[patch] option to prevent connection timeout

Dick Streefland Dick.Streefland at xs4all.nl
Fri Oct 12 06:56:38 EST 2001 

Hi,

The firewall at work doesn't allow me to make a direct SSH connection
to the Internet, so I use the ProxyCommand to tunnel SSH through a
HTTP proxy. This works fine, except for the fact that the HTTP proxy
server closes the connection after 60 seconds of inactivity. Attached
below is a patch that implements a new configuration option called
"Idle" that lets you specify the maximum idle time of a connection in
seconds. When this limit is reached, a dummy packet (SSH_MSG_IGNORE)
is sent, to fake activity, and to prevent the timeout. This option
might be usefull for others, so I'm posting it here.

-- 
Dick Streefland                    ////               De Bilt
dick.streefland at xs4all.nl         (@ @)       The Netherlands
------------------------------oOO--(_)--OOo------------------

--- openssh-2.9.9p2/clientloop.c.orig	Tue Sep 18 07:51:14 2001
+++ openssh-2.9.9p2/clientloop.c	Thu Oct 11 22:03:09 2001
@@ -320,6 +320,9 @@
 client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp,
     int *maxfdp, int *nallocp, int rekeying)
 {
+	struct timeval tv;
+	int n;
+
 	/* Add any selections by the channel mechanism. */
 	channel_prepare_select(readsetp, writesetp, maxfdp, nallocp, rekeying);
 
@@ -364,7 +367,24 @@
 	 * SSH_MSG_IGNORE packet when the timeout expires.
 	 */
 
-	if (select((*maxfdp)+1, *readsetp, *writesetp, NULL, NULL) < 0) {
+	/*
+	 * When the "Idle" option is set to a non-zero value, a dummy
+	 * packet is sent after the connection is idle for the specified
+	 * number of seconds, to prevent the connection from timing out.
+	 */
+	if (options.idle > 0) {
+		tv.tv_sec = options.idle;
+		tv.tv_usec = 0;
+		n = select((*maxfdp)+1, *readsetp, *writesetp, NULL, &tv);
+		if (n == 0) {
+			debug2("idle");
+			packet_send_ignore(1);
+			packet_send();
+		}
+	} else {
+		n = select((*maxfdp)+1, *readsetp, *writesetp, NULL, NULL);
+	}
+	if (n < 0) {
 		char buf[100];
 
 		/*
--- openssh-2.9.9p2/readconf.c.orig	Thu Sep 20 02:57:56 2001
+++ openssh-2.9.9p2/readconf.c	Thu Oct 11 22:03:09 2001
@@ -109,7 +109,7 @@
 	oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand,
 	oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts,
 	oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression,
-	oCompressionLevel, oKeepAlives, oNumberOfPasswordPrompts,
+	oCompressionLevel, oKeepAlives, oIdle, oNumberOfPasswordPrompts,
 	oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol, oMacs,
 	oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication,
 	oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias,
@@ -178,6 +178,7 @@
 	{ "compression", oCompression },
 	{ "compressionlevel", oCompressionLevel },
 	{ "keepalive", oKeepAlives },
+	{ "idle", oIdle },
 	{ "numberofpasswordprompts", oNumberOfPasswordPrompts },
 	{ "loglevel", oLogLevel },
 	{ "dynamicforward", oDynamicForward },
@@ -415,6 +416,10 @@
 		intptr = &options->keepalives;
 		goto parse_flag;
 
+	case oIdle:
+		intptr = &options->idle;
+		goto parse_int;
+
 	case oNumberOfPasswordPrompts:
 		intptr = &options->number_of_password_prompts;
 		goto parse_int;
@@ -767,6 +772,7 @@
 	options->strict_host_key_checking = -1;
 	options->compression = -1;
 	options->keepalives = -1;
+	options->idle = -1;
 	options->compression_level = -1;
 	options->port = -1;
 	options->connection_attempts = -1;
@@ -859,6 +865,8 @@
 		options->compression = 0;
 	if (options->keepalives == -1)
 		options->keepalives = 1;
+	if (options->idle == -1)
+		options->idle = 0;
 	if (options->compression_level == -1)
 		options->compression_level = 6;
 	if (options->port == -1)
--- openssh-2.9.9p2/readconf.h.orig	Thu Sep 20 02:57:56 2001
+++ openssh-2.9.9p2/readconf.h	Thu Oct 11 22:03:09 2001
@@ -63,6 +63,7 @@
 	int     compression_level;	/* Compression level 1 (fast) to 9
 					 * (best). */
 	int     keepalives;	/* Set SO_KEEPALIVE. */
+	int     idle;		/* prevent idle connection from timing out */
 	LogLevel log_level;	/* Level for logging. */
 
 	int     port;		/* Port to connect. */
--- openssh-2.9.9p2/ssh.1.orig	Thu Sep 20 02:57:56 2001
+++ openssh-2.9.9p2/ssh.1	Thu Oct 11 22:03:09 2001
@@ -926,6 +926,14 @@
 It is possible to have
 multiple identity files specified in configuration files; all these
 identities will be tried in sequence.
+.It Cm Idle
+When this option is set to a non-zero value, a dummy packet is sent
+after the connection is idle for the specified number of seconds.
+This faked activity will prevent the connection from timing out.
+The default value is 0 seconds, which disables this feature.
+Note that this is different from the
+.Cm KeepAlive
+option, which merely sets the SO_KEEPALIVE socket option.
 .It Cm KeepAlive
 Specifies whether the system should send keepalive messages to the
 other side.

More information about the openssh-unix-dev mailing list