2918 – ssh ConnectTimeout is obeyed only on 1st ConnectionAttempt

Bug 2918 - ssh ConnectTimeout is obeyed only on 1st ConnectionAttempt

Summary: ssh ConnectTimeout is obeyed only on 1st ConnectionAttempt

Status:	CLOSED FIXED

Alias:	None

Product:	Portable OpenSSH
Classification:	Unclassified
Component:	ssh (show other bugs)
Version:	7.6p1
Hardware:	amd64 Linux

Importance:	P5 normal
Assignee:	Assigned to nobody

URL:
Keywords:

Duplicates (1):	3066 (view as bug list)
Depends on:
Blocks:	V_8_0
	Show dependency tree / graph

Reported:	2018-10-16 21:41 AEDT by Vide
Modified:	2023-01-13 13:26 AEDT (History)
CC List:	3 users (show)

See Also:

Attachments
Save initial timeout and reused for 2nd and subsequent connection attempts (886 bytes, patch) 2019-02-01 14:31 AEDT, Darren Tucker	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Vide 2018-10-16 21:41:04 AEDT

Setting the SSH option ConnectTimeout=N only works on the first ConnectionAttempts. So, if you set ConnectionAttempts=2 for example, it will time out after N second on the first attempt and wait the full, default TCP timeout on the second attempt.

Example of the error:

$ time ssh -vvvv -o ConnectTimeout=2 -o ConnectionAttempts=2 -o StrictHostKeyChecking=false -o UserKnownHostsFile=/dev/null 1.2.3.4
OpenSSH_7.6p1 Ubuntu-4, OpenSSL 1.0.2n 7 Dec 2017
debug1: Reading configuration data /home/vide/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: resolving "1.2.3.4" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to 1.2.3.4 [1.2.3.4] port 22.
debug2: fd 3 setting O_NONBLOCK
debug1: connect to address 1.2.3.4 port 22: Connection timed out
debug1: Trying again...
debug1: Connecting to 1.2.3.4 [1.2.3.4] port 22.
debug1: connect to address 1.2.3.4 port 22: Connection timed out
ssh: connect to host 1.2.3.4 port 22: Connection timed out

real 2m13,670s
user 0m0,012s
sys 0m0,018s

This seems a regression from OpenSSH 7.5 where it works as expected. OpenSSH 7.8 seems affected as well
The first timeout happens after 2 seconds, the second after ~2 minutes

Comment 1 Darren Tucker 2019-02-01 14:27:33 AEDT

Comparing sshconnect.c between the two versions, I think I see what happened: 7.6 added waitrfd(), which writes the remaining timeout back to timeoutp.  After the 1st timeout, this does not get reset on the 2nd and subsequent connection attempts, and a timeout of 0 means "no timeout".

Comment 2 Darren Tucker 2019-02-01 14:31:56 AEDT

Created attachment 3233 [details]
Save initial timeout and reused for 2nd and subsequent connection attempts

Comment 3 Darren Tucker 2019-02-01 14:39:30 AEDT

Test case with patch:
$ time ssh/obj/ssh -vvv -o ConnectTimeout=2 -o ConnectionAttempts=2 -o StrictHostKeyChecking=false -o UserKnownHostsFile=/dev/null 1.2.3.4
[...]
debug2: ssh_connect_direct
debug1: Connecting to 1.2.3.4 [1.2.3.4] port 22.
debug2: fd 3 setting O_NONBLOCK
debug1: connect to address 1.2.3.4 port 22: Operation timed out
debug1: Trying again...
debug1: Connecting to 1.2.3.4 [1.2.3.4] port 22.
debug2: fd 3 setting O_NONBLOCK
debug1: connect to address 1.2.3.4 port 22: Operation timed out
ssh: connect to host 1.2.3.4 port 22: Operation timed out

real    0m5.077s
user    0m0.010s
sys     0m0.030s

Comment 4 Darren Tucker 2019-02-01 14:56:33 AEDT

Patch has been applied and will be in the 8.0 release.  Thanks for the report and especially specifying exactly the versions where it changed.

Comment 5 Damien Miller 2019-05-03 14:42:34 AEST

Move resolved bugs -> CLOSED after 8.0 release

Comment 6 Damien Miller 2019-09-06 12:51:00 AEST

*** Bug 3066 has been marked as a duplicate of this bug. ***