Hanging ssh sessions with openssh-5.[12]p1 and Solaris 8 & 10

Wed Feb 25 03:02:22 EST 2009

Jeff Wieland wrote:
> Darren Tucker wrote:
>> On Mon, Aug 04, 2008 at 02:34:23PM -0400, Jeff Wieland wrote:
>>> Since we upgraded OpenSSH from 5.0p1 to 5.1p1 on our Solaris 8 boxes
>>> (I know, I know, we should upgrade or retire them...), we've started
>>> experiencing problems with slogin'ing into these boxes, running vi,
>>> and pasting text into the vi session.
>>>
>>> As long as we are pasting in less that 1024 characters it's fine.
>>> With >= 1024 characters, the session hangs.
>> Do you know if the problem occurs on the client or server side?  ie if
>> you use an older client with a newer server (and vice versa) does the
>> problem occur?
> 
> It's the server side.  It still happens if you use the 5.0p1 client,
> and it also happens with the SecureCRT client.
> 
>>> If you run "/usr/ucb/lptest 72 23 | cat -n" in one window, and
>>> then cut paste up to the "V" on line 13, things work as expected.
>>> If you include the "W" on the line 13, the vi session will hang
>>> with none of characters that are being pasted showing up.
>>>
>>> We've been building OpenSSH with Sun Studio 11 -- I tried building
>>> it with GNU-CC 3.4.4 with the same results.  We also link against
>>> a locally built zlib, since Solaris 8 doesn't have zlib 1.2.3.
>>> And we've used OpenSSL 0.9.8g and 0.9.8h with the same results.
>>>
>>> We also tried building OpenSSH 5.1p1 on our Solaris 10 boxes using
>>> Sun Studio 12, and we also get the hangs there.  The client doesn't
>>> seem to matter -- we've seen it OpenSSH 5.1p1 from both Solaris
>>> and Slackware Linux, and also from SecureCRT.
>>>
>>> I have not been able to get anything useful from running sshd in
>>> debug mode (at least, not that I recognize as useful :-) ).
>> Well you could post it, someone else might recognise someting :-)
> 
> I'll see if I can get this done tomorrow.  It's a crazy couple of
> weeks right now...
> 
>> Some versions of AIX have bugs in the tty drivers that prevent largish
>> writes from working correctly.  Pehaps Solaris has something similar
>> (although I can't imagine why it's only started recently).
>>
>> You could try the patch below to test this theory.
>>
>> Index: channels.c
>> ===================================================================
>> RCS file: /usr/local/src/security/openssh/cvs/openssh/channels.c,v
>> retrieving revision 1.273
>> diff -u -p -r1.273 channels.c
>> --- channels.c	16 Jul 2008 12:42:06 -0000	1.273
>> +++ channels.c	5 Aug 2008 01:08:22 -0000
>> @@ -1578,11 +1578,10 @@ channel_handle_wfd(Channel *c, fd_set *r
>>  			}
>>  			return 1;
>>  		}
>> -#ifdef _AIX
>> +
>>  		/* XXX: Later AIX versions can't push as much data to tty */
>>  		if (compat20 && c->wfd_isatty)
>> -			dlen = MIN(dlen, 8*1024);
>> -#endif
>> +			dlen = MIN(dlen, 1024);
>>  
>>  		len = write(c->wfd, buf, dlen);
>>  		if (len < 0 &&
>>
> 
> OK -- I can try this too.  But it isn't necessary with the 5.0p1 sshd,
> so I'm thinking that something changed w.r.t. OpenSSH.

Sorry for the very long delay :-(.

The above patch made no difference to 5.1p1.

I'm still seeing this problem with OpenSSH_5.2p1 on Solaris 8 and
Solaris 10.  I've tried starting sshd with '-d -d -d -e', and when
the hang happens sshd doesn't log anything.

The 5.1p1 and 5.2p1 servers hang when used with the 5.[012]p1 clients.
The 5.0p1 server works fine when used with and of the 5.X clients.
-- 
           Jeff Wieland            |         Purdue University
    Network Systems Administrator  |        ITN&S Data Networks
        Voice: (765)496-8234       |        501 Harrison Street
         FAX: (765)494-6620        |   West Lafayette, IN 47907-2025