[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SSH Server side development

On Wed, 2009-07-29 at 18:46 +0200, Andreas Schneider wrote:
> On Tuesday 28 July 2009 19:26:42 Preston A. Elder wrote:
> > Here is the re-based patch.
> Commited, thanks for your contribution!

NP.  Sorry about the compile errors (I saw the subsequent commits in the
repository browser), I'm new to GIT.  I did the 'git add' before I did a
compile, then I did a compile, fixed said errors, THEN did 'git commit',
apparently it picks up the changes at the add stage instead of commit.

But I didn't realize the patch was wrong because my repository was
compiling ;P

I'm too used to CVS / SVN / etc.

FYI, I had put that channel_write_stderr in server.h intentionally
because people using the client interface should not be writing to
stderr, only the server side should write to stderr.  But it doesn't
bother me either way.

Is there any plans to address some of the other issues I raised in my
previous email - namely:
  - the non-existence of non-blocking channel_write operations
  - that certain points especially during initialization (eg.
ssh_accept) also require blocking operations which, when running a
server with potentially multiple ssh clients being multiplexed on a
single thread makes me susceptible to malicious code that deliberately
does not respond after a certain point in the initialization, causing my
blocking read to hang (and all ssh sessions being multiplexed on the
same thread to be delayed/hang accordingly).

Of course, both would be alleviated by completely detaching socket
operations from the SSH protocol conversations and letting another layer
(which can be replaced) take care of socket (or potentially even
non-socket) communications, but that's a huge job.  So baby steps ;)

But the idea is that there should be no reason for the server-side SSH
code to ever be invoking a blocking operation of that is what is desired
(which for me, it is).

PreZ :)

SSH Server side development"Preston A. Elder" <prez@xxxxxxxxxxxxxx>
Re: SSH Server side developmentAndreas Schneider <mail@xxxxxxxxxxxx>
Re: SSH Server side development"Preston A. Elder" <prez@xxxxxxxx>
Re: SSH Server side developmentAndreas Schneider <mail@xxxxxxxxxxxx>
Archive administrator: postmaster@lists.cynapses.org