Multiplexing bug on client exit
Damien Miller
djm at mindrot.org
Thu Jan 28 00:01:56 EST 2010
On Wed, 27 Jan 2010, Damien Miller wrote:
> On Wed, 27 Jan 2010, Damien Miller wrote:
>
> > > Could you try to catch this with both the master and slave in debug
> > > mode? "ssh -ddd"
> > >
> > > I'll see if I can find it in the meantime.
> >
> > You could also try this diff, but I'd appreciate seeing a debug trace from
> > before you apply it if possible.
>
> better diff; this fixes one crash case I could reproduce pretty easily:
>
> ssh -nNf host
> ssh host "sleep 20" </dev/null
> ^C
> (wait)
actually, you should only need this part:
Index: mux.c
===================================================================
RCS file: /cvs/src/usr.bin/ssh/mux.c,v
retrieving revision 1.11
diff -u -p -r1.11 mux.c
--- mux.c 26 Jan 2010 02:15:20 -0000 1.11
+++ mux.c 27 Jan 2010 03:56:25 -0000
@@ -193,7 +193,13 @@ mux_master_control_cleanup_cb(int cid, v
__func__, c->self, c->remote_id);
c->remote_id = -1;
sc->ctl_chan = -1;
- chan_mark_dead(sc);
+ if (sc->type != SSH_CHANNEL_OPEN) {
+ debug2("%s: channel %d: not open", __func__, sc->self);
+ chan_mark_dead(c);
+ } else {
+ chan_read_failed(sc);
+ chan_write_failed(sc);
+ }
}
channel_cancel_cleanup(c->self);
}
More information about the openssh-unix-dev
mailing list