Bug ? on ssh-agent

Frédéric Olivié alf at club-internet.fr
Wed Jan 4 02:22:08 EST 2006


I fell on this using openssh on cygwin. Though it may be a cygwin 
related issue, I think it's may be a bug on the main openssh tree. Thus 
my posting here. I'm CC'ing to the public list for information.

The part of code I'm refering to is :

        /* XXX might close listen socket */
        (void)dup2(fd, STDIN_FILENO);
        (void)dup2(fd, STDOUT_FILENO);
        (void)dup2(fd, STDERR_FILENO);
        if (fd > 2)

I'm actually launching the ssh agent from a "run.exe" script launched at 
the start of my X server (Cygwin/X). Things used to work perfectly until 
my last update. Unfortunately, I don't know which version I used before :-(

Something may have changed in the cygwin implementation.

What happens is that the agent is apparently launched without any opened 
file descriptors (as far as I can see). So the auth socket gets the fd 
0. We therefore fall on the "/* XXX might close listen socket */" case...

I suggest a simple patch here :

    if ((fd = open(_PATH_DEVNULL, O_RDWR, 0)) != -1) {
      if (sock == 0) {
        dup2(sock, fd+1) ;
        close(sock) ;
        sock = fd+1 ;
        (void)dup2(fd, STDIN_FILENO);
        (void)dup2(fd, STDOUT_FILENO);
        (void)dup2(fd, STDERR_FILENO);
        if (fd > 2)

It would be possible to dup2 the socket a second time after the 
"close(fd)" so that it would use fd instead of fd+1, but I don't really 
see the point.

Also, it might be cleaner to do a :

      if ((sock == STDIN_FILENO) || (sock == STDOUT_FILENO) || (sock == 

Thanks for you feedback.


Frédéric Olivié.

More information about the openssh-unix-dev mailing list