Bug 2757 - rekey limit clashes with ClientAlive timeouts
Summary: rekey limit clashes with ClientAlive timeouts
Status: CLOSED FIXED
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: sshd (show other bugs)
Version: 7.5p1
Hardware: Other Linux
: P5 enhancement
Assignee: Assigned to nobody
URL:
Keywords:
Depends on:
Blocks: V_8_0
  Show dependency treegraph
 
Reported: 2017-08-12 01:00 AEST by Jakub Jelen
Modified: 2021-04-23 15:02 AEST (History)
2 users (show)

See Also:

Attachments
proposed patch (525 bytes, text/plain)
2017-08-12 01:00 AEST, Jakub Jelen 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Jakub Jelen 2017-08-12 01:00:28 AEST 
Created attachment 3036 [details]
proposed patch

Reproducer:
1. Start a server:
  /usr/sbin/sshd -D -ddd -p 8022 -o "ClientAliveCountMax=0" -o "ClientAliveInterval=900" -o "RekeyLimit=default 45s" -e

2. Connect with client
  ssh -p 8022 root@localhost "date; while :; do sleep 10; date; done"


Actual result:
No rekey happens, connection is dropped with error

  Timeout, client not responding.


Expected result:
  Rekey happens in 45 seconds, the connection is not dropped


Diagnostics:
The function wait_until_can_do_something() is selecting the timeout for select() function, but sets client_alive_scheduled even if it is scheduled for later than rekey should happen.

Proposed solution:
The client_alive_scheduled variable should be set only if the time is lower than the time for external event (rekeying). The attached patch resolved the problem for me and with openssh-7.4 all tests passed.
Comment 1 Darren Tucker 2017-08-18 13:23:08 AEST 
Looks reasonable to me, adding to the list for 7.6.
Comment 2 Damien Miller 2018-04-06 13:12:15 AEST 
Move to OpenSSH 7.8 tracking bug
Comment 3 Damien Miller 2018-08-10 11:38:03 AEST 
Retarget remaining bugs planned for 7.8 release to 7.9
Comment 4 Damien Miller 2018-08-10 11:38:21 AEST 
Retarget remaining bugs planned for 7.8 release to 7.9
Comment 5 Damien Miller 2018-10-19 17:13:40 AEDT 
Retarget unfinished bugs to OpenSSH 8.0
Comment 6 Damien Miller 2018-10-19 17:14:47 AEDT 
Retarget unfinished bugs to OpenSSH 8.0
Comment 7 Damien Miller 2018-10-19 17:15:43 AEDT 
Retarget unfinished bugs to OpenSSH 8.0
Comment 8 Jakub Jelen 2019-03-07 03:42:54 AEDT 
ping. Any update on this?
Comment 9 Damien Miller 2019-03-27 20:29:59 AEDT 
Patch applied and will be in OpenSSH 8.0 - thanks!
Comment 10 Damien Miller 2021-04-23 15:02:02 AEST 
closing resolved bugs as of 8.6p1 release