karaf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Peter Berkman (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (KARAF-3656) SSH message channel closed too early
Date Mon, 06 Jul 2015 22:09:05 GMT

    [ https://issues.apache.org/jira/browse/KARAF-3656?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14615753#comment-14615753

Peter Berkman commented on KARAF-3656:

I believe this broke something....

we upgraded to 3.0.4 and now are ant tasks (for product installation) hang.

here is the macro we are using in ant:
    <presetdef name="ngsexec">
        <sshexec host="localhost"
          timeout="60000" />

<ngsexec command="list" />

Basically, Karaf never returns and the ant task times out....

when I set it to verbose, here is the output from a command 'list':

  [ngsexec] Connecting to localhost:8101
  [ngsexec] Connecting to localhost port 8101
  [ngsexec] Connection established
  [ngsexec] Remote version string: SSH-2.0-SSHD-CORE-0.14.0
  [ngsexec] Local version string: SSH-2.0-JSCH-0.1.51
  [ngsexec] CheckCiphers: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,arcfour,arcfour128,arcfour256
  [ngsexec] aes256-cbc is not available.
  [ngsexec] aes192-cbc is not available.
  [ngsexec] CheckKexes: diffie-hellman-group14-sha1
  [ngsexec] diffie-hellman-group14-sha1 is not available.
  [ngsexec] SSH_MSG_KEXINIT sent
  [ngsexec] SSH_MSG_KEXINIT received
  [ngsexec] kex: server: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group1-sha1
  [ngsexec] kex: server: ssh-rsa
  [ngsexec] kex: server: aes128-ctr
  [ngsexec] kex: server: aes128-ctr
  [ngsexec] kex: server: hmac-sha1
  [ngsexec] kex: server: hmac-sha1
  [ngsexec] kex: server: none
  [ngsexec] kex: server: none
  [ngsexec] kex: server:
  [ngsexec] kex: server:
  [ngsexec] kex: client: diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1
  [ngsexec] kex: client: ssh-rsa,ssh-dss
  [ngsexec] kex: client: aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc
  [ngsexec] kex: client: aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc
  [ngsexec] kex: client: hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96
  [ngsexec] kex: client: hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96
  [ngsexec] kex: client: none
  [ngsexec] kex: client: none
  [ngsexec] kex: client:
  [ngsexec] kex: client:
  [ngsexec] kex: server->client aes128-ctr hmac-sha1 none
  [ngsexec] kex: client->server aes128-ctr hmac-sha1 none
  [ngsexec] SSH_MSG_KEXDH_INIT sent
  [ngsexec] expecting SSH_MSG_KEXDH_REPLY
  [ngsexec] ssh_rsa_verify: signature true
  [ngsexec] Permanently added 'localhost' (RSA) to the list of known hosts.
  [ngsexec] SSH_MSG_NEWKEYS sent
  [ngsexec] SSH_MSG_NEWKEYS received
  [ngsexec] SSH_MSG_SERVICE_REQUEST sent
  [ngsexec] SSH_MSG_SERVICE_ACCEPT received
  [ngsexec] Authentications that can continue: publickey,keyboard-interactive,password
  [ngsexec] Next authentication method: publickey
  [ngsexec] Authentications that can continue: keyboard-interactive,password
  [ngsexec] Next authentication method: keyboard-interactive
  [ngsexec] Authentication succeeded (keyboard-interactive).
  [ngsexec] cmd : http:list
  [ngsexec] ID | Servlet          | Servlet-Name   | State       | Alias               | Url
  [ngsexec] --
  [ngsexec] ----------------
  [ngsexec] --------------
  [ngsexec] -----------
  [ngsexec] -------------------
  [ngsexec] -----------------------
  [ngsexec] ---------------
  [ngsexec] 82 | ResourceServlet  | /res           | Deployed    | /system/console/res | [/system/console/res/*]
  [ngsexec] 82 | KarafOsgiManager | ServletModel-2 | Undeployed  | /system/console     | [/system/console/*]
  [ngsexec] 82 | KarafOsgiManager | ServletModel-5 | Deployed    | /system/console     | [/system/console/*]
  [ngsexec] Disconnecting from localhost port 8101
  [ngsexec] Caught an exception, leaving main loop due to Socket Closed

C:\nextgate\install\ngs\1.0.0-SNAPSHOT_rev17813\ngs_install.xml:459: Timeout period exceeded,
connection dropped.

> SSH message channel closed too early
> ------------------------------------
>                 Key: KARAF-3656
>                 URL: https://issues.apache.org/jira/browse/KARAF-3656
>             Project: Karaf
>          Issue Type: Bug
>          Components: karaf-shell
>    Affects Versions: 3.0.3, 2.4.1, 2.3.10, 4.0.0.M2
>            Reporter: Jan-Peter Nilsson
>            Assignee: Guillaume Nodet
>            Priority: Minor
>             Fix For: 2.4.2, 3.0.4, 2.3.12, 4.0.0.M3
>         Attachments: 0001-KARAF-3656-Spawn-a-new-thread-for-ShellCommand.start.patch
> Using SSH exec with Karaf 2.3.10 SSH_MSG_CHANNEL_SUCCESS is sent after SSH_MSG_CHANNEL_CLOSE
in the response.
> This causes problems when trying to use the Paramiko SSH client library as it will close
the channel on receiving SSH_MSG_CHANNEL_CLOSE and considers it a failure if SSH_MSG_CHANNEL_SUCCESS
was not received.
> {code:title=reproduce.py|borderStyle=solid}
> #!/usr/bin/python
> import paramiko
> client = paramiko.SSHClient()
> client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
> client.load_system_host_keys()
> client.connect('localhost', port=8101, username="karaf", password="karaf")
> client.exec_command('help')
> # Throws SSHException "Channel closed." for affected versions.
> {code}
> The reason SUCCESS and CLOSE come out of order seems to be that start in the ShellCommand
class does not spawn a separate thread but calls the onExit callback from within the same
thread, see [SSHD-295|https://issues.apache.org/jira/browse/SSHD-295] and the [Apache MINA
SSHD API|http://mina.apache.org/sshd-project/apidocs/org/apache/sshd/server/Command.html#start-org.apache.sshd.server.Environment-].

This message was sent by Atlassian JIRA

View raw message