--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: reopen: Should close stderr when becoming multiplex master
- From: Julien Palard <julien@palard.fr>
- Date: Wed, 16 Nov 2016 10:45:47 +0100
- Message-id: <20161116094547.19420.74581.reportbug@dev4.eeple.fr>
Package: openssh-client
Version: 1:7.3p1-3+b1
Severity: normal
Dear Maintainer,
I think that the bug
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=714526 is still
live, after upgrading to 1:7.3p1-3+b1 (should have been fixed still
1:7.2p2-6).
I straced SSH with and without `ControlMaster` and extracted revelant
bits of information, redacting it, and removing useless lines. First,
without `ControlMaster`:
```
# Here, Python 3 Popen prepares pipes for stdin, stdout, and stderr:
7880 1479228055.059186 pipe2([8, 9], O_CLOEXEC) = 0
7880 1479228055.059226 pipe2([10, 11], O_CLOEXEC) = 0
7880 1479228055.059258 pipe2([12, 13], O_CLOEXEC) = 0
# Then ssh is cloned:
7880 1479228055.060158 clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x7f7bfd7fa9d0) = 7949
7949 1479228055.121259 <... clone resumed> child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x7fd3f2a63650) = 7954
7954 1479228055.121135 execve("/bin/sh", ["/bin/sh", "-c", "exec ssh user@gate.redacted -W dev2.redacted:22"], [/* 16 vars */] <unfinished ...>
# Normal exit
7949 1479228055.592488 +++ exited with 0 +++
7871 1479228055.592519 --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7949, si_uid=1003, si_status=0, si_utime=0, si_stime=2} ---
7954 1479228055.592786 exit_group(129) = ?
# Python receive EOF on stdout AND stderr
7880 1479228055.694455 read(12, <unfinished ...>
7880 1479228055.694480 <... read resumed> "", 32768) = 0
7880 1479228055.738380 read(10, <unfinished ...>
7880 1479228055.738410 <... read resumed> "", 32768) = 0
# So, as the process is exited, AND stdout/stderr had their EOF, Python 3 subprocess.Popen.communicate allows itself to wait for it:
7880 1479228055.924898 wait4(7949, <unfinished ...>
7880 1479228055.925334 <... wait4 resumed> [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], 0, NULL) = 7949
```
Now, with `ControlMaster`:
```
# Same pipes for stdin, stdout, and stderr from Python Popen:
6749 1479227922.771783 pipe2([8, 9], O_CLOEXEC) = 0
6749 1479227922.771831 pipe2([10, 11], O_CLOEXEC) = 0
6749 1479227922.771865 pipe2([12, 13], O_CLOEXEC) = 0
# A bunch of clones, SSH starting its master process:
6749 1479227922.774839 <... clone resumed> child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x7fa1957fa9d0) = 6824
6824 1479227922.818219 <... clone resumed> child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x7ff4c6f11650) = 6827
6827 1479227922.820940 execve("/bin/sh", ["/bin/sh", "-c", "exec ssh user@redacted -W redacted:22"], [/* 16 vars */] <unfinished ...>
6824 1479227923.204918 <... clone resumed> child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x7ff4c6f11650) = 6856
6856 1479227923.205441 <... clone resumed> child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x7ff4c6f11650) = 6857
6857 1479227923.206004 <... clone resumed> child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x7ff4c6f11650) = 6858
# Normal exit after work is done:
6824 1479227923.335999 +++ exited with 0 +++
6749 1479227923.336042 --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6824, si_uid=1003, si_status=0, si_utime=0, si_stime=0} ---
# Python is getting EOF on STDOUT
6749 1479227923.336086 read(10, "", 32768) = 0
# But here, process is a zombie (dead but not awaited), after like a minute,
# I send a SIGINT and a SIGQUIT to the Python process, so everyone dies and finally:
6749 1479227986.358448 read(12, "", 32768) = 0
6827 1479227986.328027 exit_group(130) = ?
6858 1479227986.329254 exit_group(255) = ?
6749 1479227986.578489 wait4(6824, <unfinished ...>
6749 1479227986.578546 <... wait4 resumed> [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], 0, NULL) = 6824
```
So here it looks like the bug is exactly the same as before: stdout is
closed but stderr is kept open. As Python's
``subprocess.Popen.communicate`` want to wait for both to be closed before
waiting for the process, it yields to stuck Python process and zombies.
-- System Information:
Debian Release: 8.6
APT prefers stable
APT policy: (900, 'stable'), (200, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.utf8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages openssh-client depends on:
ii adduser 3.113+nmu3
ii dpkg 1.17.27
ii libc6 2.24-5
ii libedit2 3.1-20140620-2
ii libgssapi-krb5-2 1.14.3+dfsg-2
ii libselinux1 2.3-2
ii libssl1.0.2 1.0.2j-1
ii passwd 1:4.2-3+deb8u1
ii zlib1g 1:1.2.8.dfsg-2+b1
Versions of packages openssh-client recommends:
ii xauth 1:1.0.9-1
Versions of packages openssh-client suggests:
pn keychain <none>
pn libpam-ssh <none>
pn monkeysphere <none>
pn ssh-askpass <none>
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: openssh
Source-Version: 1:7.9p1-1
We believe that the bug you reported is fixed in the latest version of
openssh, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 844494@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Colin Watson <cjwatson@debian.org> (supplier of updated openssh package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sun, 21 Oct 2018 10:39:24 +0100
Source: openssh
Binary: openssh-client openssh-server openssh-sftp-server ssh ssh-askpass-gnome openssh-client-udeb openssh-server-udeb
Architecture: source
Version: 1:7.9p1-1
Distribution: unstable
Urgency: medium
Maintainer: Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>
Changed-By: Colin Watson <cjwatson@debian.org>
Description:
openssh-client - secure shell (SSH) client, for secure access to remote machines
openssh-client-udeb - secure shell client for the Debian installer (udeb)
openssh-server - secure shell (SSH) server, for secure access from remote machines
openssh-server-udeb - secure shell server for the Debian installer (udeb)
openssh-sftp-server - secure shell (SSH) sftp server module, for SFTP access from remot
ssh - secure shell client and server (metapackage)
ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad
Closes: 177406 789532 828475 844494
Changes:
openssh (1:7.9p1-1) unstable; urgency=medium
.
* New upstream release (https://www.openssh.com/txt/release-7.9):
- ssh(1), sshd(8): allow most port numbers to be specified using service
names from getservbyname(3) (typically /etc/services; closes:
#177406).
- ssh(1): allow the IdentityAgent configuration directive to accept
environment variable names. This supports the use of multiple agent
sockets without needing to use fixed paths.
- sshd(8): support signalling sessions via the SSH protocol. A limited
subset of signals is supported and only for login or command sessions
(i.e. not subsystems) that were not subject to a forced command via
authorized_keys or sshd_config.
- ssh(1): support "ssh -Q sig" to list supported signature options.
Also "ssh -Q help" to show the full set of supported queries.
- ssh(1), sshd(8): add a CASignatureAlgorithms option for the client and
server configs to allow control over which signature formats are
allowed for CAs to sign certificates. For example, this allows
banning CAs that sign certificates using the RSA-SHA1 signature
algorithm.
- sshd(8), ssh-keygen(1): allow key revocation lists (KRLs) to revoke
keys specified by SHA256 hash.
- ssh-keygen(1): allow creation of key revocation lists directly from
base64-encoded SHA256 fingerprints. This supports revoking keys using
only the information contained in sshd(8) authentication log messages.
- ssh(1), ssh-keygen(1): avoid spurious "invalid format" errors when
attempting to load PEM private keys while using an incorrect
passphrase.
- sshd(8): when a channel closed message is received from a client,
close the stderr file descriptor at the same time stdout is closed.
This avoids stuck processes if they were waiting for stderr to close
and were insensitive to stdin/out closing (closes: #844494).
- ssh(1): allow ForwardX11Timeout=0 to disable the untrusted X11
forwarding timeout and support X11 forwarding indefinitely.
Previously the behaviour of ForwardX11Timeout=0 was undefined.
- sshd(8): when compiled with GSSAPI support, cache supported method
OIDs regardless of whether GSSAPI authentication is enabled in the
main section of sshd_config. This avoids sandbox violations if GSSAPI
authentication was later enabled in a Match block.
- sshd(8): do not fail closed when configured with a text key revocation
list that contains a too-short key.
- ssh(1): treat connections with ProxyJump specified the same as ones
with a ProxyCommand set with regards to hostname canonicalisation
(i.e. don't try to canonicalise the hostname unless
CanonicalizeHostname is set to 'always').
- ssh(1): fix regression in OpenSSH 7.8 that could prevent public-key
authentication using certificates hosted in a ssh-agent(1) or against
sshd(8) from OpenSSH <7.8 (LP: #1790963).
- All: support building against the openssl-1.1 API (releases 1.1.0g and
later). The openssl-1.0 API will remain supported at least until
OpenSSL terminates security patch support for that API version
(closes: #828475).
- sshd(8): allow the futex(2) syscall in the Linux seccomp sandbox;
apparently required by some glibc/OpenSSL combinations.
* Remove dh_builddeb override to use xz compression; this has been the
default since dpkg 1.17.0.
* Simplify debian/rules using /usr/share/dpkg/default.mk.
* Remove /etc/network/if-up.d/openssh-server, as it causes more problems
than it solves (thanks, Christian Ehrhardt, Andreas Hasenack, and David
Britton; closes: #789532, LP: #1037738, #1674330, #1718227). Add an
"if-up hook removed" section to README.Debian documenting the corner
case that may need configuration adjustments.
Checksums-Sha1:
02f65cb5d41cb680cdbd59533b4e1ca8e6e706f6 3121 openssh_7.9p1-1.dsc
993aceedea8ecabb1d0dd7293508a361891c4eaa 1565384 openssh_7.9p1.orig.tar.gz
e23d601363ab5ff0daae5714e77d06539a9aebe9 683 openssh_7.9p1.orig.tar.gz.asc
0420173569b37d7f64df25cde2981147ee735870 163012 openssh_7.9p1-1.debian.tar.xz
9f824d07b600b84035802712a43e83923b4db7e7 14938 openssh_7.9p1-1_source.buildinfo
Checksums-Sha256:
dcf0986f38bead63c956b8c75cee6cd6263d5f836faedf8a3a34f1976e6907fa 3121 openssh_7.9p1-1.dsc
6b4b3ba2253d84ed3771c8050728d597c91cfce898713beb7b64a305b6f11aad 1565384 openssh_7.9p1.orig.tar.gz
4fd584498595450d68f5514b3d79eb14425a3d6aa9e9021d9e928fdd7b4469eb 683 openssh_7.9p1.orig.tar.gz.asc
7b2ca8e1fac29e7a42141fdb6efb05c12ac3c98c4018478377d301098a7762da 163012 openssh_7.9p1-1.debian.tar.xz
aa8896c424a4357f4e3f70c9498d1226df96d029913e3afce40e27a392ef0f04 14938 openssh_7.9p1-1_source.buildinfo
Files:
169fdfded198d365193f03a2d8f2b616 3121 net standard openssh_7.9p1-1.dsc
c6af50b7a474d04726a5aa747a5dce8f 1565384 net standard openssh_7.9p1.orig.tar.gz
36f798ff56b24004e16c08bf4a5fc021 683 net standard openssh_7.9p1.orig.tar.gz.asc
f9fe15f8723a54a2072d7222dcd6f0d9 163012 net standard openssh_7.9p1-1.debian.tar.xz
acb341421aa0f910d6308e6f1465c502 14938 net standard openssh_7.9p1-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEErApP8SYRtvzPAcEROTWH2X2GUAsFAlvMSYAACgkQOTWH2X2G
UAsUMA//ewIH7+cPTzKVeQpmMDwIESrYoqRALoehigkz49fQ1iYcOB5R/Bb9ap8Y
3EVwlh5ryxclHbADuPkbQJEtyX7jLhW050tpholKTJsaCdNLn0/5Kojg39EGPSXq
u54vzm7j+OsWPFavzC/gjKVwqAOTdmOUXBg6rwTP1rjHrrKcX+olrTHMQ5V9bUqc
BedfpqM0eneO0Ei3mREXjoGMooXBg7AcQaUEImewdeMJLdFRWeg8Pk9pDIxpo4cE
SHKIC3UYqbUZnlJ/eqLHyACBKpsRWW3TYwyjDnNV8J8dJaeiPvlOoYiM/+ARuYDj
iC+KsP6DBWtjpunGHh32prok0ZTqpSXnZdg4Kog+AGVxzfPb8RzRGATOOjmvqXR/
5mhRWAZFdLqzRoC/Vltt6+ljumv1ewksOM5iY4bLuL18S50wOvdWMDdyZG64sLXm
BnVd2wNiIW08tIghNp3NjxyQKwI74iF2yfJcFE5AqULkPI7mWZvi/bIDjEJDgSlA
AtYyvuyUVLIZzYKs1Ic27RG5TnZZCVPmX1uqxR+B3NIsFDJtGHcJsO5azCMtevV/
gHK1Wx2bcN1JEUNS/DOPLB9GZQk7hlmAgG6MREmC2QAQg7Zo8TZeIW4mf6OELHqx
JRpHjJM+BH/9THJbweSy/yjLQ7PVyngGX0wxxxcbIvXWIV8HQdA=
=nwlI
-----END PGP SIGNATURE-----
--- End Message ---