Dropbear 0.50 server returnsexit code 255 to ssh when app returns 0

Steven Hein ssh at sgi.com
Sat Mar 1 06:32:52 WST 2008


Steven Hein wrote:
> Hello--
>
> I have not seen any new information on this issue since the thread
> from last December:
>
> http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2007q4/000672.html
>
> Does anyone have any updates or workarounds?     I just upgraded
> to 0.50 about 2 weeks ago and found that this is causing me troubles.
>
> Thanks for any info!
>
> Steve
>
>

Just in case it's of value to someone, I'll share what I learned
about this problem today.   I certainly don't have a root cause,
or a quality solution, but I have something that "works for me"
at the moment......


I spent some time digging in to this today   (rather
unscientifically, by sprinkling dropbear_log() messages throughout
svr-chansession.c).  I found that the child process didn't seem to
terminate before that client requested that the session be closed.
(Specifically, the child was still running when send_exitsignalstatus()
was called, so exitpid was still -1.   I couldn't see any obvious
reason for this, and the child process always terminated
"very soon" (milliseconds) after send_exitsignalstatus() was done.

After playing with it for a while, a found a big hack that appears
to work for me at the moment:    when the exitpid is -1 when entering
send_exitsignalstatus(), I simply sleep for 500ms with usleep.
What I found is that a child that hasn't yet terminated will always
terminate during that usleep(), so the exitpid is set, so the
exit status is sent to the client.    Also, since the usleep() is
interrupted by the arrival of the SIGCHLD signal when the child
finally does terminate, it only sleeps for the full 500ms if the
child doesn't terminate......so it shouldn't slow things down
too much.

I don't have an incredible amount of time to help in the debug of
this problem.....but this is solidly reproducible case for me.
So of there's something I can try to help debug, let me know.

BTW, my failing configuration is:

Server:   custom board w/ FreeScale processor (MPC8358)
          Linux kernel version 2.6.24
          dropbear-0.50

Client:   1U Intel server box (x86_64)
          SuSE 10.1
          OpenSSH_4.2p1, OpenSSL 0.9.8a 11 Oct 2005


And.....for anyone who might be interested, I attached the patch
against dropbear-0.50 for my hack.


Steve
         


-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Steve Hein (ssh at sgi.com)              Engineering Diagnostics/Software
Silicon Graphics, Inc.                          
1168 Industrial Blvd.                 Phone: (715) 726-8410
Chippewa Falls, WI 54729              Fax:   (715) 726-6715
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

-------------- next part --------------
A non-text attachment was scrubbed...
Name: dropbear.patch
Type: text/x-patch
Size: 909 bytes
Desc: not available
Url : http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/attachments/20080229/af9ed493/attachment.bin 


More information about the Dropbear mailing list