Date: Wed, 28 Feb 2001 17:37:40 +0200 (SAT) From: John Hay <jhay@icomtek.csir.co.za> To: jlemon@flugsvamp.com (Jonathan Lemon) Cc: jedgar@fxp.org (Chris Faulhaber), kris@obsecurity.org (Kris Kennaway), veldy@veldy.net (Thomas T. Veldhouse), jlemon@FreeBSD.ORG, stable@FreeBSD.ORG Subject: Re: SSH1 fixed yet? Message-ID: <200102281537.f1SFbeM57533@zibbi.icomtek.csir.co.za> In-Reply-To: <20010228091222.O20550@prism.flugsvamp.com> from Jonathan Lemon at "Feb 28, 2001 09:12:22 am"
next in thread | previous in thread | raw e-mail | index | archive | help
> > > > sshd -d
> > > >
> > > > once, and then running sshd. Does sshd -d make any files ?
> > >
> > > Nope..
> > >
> > > I wonder if you were having transient DNS problems which just happened
> > > to coincide with this. DNS is the big thing which causes OpenSSH to
> > > have problems.
> > >
> >
> > This appears to be related to recent kqueue changes that may be
> > affecting the resolver. sshd works fine on kernels from sources
> > before the 25th or so but has problems on newer ones. I narrowed
> > it down last night to the following commit (committer cc'd).
>
> Funny. I've been doing 'make world' for a long time on my -stable
> box, and have never run into a DNS problem. However, today, I decided
> to run mergemaster to sync up all my /etc files; my original /etc
> installation was from 1999.
>
> After running mergemaster, I'm now seeing DNS problems, so I'll
> look at them now. But it seems that the problem is also related
> to specific configuration settings, in case this rings a bell
> with anyone.
I found that for some reason getipnodebyaddr() will return the correct
answer the first time and fail for the rest if a program is dynamically
linked. If it is statically linked it works everytime. I first found
it in -current because I saw sendmail fail on the second address of
the interface and was investigating that. When I sent mail about it to
-current someone said people on stable also had problems the last day
or so. So I tried it on -stable. A week old stable is ok, but one
built yesterday show the same problem.
Try the program at the end of the email. Change the ip address if you
want to to something closer to.
Here if I compile it dinamic the second getipnodebyaddr() fail. If I
compile it static both are ok. I have also linked sendmail static and
now it can resolve all the ip numbers of the interface.
I also tried the new -stable libraries on the week old kernel. That
works just fine.
I have run a tcpdump during these sessions and can see that the dns
request that fails are resend a few times and I can also see the reply
coming back everytime, so it isn't a dns problem.
Now getipnodebyaddr() is most probably not the problem just a symptom,
but maybe it can put someone on the right track.
John
--
John Hay -- John.Hay@icomtek.csir.co.za
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <netdb.h>
#include <stdio.h>
int main(int argc, char **argv)
{
struct hostent *he;
int h_err;
u_char ipnum[16];
char *astr1;
astr1 = "146.64.24.3";
h_err = inet_pton(AF_INET, astr1, ipnum);
if(h_err == 0) {
printf("conversion error with inet_pton()\n");
exit(1);
}
he = getipnodebyaddr(ipnum, 4, AF_INET, &h_err);
if(he == NULL) {
printf("Oops: %d.\n", h_err);
herror("getipnodebyaddr");
} else
printf("And the answer is: %s\n", he->h_name);
he = getipnodebyaddr(ipnum, 4, AF_INET, &h_err);
if(he == NULL) {
printf("Oops: %d.\n", h_err);
herror("getipnodebyaddr");
} else
printf("And the answer is: %s\n", he->h_name);
return 0;
}
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200102281537.f1SFbeM57533>