From owner-freebsd-hackers@freebsd.org Thu May 2 08:19:47 2019 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0DFFB158CE30 for ; Thu, 2 May 2019 08:19:47 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from kib.kiev.ua (kib.kiev.ua [IPv6:2001:470:d5e7:1::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 46C0C832DF for ; Thu, 2 May 2019 08:19:46 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from tom.home (kib@localhost [127.0.0.1]) by kib.kiev.ua (8.15.2/8.15.2) with ESMTPS id x428Jb0V063134 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Thu, 2 May 2019 11:19:40 +0300 (EEST) (envelope-from kostikbel@gmail.com) DKIM-Filter: OpenDKIM Filter v2.10.3 kib.kiev.ua x428Jb0V063134 Received: (from kostik@localhost) by tom.home (8.15.2/8.15.2/Submit) id x428Ja1Y063133; Thu, 2 May 2019 11:19:36 +0300 (EEST) (envelope-from kostikbel@gmail.com) X-Authentication-Warning: tom.home: kostik set sender to kostikbel@gmail.com using -f Date: Thu, 2 May 2019 11:19:36 +0300 From: Konstantin Belousov To: Jim Thompson Cc: Alan Amesbury , FreeBSD Hackers Subject: Re: SIGPIPE from ssh-keyscan [patch] Message-ID: <20190502081936.GC85201@kib.kiev.ua> References: <047FD22B-04FB-46EB-96D1-BF6E03080F9F@oitsec.umn.edu> <144583E1-828D-4450-99B0-4FBF7FC35B26@netgate.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <144583E1-828D-4450-99B0-4FBF7FC35B26@netgate.com> User-Agent: Mutt/1.11.4 (2019-03-13) X-Spam-Status: No, score=-1.0 required=5.0 tests=ALL_TRUSTED,BAYES_00, DKIM_ADSP_CUSTOM_MED,FORGED_GMAIL_RCVD,FREEMAIL_FROM, NML_ADSP_CUSTOM_MED autolearn=no autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on tom.home X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 May 2019 08:19:47 -0000 On Wed, May 01, 2019 at 08:07:52PM -0500, Jim Thompson wrote: > The remote closed the session for some reason before ssh-keyscan wrote the greening ("SSH-2.0-OpenSSH-keyscan\r\n”), so you got SIGPIPE and ERRNO = 32 back from the write call. > > Arguably the right thing occurred here, with the exception that it killed your ssh-keyscan process. > > So perhaps instead of ignoring the signal, you should find out why the remote is exiting before the local can send its greeting. > > Otherwise, it’s a bit less heavy-handed to > > Int set = 1; > setsockopt(sd, SOL_SOCKET, SO_NOSIGPIPE, (void *)&set, sizeof(int)); > > Where sd is the descriptor in question (16 in your example below). > > But other parts of ssh-keyscan seem to want to know that EPIPE has occurred, so neither is the correction solution here. > EPIPE or signal ? SO_NOSIGPIPE only prevents kernel to generate SIGPIPE when it returns EPIPE to userspace. > Jim > > > > On May 1, 2019, at 5:05 PM, Alan Amesbury wrote: > > > > The stock ssh-keyscan bundled with 12.0-RELEASE exits with a SIGPIPE when it receives weird behavior from hosts it's attempting to communicate with. Symptoms look like: > > > > > > % ssh-keyscan -f /tmp/randtargetlist > /dev/null > > # [REDACTED]:22 SSH-2.0-OpenSSH_7.4 > > # [REDACTED]:22 SSH-2.0-OpenSSH_7.4 > > # [REDACTED]:22 SSH-2.0-OpenSSH_7.4 > > # [REDACTED]:22 SSH-2.0-OpenSSH_7.4 > > # [REDACTED]:22 SSH-2.0-OpenSSH_7.4 > > # [REDACTED]:22 SSH-2.0-OpenSSH_7.4 > > # [REDACTED]:22 SSH-2.0-OpenSSH_7.4 > > # [REDACTED]:22 SSH-2.0-OpenSSH_7.4 > > # [REDACTED]:22 SSH-2.0-OpenSSH_7.4 > > Broken pipe > > % > > > > > > Output from truss confirms it's SIGPIPE: > > > > . > > . > > . > > 99597: write(7,"\0\0\^Dd\a\^T\M-Y\M-Jw(E\M-ty"...,1128) = 1128 (0x468) > > 99597: select(8,{ 7 },0x0,0x0,{ 5.000000 }) = 1 (0x1) > > 99597: read(7,"\0\0\^D\M-|\n\^T\M^X\M-N]\M-O\^C"...,8192) = 1280 (0x500) > > 99597: write(7,"\0\0\0,\^F\^^\0\0\0 0\M^S\M^J#"...,48) = 48 (0x30) > > 99597: select(8,{ 7 },0x0,0x0,{ 5.000000 }) = 1 (0x1) > > 99597: read(7,"\0\0\0\M-<\b\^_\0\0\0003\0\0\0\v"...,8192) = 208 (0xd0) > > 99597: write(1,"[REDACTED] ssh-ed255"...,104) = 104 (0x68) > > 99597: close(7) = 0 (0x0) > > 99597: write(16,"SSH-2.0-OpenSSH-keyscan\r\n",25) ERR#32 'Broken pipe' > > 99597: process killed, signal = 13 > > > > > > > > The behavior exists in openssh-portable ("$FreeBSD: head/security/openssh-portable/Makefile 484842 2018-11-12 21:55:35Z bdrewery $") as well. > > > > The arguably naive patch I came up with is: > > > > > > --- /tmp/ssh-keyscan.c 2019-05-01 16:09:11.761587000 -0500 > > +++ ssh-keyscan.c 2019-05-01 16:08:50.425879000 -0500 > > @@ -644,6 +644,8 @@ > > int > > main(int argc, char **argv) > > { > > + // ignore SIGPIPE > > + signal(SIGPIPE, SIG_IGN); > > int debug_flag = 0, log_level = SYSLOG_LEVEL_INFO; > > int opt, fopt_count = 0, j; > > char *tname, *cp, *line = NULL; > > > > > > > > > > Straightforward and brutish: it ignores SIGPIPE within the main function in ssh-keyscan.c. This appears to work as expected, e.g.: > > > > > > % ./ssh-keyscan_PATCHED -f /tmp/randtargetlist -T 15 > /dev/null > > # [REDACTED]:22 SSH-2.0-OpenSSH_7.4 > > # [REDACTED]:22 SSH-2.0-OpenSSH_7.4 > > # [REDACTED]:22 SSH-2.0-OpenSSH_7.4 > > # [REDACTED]:22 SSH-2.0-OpenSSH_7.4 > > # [REDACTED]:22 SSH-2.0-OpenSSH_7.4 > > # [REDACTED]:22 SSH-2.0-OpenSSH_7.4 > > # [REDACTED]:22 SSH-2.0-OpenSSH_7.4 > > # [REDACTED]:22 SSH-2.0-OpenSSH_7.4 > > # [REDACTED]:22 SSH-2.0-OpenSSH_7.4 > > write ([REDACTED]): Broken pipe > > write ([REDACTED]): Broken pipe > > write ([REDACTED]): Broken pipe > > # [REDACTED]:22 SSH-2.0-babeld-81e0741 > > . > > . > > . > > > > > > > > Is this something that's best done by adding it upstream, in the FreeBSD source (and ports), or ??? Also, is this sane? I don't see it as a huge deal because it's not a modification to the actual server or client code, just to the part that grabs host keys, but I freely admit that I'm outta my depth here. > > > > > > -- > > Alan > > > > _______________________________________________ > > freebsd-hackers@freebsd.org mailing list > > https://lists.freebsd.org/mailman/listinfo/freebsd-hackers > > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" > > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"