SIGPIPE from ssh-keyscan [patch]

[Alan Amesbury]

On May 1, 2019, at 20:07 , Jim Thompson <jim at netgate.com> wrote:

> The remote closed the session for some reason before ssh-keyscan wrote the greening ("SSH-2.0-OpenSSH-keyscan\r\n”), so you got SIGPIPE and ERRNO = 32 back from the write call.
> 
> Arguably the right thing occurred here, with the exception that it killed your ssh-keyscan process.
> 
> So perhaps instead of ignoring the signal, you should find out why the remote is exiting before the local can send its greeting.

I can't count on the remote side doing the write thing (yes, pun intended), as not all of the apparent "SSH servers" I attempt to obtain keys from are under my direct control.  For me it would be better if ssh-keyscan were simply more robust in handling unexpected input.

> Otherwise, it’s a bit less heavy-handed to 
> 
> Int set = 1;
> setsockopt(sd, SOL_SOCKET, SO_NOSIGPIPE, (void *)&set, sizeof(int));
> 
> Where sd is the descriptor in question (16 in your example below).
> 
> But other parts of ssh-keyscan seem to want to know that EPIPE has occurred, so neither is the correction solution here.

That's why I asked where this was a sane plan.  Again, I'm out of my depth here, and my solution reflects that.


-- 
Alan