Debian Bug report logs - #877020
openssh-client: Fails to unlink ControlMaster socket early enough, confuses other clients

Reply or subscribe to this bug.

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: "Paul \"LeoNerd\" Evans" <leonerd@leonerd.org.uk>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: openssh-client: Fails to unlink ControlMaster socket early enough, confuses other clients

Date: Wed, 27 Sep 2017 21:10:39 +0100

Package: openssh-client
Version: 1:7.5p1-5
Severity: normal

TL;DR: ssh(1) must unlink local socket _before_ attempting more network
  traffic otherwise broken TCP sockets will stall the entire thing.

-

I make heavy use of the shared control sockets to multiplex multiple
shells, sftp, and other commands down a single TCP connection to remote
servers.

  ControlPath ~/var/run/ssh-master-%r@%h:%p.sock
  ControlPersist 1s
  ControlMaster auto

In this setup, under stable networking all works nicely.

However, my machine is a laptop, and sometimes due to mobile data, wifi,
ethernet cable swapping, or other isses my IP address and hence routing
change. After such a change, all existing TCP sockets are now unuseable
and must be closed and reopened.

Simply closing all ssh clients is insufficient here, because the client
tries to perform a controlled shutdown of the TCP socket *first* and
will only unlink(2) the control master socket from the local filesystem
after it has done this. By ordering the operations thus, the client
stalls trying to perform this controlled TCP shutdown over now-invalid
networking, and never gets around to removing the local unix socket. New
ssh clients would try to use this and similarly stall.

The correct order of operation ought to be that the control master local
socket is unlinked *before* trying to send any traffic, thus restoring
the user's "turn it off and on again" approach to fixing the problem -
namely by just killing all their clients and making a new one.


-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.11.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages openssh-client depends on:
ii  adduser           3.116
ii  dpkg              1.18.24
ii  libc6             2.24-12
ii  libedit2          3.1-20170329-1
ii  libgssapi-krb5-2  1.15.1-2
ii  libselinux1       2.6-3+b2
ii  libssl1.0.2       1.0.2l-2
ii  passwd            1:4.4-4.1
ii  zlib1g            1:1.2.8.dfsg-5

Versions of packages openssh-client recommends:
ii  xauth  1:1.0.9-1+b2

Versions of packages openssh-client suggests:
pn  keychain      <none>
pn  libpam-ssh    <none>
pn  monkeysphere  <none>
pn  ssh-askpass   <none>

-- Configuration Files:
/etc/ssh/ssh_config changed:
Host *
    SendEnv LANG LC_*
    HashKnownHosts no
    GSSAPIAuthentication yes
    GSSAPIDelegateCredentials no


-- no debconf information


-- 
Paul "LeoNerd" Evans

leonerd@leonerd.org.uk      |  https://metacpan.org/author/PEVANS
http://www.leonerd.org.uk/  |  https://www.tindie.com/stores/leonerd/

Message #10 received at 877020@bugs.debian.org (full text, mbox, reply):

From: "Paul \"LeoNerd\" Evans" <leonerd@leonerd.org.uk>

To: 877020@bugs.debian.org

Subject: Re: Bug#877020: Acknowledgement (openssh-client: Fails to unlink ControlMaster socket early enough, confuses other clients)

Date: Fri, 6 Sep 2019 19:41:26 +0100

Lacking any response here I have reported upstream:

https://bugzilla.mindrot.org/show_bug.cgi?id=3067

-- 
Paul "LeoNerd" Evans

leonerd@leonerd.org.uk      |  https://metacpan.org/author/PEVANS
http://www.leonerd.org.uk/  |  https://www.tindie.com/stores/leonerd/

Send a report that this bug log contains spam.