I fell on this using openssh on cygwin. Though it may be a cygwin =

related issue, I think it's may be a bug on the main openssh tree. Thus =

my posting here. I'm CC'ing to the public list for information.

The part of code I'm refering to is :

/* XXX might close listen socket */
(void)dup2(fd, STDIN_FILENO);
(void)dup2(fd, STDOUT_FILENO);
(void)dup2(fd, STDERR_FILENO);
if (fd > 2)

I'm actually launching the ssh agent from a "run.exe" script launched at =

the start of my X server (Cygwin/X). Things used to work perfectly until =

my last update. Unfortunately, I don't know which version I used before :-(

Something may have changed in the cygwin implementation.

What happens is that the agent is apparently launched without any opened =

file descriptors (as far as I can see). So the auth socket gets the fd =

0. We therefore fall on the "/* XXX might close listen socket */" case...

I suggest a simple patch here :

if ((fd =3D open(_PATH_DEVNULL, O_RDWR, 0)) !=3D -1) {
if (sock =3D=3D 0) {
dup2(sock, fd+1) ;
close(sock) ;
sock =3D fd+1 ;
(void)dup2(fd, STDIN_FILENO);
(void)dup2(fd, STDOUT_FILENO);
(void)dup2(fd, STDERR_FILENO);
if (fd > 2)

It would be possible to dup2 the socket a second time after the =

"close(fd)" so that it would use fd instead of fd+1, but I don't really =

see the point.

Also, it might be cleaner to do a :

if ((sock =3D=3D STDIN_FILENO) || (sock =3D=3D STDOUT_FILENO) || (soc=
k =3D=3D =


Thanks for you feedback.


Fr=E9d=E9ric Olivi=E9.

openssh-unix-dev mailing list