FWD: Truncated non-interactive sessions
[email protected]
sys-soft at ida.ing.tu-bs.de
Wed Aug 24 18:42:26 WST 2005
I'm resending the following posting without attachments - as it didn't
reach the mailing lists until now.
---------- Forwarded message ----------
From: sys-soft at ida.ing.tu-bs.de
To: dropbear at ucc.asn.au
Date: Tue, 2 Aug 2005 12:33:31 +0200 (CEST)
Subject: Truncated non-interactive sessions
following problem:
have two computers here - one running dropbear compiled with uclibc and a
stock suse 9.2/9.3 & 9.0. when transferring files a la:
cat /etc/motd | ssh root at server "cat - > /etc/motd"
they occasionally get truncated by the dropbear server. please don't focus
on the method to transfer files - it's just a testcase for this bug.
with the default RECV_MAXWINDOW 8000 (see channel.h) files between 8000
and 12096 are affected (8000+4096=12096). To be more specific the problem
occurs with files n*8000+i where 0 < i <= 4096. With the probability
decreasing with increasing i.
The problem is that dropbear fails to flush the writebuffer before sending
the a received EOF.
transcript of a sample session:
#~> dd if=/dev/zero bs=1 count=4321 | ssh root at server "wc"
0 0 4321
#~> dd if=/dev/zero bs=1 count=8000 | ssh root at server "wc"
0 0 8000
#~> dd if=/dev/zero bs=1 count=8090 | ssh root at server "wc"
0 0 8000
~~ <- truncated 90 bytes
#~> dd if=/dev/zero bs=1 count=8090 | ssh root at server "wc"
0 0 8090
~~ <- occassionally correct... not deterministic
#~> dd if=/dev/zero bs=1 count=12095 | ssh root at server "wc"
0 0 8000
#~> dd if=/dev/zero bs=1 count=12097 | ssh root at server "wc"
0 0 12097
I appended four tracefiles of failed and successful dropbear sessions.
Dropbear was compiled with RECV_MAXWINDOW 10000 and RECV_MAXPACKET 8000
for this test. Affected files had a size between 10000 and 14095 as well
as 20000-23090 (couldn't reproduce with higher values).
In all four traced sessions a 12k file was transferred. In two cases only
10k were transferred.
The problem was also reproducible with dropbear compiled on a suse 9.2
with glibc.
Best Regards
Matt
More information about the Dropbear
mailing list