ssh localhost yes | true (follow up)

Kyle McKay mackyle at gmail.com
Fri Apr 24 09:32:38 EST 2009 

On Apr 23, 2009, at 14:54, Damien Miller wrote:
> On Thu, 23 Apr 2009, Kyle McKay wrote:
>
>> On Apr 23, 2009, at 06:43, Markus Friedl wrote:
>>> On Thu, Apr 23, 2009 at 11:38:03PM +1000, Damien Miller wrote:
>>>> I think it violates some assumptions we make in channels.c to mix
>>>> socketpairs and pipes like this, but I have to check.
>>>
>>> yes, it violates assumptions.
>>
>> I'm running with the changes and haven't noticed any problems.
>>
>> scp is working, X tunnels are working, port forwarding is working,
>> bash is happy (ssh localhost printenv shows it's running ~/.bashrc)
>> the half-close fix is working (ssh localhost yes | true doesn't  
>> hang).
>>
>> channels.c clearly works with pipes or sockets, it doesn't have any
>> tests of USE_PIPES in it, it's not calling fstat and I don't see any
>> tests of S_IFSOCK or S_IFIFO so I'm unclear on how it would be able  
>> to
>> tell the difference between 3 separate pairs of pipes (normal
>> USE_PIPES case), 1 shared socket pair + 1 separate socket pair
>> (normal !USE_PIPES case) and 1 socket pair + 2 pairs of pipes.
>
> The test is in channel_register_fds(), look for c->sock.

Thanks for pointing me to that.

Looks like you get some extra behavior if rfd == wfd, but you're not  
getting that behavior normally when USE_PIPES is always defined in  
session.c, so nothing obvious jumps out at me as breakage-waiting-to- 
happen with the patch applied.

> Why not fix the bug in bash instead of putting weird hacks in ssh?
>
> -d


Apparently bash isn't the only program to test that and sending Apple  
a bunch of patches for a bunch of different programs is likely to  
delay getting any fix accepted (be lucky if they take any fix at all  
and issue an official update containing the fix within the next 6  
months).

In fact, Ubuntu bash gets it right, ("ssh localhost yes | true" does  
not hang while "ssh localhost printenv" indicates ~/.bashrc is being  
run) so that suggests Apple's bash sources are behind the times or  
also contain bug-inducing patches or there is some other Darwin- 
specific behavior going on that breaks things.

Why not enhance ssh to officially support a socket/pipe combination?

Kyle

More information about the openssh-unix-dev mailing list