From owner-freebsd-stable@FreeBSD.ORG Sat Feb 25 14:22:36 2006 Return-Path: X-Original-To: freebsd-stable@freebsd.org Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 44FC716A420; Sat, 25 Feb 2006 14:22:36 +0000 (GMT) (envelope-from yar@comp.chem.msu.su) Received: from comp.chem.msu.su (comp.chem.msu.su [158.250.32.97]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4205043D49; Sat, 25 Feb 2006 14:22:32 +0000 (GMT) (envelope-from yar@comp.chem.msu.su) Received: from comp.chem.msu.su (localhost [127.0.0.1]) by comp.chem.msu.su (8.13.3/8.13.3) with ESMTP id k1PEM864080511; Sat, 25 Feb 2006 17:22:08 +0300 (MSK) (envelope-from yar@comp.chem.msu.su) Received: (from yar@localhost) by comp.chem.msu.su (8.13.3/8.13.3/Submit) id k1PEM7ks080510; Sat, 25 Feb 2006 17:22:07 +0300 (MSK) (envelope-from yar) Date: Sat, 25 Feb 2006 17:22:07 +0300 From: Yar Tikhiy To: Rostislav Krasny Message-ID: <20060225142207.GA80338@comp.chem.msu.su> References: <20060219225701.0e3e244b.rosti.bsd@gmail.com> <20060221165959.GB77513@comp.chem.msu.su> <20060222024430.ad4b5c60.rosti.bsd@gmail.com> <20060223235727.33cddb13.rosti.bsd@gmail.com> <20060224155153.f7da1a52.rosti.bsd@gmail.com> <20060224174007.GF36227@comp.chem.msu.su> <20060225024246.d6284719.rosti.bsd@gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20060225024246.d6284719.rosti.bsd@gmail.com> User-Agent: Mutt/1.5.9i Cc: freebsd-stable@freebsd.org, dwmalone@maths.tcd.ie, des@des.no, mak@ll.mit.edu, MH@kernel32.de, freebsd-stable-local@be-well.ilk.org Subject: Re: SSH login takes very long time...sometimes X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 25 Feb 2006 14:22:36 -0000 On Sat, Feb 25, 2006 at 02:42:46AM +0200, Rostislav Krasny wrote: > On Fri, 24 Feb 2006 20:40:07 +0300 > Yar Tikhiy wrote: > > > To Rostislav: Could you do now, with the resolver fixes applied, > > the following experiment: find how many dead nameservers in resolv.conf > > it takes for sshd to start timing out a connection to it? There > > is still your PR open on this issue, so we should see whether > > the default for LoginGraceTime needs a change, too. Thanks! > > The maximum number of name servers those the resolver will work with is > MAXNS, which currently is 3. With three unreachable name servers in > resolv.conf I successfully connected from other, not patched, FreeBSD > 6.1-PRERELEASE by ssh without touching LoginGraceTime. I've got the > password prompt after about 48.5 seconds, according to a stop watch in > my cell phone :-) > > I also tested telnet connection and it worked properly in that > situation. Sounds good! Thanks! > However I was unable to connect by ftp, even with only one unreachable > name server in resolv.conf. I got following error: > > 421 Service not available, remote server timed out. Connection closed > > I've found the problem in both: ftpd(8) and ftp(1). In the ftpd(8) a > getaddrinfo() is called in two places with hints.ai_socktype == 0 and > hints.ai_family == PF_UNSPEC. In the ftp(1) a command reply timeout is > only 60 seconds. Those things are what I've changed to fix the problem. > Two diffs are attached to this email. The ftpd.c.diff extends -4 and -6 > ftpd options. So if this patch is good, the ftpd(8) manual page and the > default /etc/inetd.conf should also be changed appropriately. Could you explain please how your patch would affect ftpd(8) semantics visible to the user? > Although I changed two getaddrinfo() calls in ftpd.c, only first of > them is really called on default FreeBSD configuration, > when /etc/ftphosts isn't existing yet. So there might be a need of > additional increase of the command reply timeout in ftp.c. Or better if > this timeout could be configurable by some new ftp(1) option, with 120 > seconds by default. > --- libexec/ftpd/ftpd.c.orig Wed Feb 8 18:54:05 2006 > +++ libexec/ftpd/ftpd.c Sat Feb 25 00:30:26 2006 > @@ -239,7 +239,7 @@ > } > > #ifdef VIRTUAL_HOSTING > -static void inithosts(void); > +static void inithosts(int); > static void selecthost(union sockunion *); > #endif > static void ack(char *); > @@ -424,7 +424,7 @@ > } > > #ifdef VIRTUAL_HOSTING > - inithosts(); > + inithosts(family); > #endif > > if (daemon_mode) { > @@ -663,7 +663,7 @@ > */ > > static void > -inithosts(void) > +inithosts(int family) > { > int insert; > size_t len; > @@ -689,7 +689,8 @@ > > memset(&hints, 0, sizeof(hints)); > hints.ai_flags = AI_CANONNAME; > - hints.ai_family = AF_UNSPEC; > + hints.ai_family = family; > + hints.ai_socktype = SOCK_STREAM; > if (getaddrinfo(hrp->hostname, NULL, &hints, &res) == 0) > hrp->hostinfo = res; > hrp->statfile = _PATH_FTPDSTATFILE; > @@ -759,9 +760,10 @@ > /* NOTREACHED */ > } > > - hints.ai_flags = 0; > - hints.ai_family = AF_UNSPEC; > + /* If no flag, assign hints.ai_flags to zero! */ Sorry, but I don't understand the purpose of this comment here. > hints.ai_flags = AI_PASSIVE; > + hints.ai_family = family; > + hints.ai_socktype = SOCK_STREAM; > if (getaddrinfo(vhost, NULL, &hints, &res) != 0) > goto nextline; > for (ai = res; ai != NULL && ai->ai_addr != NULL; -- Yar