2.9p?: connection hangs with agent forwarding

Lutz Jaenicke Lutz.Jaenicke at aet.TU-Cottbus.DE
Fri Jul 27 20:21:25 EST 2001


On Wed, Jul 04, 2001 at 03:42:33PM +0200, Markus Friedl wrote:
> On Wed, Jul 04, 2001 at 03:20:55PM +0200, Lutz Jaenicke wrote:
> > On the other hand, if sshd would react on the complete close of its local
> > agent connection and would itself initiate the bi-directional shutdown
> > (the accessing process actually has closed both sides), the problem would
> > also not appear.
> 
> some time ago i recevied a patch that tried to do this:
> 
> mark a 'forwarded channel' as special if it's a agent connection.
> force a close for the send-half if the received half is closed
> 
> however, the patch modified the protocol (this was not acceptiple).
> 
> are you talking about a shutdown of a socket or of a 'forwarded'
> channel?

[For your information: since this message there was a private email
exchange between Markus Friedl and myself about this issue.]

Attached you will find a patch, that should solve the problem of hanging
connections because of sockets not being correctly closed after forwarded
ssh-agent or X11 connections. It actually handles a similar problem as
the USE_PIPES switch.
In the version attached it only handles the UNIX sockets on the client
side, so the protocol on the wire is untouched. (There are two locations
in it with a "force_drain=0" that is a no-op but I left it in as it was
discussed during test between Markus and me. It will probably be removed
if being applied.)

This patch solves the problem on HP-UX 10.20 and I would ask people on
other platforms affected by this problem to also test it and report back,
so that the patch can be applied to the main release.
(Patch is against CVS version)

Best regards,
	Lutz
-- 
Lutz Jaenicke                             Lutz.Jaenicke at aet.TU-Cottbus.DE
BTU Cottbus               http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik                  Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus              Fax. +49 355 69-4153
-------------- next part --------------
diff -r -u newsoft/openssh_cvs/channels.c n2/openssh/channels.c
--- newsoft/openssh_cvs/channels.c	Thu Jul 19 18:03:32 2001
+++ n2/openssh/channels.c	Wed Jul 25 18:09:44 2001
@@ -260,6 +260,7 @@
 	c->cb_fn = NULL;
 	c->cb_arg = NULL;
 	c->cb_event = 0;
+	c->force_drain = 0;
 	c->detach_user = NULL;
 	c->input_filter = NULL;
 	debug("channel %d: new [%s]", found, remote_name);
@@ -1031,6 +1032,7 @@
 			xfree(remote_ipaddr);
 			return;
 		}
+		nc->force_drain = 0;
 		if (compat20) {
 			packet_start(SSH2_MSG_CHANNEL_OPEN);
 			packet_put_cstring("x11");
@@ -1185,6 +1187,7 @@
 			xfree(name);
 			close(newsock);
 		}
+		nc->force_drain = 0;
 		if (compat20) {
 			packet_start(SSH2_MSG_CHANNEL_OPEN);
 			packet_put_cstring("auth-agent at openssh.com");
@@ -1781,6 +1784,13 @@
 	if (c == NULL)
 		packet_disconnect("Received ieof for nonexistent channel %d.", id);
 	chan_rcvd_ieof(c);
+
+	/* XXX force input close */
+	if (c->force_drain) {
+		debug2("channel %d: XXX FORCE input drain", c->self);
+		c->istate = CHAN_INPUT_WAIT_DRAIN;
+	}
+
 }
 
 void
@@ -2669,6 +2679,7 @@
 			close(sock);
 		} else {
 			c->remote_id = remote_id;
+			c->force_drain = 1;
 		}
 	}
 	if (c == NULL) {
@@ -2931,6 +2942,7 @@
 			close(sock);
 		} else {
 			c->remote_id = remote_id;
+			c->force_drain = 1;
 		}
 	}
 	if (c == NULL) {
diff -r -u newsoft/openssh_cvs/channels.h n2/openssh/channels.h
--- newsoft/openssh_cvs/channels.h	Thu Jul 19 18:03:33 2001
+++ n2/openssh/channels.h	Thu Jul 19 18:31:56 2001
@@ -77,6 +77,7 @@
 	int     efd;		/* extended fd */
 	int     sock;		/* sock fd */
 	int     isatty;		/* rfd is a tty */
+	int     force_drain;		/* force close on iEOF */
 	Buffer  input;		/* data read from socket, to be sent over
 				 * encrypted connection */
 	Buffer  output;		/* data received over encrypted connection for
diff -r -u newsoft/openssh_cvs/clientloop.c n2/openssh/clientloop.c
--- newsoft/openssh_cvs/clientloop.c	Thu Jul 19 18:03:33 2001
+++ n2/openssh/clientloop.c	Thu Jul 19 19:24:27 2001
@@ -1111,6 +1111,7 @@
 		error("client_request_x11: channel_new failed");
 		close(sock);
 	}
+	c->force_drain = 1;
 	return c;
 }
 
@@ -1136,6 +1137,7 @@
 		error("client_request_agent: channel_new failed");
 		close(sock);
 	}
+	c->force_drain = 1;
 	return c;
 }
 


More information about the openssh-unix-dev mailing list