Idletimeout patch

Jani Jaakkola jjaakkol at cs.Helsinki.FI
Tue Aug 21 01:20:36 EST 2001


On Mon, 20 Aug 2001, Markus Friedl wrote:

> On Mon, Aug 20, 2001 at 05:55:31PM +0300, Jani Jaakkola wrote:
> > On Mon, 20 Aug 2001, Markus Friedl wrote:
> >
> > > i don't think that both dispatch.c and packet.c should be touched.
> >
> > I agree, but I could not find any other way to hook to both incoming
> > and outgoing packets with their types known (at least without doing
> > de-assembly of allready assembled packets).
>
> ? i don't understand.
>
> you can add both checks to packet.c (packet_read/packet_start)

Silly me. I stand corrected.

> > I don't think so and I actually tested that it works. Those messages are
> > never seen in the version 1 protocol,
>
> yes, but this is pure chance. it's still not correct
> to rely on this.

Even if ssh2 messages would be found in the incoming ssh1 protocol
stream, it would not break anything in the idletimeout check. It would
never even get there, because dispatch_run() would exit on a protocol
error before idletimeout_check() would be called.

But I guess it does not matter anyway, since I will rewrite the check to
work the other way  and move the call of idletimeout_check() away from
dispatch.c. This also means, that idletimeout_check() might be called
before protocol violations are detected, but I still think that it would
not be a big deal.

> > Yes, I too thought that it would be easier.  Maybe I should make it a
> > configure option and tag it as 'experimental' (which off course would make
> > the patch even bigger).
>
> having lots of #ifdef makes debugging/support very hard...

Yes. And it would be more trouble for lazy me :)

- Jani




More information about the openssh-unix-dev mailing list