from the connection.
  *
- * SSH_MSG_DISCONNECT is handled specially here.  Also,
- * SSH_MSG_IGNORE messages are skipped by this function and are never returned
- * to higher levels.
+ * SSH_MSG_DISCONNECT is handled specially here.  Also, SSH_MSG_IGNORE
+ * messages are skipped by this function and are never returned
+ * to higher levels, although SSH2_MSG_IGNORE are since they are needed
+ * for keepalives.
  */
 
 static int
@@ -1195,8 +1196,6 @@ packet_read_poll_seqnr(u_int32_t *seqnr_p)
 			if (type)
 				DBG(debug("received packet type %d", type));
 			switch (type) {
-			case SSH2_MSG_IGNORE:
-				break;
 			case SSH2_MSG_DEBUG:
 				packet_get_char();
 				msg = packet_get_string(NULL);
@@ -1217,7 +1216,7 @@ packet_read_poll_seqnr(u_int32_t *seqnr_p)
 				seqnr = packet_get_int();
 				debug("Received SSH2_MSG_UNIMPLEMENTED for %u",
 				    seqnr);
-				break;
+				/* FALLTHROUGH */
 			default:
 				return type;
 			}

serverloop.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: serverloop.c,v 1.145 2006/10/11 12:38:03 markus Exp $ */
+/* $OpenBSD: serverloop.c,v 1.146 2007/12/28 15:32:24 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1193,6 +1193,8 @@ server_init_dispatch_20(void)
 	dispatch_set(SSH2_MSG_CHANNEL_FAILURE, &server_input_keep_alive);
 	dispatch_set(SSH2_MSG_REQUEST_SUCCESS, &server_input_keep_alive);
 	dispatch_set(SSH2_MSG_REQUEST_FAILURE, &server_input_keep_alive);
+	dispatch_set(SSH2_MSG_IGNORE, &server_input_keep_alive);
+	dispatch_set(SSH2_MSG_UNIMPLEMENTED, &server_input_keep_alive);
 	/* rekeying */
 	dispatch_set(SSH2_MSG_KEXINIT, &kex_input_kexinit);
 }