[Bug 948] high CPU in sshd after tcp_wrappers deny

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Tue Feb 15 04:40:22 EST 2005


http://bugzilla.mindrot.org/show_bug.cgi?id=948





------- Additional Comments From atlunde at panix.com  2005-02-15 04:40 -------
(In reply to comment #12)
> Still can't reproduce it.  Another thing to try: doing a system call trace the
> cpu-eating sshd and see what it's doing.
> 
> That's truss on Solaris and tusc on HP-UX.  (tusc is an unsupported tool
> supplied by HP: ftp://ftp.cup.hp.com/dist/networking/tools/)

I haven't found a way to reproduce the bug at will, though I suspect some
aggressive attack script may be involved, because of the timing of when I
started seeing the problems.

The patch doesn't seem to help me, on Solaris 8, either.

I was using CVS snapshorts of OpenSSL and OpenSSH:

openssl-0.9.7-stable-SNAP-20050110
openssh-SNAP-20050204

with this script to run configure:
- - -
#!/usr/bin/csh -vx
rm -f config.cache
set path=(/usr/local/openssl-r/bin $path)
setenv CC "/opt/SUNWspro/bin/cc"
#setenv CFLAGS "-I/usr/local/openssl-r/include -I/usr/local/zlib-1.2.1/include
-I/usr/local/include"
#setenv LFLAGS "-L/usr/local/openssl-r -L/usr/local/zlib-1.2.1/lib -L/usr/local/lib"
setenv CFLAGS "-I/usr/local/openssl-r/include  -I/usr/local/include"
setenv LFLAGS "-L/usr/local/openssl-r -L/usr/local/lib"
nohup sh ./configure  --prefix=/usr/local/openssh-r \
        --sysconfdir=/etc/openssh \
        --with-ssl-dir=/usr/local/openssl-r/lib \
        --with-prngd-socket=/local-adm-pub/prngd/egd-pool       \
        --with-tcp-wrappers \
        --with-4in6 \
                --with-pam      \
#               --with-zlib=/usr/local/zlib-1.2.1/lib   \
        --with-xauth=/usr/openwin/bin/xauth             \
        --with-default-path="/usr/bin:/usr/ucb:/usr/openwin/bin:/usr/local/bin" \
   >& my.configure.out.$$ &

#
echo my.configure.out.$$
#
ps -f
#
- - -




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.




More information about the openssh-bugs mailing list