[Bug 3447] New: immediate connection closed with nothing logged at DEBUG LogLevel - silent pipe() error?
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Wed Jun 15 23:39:46 AEST 2022
https://bugzilla.mindrot.org/show_bug.cgi?id=3447
Bug ID: 3447
Summary: immediate connection closed with nothing logged at
DEBUG LogLevel - silent pipe() error?
Product: Portable OpenSSH
Version: 7.9p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
Assignee: unassigned-bugs at mindrot.org
Reporter: vincent-openssh at vinc17.net
With some sshd server (on a Debian 10 machine, but the code appears to
be similar in the current version, as shown below), I get random
immediate connections closed (a packet dump shows that the server sends
a FIN as its second packet, probably because it has closed the socket),
and nothing is logged at DEBUG LogLevel. So the only explanation I have
is that the pipe() fails, since this seems to be the only way one
doesn't get anything logged at this LogLevel.
In case of early connection closed, sshd should ensure that something
is logged at least at the DEBUG LogLevel. In particular, one should get
something when pipe() fails, and this should probably be an error().
The current sshd.c source from
https://github.com/openssh/openssh-portable has the following code in
server_accept_loop().
if (unset_nonblock(*newsock) == -1 ||
pipe(startup_p) == -1) {
close(*newsock);
continue;
}
Concerning unset_nonblock(), defined in misc.c, there is an error() or
a debug() in case of error. But nothing in case of pipe() failure. I
would expect something like
error("pipe(startup_p): %s", strerror(errno));
One major improvement is that one would know the reason of the pipe()
failure.
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list