https://bugzilla.mindrot.org/show_bug.cgi?id=2139
--- Comment #1 from Arthur Mesh <[email protected]> --- I have some more details: Apparently, startup_pipe gets the same fd value as connection_in/connection_out. 2094 authenticated: 2095 /* 2096 * Cancel the alarm we set to limit the time taken for 2097 * authentication. 2098 */ 2099 alarm(0); 2100 signal(SIGALRM, SIG_DFL); 2101 authctxt->authenticated = 1; 2102 if (startup_pipe != -1) { 2103 close(startup_pipe); 2104 startup_pipe = -1; 2105 } So by closing(startup_pipe) on line 2103, we also inadvertently close connection_in/connection_out fd. Which causes the bug. --- sshd.c.orig 2013-08-02 19:40:58.000000000 -0700 +++ sshd.c 2013-08-02 19:41:01.000000000 -0700 @@ -2100,7 +2100,7 @@ signal(SIGALRM, SIG_DFL); authctxt->authenticated = 1; if (startup_pipe != -1) { - close(startup_pipe); + //close(startup_pipe); startup_pipe = -1; } This prevents the problem from happening, but likely leaks the fd.. I need to futher look in to how startup_pipe is supposed to work and how to properly fix it. Thanks -- You are receiving this mail because: You are watching the assignee of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
