Reset last-seen time when sending a keepalive. Prevents sending two

keepalives successively and prematurely terminating connection when
ClientAliveCount=1.  While there, collapse two similar tests into one.
ok markus@

1 files changed, 9 insertions, 6 deletions

diff --git a/usr.bin/ssh/serverloop.c b/usr.bin/ssh/serverloop.c
index f1820f74e4b..05a2de3392a 100644
--- a/usr.bin/ssh/serverloop.c
+++ b/usr.bin/ssh/serverloop.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: serverloop.c,v 1.213 2019/01/19 22:30:52 djm Exp $ */
+/* $OpenBSD: serverloop.c,v 1.214 2019/03/06 21:06:59 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -221,6 +221,7 @@ wait_until_can_do_something(struct ssh *ssh,
 	int ret;
 	time_t minwait_secs = 0;
 	int client_alive_scheduled = 0;
+	/* time we last heard from the client OR sent a keepalive */
 	static time_t last_client_time;
 
 	/* Allocate and update select() masks for channel descriptors. */
@@ -289,13 +290,15 @@ wait_until_can_do_something(struct ssh *ssh,
 	} else if (client_alive_scheduled) {
 		time_t now = monotime();
 
-		if (ret == 0) { /* timeout */
+		/*
+		 * If the select timed out, or returned for some other reason
+		 * but we haven't heard from the client in time, send keepalive.
+		 */
+		if (ret == 0 || (last_client_time != 0 && last_client_time +
+		    options.client_alive_interval <= now)) {
 			client_alive_check(ssh);
-		} else if (FD_ISSET(connection_in, *readsetp)) {
 			last_client_time = now;
-		} else if (last_client_time != 0 && last_client_time +
-		    options.client_alive_interval <= now) {
-			client_alive_check(ssh);
+		} else if (FD_ISSET(connection_in, *readsetp)) {
 			last_client_time = now;
 		}
 	}