Subject: | Kerberos rsh hangs in accpet() if the remote server closes the connection before opening the secondary connection |
Cc: | geetap@hp.com |
I have downloaded krb5-1.2.7-14.src.rpm from MIT web page and could see
a hang in kerberos rsh client if the remote server closes the
connection before opening the control(secondary) connection. After
seeing the tusc (trace) output and going through the source code
attached I could notice that, rsh does not handle the primary
connection between write() and accpet() in the chunk of code given
below ( from kcmd.c)
listen(s2, 1);
(void) sprintf(num, "%d", lport);
if (write(s, num, strlen(num)+1) != strlen(num)+1) {
perror("write: setting up stderr");
(void) close(s2);
status = -1;
goto bad;
}
s3 = accept(s2, (struct sockaddr *)&from, &len);
(void) close(s2);
if (s3 < 0) {
perror("accept");
lport = 0;
status = -1;
goto bad;
}
With this, if there is error message reported by the remote server in
opening the secondary connection or remote server exits, it will not be
read and the client will block in accept() forever.
This problem can be fixed by the way it has been done in rcmd.c.
a hang in kerberos rsh client if the remote server closes the
connection before opening the control(secondary) connection. After
seeing the tusc (trace) output and going through the source code
attached I could notice that, rsh does not handle the primary
connection between write() and accpet() in the chunk of code given
below ( from kcmd.c)
listen(s2, 1);
(void) sprintf(num, "%d", lport);
if (write(s, num, strlen(num)+1) != strlen(num)+1) {
perror("write: setting up stderr");
(void) close(s2);
status = -1;
goto bad;
}
s3 = accept(s2, (struct sockaddr *)&from, &len);
(void) close(s2);
if (s3 < 0) {
perror("accept");
lport = 0;
status = -1;
goto bad;
}
With this, if there is error message reported by the remote server in
opening the secondary connection or remote server exits, it will not be
read and the client will block in accept() forever.
This problem can be fixed by the way it has been done in rcmd.c.
Message body is not shown because it is too large.