<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">Hi David,<div class=""><br class=""></div><div class="">Dropbear since 2015.68 always sets the socket non-blocking [1], so I think that change should be safe on older versions. The only risk I can think of is if it gets in some state where it might spin with 100% CPU.</div><div class=""><br class=""></div><div class="">Cheers,</div><div class="">Matt</div><div class=""><br class=""></div><div class="">[1] <a href="https://secure.ucc.asn.au/hg/dropbear/annotate/10f198d4a308/common-session.c#l68" class="">https://secure.ucc.asn.au/hg/dropbear/annotate/10f198d4a308/common-session.c#l68</a></div><div class=""><br class=""></div><div class=""><br class=""><div><blockquote type="cite" class=""><div class="">On Tue 7/6/2016, at 7:59 pm, David Chapdelaine <<a href="mailto:dchapdelaine@genetec.com" class="">dchapdelaine@GENETEC.COM</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div class="WordSection1" style="page: WordSection1; font-family: Helvetica; font-size: 13px; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;"><div style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;" class=""><span lang="FR-CA" class="">Hi everyone,<o:p class=""></o:p></span></div><div style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;" class=""><span lang="FR-CA" class=""><o:p class=""> </o:p></span></div><div style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;" class="">We have been using version 65 of Dropbear to maintain an ssh connection to a central server. It usually works fine, but when there is a network failure the Dropbear client waits until there is a tcp timeout before declaring that there was a keepalive timeout. So in practice even though we set the keepalive timeout as 30 seconds, dbclient doesn’t exit before ~15 minutes which is when the tcp timeout is triggered.<o:p class=""></o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;" class=""><o:p class=""> </o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;" class="">By digging in dropbear’s code I noticed that when running in client mode, the connection to the server is blocking whereas that connection is non blocking when running in server mode. I thus changed the connection to non blocking in client mode. To do this I changed<span class="Apple-converted-space"> </span><span style="font-size: 9pt; font-family: Verdana, sans-serif; color: rgb(72, 72, 72);" class="">the call to connect_remote line 75-76 of cli-main.c from<o:p class=""></o:p></span></div><div style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;" class=""><span style="font-size: 9pt; font-family: Verdana, sans-serif; color: rgb(72, 72, 72);" class=""><o:p class=""> </o:p></span></div><div style="border: 1pt solid rgb(226, 226, 226); padding: 6pt; background-color: rgb(250, 250, 250); margin-left: 19.2pt; margin-right: 12pt; background-position: initial initial; background-repeat: initial initial;" class=""><p class="MsoNormal" style="margin: 0in 0in 12pt; font-size: 11pt; font-family: Calibri, sans-serif; background-color: rgb(250, 250, 250); border: none; padding: 0in; background-position: initial initial; background-repeat: initial initial;"><span style="font-size: 9pt; font-family: 'Courier New'; color: rgb(72, 72, 72);" class="">int sock = connect_remote(cli_opts.remotehost, cli_opts.remoteport, 0, &error);<o:p class=""></o:p></span></p></div><div style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;" class=""><span style="font-size: 9pt; font-family: Verdana, sans-serif; color: rgb(72, 72, 72);" class=""><br class=""><span style="background-color: white; background-position: initial initial; background-repeat: initial initial;" class="">to</span><br class=""><br class=""></span><span style="font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><o:p class=""></o:p></span></div><div style="border: 1pt solid rgb(226, 226, 226); padding: 6pt; background-color: rgb(250, 250, 250); margin-left: 19.2pt; margin-right: 12pt; background-position: initial initial; background-repeat: initial initial;" class=""><p class="MsoNormal" style="margin: 0in 0in 12pt; font-size: 11pt; font-family: Calibri, sans-serif; background-color: rgb(250, 250, 250); border: none; padding: 0in; background-position: initial initial; background-repeat: initial initial;"><span style="font-size: 9pt; font-family: 'Courier New'; color: rgb(72, 72, 72);" class="">int sock = connect_remote(cli_opts.remotehost, cli_opts.remoteport, 1, &error);<o:p class=""></o:p></span></p></div><div style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;" class=""><o:p class=""> </o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;" class="">Initial tests are good so far and it addresses our issue, but I wanted to run this through you to get your insights on potential problems with this change. As far as you know, is there any side effect that we should be aware of? Was there a reason why the connection was blocking in client mode?<o:p class=""></o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;" class=""><o:p class=""> </o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;" class="">Thanks a lot for your inputs!<o:p class=""></o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;" class=""><o:p class=""> </o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;" class=""><b class=""><span lang="FR-CA" style="font-family: Arial, sans-serif; color: rgb(0, 116, 155);" class="">David Chapdelaine<o:p class=""></o:p></span></b></div><div style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;" class=""><span lang="FR-CA" style="font-size: 9pt; font-family: Arial, sans-serif; color: rgb(87, 89, 88);" class="">Développeur logiciel | Software Developer<o:p class=""></o:p></span></div><div style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;" class=""><b class=""><span style="font-size: 9pt; font-family: Arial, sans-serif; color: rgb(87, 89, 88);" class="">T|P</span></b><span style="font-size: 9pt; font-family: Arial, sans-serif; color: rgb(87, 89, 88);" class="">:<b class=""> </b>+1-514-332-4000 p.6595 |<span class="Apple-converted-space"> </span></span><span style="font-size: 9pt; font-family: Arial, sans-serif;" class=""><a href="mailto:dchapdelaine@genetec.com" style="color: rgb(149, 79, 114); text-decoration: underline;" class=""><span style="color: rgb(5, 99, 193);" class="">dchapdelaine@genetec.com</span></a><span style="color: rgb(87, 89, 88);" class=""><o:p class=""></o:p></span></span></div><div style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;" class=""><span style="font-size: 10pt; font-family: Arial, sans-serif; color: rgb(87, 89, 88);" class=""><o:p class=""> </o:p></span></div><div style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;" class=""><span style="font-size: 10pt; font-family: Arial, sans-serif; color: rgb(87, 89, 88);" class=""><span id="cid:image001.png@01D1C091.EF4E1DC0"><image001.png></span></span><span lang="FR-CA" style="font-size: 10pt; font-family: Arial, sans-serif; color: rgb(87, 89, 88);" class=""><o:p class=""></o:p></span></div><div style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;" class=""><span lang="FR-CA" style="font-size: 10pt; font-family: Arial, sans-serif; color: rgb(87, 89, 88);" class=""><o:p class=""> </o:p></span></div><div style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;" class=""><b class=""><span style="font-size: 9pt; font-family: Arial, sans-serif; color: rgb(87, 89, 88);" class="">Conçu pour évoluer</span></b><b class=""><u class=""><span style="color: rgb(87, 89, 88);" class=""><span class="Apple-converted-space"> </span></span></u></b><b class=""><span style="font-size: 9pt; font-family: Arial, sans-serif; color: rgb(87, 89, 88);" class="">| Built to evolve</span></b><b class=""><u class=""><span style="color: rgb(87, 89, 88);" class=""><span class="Apple-converted-space"> </span></span></u></b><b class=""><span style="font-size: 9pt; font-family: Arial, sans-serif; color: rgb(87, 89, 88);" class="">|<span class="Apple-converted-space"> </span></span></b><a href="http://www.genetec.com/dna" style="color: rgb(149, 79, 114); text-decoration: underline;" class=""><b class=""><span style="font-size: 9pt; font-family: Arial, sans-serif; color: blue;" class="">www.genetec.com/dna</span></b></a><b class=""><span style="font-size: 9pt; font-family: Arial, sans-serif; color: rgb(87, 89, 88);" class=""><o:p class=""></o:p></span></b></div><div style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;" class=""><a href="http://www.facebook.com/Genetec" style="color: rgb(149, 79, 114); text-decoration: underline;" class=""><span style="font-size: 9pt; font-family: Arial, sans-serif; color: rgb(87, 89, 88); text-decoration: none;" class=""><span id="cid:image002.png@01D1C091.EF4E1DC0"><image002.png></span></span></a><a href="http://www.linkedin.com/company/genetec/" style="color: rgb(149, 79, 114); text-decoration: underline;" class=""><span style="font-size: 9pt; font-family: Arial, sans-serif; color: rgb(87, 89, 88); text-decoration: none;" class=""><span id="cid:image003.png@01D1C091.EF4E1DC0"><image003.png></span></span></a><span lang="FR-CA" style="font-size: 9pt; font-family: Arial, sans-serif; color: rgb(87, 89, 88);" class=""> </span><a href="http://www.twitter.com/_Genetec_" style="color: rgb(149, 79, 114); text-decoration: underline;" class=""><span style="font-size: 9pt; font-family: Arial, sans-serif; color: rgb(87, 89, 88); text-decoration: none;" class=""><span id="cid:image004.png@01D1C091.EF4E1DC0"><image004.png></span></span></a><span lang="FR-CA" style="font-size: 9pt; font-family: Arial, sans-serif; color: rgb(87, 89, 88);" class=""> </span><a href="http://www.youtube.com/Genetec" style="color: rgb(149, 79, 114); text-decoration: underline;" class=""><span style="font-size: 9pt; font-family: Arial, sans-serif; color: rgb(87, 89, 88); text-decoration: none;" class=""><span id="cid:image005.png@01D1C091.EF4E1DC0"><image005.png></span></span></a></div></div></div></blockquote></div><br class=""></div></body></html>