===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/readpass.c,v
retrieving revision 1.62
retrieving revision 1.63
diff -u -r1.62 -r1.63
--- src/usr.bin/ssh/readpass.c	2020/07/14 23:57:01	1.62
+++ src/usr.bin/ssh/readpass.c	2020/08/11 09:45:54	1.63
@@ -1,4 +1,4 @@
-/* $OpenBSD: readpass.c,v 1.62 2020/07/14 23:57:01 djm Exp $ */
+/* $OpenBSD: readpass.c,v 1.63 2020/08/11 09:45:54 djm Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  *
@@ -232,8 +232,8 @@
 	int devnull;
 	pid_t pid;
 	void (*osigchld)(int);
-	const char *askpass;
-	struct notifier_ctx *ret;
+	const char *askpass, *s;
+	struct notifier_ctx *ret = NULL;
 
 	va_start(args, fmt);
 	xvasprintf(&prompt, fmt, args);
@@ -245,16 +245,20 @@
 		(void)write(STDERR_FILENO, "\r", 1);
 		(void)write(STDERR_FILENO, prompt, strlen(prompt));
 		(void)write(STDERR_FILENO, "\r\n", 2);
-		free(prompt);
-		return NULL;
+		goto out;
 	}
 	if ((askpass = getenv("SSH_ASKPASS")) == NULL)
 		askpass = _PATH_SSH_ASKPASS_DEFAULT;
-	if (getenv("DISPLAY") == NULL || *askpass == '\0') {
-		debug3("%s: cannot notify", __func__);
-		free(prompt);
-		return NULL;
+	if (*askpass == '\0') {
+		debug3("%s: cannot notify: no askpass", __func__);
+		goto out;
 	}
+	if (getenv("DISPLAY") == NULL &&
+	    ((s = getenv(SSH_ASKPASS_REQUIRE_ENV)) == NULL ||
+	    strcmp(s, "force") != 0)) {
+		debug3("%s: cannot notify: no display", __func__);
+		goto out;
+	}
 	osigchld = ssh_signal(SIGCHLD, SIG_DFL);
 	if ((pid = fork()) == -1) {
 		error("%s: fork: %s", __func__, strerror(errno));
@@ -281,6 +285,7 @@
 	}
 	ret->pid = pid;
 	ret->osigchld = osigchld;
+ out:
 	free(prompt);
 	return ret;
 }