libssh2: libssh2_channel_read() would block after libssh2_channel_request_auth_agent()
I first stumbled into this when trying to use the Rust bindings (ssh2-rs): https://github.com/alexcrichton/ssh2-rs/issues/200
Now I’m trying to see if it works in libssh2 directly, and I’m getting seemingly the same behaviour.
I’ve tried example/ssh2_agent_forwarding.c and replaced commandline to read
const char *commandline = "echo $SSH_AUTH_SOCK; ssh-add -l";
I expected to see the output from the ssh-add -l but it just hangs there…
Here’s the output with some additional debug prints added (also timestamps):
zimage@damage72:/tmp/libssh2/example$ ./ssh2_agent_forwarding 213.145.98.12 root 2>&1 |ts
ное 15 15:52:34 Authentication with username root and public key /home/zimage/.ssh/id_rsa succeeded!
ное 15 15:52:34 calling libssh2_channel_read()...
ное 15 15:52:34 libssh2_channel_read returned -37
ное 15 15:52:34 out of read() loop
ное 15 15:52:34 waitsocket() after EAGAIN
ное 15 15:52:34 calling libssh2_channel_read()...
ное 15 15:52:34 We read:
ное 15 15:52:34 /tmp/ssh-yWHEOIpmmc/agent.23377
ное 15 15:52:34
ное 15 15:52:34 calling libssh2_channel_read()...
ное 15 15:52:34 libssh2_channel_read returned -37
ное 15 15:52:34 out of read() loop
ное 15 15:52:34 waitsocket() after EAGAIN
ное 15 15:52:34 calling libssh2_channel_read()...
ное 15 15:52:34 libssh2_channel_read returned -37
ное 15 15:52:34 out of read() loop
ное 15 15:52:34 waitsocket() after EAGAIN
ное 15 15:52:44 calling libssh2_channel_read()...
ное 15 15:52:44 libssh2_channel_read returned -37
ное 15 15:52:44 out of read() loop
ное 15 15:52:44 waitsocket() after EAGAIN
ное 15 15:52:54 calling libssh2_channel_read()...
ное 15 15:52:54 libssh2_channel_read returned -37
ное 15 15:52:54 out of read() loop
ное 15 15:52:54 waitsocket() after EAGAIN
Is this example wrong or is there bug somewhere? What additional information would you need from me?
Version (please complete the following information):
- OS: Linux (Ubuntu 20.10)
- libssh2 version 1.9.0_DEV (git master cfe0bf64985fd6a5db3b45ffc31a2fe3b8fd9948)
About this issue
- Original URL
- State: closed
- Created 4 years ago
- Comments: 18 (10 by maintainers)
Commits related to this issue
- add placeholder for agent forwarding It's not fully implemented by libssh2. refs: https://github.com/libssh2/libssh2/issues/535 — committed to wez/wezterm by wez 3 years ago
I can confirm it works for those of us implementing our own agents
I’ve got a WIP PR for this https://github.com/libssh2/libssh2/pull/752 It contains what I believe are the relevant changes betwene our internal copy of libssh2 and this repository. We were pretty good about calling out in comments where we differ from the official release.
One thing that became clear when putting this together is that it’s not a full implementation of agent forwarding. What we did was copy ssh-agent.c from the OpenSSH project into our soruce repostiory, along with other files from that project that it includes. We then modified
authagent_process_input()to call the new libssh2 callbacks. In ourLIBSSH2_CALLBACK_AUTHAGENTcallback, we save off the channel, and in the code where we call libssh2_channel_read() on our data channel, we also call libssh2_channel_read() on this auth channel, passing the buffer to authagent_process_input(), then call authagent_getoutput(), pass that data to the auth channel using libssh2_channel_write(), and finally call libssh2_channel_write().This PR would benefit by someone using it to confirm that it works, and possibly adding or editing some of the tests. (We have our own internal tests, and the docker commands used by the tests in this project have never worked on my machines.)