[Bug 1213] ssh-keyscan exits in mid-way

Wed Mar 2 13:29:26 EST 2011

https://bugzilla.mindrot.org/show_bug.cgi?id=1213

aab at purdue.edu changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Attachment #2000|0                           |1
        is obsolete|                            |
   Attachment #2005|0                           |1
        is obsolete|                            |

--- Comment #19 from aab at purdue.edu 2011-03-02 13:29:26 EST ---
Created attachment 2008
  --> https://bugzilla.mindrot.org/attachment.cgi?id=2008
patch - fixes bug in previous patch

>> Oh boy, I missed something.  Is this repeatable?  I think I saw this
>> myself somewhere along the line but I thought I had fixed the problem. 
>> Since my time is pretty much taken up for the next week or so, I don't
>> know when I'll be able to check.
>
>Well, I tried it again, and it ran to completion. Must be a rare
>failure mode.

Yep, I missed something.  The sockets associated with ALL connections
processed by the `keygrab_ssh2()' function are closed twice.  I missed
the close in the `packet.c:packet_close()' function that's called at
the bottom of the `keygrab_ssh2()' function.  I had assumed (bad bad
word) that the only close was in the `confree()' function.  Work/not
work is up to the gods and the relative connection timings I think.

>> I just looked at the attachment.  There are two ".orig"s per file.  One
>> is on the `diff' statement and is ignored (I hope) by `patch'.  The
>> second is one line down on the "old" file identifier (---) and `patch'
>> does use that.  Which one was your `patch' making complaints about?
>
>Presumably the second one. It was looking for e.g. kex.c.orig rather
>than kex.c.

The format of this patch is the same as before.  If you are using the
current GNU `patch', you should be able to `patch [-p0] < patch' in the
"openssh-5.8p1" parent directory.  If your in the "openssh-5.8p1"
directory itself, you should be able to `patch -p1 <patch'.

>> STDERR is extremely noisy as it is.  In my case, at this time, I think
>> I'd add on the order of 7000+ extra lines when I use '-L' that I'd need
>> to winnow to find any important data.  Besides, you can't forget that
>> god called "upward compatibility" you know (;-}).
>> 
>> And yes, if you meant "Connection timed out", I think that they are
>> distinct at least from a Systems Administrator (me) point of view.
>
>*shrugs* I'd pretty much expect a flood of information anyway. Given a
>large network, you have to use grep(1) or the like to make any sense of
>it.

I think that, if/when this patch is actually submitted to the OpenSSH
folks, I'll let the mavins there decide whether or not to have a '-L'
option.

To satisfy my curiosity, did you observe any missing hosts when you use
the '-L' option (and it actually completes)?

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.