Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

x/crypto/ssh: ssh client hangs on waitting for the openConfirm message. #50604

Open
ChiWu-Zero opened this issue Jan 14, 2022 · 4 comments
Open

x/crypto/ssh: ssh client hangs on waitting for the openConfirm message. #50604

ChiWu-Zero opened this issue Jan 14, 2022 · 4 comments
Labels
NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Milestone
Unreleased

Comments

@ChiWu-Zero
Copy link

  • overview

The hang problem arises when using the library, the ssh client key code in file ssh/mux.go:

open := channelOpenMsg{
	ChanType:         chanType,
	PeersWindow:      ch.myWindow,
	MaxPacketSize:    ch.maxIncomingPayload,
	TypeSpecificData: extra,
	PeersID:          ch.localId,
}
if err := m.sendMessage(open); err != nil {
	return nil, err
}

switch msg := (<-ch.msg).(type) {
case *channelOpenConfirmMsg:
	return ch, nil
case *channelOpenFailureMsg:
	return nil, &OpenChannelError{msg.Reason, msg.Message}
default:
	return nil, fmt.Errorf("ssh: unexpected packet in response to channel open: %T", msg)
}

The process hangs on the line of "switch msg := (<-ch.msg).(type) ",it may loss the OpenConfirm msg because of the sshd server or the net status.
Maybe we should add the timeout when waitting for the confirm msg.

select {
case data := <-ch.msg:
	switch msg := data.(type) {
	case *channelOpenConfirmMsg:
		return ch, nil
	case *channelOpenFailureMsg:
		return nil, &OpenChannelError{msg.Reason, msg.Message}
	default:
		return nil, fmt.Errorf("ssh: unexpected packet in response to channel open: %T", msg)
	}
case <-time.After(aliveTime):
	return nil, fmt.Errorf("ssh: the confirm message maybe lost")
}
@gopherbot gopherbot added this to the Unreleased milestone Jan 14, 2022
@ChiWu-Zero ChiWu-Zero mentioned this issue Jan 17, 2022
Open
@ianlancetaylor
Copy link
Contributor

This doesn't seem to be a proposal, taking it out of the proposal process.

@ianlancetaylor ianlancetaylor added the NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. label Jan 19, 2022
@ianlancetaylor
Copy link
Contributor

CC @golang/security

@nemith
Copy link
Contributor

nemith commented Jun 15, 2023

Context support here would be greatly appreciated.

@schachmat
Copy link

Just encountered this issue as well. Was super annoying to debug where the hang came from. Proper context support seems like the right way forward. Slightly modified suggestion from first comment:

select {
case data := <-ch.msg:
	switch msg := data.(type) {
	case *channelOpenConfirmMsg:
		return ch, nil
	case *channelOpenFailureMsg:
		return nil, &OpenChannelError{msg.Reason, msg.Message}
	default:
		return nil, fmt.Errorf("ssh: unexpected packet in response to channel open: %T", msg)
	}
case <-ctx.Done():
	return nil, ctx.Err()
}

Just needs to be piped through the layers and callers need to adapt (or a second set of public functions which additionally accept the context is offered).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Projects
None yet
Milestone
Unreleased
Development

No branches or pull requests
5 participants
@nemith @schachmat @ianlancetaylor @gopherbot @ChiWu-Zero