[PATCH] openssh pseudo-terminal bug

RITZ, Daniel daniel.ritz at alcatel.ch
Tue Jun 20 19:37:50 EST 2006


hello

short description:
ssh client sends a wrong all-zero terminal info when requesting forced pseudo-terminal
allocation while stdin is not a terminal.
sshd then sets the terminals ospeed to 0 because it receives this information from the
client. on solaris this means that the pseudo-terminal is closed and output of any
remote command is dropped.

longer description:
what we're doing is connecting to from host A to host C via host B. from host
A to host B public key authentication is used, between host B and C password
autentication is used because public key is not possible.
(hostA is either tru64 with commercial SSH (working) or solaris 10 with openssh
 (non-working), hostB is always solaris 10, hostC is an embedded system)

	A -> (public key auth) -> B -> (password auth) -> C

what we're doing from host A is basically:
	ssh -a -x -t -t -l userB hostB ssh -a -x -l userC hostC

this command is inkoved from within a daemon. stdin/stdout of the command
are pipes to the daemon (pipe()/fork()/exec()).

now, when hostA is running commercial SSH everything works fine. but when using
openssh as client no data is received from the ssh invoked on hostB. communication
to hostC is not working.

the ssh client on hostA is sending terminal info towards hostB when requesting
forced pseudo-terminal allocation ( -t -t ). now as long as STDIN on hostA is
a terminal everything works fine. but if STDIN is a pipe the ssh client wrongly
sends an all zero terminal info to the server.

attached is a diff between the server logs on hostB when connecting with commercial
ssh (-) and when connection with openssh (+).

also attached is small patch which fixes the problem. it makes sure that the terminal
info passed to tty_make_modes() is valid and not all zero. it should not change
behaviour in any other case.

comments?

rgds
-daniel

--------------------------------------------------------------
Daniel Ritz
Software Engineer
Alcatel Schweiz AG
OP-CCBS-OSS
Friesenbergstrasse 75, CH-8055 Zürich

email    daniel.ritz at alcatel.ch
web      http://www.alcatel.ch
--------------------------------------------------------------



More information about the openssh-unix-dev mailing list