yet another ssh bug

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

yet another ssh bug

Claes Wikström

This fatso bug is also triggered by the putty 0.60 client

Whenever recv_msg() returns an actual error, we loop
indefinitely. Tcp_closed is never received, since it is already
received when we were in passive mode.

It basically means that all all OTP ssh systems out there
that expose ssh outwards can be easily brought out of
service simply by trying to connect with putty 0.60 to them
and then exit putty.



Index: ssh_transport.erl
===================================================================
--- ssh_transport.erl   (revision 14365)
+++ ssh_transport.erl   (working copy)
@@ -733,9 +733,17 @@
                     inet:setopts(S, [{active, once}]),
                     ssh_main(S, User, SSH);
                 {error, _Other} ->
-                   inet:setopts(S, [{active, once}]),
-                   %% send disconnect!
-                   ssh_main(S, User, SSH)
+                   %% socket may or may not be closed, regardless
+                   %% we close again
+                   %% discon msg may be sent.
+                   User ! {
+                     ssh_msg, self(),
+                     #ssh_msg_disconnect {
+                                    code=?SSH_DISCONNECT_CONNECTION_LOST,
+                                    description = "Connection closed",
+                                    language = "" }},
+                   gen_tcp:close(S),
+                   ok
             end;



/klacke




Reply | Threaded
Open this post in threaded view
|

yet another ssh bug

Ingela Anderton Andin-2
Well, we can not have it this way now can we ;) Thank you for the patch.
We will fix this.

Regards Ingela -OTP team


Claes Wikstrom wrote:

> This fatso bug is also triggered by the putty 0.60 client
>
> Whenever recv_msg() returns an actual error, we loop
> indefinitely. Tcp_closed is never received, since it is already
> received when we were in passive mode.
>
> It basically means that all all OTP ssh systems out there
> that expose ssh outwards can be easily brought out of
> service simply by trying to connect with putty 0.60 to them
> and then exit putty.
>
>
>
> Index: ssh_transport.erl
> ===================================================================
> --- ssh_transport.erl   (revision 14365)
> +++ ssh_transport.erl   (working copy)
> @@ -733,9 +733,17 @@
>                      inet:setopts(S, [{active, once}]),
>                      ssh_main(S, User, SSH);
>                  {error, _Other} ->
> -                   inet:setopts(S, [{active, once}]),
> -                   %% send disconnect!
> -                   ssh_main(S, User, SSH)
> +                   %% socket may or may not be closed, regardless
> +                   %% we close again
> +                   %% discon msg may be sent.
> +                   User ! {
> +                     ssh_msg, self(),
> +                     #ssh_msg_disconnect {
> +                                    code=?SSH_DISCONNECT_CONNECTION_LOST,
> +                                    description = "Connection closed",
> +                                    language = "" }},
> +                   gen_tcp:close(S),
> +                   ok
>              end;
>
>
>
> /klacke
>
>
> _______________________________________________
> erlang-patches mailing list
> erlang-patches
> http://www.erlang.org/mailman/listinfo/erlang-patches
>
>