This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: ZoneAlarm Suite popen hang


On Mon, 9 Jan 2006, Brett Serkez wrote:

> [snip]
> > Well, if you can find where ssh is invoked, you can also give it the
> > "-n" parameter, which would result in equivalent functionality.
>
> I don't want to confuse anybody, the command in question is being run
> internally by ssh to setup an X authorization cookie to pass over the
> the xterm on the remote system.  I did try -n to no avail.
>
> ssh -vvv -n -X target
> OpenSSH_4.2p1, OpenSSL 0.9.8a 11 Oct 2005
> Pseudo-terminal will not be allocated because stdin is not a terminal.
> debug1: Reading configuration data /etc/ssh_config
> debug2: ssh_connect: needpriv 0
> debug1: Connecting to 192.168.0.100 [192.168.0.100] port 22.
> debug1: Connection established.
>
> ...snip...
>
> debug1: Authentication succeeded (password).
> debug2: fd 4 setting O_NONBLOCK
> debug1: channel 0: new [client-session]
> debug3: ssh_session2_open: channel_new: 0
> debug2: channel 0: send open
> debug1: Entering interactive session.
> debug2: callback start
> debug2: x11_get_proto: /usr/X11R6/bin/xauth -f
> /tmp/ssh-1X7a4Jwi47/xauthfile generate 127.0.0.1:0.0 MIT-MAGIC-COOKIE-1
> untrusted timeout 1200 2>/dev/null
>
> The message I referenced earlier goes into some depth about
> x11_get_proto and how the xauth command above is being run:
>
> http://www.cygwin.com/ml/cygwin/2004-11/msg00626.html
>
> Perhaps popen is using a socket or named pipe????

popen() is probably using a regular pipe...

> I do appreciate the suggestions so far.  I just don't yet understand
> how the installation and deinstallation of ZoneAlarm is effecting
> this behavior.

It's a known fact that firewall programs insert their own DLLs into the
network stack, thus subtly changing the assumptions some programs (i.e.,
Cygwin in this case) make about socket behavior.  However, I haven't heard
of firewall programs affecting pipes.

One way to check this is to run the above command under strace (both with
ZoneAlarm installed and without it), and then compare the two outputs
(note that you may want to mask out the PID and time fields, at least, to
get a meaningful diff).  You can use strace's "-o" option to redirect the
output to a file.  This would also show what popen() is doing.
HTH,
	Igor
-- 
				http://cs.nyu.edu/~pechtcha/
      |\      _,,,---,,_	    pechtcha@cs.nyu.edu | igor@watson.ibm.com
ZZZzz /,`.-'`'    -.  ;-;;,_		Igor Peshansky, Ph.D. (name changed!)
     |,4-  ) )-,_. ,\ (  `'-'		old name: Igor Pechtchanski
    '---''(_/--'  `-'\_) fL	a.k.a JaguaR-R-R-r-r-r-.-.-.  Meow!

"Las! je suis sot... -Mais non, tu ne l'es pas, puisque tu t'en rends compte."
"But no -- you are no fool; you call yourself a fool, there's proof enough in
that!" -- Rostand, "Cyrano de Bergerac"


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]