SSH login takes very long time...sometimes
Rostislav Krasny
rosti.bsd at gmail.com
Sat Feb 25 06:47:11 PST 2006
On Sat, 25 Feb 2006 16:28:50 +0900
Hajimu UMEMOTO <ume at freebsd.org> wrote:
> Hi,
>
> >>>>> On Sat, 25 Feb 2006 02:42:46 +0200
> >>>>> Rostislav Krasny <rosti.bsd at gmail.com> said:
>
> rosti> I've found the problem in both: ftpd(8) and ftp(1). In the ftpd(8) a
> rosti> getaddrinfo() is called in two places with hints.ai_socktype == 0 and
> rosti> hints.ai_family == PF_UNSPEC. In the ftp(1) a command reply timeout is
> rosti> only 60 seconds. Those things are what I've changed to fix the problem.
> rosti> Two diffs are attached to this email. The ftpd.c.diff extends -4 and -6
> rosti> ftpd options. So if this patch is good, the ftpd(8) manual page and the
> rosti> default /etc/inetd.conf should also be changed appropriately.
>
> For your ftpd.c.diff, I like your idea to reduce redundant query. It
> is enough to query just appropriate address family. In inetd mode, we
> know the address family already. So, we don't need to rely on the
> -4/-6 option. The following diff is against ftpd.c with your patch
> applied:
>
> --- ftpd.c.rosti Sat Feb 25 15:41:52 2006
> +++ ftpd.c Sat Feb 25 16:01:46 2006
> @@ -423,10 +423,6 @@ main(int argc, char *argv[], char **envp
> }
> }
>
> -#ifdef VIRTUAL_HOSTING
> - inithosts(family);
> -#endif
> -
> if (daemon_mode) {
> int *ctl_sock, fd, maxfd = -1, nfds, i;
> fd_set defreadfds, readfds;
> @@ -456,6 +452,10 @@ main(int argc, char *argv[], char **envp
> sa.sa_handler = reapchild;
> (void)sigaction(SIGCHLD, &sa, NULL);
>
> +#ifdef VIRTUAL_HOSTING
> + inithosts(family);
> +#endif
> +
> /*
> * Open a socket, bind it to the FTP port, and start
> * listening.
> @@ -525,6 +525,14 @@ main(int argc, char *argv[], char **envp
> syslog(LOG_ERR, "getpeername (%s): %m",argv[0]);
> exit(1);
> }
> +
> +#ifdef VIRTUAL_HOSTING
> + family = his_addr.su_family;
> + if (his_addr.su_family == AF_INET6 &&
> + IN6_IS_ADDR_V4MAPPED(&his_addr.su_sin6.sin6_addr))
> + family = AF_INET;
> + inithosts(family);
> +#endif
> }
>
> gotchild:
"family = his_addr.su_family;" is really a good idea. But what is the
reason to check if IPv6 address of a remote client is IPv4 mapped and
assign AF_INET to a 'family' when that's true? The inithosts() doesn't
lookup for that address but for the server's hostname and optionally
virtual server's hostnames from /etc/ftphosts. I think it's unnecessary
and can even produce problems. IMHO "inithosts(family);" could be
called right after the "family = his_addr.su_family;" line.
> For ftp.c.diff, how about considering adding new option for timeout?
That was what I thought about when wrote my previous email. What name
could be good for that option? Is "-c seconds" (ftp Command reply
timeout in seconds) a good one?
> However, I'm still in doubt. I cannot think it is usual situation
> that there are unreachable IP addresses in /etc/resolv.conf.
It is unusual situation but it can happen. Otherwise this duscussion
was not started.
More information about the freebsd-stable
mailing list