IETF-SSH archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Practical forwarding problem



Only two possibilities really occur to me...

der Mouse wrote:
- Client requests agent and X11 forwarding on A.
- Server accepts forwardings.
- Client sends an "exec" request on A.  The requested command is an X
   terminal emulator.
- Terminal emulator starts (opening an X connection) and backgrounds
   itself (which looks like dying, to the server).
- Server notices command death and sends EOF and CLOSE on A.

The server could notice that their are still child processes alive
and send EOF but not CLOSE.  Not great, since it might be that the
user intended these child processes to run in the background after
logout...

- Client sends CLOSE on A, acking the server's CLOSE.
- Server tears down forwardings for A, 'cause the channel's closed.

The Server could 'associate' the forwarding with the connection
instead of the channel... and not tear it down until the connection
dies.

In this model, a second agent-forwarding request on a second session
channel would not result in a second unix domain socket being created,
but would simply result in th environment variable being set to point
to the 'connection' forwarding.

The same for x11...

I'm not sure this is a good idea either... but it might be better than
the first one.

--

In the end, I think it comes down to the fact that agent and x11
forwarding really should be connection level operations... but
they are requested over a session channel because they require
setting environment for a given session.

I think it would have been better to make them connection
level requests, and then, maybe, have the session level
'forward-x11' request imply that a connection level forwarding
had already been set up and this was a request to make it
available to this particular session.

Waaaaaaay to late now, though...

Thanks,

Joseph



Home | Main Index | Thread Index | Old Index