Solution? (was Re: hang on exit bug under Linux)

Nicolas Williams Nicolas.Williams at ubsw.com
Thu Dec 13 18:13:56 EST 2001 

On Thu, Dec 13, 2001 at 01:34:32PM +1100, carl at bl.echidna.id.au wrote:
> 
> > From: Peter Stuge <stuge at cdy.org>
> > 
> > The true solution is considered to be one of two things:
> > 
> > 1. All daemons shall behave.  (ie. close std*)
> 
> Ideally, but not likely :(
> 
> > 2. The user knows what he/she wants.  (ie. to exit, loosing data)
> > 
> > I actually want both.  I want to be able to tell sloppy daemon programmers
> > that they should clean up their code.  But I also want my users to not have
> > to deal with sloppy daemon programmers, unless they choose to do so.
> > This is tough.
> 
> Could it be done at the command line?  ssh -bad-daemon foohost ?

I think the solution is to have a client-side option to specify the
behaviour of the client when the number of live sessions goes down to 0.
The behaviour could be any of:

 - wait for channels to close ("hang")
 - background the client
 - pass SIGHUP to the session(s) that still have open channels (sshd
   should do a killpg() in response)
 - force the closure of remaining channels and exit, possibly doing this
   after the expiration of a timer

The key thing to understand here is that SSHv2 is *very* different from
SSHv1.

SSHv2 allows the use of multiple sessions in one SSH connection. And
even when there are no live sessions the client could still initiate new
ones. Thus, to fully suport the protocol, the server must not
unilaterally drop SSHv2 connections.

So what is needed to satisfy the howlers is to provide an option as
described above.

DISCLAIMER: I'm not an expert on SSHv2, nor am I involved in the
OpenSSH effort other than as a user and occasional contributor on this
list -- so I may be wrong. Ben? Markus?

> Is it too hard to have a command line switch (or config option) to say
> "lossy/not lossy" ?  It's because of this problem that I'm still stuck
> with a lot of firewalls still running ssh v1 :(

No, I don't think it is too much. The key though, is to undersand that
this is an issue of the client's behaviour. An option to say "hey, I'd
do an ~. when the session leader exits, so just do it and save me the
bother".

> Carl


Cheers,

Nico
--
-DISCLAIMER: an automatically appended disclaimer may follow. By posting-
-to a public e-mail mailing list I hereby grant permission to distribute-
-and copy this message.-

Visit our website at http://www.ubswarburg.com

This message contains confidential information and is intended only 
for the individual named.  If you are not the named addressee you 
should not disseminate, distribute or copy this e-mail.  Please 
notify the sender immediately by e-mail if you have received this 
e-mail by mistake and delete this e-mail from your system.

E-mail transmission cannot be guaranteed to be secure or error-free 
as information could be intercepted, corrupted, lost, destroyed, 
arrive late or incomplete, or contain viruses.  The sender therefore 
does not accept liability for any errors or omissions in the contents 
of this message which arise as a result of e-mail transmission.  If 
verification is required please request a hard-copy version.  This 
message is provided for informational purposes and should not be 
construed as a solicitation or offer to buy or sell any securities or 
related financial instruments.

More information about the openssh-unix-dev mailing list