Hanging ssh sessions with openssh-5.1p1 and Solaris 8 & 10

Tue Aug 5 13:17:47 EST 2008

Darren Tucker wrote:
> On Mon, Aug 04, 2008 at 02:34:23PM -0400, Jeff Wieland wrote:
>> Since we upgraded OpenSSH from 5.0p1 to 5.1p1 on our Solaris 8 boxes
>> (I know, I know, we should upgrade or retire them...), we've started
>> experiencing problems with slogin'ing into these boxes, running vi,
>> and pasting text into the vi session.
>>
>> As long as we are pasting in less that 1024 characters it's fine.
>> With >= 1024 characters, the session hangs.
> 
> Do you know if the problem occurs on the client or server side?  ie if
> you use an older client with a newer server (and vice versa) does the
> problem occur?

It's the server side.  It still happens if you use the 5.0p1 client,
and it also happens with the SecureCRT client.

>> If you run "/usr/ucb/lptest 72 23 | cat -n" in one window, and
>> then cut paste up to the "V" on line 13, things work as expected.
>> If you include the "W" on the line 13, the vi session will hang
>> with none of characters that are being pasted showing up.
>>
>> We've been building OpenSSH with Sun Studio 11 -- I tried building
>> it with GNU-CC 3.4.4 with the same results.  We also link against
>> a locally built zlib, since Solaris 8 doesn't have zlib 1.2.3.
>> And we've used OpenSSL 0.9.8g and 0.9.8h with the same results.
>>
>> We also tried building OpenSSH 5.1p1 on our Solaris 10 boxes using
>> Sun Studio 12, and we also get the hangs there.  The client doesn't
>> seem to matter -- we've seen it OpenSSH 5.1p1 from both Solaris
>> and Slackware Linux, and also from SecureCRT.
>>
>> I have not been able to get anything useful from running sshd in
>> debug mode (at least, not that I recognize as useful :-) ).
> 
> Well you could post it, someone else might recognise someting :-)

I'll see if I can get this done tomorrow.  It's a crazy couple of
weeks right now...

> Some versions of AIX have bugs in the tty drivers that prevent largish
> writes from working correctly.  Pehaps Solaris has something similar
> (although I can't imagine why it's only started recently).
> 
> You could try the patch below to test this theory.
> 
> Index: channels.c
> ===================================================================
> RCS file: /usr/local/src/security/openssh/cvs/openssh/channels.c,v
> retrieving revision 1.273
> diff -u -p -r1.273 channels.c
> --- channels.c	16 Jul 2008 12:42:06 -0000	1.273
> +++ channels.c	5 Aug 2008 01:08:22 -0000
> @@ -1578,11 +1578,10 @@ channel_handle_wfd(Channel *c, fd_set *r
>  			}
>  			return 1;
>  		}
> -#ifdef _AIX
> +
>  		/* XXX: Later AIX versions can't push as much data to tty */
>  		if (compat20 && c->wfd_isatty)
> -			dlen = MIN(dlen, 8*1024);
> -#endif
> +			dlen = MIN(dlen, 1024);
>  
>  		len = write(c->wfd, buf, dlen);
>  		if (len < 0 &&
> 

OK -- I can try this too.  But it isn't necessary with the 5.0p1 sshd,
so I'm thinking that something changed w.r.t. OpenSSH.
-- 
           Jeff Wieland            |         Purdue University
    Network Systems Administrator  |        ITN&S Data Networks
        Voice: (765)496-8234       |        501 Harrison Street
         FAX: (765)494-6620        |   West Lafayette, IN 47907-2025