Re: Incorrect protocol implementation by OpenSSH?



On Sat, 29 Sep 2007 08:49:36 +0100, Simon Tatham wrote:

H.K. Kingston-Smith <HKK-S@xxxxxxxxx> wrote:
I am not sure I entirely agree with that. If the client specifies
want-reply = 0 and the server does not support "exec", how can the
client know the reason behind the deadlock?

It can't.

It would seem that an "exec" (or "shell") request with want-reply
set to 0 sent to a server that does not support such a capability will
necessarily lead to a deadlock. Is this right in general?

I think so, yes. But you cannot deduce from that that the _server_
should do something different in that situation: it's the _client's_
fault for setting want_reply=0, and so the client should have done
something different. It isn't the server's job to exceed the protocol
specification in order to compensate for a broken client; it's the
client's job not to be broken in the first place.

That's right; OpenSSH is broken here.



.