Sending SSH_MSG_GLOBAL_REQUEST as keep-alive to the client

To: <ietf-ssh%NetBSD.org@localhost>
Subject: Sending SSH_MSG_GLOBAL_REQUEST as keep-alive to the client
From: "denis bider" <ietf-ssh%denisbider.com@localhost>
Date: Sat, 6 Nov 2004 00:08:20 +0100

Hi everyone,

in our server we have had some problems with detecting broken sessions from
clients in the past - the underlying sockets layer would simply not report
the session being terminated although effectively it was dead - and we
didn't want to solve it with an inactivity timeout because for our purposes
that would have to be too long, so my solution was to implement a sort of
ping feature in the server: the server sends an SSH_MSG_GLOBAL_REQUEST of an
arbitrary (locally defined) type, and expects to receive either SUCCESS or
FAILURE from the client. If neither arrives, and no other data either, the
session is deemed to be broken, and is closed.

This works fine with all recent clients I have had the chance of testing.
However we have had some reports from customers using older versions of
OpenSSH, which seem to bomb out and disconnect when SSH_MSG_GLOBAL_REQUEST
is received. The misbehaving versions I am aware of include 2.9, a
prehistoric one but still fairly widely deployed, apparently.

I believe that our server's behavior is correct according to the
specification. [CONNECT] does not explicitly say that global requests should
be handled by the client gracefully, but it does seem to imply so in its
non-biased description of the general nature of the packet (section 4 -
Global Requests): it refers to 'originator' and 'recipient' rather than
client and server, which supports the view that it should be possible for
servers to also send global requests. Indeed, we also use similar
server-side requests for purposes other than broken session detection in our
products.

But seeing that clients may exist which cannot handle this message, might it
be prudent to add an explicit note in [CONNECT] stating that clients should
handle unrecognized global requests gracefully? The note could be this
(appended to the end of section 4 - Global Requests):

  Note that, while this document defines only request messages sent
  by client to server, a server MAY also send global requests to the client.
  Such request types may be defined by an external specification, by
  local convention or may be sent with merely the intention of eliciting
  a response in order to validate that a session is still active. A client
  MUST gracefully handle unrecognized global requests by ignoring
  them and sending an SSH_MSG_REQUEST_FAILURE response.

A similar note should then also be appended to the end of section 5.4 -
Channel-Specific Requests.

Best regards,

denis

Follow-Ups:
- Re: Sending SSH_MSG_GLOBAL_REQUEST as keep-alive to the client
  - From: Chris Lonvick

Prev by Date: Re: New drafts
Next by Date: Proposed Meeting Discussion Items for the Core IDs
Previous by Thread: Agenda Items for Next Week
Next by Thread: Re: Sending SSH_MSG_GLOBAL_REQUEST as keep-alive to the client
Indexes:

Home | Main Index | Thread Index | Old Index