[Bug 1999] New: When speaking v2, send client version first to avoid long delay with some proxies
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Sat Apr 21 04:40:15 EST 2012
https://bugzilla.mindrot.org/show_bug.cgi?id=1999
Bug #: 1999
Summary: When speaking v2, send client version first to avoid
long delay with some proxies
Classification: Unclassified
Product: Portable OpenSSH
Version: 5.9p1
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: ssh
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy: tls at panix.com
Created attachment 2145
--> https://bugzilla.mindrot.org/attachment.cgi?id=2145
Patch implementing a new SendVersionFirst option.
The current behavior of the OpenSSH client is to wait for the server to
send its version string before sending the client version. This allows
the client to work around problems in several old versions of various
SSH server software.
When configured to speak only protocol version 2, these workarounds are
of much less value. Also, the "wait for server version" behavior
causes a long delay -- up to 30 seconds -- when communicating through
certain proxies which try to guess the protocol in use before punching
the connection through to the requested server. Particularly stupidly
configured proxies may even drop the connection if they never see the
client version string from our end.
Such proxies are unquestionably broken but they are also painfully
common.
The attached patch adds an option "SendVersionFirst" which, if we are
speaking v2, inverts the old behavior and sends our client version
string first, rather than waiting for the server to send its string. I
have defaulted it to enabled. This makes OpenSSH behave much more like
most other clients when configured for v2 only and I haven't seen it
cause problems with any of a wide variety of servers. The option can
always be disabled if a problem does arise.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list