[Bug 2757] New: rekey limit clashes with ClientAlive timeouts

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Sat Aug 12 01:00:28 AEST 2017


https://bugzilla.mindrot.org/show_bug.cgi?id=2757

            Bug ID: 2757
           Summary: rekey limit clashes with ClientAlive timeouts
           Product: Portable OpenSSH
           Version: 7.5p1
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: sshd
          Assignee: unassigned-bugs at mindrot.org
          Reporter: jjelen at redhat.com

Created attachment 3036
  --> https://bugzilla.mindrot.org/attachment.cgi?id=3036&action=edit
proposed patch

Reproducer:
1. Start a server:
  /usr/sbin/sshd -D -ddd -p 8022 -o "ClientAliveCountMax=0" -o
"ClientAliveInterval=900" -o "RekeyLimit=default 45s" -e

2. Connect with client
  ssh -p 8022 root at localhost "date; while :; do sleep 10; date; done"


Actual result:
No rekey happens, connection is dropped with error

  Timeout, client not responding.


Expected result:
  Rekey happens in 45 seconds, the connection is not dropped


Diagnostics:
The function wait_until_can_do_something() is selecting the timeout for
select() function, but sets client_alive_scheduled even if it is
scheduled for later than rekey should happen.

Proposed solution:
The client_alive_scheduled variable should be set only if the time is
lower than the time for external event (rekeying). The attached patch
resolved the problem for me and with openssh-7.4 all tests passed.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list