Protocol Version Exchange: the comments field and an idea how to use it
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Thu Nov 14 08:03:32 EST 2013
On 11/13/2013 02:10 PM, Hannes Hörl wrote:
> [dkg wrote:]
>> If you choose the latter, and there are any SSH clients out there that
>> wait for the server's connection string before sending their own, then
>> those clients will deadlock when connecting to your proxy.
>
> Ok. Somehow I was convinced, the client has to send its connection
> string first; I must have gotten confused at some point. After your
> description and a short test it's obvious this is not the case. So my
> approach (waiting for the client to send its connection string) would
> exactly have the problems you pointed out.
i don't think the spec insists on an ordering. in fact, i think both
are supposed to send their strings immediately, if i'm reading it
correctly. My point was that if there is a client that happens to wait
for the server string (i don't know of one that does, but i haven't done
wide testing for this behavior) then it would deadlock on your proposed
proxy.
Regards,
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1027 bytes
Desc: OpenPGP digital signature
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20131113/d6ea7f86/attachment.bin>
More information about the openssh-unix-dev
mailing list