Older blog entries for dtucker (starting at number 32)

Replaced my aging full-tower server (a 366MHz K6-3) with a VIA Mini-ITX system. Although it's 933MHz it seems to do less per cycle and has a smaller cache, so it's only roughly 50% quicker. On the other hand, it's quiet, smaller than my VCR, uses about 20W of power, has half a gigabyte of RAM and mirrored 80GB disks and I can stuff it into a cupboard out of the way. Just don't try to boot an i686 kernel on it.

Spent some time going through my openssh work-in-progress trees and merged some of the minor outstanding things (some AIX version compatibility issues, build fixes for other platforms and a few other minor fixes). Managed to close a couple of outstanding bug reports too.

Here's a really good way to annoy an member of an open software project (well, me anyway):
User: Your software doesn't work on platform $FOO.
Us: Fiddle this, change that, try this, add this.
User: Great, that works if I do this and that and compile with this compiler flag and a westerly tailwind.
Us: Excellent. Try this patch, it should work unmodified. Tell us if it works and we'll change it so it works properly in future.
User is never heard from again.

Repeat several months later with another user and the same platform.

People, please, if you're going to report problems to open software projects, it's your responsibility to follow up. It's your end of the bargain. We will do our best to help you solve your problem, and in return you should help us improve the software. If it's not possible, it's fine to say so (for example, if you no longer have access to that system) but just vanishing without following through is highly annoying.

OpenSSH
For those not familiar with the project, the core SSH functionality is developed in the OpenBSD tree, while all the cross-platform support is developed in a separate Portable tree. This means that periodically the core changes need to be imported into the Portable tree (an "OpenBSD CVS Sync"). I've been learning to use the tools to do CVS syncs of the main code. In doing so I've gained an appreciation as to why the way I do some things make syncing harder (eg it's preferable if platform-specific changes should go in a Portable-only source file, or failing that in a block of code distinct from the OpenBSD code to make merging changes easier).

I also wrote a couple of new regression tests (one to test reconfiguring sshd via "kill -HUP", which would have caught a problem we had in -portable, and one to test ssh's DynamicForward SOCKS4 and new SOCKS5) support. There wasn't any grand plan for these tests, it just occured to me that they were possible and that they could be made mostly from parts of existing tests, so I did. Both tests are now part OpenBSD and -portable.

Coincidence of the day
I happened to be near near the workplace of a friend of mine today. I hadn't seen him for quite a while so I gave him a call and caught up over a coffee.

He now works for a system vendor who ship an OpenSSH-based ssh package. Partway throught the conversation:
Him: "Hey, you work on OpenSSH, right? I have this customer with this wierd problem..."
Me: "I think I fixed that a couple of months ago."
I guess that made the coffee break work-related for him:-)

Started working on the OpenSSH regression tests again. OpenBSD has a system-wide test suite and OpenSSH Portable imports the ssh tests. They're shell scripts (I think it was Larry Wall who said "it's easier to port a shell than a shell script") and they don't work on many of the platforms that -portable supports.

I have pulled in all the recent changes from OpenBSD so they're in sync at the moment. I also posted a largish patch that makes them work on many other platforms. If these portability changes are accepted back into OpenBSD's tests, then the same tests can be used for both. If not, -portable's tests will have to be a branch, much like the rest of OpenSSH.

Had a few quiet drinks with a friend on Friday night. Woke up Saturday feeling like I'd been hit by a Club. A Canadian Club, actually. Investigation proved the previously-full bottle to be empty. Oww.

Went camping over (long) the weekend with a couple of friends. Great to spend time with them but up in the mountains it was bl**dy freezing....

Started a new job this week, it will be interesting to see how it works out.

So I don't lose track of the things I want to (or have volunteered to do) I have put up my OpenSSH TODO list.

Last year I did a couple of patches for tcptraceroute, which added autoconf and PPPoE support. Tcptraceroute, as the name implies, is like regular traceroute but uses TCP packets instead of UDP, so can work in some places (read: through firewalls) where regular traceroute can't.

I mailed the patches off to the author then pretty much forgot about them. They've been incorporated into the newest beta release. A number of people apparently submitted autoconf patches, I'm not sure how much, if any, of mine was used.

More OpenSSH bugfixes. sshd should be fully functional again on old Linuxes. The fix for one (#560) arrived via OpenBSD. djm also made a whole slew of changes which knocked off a dozen or so open problems. The tinderbox picked up 3 minor problems turing the turmoil, which have all been fixed.

The Linux thing is in addition to the previously mentioned PrivSep problem, it's related to the handling of controlling terminals in libc5 and older glibc's. Calling openpty() to allocate a pseudo-terminal would also aquire it as a controlling terminal; this mades it impossible to set the shell up with its controlling terminal later. Fortunately this can be tested for at compile time and if detected is now worked around. Solaris has a similar problem (different root cause but same net result), and I suspect there's other platforms that do too. Nobody seems to get ptys right.

Took to the OpenSSH bug queue: I closed a few that have been recently fixed, then went through the old ones and closed those waiting for feedback for more than 3 months and added patches for testing to another couple.

I also sent updates to about a half a dozen Debian bugs, including a couple that can be closed.

I've been working on OpenSSH Portable for a bit more than a year. On Friday, and invitation arrived to join the team as a developer with CVS access, which I gratefully accepted. I have learnt a lot in that time, and I have a lot more to learn.

(Actually, I just checked and the invitation arrived exactly 14 months after my first post to the openssh-unix-dev list.)

Of course, I had to try it out. Fortunately I had a couple of suitable (I hope!) simple changes the were ready to go in, including one that works around an apparent Linux 2.0 kernel bug. UsePrivilegeSeparation should now work on Linux 2.0 kernels (for the first time?) and it should fix Debian bug 150976. Even if I didn't have a couple of pending patches I would have fixed a typo in a comment or something :-).

Anyway, thanks guys. I'll make sure you don't regret it.