diff options
author | Simon Tatham <anakin@pobox.com> | 2021-08-14 12:56:20 +0300 |
---|---|---|
committer | Simon Tatham <anakin@pobox.com> | 2021-08-14 13:46:21 +0300 |
commit | c62b7229c1928f875c77108db50ab356c7f59001 (patch) | |
tree | 8688f72909bdb87d4039b47d8d8798c758768a2d /config.c | |
parent | dfb252d161e9dc7861c19da0dce9e565de321efd (diff) |
Bug workaround to delay sending our SSH greeting.
Ian Jackson recently tried to use the recipe in the psusan manpage for
talking to UML, and found that the connection was not successfully set
up, because at some point during startup, UML read the SSH greeting
(ok, the bare-ssh-connection greeting) from its input fd and threw it
away. So by the time psusan was run by the guest init process, the
greeting wasn't there to be read.
Ian's report: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991958
I was also able to reproduce this locally, which makes me wonder why I
_didn't_ notice it when I originally wrote that part of the psusan man
page. It worked for me before, honest! But now it doesn't.
Anyway. The ssh verstring module already has a mode switch to decide
whether we ought to send our greeting before or after waiting for the
other side's greeting (because that decision varies between client and
server, and between SSH-1 and SSH-2). So it's easy to implement an
override that forces it to 'wait for the server greeting first'.
I've added this as yet another bug workaround flag. But unlike all the
others, it can't be autodetected from the server's version string,
because, of course, we have to act on it _before_ seeing the server's
greeting and version string! So it's a manual-only flag.
However, I've mentioned it in the UML section of the psusan man page,
since that's the place where I _know_ people are likely to need to use
this flag.
Diffstat (limited to 'config.c')
-rw-r--r-- | config.c | 38 |
1 files changed, 38 insertions, 0 deletions
@@ -735,6 +735,37 @@ static void sshbug_handler(union control *ctrl, dlgparam *dlg, } } +static void sshbug_handler_manual_only(union control *ctrl, dlgparam *dlg, + void *data, int event) +{ + /* + * This is just like sshbug_handler, except that there's no 'Auto' + * option. Used for bug workaround flags that can't be + * autodetected, and have to be manually enabled if they're to be + * used at all. + */ + Conf *conf = (Conf *)data; + if (event == EVENT_REFRESH) { + int oldconf = conf_get_int(conf, ctrl->listbox.context.i); + dlg_update_start(ctrl, dlg); + dlg_listbox_clear(ctrl, dlg); + dlg_listbox_addwithid(ctrl, dlg, "Off", FORCE_OFF); + dlg_listbox_addwithid(ctrl, dlg, "On", FORCE_ON); + switch (oldconf) { + case FORCE_OFF: dlg_listbox_select(ctrl, dlg, 0); break; + case FORCE_ON: dlg_listbox_select(ctrl, dlg, 1); break; + } + dlg_update_done(ctrl, dlg); + } else if (event == EVENT_SELCHANGE) { + int i = dlg_listbox_index(ctrl, dlg); + if (i < 0) + i = FORCE_OFF; + else + i = dlg_listbox_getid(ctrl, dlg, i); + conf_set_int(conf, ctrl->listbox.context.i, i); + } +} + struct sessionsaver_data { union control *editbox, *listbox, *loadbutton, *savebutton, *delbutton; union control *okbutton, *cancelbutton; @@ -3049,6 +3080,13 @@ void setup_config_box(struct controlbox *b, bool midsession, HELPCTX(ssh_bugs_maxpkt2), sshbug_handler, I(CONF_sshbug_maxpkt2)); + s = ctrl_getset(b, "Connection/SSH/Bugs", "manual", + "Manually enabled workarounds"); + ctrl_droplist(s, "Discards data sent before its greeting", 'd', 20, + HELPCTX(ssh_bugs_dropstart), + sshbug_handler_manual_only, + I(CONF_sshbug_dropstart)); + ctrl_settitle(b, "Connection/SSH/More bugs", "Further workarounds for SSH server bugs"); |