X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~mdw/git/tunneluser/blobdiff_plain/b16ea8ba5d2a908164c99c4761915e5e439e7107..refs/heads/master:/bin/outbound

diff --git a/bin/outbound b/bin/outbound
index cad1526..ac810aa 100755
--- a/bin/outbound
+++ b/bin/outbound
@@ -15,12 +15,7 @@ writefile () {
 
 runssh () { ssh -T -oControlPath="./$host.ctrl" "$@"; }
 
-stopit () {
-
-  ## Initial shutdown protocol.
-  writefile "$host.state" stopping
-  if [ -f "$host.pid" ]; then kill $(cat "$host.pid") 2>/dev/null || :; fi
-  rm -f "$host.pid"
+clobber () {
 
   ## Shut down an existing connection if there is one.
   if [ -S "$host.ctrl" ]; then
@@ -39,6 +34,17 @@ stopit () {
     ## Remove the stale socket.
     rm -f "$host.ctrl"
   fi
+}
+
+stopit () {
+
+  ## Initial shutdown protocol.
+  writefile "$host.state" stopping
+  if [ -f "$host.pid" ]; then kill $(cat "$host.pid") 2>/dev/null || :; fi
+  rm -f "$host.pid"
+
+  ## Clobber the existing connection, if there is one.
+  clobber
 
   ## Update the state.
   rm -f "$host.state" "$host.pid"
@@ -57,6 +63,9 @@ daemon () {
   ## Initial delay.
   delay=0
 
+  ## Not waiting on a pipe yet.
+  kidcat=nil
+
   ## Keep the connection up for as long as we can.
   while [ -f "$host.pid" ]; do
 
@@ -74,9 +83,18 @@ daemon () {
 	;;
     esac
 
+    ## Prepare a pipe so that we can wait for SSH to finish.  This is a
+    ## rotten hack.
+    case $kidcat in
+      nil) ;;
+      *) kill $kidcat >/dev/null 2>&1 || :; kidcat=nil ;;
+    esac
+    rm -f "$host.pipe"; mkfifo -m600 "$host.pipe"
+    cat $host.pipe >/dev/null& kidcat=$!
+
     ## Start a new connection.
     writefile "$host.state" starting
-    if ! runssh -MNnf "$host" >/dev/null; then continue; fi
+    if ! runssh -MNnf "$host" >"$host.pipe"; then continue; fi
     if ! runssh -Ocheck "$host" >/dev/null 2>&1; then
       echo "connection to $host apparently stillborn"
       continue
@@ -84,13 +102,10 @@ daemon () {
     writefile "$host.state" connected
     delay=0
 
-    ## Wait until it gets torn down.  The chicanery with a pipe is because
-    ## the ssh process will continue until either it gets disconnected from
-    ## the server or stdin closes -- so we have to arrange that stdin doesn't
-    ## close.  Thanks to Richard Kettlewell for the suggestion.
-    rm -f "$host.pipe"; mkfifo -m400 "$host.pipe"
-    runssh -N "$host" >/dev/null <"$host.pipe" || :
+    ## Wait until it gets torn down.
+    wait $kidcat >/dev/null 2>&1 || :
     rm -f "$host.pipe"
+    clobber
     writefile "$host.state" disconnected
   done
 }