bugzilla-daemon at bugzilla.mindrot.org
2015-Sep-18 09:22 UTC
[Bug 2469] New: ssh connection hangs indefinitely on EPIPE
https://bugzilla.mindrot.org/show_bug.cgi?id=2469
Bug ID: 2469
Summary: ssh connection hangs indefinitely on EPIPE
Product: Portable OpenSSH
Version: 7.1p1
Hardware: All
OS: Solaris
Status: NEW
Severity: major
Priority: P5
Component: ssh
Assignee: unassigned-bugs at mindrot.org
Reporter: tomas.kuthan at oracle.com
When there is a connectivity problem between the server and the client
(network outage, server crash or reboot), the client indefinitely
hangs.
Trace:
-> packet_write_wait(0xa8706c360, 0x0, 0x0, 0x0, 0x0, 0x600000)
-> ssh_packet_write_wait(0xa870151e0, 0x0, 0x0, 0x0, 0x0, 0x600000)
-> __addvdi3(0x4, 0x1, 0x0, 0x0, 0x0, 0x600000)
<- __addvdi3() = 5
-> ssh_packet_write_poll(0xa870151e0, 0x0, 0x0, 0x2dc, 0x8,
0x101010101010101)
-> sshbuf_len(0xa86ffc5d0, 0x0, 0x0, 0x2dc, 0x8,
0x101010101010101)
<- sshbuf_len() = 80
-> sshbuf_ptr(0xa86ffc5d0, 0x0, 0x50, 0xf00, 0x8,
0x101010101010101)
<- sshbuf_ptr() = 0xa87070ae0
-> roaming_write(0x4, 0xa87070ae0, 0x50, 0xffff80dc43363680,
0x8,
0x101010101010101)
write(4, "1F {\004DB e iAC9399FA 8".., 80) Err#32 EPIPE
Received signal #13, SIGPIPE [ignored]
<- roaming_write() = -1
<- ssh_packet_write_poll() = 0xffffffe8 (SSH_ERR_SYSTEM_ERROR)
-> sshbuf_len(0xa86ffc5d0, 0xa87070ae0, 0x20, 0x0, 0x8,
0x101010101010101)
<- sshbuf_len() = 80
-> __addvdi3(0x4, 0x1, 0x50, 0xf00, 0x8, 0x101010101010101)
<- __addvdi3() = 5
-> __addvdi3(0x4, 0x1, 0x10, 0x4, 0x8, 0x101010101010101)
<- __addvdi3() = 5
pollsys(0xFFFF80DC433635E0, 1, 0x00000000, 0x00000000) (sleep)
Here write fails with EPIPE, and roaming_write passes errno through.
ssh_packet_write_poll returns SSH_ERR_SYSTEM_ERROR.
But this error code is ignored in ssh_packet_write_wait.
Successive select on broken pipe hangs forever.
This looks to be a regression from 4509b5d4.
Pre 4509b5d4 EPIPE in ssh_packet_write_poll resulted in immediate
fatal.
Post 4509b5d4 there is just one ignored error code.
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2015-Sep-18 09:28 UTC
[Bug 2469] ssh connection hangs indefinitely on EPIPE
https://bugzilla.mindrot.org/show_bug.cgi?id=2469
Tomas Kuthan <tomas.kuthan at oracle.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |tomas.kuthan at oracle.com
--- Comment #1 from Tomas Kuthan <tomas.kuthan at oracle.com> ---
Created attachment 2712
--> https://bugzilla.mindrot.org/attachment.cgi?id=2712&action=edit
Patch: check ssh_packet_write_poll return value in
ssh_packet_write_wait
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2015-Sep-21 04:32 UTC
[Bug 2469] ssh connection hangs indefinitely on EPIPE
https://bugzilla.mindrot.org/show_bug.cgi?id=2469
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Blocks| |2451
Resolution|--- |FIXED
Status|NEW |RESOLVED
CC| |djm at mindrot.org
--- Comment #2 from Damien Miller <djm at mindrot.org> ---
thanks, I applied a similar fix - ssh_packet_write_wait() should return
error for any ssh_packet_write_poll() failure.
This will be in OpenSSH 7.2
Referenced Bugs:
https://bugzilla.mindrot.org/show_bug.cgi?id=2451
[Bug 2451] Bugs intended to be fixed in 7.2
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2016-Aug-02 00:42 UTC
[Bug 2469] ssh connection hangs indefinitely on EPIPE
https://bugzilla.mindrot.org/show_bug.cgi?id=2469
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
--- Comment #3 from Damien Miller <djm at mindrot.org> ---
Close all resolved bugs after 7.3p1 release
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
Apparently Analagous Threads
- Bug in KRL signature verification
- [Bug 3192] New: openssh-8.2 & openssl-1.1.1d error: dereferencing pointer to incomplete type Not found struct BIO , bio->num_write
- [Bug 2366] New: ssh-keygen doesn't correctly decode new format GCM-encrypted keys
- [PATCH 1/1] Add support for ZSTD compression
- sshd dies when starting gkrellm