Robert Dahlem
2004-Aug-25 17:29 UTC
sshd 3.9p1 under Reliant Unix 5.45: getpeername: Operation not supported on transport endpoint
The following is special to sshd 3.9p1 under ReliantUnix 5.45. It does not occur under ReliantUnix 5.43 nor under Solaris 5.8: `pwd`/sshd-3.9 -e -D -d -d -d Now connecting from outside [...] debug1: inetd sockets after dupping: 3, 3 debug1: get_port() calls get_sock_port(3) debug1: getpeername failed: Operation not supported on transport endpoint lsof proves FD 3 is an established TCP connection. It does not occur when sshd is started with -r to prevent usage of the new re-exec mechanism. I'm pretty sure it's something weird with ReliantUnix 5.45 concerning inherited sockets. Anyone here having a pointer where to start the chase? Regards, Robert
Tim Rice
2004-Aug-25 17:50 UTC
sshd 3.9p1 under Reliant Unix 5.45: getpeername: Operation not supported on transport endpoint
On Wed, 25 Aug 2004, Robert Dahlem wrote:> > The following is special to sshd 3.9p1 under ReliantUnix 5.45. It does > not occur under ReliantUnix 5.43 nor under Solaris 5.8:[snip]> Anyone here having a pointer where to start the chase?Send us the output of configure starting with OpenSSH has been configured with the following options:> > Regards, > Robert >-- Tim Rice Multitalents (707) 887-1469 tim at multitalents.net
Robert Dahlem
2004-Aug-26 06:15 UTC
sshd 3.9p1 under Reliant Unix 5.45: getpeername: Operation not supported on transport endpoint
On Wed, 25 Aug 2004 10:50:57 -0700 (PDT), Tim Rice wrote:>> The following is special to sshd 3.9p1 under ReliantUnix 5.45. Itdoes>> not occur under ReliantUnix 5.43 nor under Solaris 5.8: >[snip] >> Anyone here having a pointer where to start the chase?>Send us the output of configure starting with > OpenSSH has been configured with the following options:Here we go: OpenSSH has been configured with the following options: User binaries: /opt/bin System binaries: /opt/bin Configuration files: /etc/ssh Askpass program: /opt/bin/ssh-askpass Manual pages: /usr/share/man/manX PID file: /etc/ssh Privilege separation chroot path: /var/empty sshd default user PATH: /usr/bin:/bin:/usr/sbin:/sbin:/opt/bin (If PATH is set in /etc/default/login it will be used instead. If used, ensure the path to scp is present, otherwise scp will not work.) Manpage format: man PAM support: no KerberosV support: no Smartcard support: no S/KEY support: no TCP Wrappers support: no MD5 password support: no IP address in $DISPLAY hack: yes Translate v4 in v6 hack: no BSD Auth support: no Random number source: OpenSSL internal ONLY Host: mips-sni-sysv4 Compiler: cc Compiler flags: -O Preprocessor flags: -I/opt/lib/ssl/include Linker flags: -L/opt/lib/ssl/lib -s Libraries: -lcrypto -lz -lsocket -lnsl -ldl -lgen -lresolv SVR4 style packages are supported with "make package" WARNING: the operating system that you are using does not appear to support either the getpeereid() API nor the SO_PEERCRED getsockopt() option. These facilities are used to enforce security checks to prevent unauthorised connections to ssh-agent. Their absence increases the risk that a malicious user can connect to your agent. Regards, Robert
Tim Rice
2004-Aug-26 21:52 UTC
sshd 3.9p1 under Reliant Unix 5.45: getpeername: Operation not supported on transport endpoint
On Thu, 26 Aug 2004, Robert Dahlem wrote:> On Wed, 25 Aug 2004 10:50:57 -0700 (PDT), Tim Rice wrote: > > >>> The following is special to sshd 3.9p1 under ReliantUnix 5.45. It > does >>> not occur under ReliantUnix 5.43 nor under Solaris 5.8:[snip]> Libraries: -lcrypto -lz -lsocket -lnsl -ldl -lgen -lresolvJust for fun try editing your Makefiles so LIBS are -lcrypto -lz -ldl -lgen -lsocket -lresolv -lnsl and then "make clean && make" -- Tim Rice Multitalents (707) 887-1469 tim at multitalents.net
Damien Miller
2004-Aug-28 01:11 UTC
sshd 3.9p1 under Reliant Unix 5.45: getpeername: Operation not supported on transport endpoint
Robert Dahlem wrote:> On Fri, 27 Aug 2004 20:44:28 +0200, Robert Dahlem wrote: > > >> sock_in = sock_out = fcntl(STDIN_FILENO, F_DUPFD); > > > Oops. Should be > > sock_in = sock_out = fcntl(STDIN_FILENO, F_DUPFD, 0);It looks like your dup() is indeed broken. It should be too hard to have a replacement function (or #define) to transparently cope with this. What is your platform type, as reported after "Host: " at the end of a configure run? -d
Robert Dahlem
2004-Aug-28 07:34 UTC
sshd 3.9p1 under Reliant Unix 5.45: getpeername: Operation not supported on transport endpoint
On Sat, 28 Aug 2004 11:11:16 +1000, Damien Miller wrote:>> sock_in = sock_out = fcntl(STDIN_FILENO, F_DUPFD, 0);>It looks like your dup() is indeed broken. It should be too hard to have >a replacement function (or #define) to transparently cope with this.>What is your platform type, as reported after "Host: " at the end of a >configure run?Host: mips-sni-sysv4 Would you accept a patch like #define dup(fd) fcntl(fd, F_DUPFD, 0) for this platform? Regards, Robert
Darren Tucker
2004-Aug-29 05:53 UTC
sshd 3.9p1 under Reliant Unix 5.45: getpeername: Operation not supported on transport endpoint
Robert Dahlem wrote:> On Sat, 28 Aug 2004 11:11:16 +1000, Damien Miller wrote: >>It looks like your dup() is indeed broken. It should be too hard to have >>a replacement function (or #define) to transparently cope with this.[...]> Host: mips-sni-sysv4 > > Would you accept a patch like > > #define dup(fd) fcntl(fd, F_DUPFD, 0) > > for this platform?I think that would be OK. Does the attached patch work? -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement. -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: openssh-dup-fcntl.patch Url: http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20040829/1dad8309/attachment.ksh