search for: stderr_buffer

In the changelog, there is an entry: 20001129 - (djm) Back out all the serverloop.c hacks. sshd will now hang again if there are background children with open fds. Does this mean that this is regarded as expected (and correct) behavior, that should not change in the future, or does it mean that this behavior is a known problem that someone will eventually fix? --Adam -- Adam McKenna

...write(fileno(stdout), buffer_ptr(&stdout_buffer), buffer_len(&stdout_buffer)); if (len <= 0) { + if (errno == EGAIN) + continue; error("Write failed flushing stdout buffer."); break; } @@ -884,6 +886,8 @@ len = write(fileno(stderr), buffer_ptr(&stderr_buffer), buffer_len(&stderr_buffer)); if (len <= 0) { + if (errno == EGAIN) + continue; error("Write failed flushing stderr buffer."); break; }

...if (len < 0 && (errno == EINTR || errno == EAGAIN)) { +306 /* do nothing */ +307 } else if (len <= 0) { +308 fderr_eof = 1; +309 } else { +310 buffer_append(&stderr_buffer, buf, len); +311 } +312 } -- sandor w. sklar unix systems administrator stanford university itss-css

I am running OpenSSH 2.9p1 on SunOS 5.7 w/4-24-2001 patch cluster. Like many other users I am seeing the hanging session on logout with background processes. This is a huge problem for me as I centrally manage 50+ machines with rdist across ssh. Instead of just complaining about the problem I thought I would put my CS degree to use and try to track down the problem myself. For starters,

...d_set **readsetp, fd_set **writesetp, int *maxfdp, int rekeying) { + struct timeval timer; + struct timeval *timerp; + int rc; + /* Add any selections by the channel mechanism. */ channel_prepare_select(readsetp, writesetp, maxfdp, rekeying); @@ -346,7 +350,15 @@ if (buffer_len(&stderr_buffer) > 0) FD_SET(fileno(stderr), *writesetp); } else { - FD_SET(connection_in, *readsetp); + /* channel_prepare_select could have closed the last channel */ + if ((session_status == SessionClose) + && !channel_still_open()) { + if (!packet_have_data_to_write()) { + return...

...timer.tv_usec=0; + timerp=&timer; + } else { + timerp=NULL; + } + + rc=select((*maxfdp)+1, *readsetp, *writesetp, NULL, timerp); + if (rc < 0) { char buf[100]; /* @@ -381,7 +398,8 @@ snprintf(buf, sizeof buf, "select: %s\r\n", strerror(errno)); buffer_append(&stderr_buffer, buf, strlen(buf)); quit_pending = 1; - } + } else if (rc == 0 && session_status == SessionWait) + session_status=SessionClose; } static void @@ -442,9 +460,12 @@ len = read(connection_in, buf, sizeof(buf)); if (len == 0) { /* Received EOF. The remote host has closed the...

...timer.tv_usec=0; + timerp=&timer; + } else { + timerp=NULL; + } + + rc=select((*maxfdp)+1, *readsetp, *writesetp, NULL, timerp); + if (rc < 0) { char buf[100]; /* @@ -384,7 +400,8 @@ snprintf(buf, sizeof buf, "select: %s\r\n", strerror(errno)); buffer_append(&stderr_buffer, buf, strlen(buf)); quit_pending = 1; - } + } else if (rc == 0 && session_status == SessionWait) + session_status=SessionClose; } static void @@ -445,9 +462,12 @@ len = read(connection_in, buf, sizeof(buf)); if (len == 0) { /* Received EOF. The remote host has closed the...

...have significantly more checks for breaking the loop: if (((fdout_eof && fderr_eof) || (child_terminated && child_has_selected)) && !packet_have_data_to_write() && (buffer_len(&stdout_buffer) == 0) && (buffer_len(&stderr_buffer) == 0)) { if (!channel_still_open()) break; as well as other useful logging information, like: debug("End of interactive session; stdin %ld, stdout (read %ld, sent %ld), stderr %ld bytes.", stdin_bytes, fdout_bytes, stdout_bytes, stderr_byt...

...izeof(buf)); if (len == 0) { /* Received EOF. The remote host has closed the connection. */ +/* This message duplicates the one already in client_loop(). */ +#if 0 snprintf(buf, sizeof buf, "Connection to %.300s closed by remote host.\r\n", host); buffer_append(&stderr_buffer, buf, strlen(buf)); +#endif quit_pending = 1; return; } diff -ur openssh-3.0.2p1/session.c openssh-3.0.2p1J2/session.c --- openssh-3.0.2p1/session.c Sat Dec 1 16:37:08 2001 +++ openssh-3.0.2p1J2/session.c Sat Jan 19 15:56:32 2002 @@ -1929,6 +1929,8 @@ */ if (c->ostate != CHAN_OU...

...ot;; + const char *s = "Waiting for forwarded connectio ns to terminate... (press ~& to background)\r\n"; char *cp; waiting_termination = 1; buffer_append(&stderr_buffer, s, strlen(s)); ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. You are on the CC list for the bug, or are watching someone who is. _______________________________________________ openssh-unix-dev at mindrot.org mailing list ht...

...setp, *writesetp, NULL, NULL) < 0) { + switch (select((*maxfdp)+1, *readsetp, *writesetp, NULL, ((tv.tv_sec)?(&tv):NULL))) { + case -1: { char buf[100]; /* @@ -420,7 +425,21 @@ snprintf(buf, sizeof buf, "select: %s\r\n", strerror(errno)); buffer_append(&stderr_buffer, buf, strlen(buf)); quit_pending = 1; - } + + } + break; + + case 0: + /* Send a keepalive packet (not SSH_MSG_IGNORE as this crashes + * some servers...). + */ + packet_sta...

Hi openssh-unix-dev subscribers :) I have found that ServerAliveInterval & ServerAliveCountMax have some bug. Basically the ssh-alive check function (that verify the peer is alive) is called only if no data at all gets into ssh (when it should work only for server channel).I am pretty sure developers know about this ..anyway I have tried to fix this issue. Here is the patch: diff -rNu

...timer.tv_usec=0; + timerp=&timer; + } else { + timerp=NULL; + } + + rc=select((*maxfdp)+1, *readsetp, *writesetp, NULL, timerp); + if (rc < 0) { char buf[100]; /* @@ -384,7 +399,8 @@ snprintf(buf, sizeof buf, "select: %s\r\n", strerror(errno)); buffer_append(&stderr_buffer, buf, strlen(buf)); quit_pending = 1; - } + } else if (rc == 0 && session_status == SessionWait) + session_status=SessionClose; } static void @@ -760,7 +776,7 @@ error("client_channel_closed: id %d != session_ident %d", id, session_ident); channel_cancel_cleanu...

...in %lu.%lu s", tv.tv_sec, tv.tv_usec); + } + else tvp = NULL; + + ret = select((*maxfdp)+1, *readsetp, *writesetp, NULL, tvp); + if (ret < 0) { char buf[100]; /* @@ -379,6 +398,17 @@ snprintf(buf, sizeof buf, "select: %s\r\n", strerror(errno)); buffer_append(&stderr_buffer, buf, strlen(buf)); quit_pending = 1; + } + else if (ret == 0) { + /* + * select() timed out. Send a SSH[2]_MSG_IGNORE packet of random + * size between 1 - 64 bytes. + */ + u_int32_t rand = arc4random(); + packet_send_ignore((rand & 0x3f) + 1); + packet_send(); + packet_write_w...

...ekeying); if (!compat20) { - /* Read from the connection, unless our buffers are full. */ + /* Read from the connection, unless our buffers are full. */ if (buffer_len(&stdout_buffer) < buffer_high && buffer_len(&stderr_buffer) < buffer_high && channel_not_very_much_buffered_data()) @@ -342,13 +378,7 @@ if (buffer_len(&stderr_buffer) > 0) FD_SET(fileno(stderr), *writesetp); } else { - /* channel_prepare_select could have c...

Heya, Most of the windows ssh clients (putty, securecrt) have anti-idle features. They offer either a null packet or protocol no-op or user defined string to be sent over every x seconds. Is this possible or planned with the OpenSSH client? Our draconian firewall admins have started timing out ssh sessions. Yes I'm aware I could hack up a port forwarding dumb traffic process, but was

Hello, In response to the timing analysis attacks presented by Dawn Song et. al. in her paper http://paris.cs.berkeley.edu/~dawnsong/ssh-timing.html we at Silicon Defense developed a patch for openssh to avoid such measures. Timing Analysis Evasion changes were developed by C. Jason Coit and Roel Jonkman of Silicon Defense. These changes cause SSH to send packets unless request not to,

...============================================================ RCS file: /home/markus/cvs/ssh/serverloop.c,v retrieving revision 1.103 diff -u -r1.103 serverloop.c --- serverloop.c 24 Jun 2002 14:33:27 -0000 1.103 +++ serverloop.c 12 Jul 2002 16:34:20 -0000 @@ -388,6 +388,11 @@ buffer_append(&stderr_buffer, buf, len); } } + /* allow data loss on pty */ + if (child_terminated && fderr == -1 && !fdout_eof) { + close(fdout); + fdout_eof = 1; + } } /* Index: session.c =================================================================== RCS file: /home/markus/cvs/ssh/session.c,v...

The 4.6p1 sshd is logging this error during remote commands or file transfers: error: channel 0: chan_read_failed for istate 3 Platform is Solaris 8, 4.6p1 + OpenSSL 0.9.8d. The commands and transfers work correctly, so the error message appears to be spurious. The error message does not appear when processing logins. Otherwise 4.6p1 is running without any apparent problems. This error

I'm reading this fine article on O'Reilly: http://linux.oreillynet.com/lpt/a//linux/2001/11/08/ssh_keystroke.html <quote> The paper concludes that the keystroke timing data observable from today's SSH implementations reveals a dangerously significant amount of information about user terminal sessions--enough to locate typed passwords in the session data stream and reduce the