Hanging ssh sessions with openssh-5.1p1 and Solaris 8 & 10

Darren Tucker dtucker at zip.com.au
Tue Aug 5 11:19:02 EST 2008 

On Mon, Aug 04, 2008 at 02:34:23PM -0400, Jeff Wieland wrote:
> Since we upgraded OpenSSH from 5.0p1 to 5.1p1 on our Solaris 8 boxes
> (I know, I know, we should upgrade or retire them...), we've started
> experiencing problems with slogin'ing into these boxes, running vi,
> and pasting text into the vi session.
> 
> As long as we are pasting in less that 1024 characters it's fine.
> With >= 1024 characters, the session hangs.

Do you know if the problem occurs on the client or server side?  ie if
you use an older client with a newer server (and vice versa) does the
problem occur?

> If you run "/usr/ucb/lptest 72 23 | cat -n" in one window, and
> then cut paste up to the "V" on line 13, things work as expected.
> If you include the "W" on the line 13, the vi session will hang
> with none of characters that are being pasted showing up.
> 
> We've been building OpenSSH with Sun Studio 11 -- I tried building
> it with GNU-CC 3.4.4 with the same results.  We also link against
> a locally built zlib, since Solaris 8 doesn't have zlib 1.2.3.
> And we've used OpenSSL 0.9.8g and 0.9.8h with the same results.
> 
> We also tried building OpenSSH 5.1p1 on our Solaris 10 boxes using
> Sun Studio 12, and we also get the hangs there.  The client doesn't
> seem to matter -- we've seen it OpenSSH 5.1p1 from both Solaris
> and Slackware Linux, and also from SecureCRT.
> 
> I have not been able to get anything useful from running sshd in
> debug mode (at least, not that I recognize as useful :-) ).

Well you could post it, someone else might recognise someting :-)

Some versions of AIX have bugs in the tty drivers that prevent largish
writes from working correctly.  Pehaps Solaris has something similar
(although I can't imagine why it's only started recently).

You could try the patch below to test this theory.

Index: channels.c
===================================================================
RCS file: /usr/local/src/security/openssh/cvs/openssh/channels.c,v
retrieving revision 1.273
diff -u -p -r1.273 channels.c
--- channels.c	16 Jul 2008 12:42:06 -0000	1.273
+++ channels.c	5 Aug 2008 01:08:22 -0000
@@ -1578,11 +1578,10 @@ channel_handle_wfd(Channel *c, fd_set *r
 			}
 			return 1;
 		}
-#ifdef _AIX
+
 		/* XXX: Later AIX versions can't push as much data to tty */
 		if (compat20 && c->wfd_isatty)
-			dlen = MIN(dlen, 8*1024);
-#endif
+			dlen = MIN(dlen, 1024);
 
 		len = write(c->wfd, buf, dlen);
 		if (len < 0 &&

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

More information about the openssh-unix-dev mailing list