set tcp_nodelay

packet.c

@@ -2227,6 +2227,13 @@ ssh_packet_set_interactive(struct ssh *ssh, int interactive, int qos_interactive
 	ssh_packet_set_tos(ssh, interactive ? qos_interactive : qos_bulk);
 }
 
+void
+set_ssh_nodelay(struct ssh *ssh)
+{
+	struct session_state *state = ssh->state;
+	set_nodelay(state->connection_in);
+}
+
 /* Returns true if the current connection is interactive. */
 
 int

packet.h

@@ -112,6 +112,7 @@ void     ssh_packet_set_protocol_flags(struct ssh *, u_int);
 u_int	 ssh_packet_get_protocol_flags(struct ssh *);
 void	 ssh_packet_set_tos(struct ssh *, int);
 void     ssh_packet_set_interactive(struct ssh *, int, int, int);
+void     set_ssh_nodelay(struct ssh *);
 int      ssh_packet_is_interactive(struct ssh *);
 void     ssh_packet_set_server(struct ssh *);
 void     ssh_packet_set_authenticated(struct ssh *);

readconf.c

@@ -155,7 +155,7 @@ typedef enum {
 	oUser, oEscapeChar, oProxyCommand,
 	oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts,
 	oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression,
-	oTCPKeepAlive, oNumberOfPasswordPrompts,
+	oTCPKeepAlive, oTCPNoDelay, oNumberOfPasswordPrompts,
 	oLogFacility, oLogLevel, oLogVerbose, oCiphers, oMacs,
 	oPubkeyAuthentication,
 	oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias,
@@ -269,6 +269,7 @@ static struct {
 	{ "compression", oCompression },
 	{ "tcpkeepalive", oTCPKeepAlive },
 	{ "keepalive", oTCPKeepAlive },				/* obsolete */
+	{ "tcpnodelay", oTCPNoDelay },
 	{ "numberofpasswordprompts", oNumberOfPasswordPrompts },
 	{ "syslogfacility", oLogFacility },
 	{ "loglevel", oLogLevel },
@@ -1307,6 +1308,10 @@ process_config_line_depth(Options *options, struct passwd *pw, const char *host,
 		intptr = &options->tcp_keep_alive;
 		goto parse_flag;
 
+	case oTCPNoDelay:
+		intptr = &options->tcp_nodelay;
+		goto parse_flag;
+
 	case oNoHostAuthenticationForLocalhost:
 		intptr = &options->no_host_authentication_for_localhost;
 		goto parse_flag;
@@ -2628,6 +2633,7 @@ initialize_options(Options * options)
 	options->strict_host_key_checking = -1;
 	options->compression = -1;
 	options->tcp_keep_alive = -1;
+	options->tcp_nodelay = -1;
 	options->port = -1;
 	options->address_family = -1;
 	options->connection_attempts = -1;
@@ -2800,6 +2806,8 @@ fill_default_options(Options * options)
 		options->compression = 0;
 	if (options->tcp_keep_alive == -1)
 		options->tcp_keep_alive = 1;
+	if (options->tcp_nodelay == -1)
+		options->tcp_nodelay = 0;
 	if (options->port == -1)
 		options->port = 0;	/* Filled in ssh_connect. */
 	if (options->address_family == -1)
@@ -3630,6 +3638,7 @@ dump_client_config(Options *o, const char *host)
 	dump_cfg_fmtint(oStreamLocalBindUnlink, o->fwd_opts.streamlocal_bind_unlink);
 	dump_cfg_fmtint(oStrictHostKeyChecking, o->strict_host_key_checking);
 	dump_cfg_fmtint(oTCPKeepAlive, o->tcp_keep_alive);
+	dump_cfg_fmtint(oTCPNoDelay, o->tcp_nodelay);
 	dump_cfg_fmtint(oTunnel, o->tun_open);
 	dump_cfg_fmtint(oVerifyHostKeyDNS, o->verify_host_key_dns);
 	dump_cfg_fmtint(oVisualHostKey, o->visual_host_key);

readconf.h

@@ -49,6 +49,7 @@ typedef struct {
 	int     strict_host_key_checking;	/* Strict host key checking. */
 	int     compression;	/* Compress packets in both directions. */
 	int     tcp_keep_alive;	/* Set SO_KEEPALIVE. */
+	int     tcp_nodelay;	/* Disable Nagle's algorithm. */
 	int	ip_qos_interactive;	/* IP ToS/DSCP/class for interactive */
 	int	ip_qos_bulk;		/* IP ToS/DSCP/class for bulk traffic */
 	SyslogFacility log_facility;	/* Facility for system logging. */

servconf.c

@@ -121,6 +121,7 @@ initialize_server_options(ServerOptions *options)
 	options->xauth_location = NULL;
 	options->strict_modes = -1;
 	options->tcp_keep_alive = -1;
+	options->tcp_nodelay = -1;
 	options->log_facility = SYSLOG_FACILITY_NOT_SET;
 	options->log_level = SYSLOG_LEVEL_NOT_SET;
 	options->num_log_verbose = 0;
@@ -357,6 +358,8 @@ fill_default_server_options(ServerOptions *options)
 		options->strict_modes = 1;
 	if (options->tcp_keep_alive == -1)
 		options->tcp_keep_alive = 1;
+	if (options->tcp_nodelay == -1)
+		options->tcp_nodelay = 0;
 	if (options->log_facility == SYSLOG_FACILITY_NOT_SET)
 		options->log_facility = SYSLOG_FACILITY_AUTH;
 	if (options->log_level == SYSLOG_LEVEL_NOT_SET)
@@ -555,7 +558,7 @@ typedef enum {
 	sKbdInteractiveAuthentication, sListenAddress, sAddressFamily,
 	sPrintMotd, sPrintLastLog, sIgnoreRhosts,
 	sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost,
-	sPermitTTY, sStrictModes, sEmptyPasswd, sTCPKeepAlive,
+	sPermitTTY, sStrictModes, sEmptyPasswd, sTCPKeepAlive, sTCPNoDelay,
 	sPermitUserEnvironment, sAllowTcpForwarding, sCompression,
 	sRekeyLimit, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
 	sIgnoreUserKnownHosts, sCiphers, sMacs, sPidFile, sModuliFile,
@@ -685,6 +688,7 @@ static struct {
 	{ "rekeylimit", sRekeyLimit, SSHCFG_ALL },
 	{ "tcpkeepalive", sTCPKeepAlive, SSHCFG_GLOBAL },
 	{ "keepalive", sTCPKeepAlive, SSHCFG_GLOBAL },	/* obsolete alias */
+	{ "tcpnodelay", sTCPNoDelay, SSHCFG_GLOBAL },
 	{ "allowtcpforwarding", sAllowTcpForwarding, SSHCFG_ALL },
 	{ "allowagentforwarding", sAllowAgentForwarding, SSHCFG_ALL },
 	{ "allowusers", sAllowUsers, SSHCFG_ALL },
@@ -1699,6 +1703,10 @@ process_server_config_line_depth(ServerOptions *options, char *line,
 		intptr = &options->tcp_keep_alive;
 		goto parse_flag;
 
+	case sTCPNoDelay:
+		intptr = &options->tcp_nodelay;
+		goto parse_flag;
+
 	case sEmptyPasswd:
 		intptr = &options->permit_empty_passwd;
 		goto parse_flag;
@@ -3253,6 +3261,7 @@ dump_config(ServerOptions *o)
 	dump_cfg_fmtint(sPermitUserRC, o->permit_user_rc);
 	dump_cfg_fmtint(sStrictModes, o->strict_modes);
 	dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive);
+	dump_cfg_fmtint(sTCPNoDelay, o->tcp_nodelay);
 	dump_cfg_fmtint(sEmptyPasswd, o->permit_empty_passwd);
 	dump_cfg_fmtint(sCompression, o->compression);
 	dump_cfg_fmtint(sGatewayPorts, o->fwd_opts.gateway_ports);

servconf.h

@@ -120,6 +120,7 @@ typedef struct {
 	int	permit_user_rc;	/* If false, deny ~/.ssh/rc execution */
 	int     strict_modes;	/* If true, require string home dir modes. */
 	int     tcp_keep_alive;	/* If true, set SO_KEEPALIVE. */
+	int     tcp_nodelay;	/* If true, set TCP_NODELAY. */
 	int	ip_qos_interactive;	/* IP ToS/DSCP/class for interactive */
 	int	ip_qos_bulk;		/* IP ToS/DSCP/class for bulk traffic */
 	char   *ciphers;	/* Supported SSH2 ciphers. */

ssh.c

@@ -1643,6 +1643,9 @@ main(int ac, char **av)
 	    &timeout_ms, options.tcp_keep_alive) != 0)
 		exit(255);
 
+	if (options.tcp_nodelay)
+		set_ssh_nodelay(ssh);
+
 	if (addrs != NULL)
 		freeaddrinfo(addrs);
 
@@ -1795,6 +1798,7 @@ main(int ac, char **av)
 #endif
 
  skip_connect:
+	set_ssh_nodelay(ssh);
 	exit_status = ssh_session2(ssh, cinfo);
 	ssh_conn_info_free(cinfo);
 	ssh_packet_close(ssh);

sshd-session.c

@@ -1214,6 +1214,9 @@ main(int ac, char **av)
 	    setsockopt(sock_in, SOL_SOCKET, SO_KEEPALIVE, &on, sizeof(on)) == -1)
 		error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno));
 
+	if (options.tcp_nodelay && ssh_packet_connection_is_on_socket(ssh))
+		set_ssh_nodelay(ssh);
+
 	if ((remote_port = ssh_remote_port(ssh)) < 0) {
 		debug("ssh_remote_port failed");
 		cleanup_exit(255);
@@ -1331,6 +1334,7 @@ main(int ac, char **av)
 	 * In privilege separation, we fork another child and prepare
 	 * file descriptor passing.
 	 */
+	set_ssh_nodelay(ssh);
 	privsep_postauth(ssh, authctxt);
 	/* the monitor process [priv] will not return */