From owner-ietf-ssh@clinet.fi  Fri Nov  6 14:47:06 1998
Return-Path: <owner-ietf-ssh@clinet.fi>
Received: from ssh.fi (muuri.ssh.fi [192.168.2.254])
	by torni.ssh.fi (8.9.1/8.9.1/EPIPE-1.13) with ESMTP id OAA21380;
	Fri, 6 Nov 1998 14:47:06 +0200 (EET)
Received: from lohi.clinet.fi (majordom@lohi.clinet.fi [194.100.0.7])
	by ssh.fi (8.9.1/8.9.1/EPIPE-1.15) with ESMTP id OAA02518;
	Fri, 6 Nov 1998 14:47:05 +0200 (EET)
Received: (from majordom@localhost)
	by lohi.clinet.fi (8.9.1/8.9.0) id OAA04715
	for ietf-ssh-outgoing; Fri, 6 Nov 1998 14:43:39 +0200 (EET)
X-Authentication-Warning: lohi.clinet.fi: majordom set sender to owner-ietf-ssh@clinet.fi using -f
Received: from ssh.fi (ssh.fi [194.100.44.97])
	by lohi.clinet.fi (8.9.1/8.9.0) with ESMTP id OAA04710
	for <ietf-ssh@clinet.fi>; Fri, 6 Nov 1998 14:43:38 +0200 (EET)
Received: from torni.ssh.fi (torni.ssh.fi [192.168.2.43])
	by ssh.fi (8.9.1/8.9.1/EPIPE-1.15) with ESMTP id OAA02404
	for <ietf-ssh@clinet.fi>; Fri, 6 Nov 1998 14:43:19 +0200 (EET)
Received: from torni.ssh.fi (torni.ssh.fi [192.168.2.43])
	by torni.ssh.fi (8.9.1/8.9.1/EPIPE-1.13) with ESMTP id OAA19696
	for <ietf-ssh@clinet.fi>; Fri, 6 Nov 1998 14:43:19 +0200 (EET)
Date: Fri, 6 Nov 1998 14:43:19 +0200 (EET)
From: Ssh Mailing List Administrator <sshlist@ssh.fi>
To: ietf-ssh@clinet.fi
Subject: BOUNCE ietf-ssh@clinet.fi:     taboo body match "/([A-Z,\!,\?]|((\s)+)|(\d+)){21,}/"
 at line 4  taboo body match "/([A-Z,\!,\?]|((\s)+)|(\d+)){21,}/" at line 5
   (fwd)
Message-ID: <Pine.OSF.4.05.9811061442290.21068-100000@torni.ssh.fi>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=ISO-8859-1
Content-Transfer-Encoding: 8BIT
Sender: owner-ietf-ssh@clinet.fi
Precedence: bulk
Content-Length: 5236
Lines: 149

Received: from ssh.fi (ssh.fi [194.100.44.97])
	by lohi.clinet.fi (8.9.1/8.9.0) with ESMTP id XAA28694
	for <ietf-ssh@clinet.fi>; Thu, 5 Nov 1998 23:16:08 +0200 (EET)
Received: from torni.ssh.fi (torni.ssh.fi [192.168.2.43])
	by ssh.fi (8.9.1/8.9.1/EPIPE-1.15) with ESMTP id XAA26265;
	Thu, 5 Nov 1998 23:15:47 +0200 (EET)
Received: from torni.ssh.fi (torni.ssh.fi [192.168.2.43])
	by torni.ssh.fi (8.9.1/8.9.1/EPIPE-1.13) with ESMTP id XAA05502;
	Thu, 5 Nov 1998 23:15:46 +0200 (EET)
Date: Thu, 5 Nov 1998 23:15:46 +0200 (EET)
From: Tatu Ylonen <ylo@ssh.fi>
To: ietf-ssh@clinet.fi
cc: nisse@lysator.liu.se
Subject: Comment on the ssh2 protocol: signal numbers (fwd)
Message-ID: <Pine.OSF.4.05.9811052314500.5130-100000@torni.ssh.fi>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=ISO-8859-1
Content-Transfer-Encoding: 8BIT



SSH Communications Security           http://www.ssh.fi/
SSH IPSEC Toolkit                     http://www.ipsec.com/
Free Unix SSH                         http://www.ssh.fi/sshprotocols2/

---------- Forwarded message ----------
Date: 05 Nov 1998 19:16:17 +0100
From: Niels Mller <nisse@lysator.liu.se>
To: psst@net.lut.ac.uk, ylo@ssh.fi
Subject: Comment on the ssh2 protocol: signal numbers

I'm not sure what the proper channels are for comments on the ssh-2
protocol. I hope this message reaches the right persons, and that they
are not all occupied with the sshd exploit rumours. This comment does
*not* have any immediate security implications.

Two of the messages in the ssh connection protocol deals with unix
signals:

  byte SSH_MSG_CHANNEL_REQUEST
  uint32 recipient channel
  string "exit-signal"
  boolean FALSE
  uint32 signal number
  boolean core dumped
  string error message (ISO-10646 UTF-8 [RFC-2044])
  string language tag (as defined in [RFC-1766])

and

  byte SSH_MSG_CHANNEL_REQUEST
  uint32 recipient channel
  string "signal"
  boolean FALSE
  uint32 signal number

The problem is the signal number field... Signal numbers are not the
same on all systems, not even for signals that exist on both systems.
Therefore, it is an error to send a signal number from one system to
another without some sort of translation. (I think some distributed
file systems have a similar bug regarding errno; they send raw error
numbers from the file server to the client, assuming that the same
error condition have the same number on all systems).

I think that the Right Way is to define some kind of canonical
"network signal numbers". ssh clients and servers should translate
their local signal numbers to this representation before transmitting
them. One also have to consider how one should handle peculiar or new
signals that doesn't have a canonical number assigned; the goal of
such a mechanism should at least make sure that all signals can be
transmitted properly between identical systems, while making it
possible to ignore them on other systems. One may also consider using
strings rather than numbers to identify signals, in order to make it
easier to add special system specific signals.

It is preferable if the "canonical" signal numbers agree with actual
signal numbers on most systems.

Now, I'm not aware of any standard defining a preferred numbering for
signals. I'm not very familiar with posix, but I'm afraid it only
defines signal names and leaves the corresponding numbers to the
implementation. If this is wrong, please point me to the relevant
standard document.

I think that the ssh2 specification needs to address this issue in one
way or the other.

I'd also like to know how DataFellow's ssh2 implementation addresses
this issue (as I'm working on my own free implementation of the
protocol, I prefer not to read DataFellow's source code).

Unless I get any better suggestions, my lsh program will do as
follows:

 Consider the following list (valid for sparc-linux) "canonical", and
translate local signal numbers to these numbers when sending them
between hosts:

 /*
  * Linux/SPARC has different signal numbers that Linux/i386: I'm trying
  * to make it OSF/1 binary compatible, at least for normal binaries.
  */
 #define	_NSIG		32	/* Biggest signal number + 1.  */
 
 #define SIGHUP		1
 #define SIGINT		2
 #define SIGQUIT	3
 #define SIGILL		4
 #define SIGTRAP	5
 #define SIGABRT	6
 #define SIGIOT		6
 #define SIGEMT         7
 #define SIGFPE		8
 #define SIGKILL	9
 #define SIGBUS         10
 #define SIGSEGV	11
 #define SIGSYS		12
 #define SIGPIPE	13
 #define SIGALRM	14
 #define SIGTERM	15
 #define SIGURG         16
 
 /* SunOS values which deviate from the Linux/i386 ones */
 #define SIGSTOP	17
 #define SIGTSTP	18
 #define SIGCONT	19
 #define SIGCHLD	20
 #define SIGTTIN	21
 #define SIGTTOU	22
 #define SIGIO		23
 #define SIGPOLL	SIGIO   /* SysV name for SIGIO */
 #define SIGXCPU	24
 #define SIGXFSZ	25
 #define SIGVTALRM	26
 #define SIGPROF	27
 #define SIGWINCH	28
 #define SIGLOST	29
 #define SIGUSR1	30
 #define SIGUSR2	31

 Support only the signals in this lists, leaving numbers beyond and
above free to be defined later. I think it is better to leave all
other numbers for use by some well-designed mechanism for sending
"non-standard" signals, than to invent some ad-hoc method for
supporting more signals.

Best regards,
/Niels Mller

From owner-ietf-ssh@clinet.fi  Fri Nov  6 14:47:01 1998
Return-Path: <owner-ietf-ssh@clinet.fi>
Received: from ssh.fi (muuri.ssh.fi [192.168.2.254])
	by torni.ssh.fi (8.9.1/8.9.1/EPIPE-1.13) with ESMTP id OAA21382;
	Fri, 6 Nov 1998 14:47:01 +0200 (EET)
Received: from lohi.clinet.fi (majordom@lohi.clinet.fi [194.100.0.7])
	by ssh.fi (8.9.1/8.9.1/EPIPE-1.15) with ESMTP id OAA02511;
	Fri, 6 Nov 1998 14:47:00 +0200 (EET)
Received: (from majordom@localhost)
	by lohi.clinet.fi (8.9.1/8.9.0) id OAA04804
	for ietf-ssh-outgoing; Fri, 6 Nov 1998 14:44:23 +0200 (EET)
X-Authentication-Warning: lohi.clinet.fi: majordom set sender to owner-ietf-ssh@clinet.fi using -f
Received: from ssh.fi (ssh.fi [194.100.44.97])
	by lohi.clinet.fi (8.9.1/8.9.0) with ESMTP id OAA04793
	for <ietf-ssh@clinet.fi>; Fri, 6 Nov 1998 14:44:20 +0200 (EET)
Received: from torni.ssh.fi (torni.ssh.fi [192.168.2.43])
	by ssh.fi (8.9.1/8.9.1/EPIPE-1.15) with ESMTP id OAA02429
	for <ietf-ssh@clinet.fi>; Fri, 6 Nov 1998 14:44:02 +0200 (EET)
Received: from torni.ssh.fi (torni.ssh.fi [192.168.2.43])
	by torni.ssh.fi (8.9.1/8.9.1/EPIPE-1.13) with ESMTP id OAA21194
	for <ietf-ssh@clinet.fi>; Fri, 6 Nov 1998 14:44:01 +0200 (EET)
Date: Fri, 6 Nov 1998 14:44:01 +0200 (EET)
From: Ssh Mailing List Administrator <sshlist@ssh.fi>
To: ietf-ssh@clinet.fi
Subject: BOUNCE ietf-ssh@clinet.fi:     taboo body match "/([A-Z,\!,\?]|((\s)+)|(\d+)){21,}/"
 at line 4  taboo body match "/([A-Z,\!,\?]|((\s)+)|(\d+)){21,}/" at line 5
   (fwd)
Message-ID: <Pine.OSF.4.05.9811061443220.21068-100000@torni.ssh.fi>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=ISO-8859-1
Content-Transfer-Encoding: 8BIT
Sender: owner-ietf-ssh@clinet.fi
Precedence: bulk
Content-Length: 1681
Lines: 44

Received: from ssh.fi (ssh.fi [194.100.44.97])
	by lohi.clinet.fi (8.9.1/8.9.0) with ESMTP id XAA28884
	for <ietf-ssh@clinet.fi>; Thu, 5 Nov 1998 23:17:34 +0200 (EET)
Received: from torni.ssh.fi (torni.ssh.fi [192.168.2.43])
	by ssh.fi (8.9.1/8.9.1/EPIPE-1.15) with ESMTP id XAA26277;
	Thu, 5 Nov 1998 23:17:18 +0200 (EET)
Received: from torni.ssh.fi (torni.ssh.fi [192.168.2.43])
	by torni.ssh.fi (8.9.1/8.9.1/EPIPE-1.13) with ESMTP id XAA05492;
	Thu, 5 Nov 1998 23:17:17 +0200 (EET)
Date: Thu, 5 Nov 1998 23:17:15 +0200 (EET)
From: Tatu Ylonen <ylo@ssh.fi>
To: ietf-ssh@clinet.fi
cc: proett@nas.nasa.gov
Subject: Re: Comment on the ssh2 protocol: signal numbers  (fwd)
Message-ID: <Pine.OSF.4.05.9811052316360.5130-100000@torni.ssh.fi>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=ISO-8859-1
Content-Transfer-Encoding: 8BIT



SSH Communications Security           http://www.ssh.fi/
SSH IPSEC Toolkit                     http://www.ipsec.com/
Free Unix SSH                         http://www.ssh.fi/sshprotocols2/

---------- Forwarded message ----------
Date: Thu, 05 Nov 1998 11:56:52 -0800
From: Tom Proett <proett@nas.nasa.gov>
To: Niels Mller <nisse@lysator.liu.se>
Cc: psst@net.lut.ac.uk, ylo@ssh.fi
Subject: Re: Comment on the ssh2 protocol: signal numbers 

The POSIX standard defines signals by name.  How about letting the local
machine map each signal name to the locally correct number and sending the
name over the wire?  They all start with SIG so names like ABRT, KILL
and PIPE would do it.  Some names are longer than 4 chars following the
SIG (like SIGWINCH) so a fixed size might not do.

Tom Proett

-- 
proett@nas.nasa.gov
NASA Ames Research Center

From owner-ietf-ssh@clinet.fi  Fri Nov  6 14:47:06 1998
Return-Path: <owner-ietf-ssh@clinet.fi>
Received: from ssh.fi (muuri.ssh.fi [192.168.2.254])
	by torni.ssh.fi (8.9.1/8.9.1/EPIPE-1.13) with ESMTP id OAA21371;
	Fri, 6 Nov 1998 14:47:06 +0200 (EET)
Received: from lohi.clinet.fi (majordom@lohi.clinet.fi [194.100.0.7])
	by ssh.fi (8.9.1/8.9.1/EPIPE-1.15) with ESMTP id OAA02517;
	Fri, 6 Nov 1998 14:47:05 +0200 (EET)
Received: (from majordom@localhost)
	by lohi.clinet.fi (8.9.1/8.9.0) id OAA04891
	for ietf-ssh-outgoing; Fri, 6 Nov 1998 14:44:59 +0200 (EET)
X-Authentication-Warning: lohi.clinet.fi: majordom set sender to owner-ietf-ssh@clinet.fi using -f
Received: from ssh.fi (ssh.fi [194.100.44.97])
	by lohi.clinet.fi (8.9.1/8.9.0) with ESMTP id OAA04862
	for <ietf-ssh@clinet.fi>; Fri, 6 Nov 1998 14:44:50 +0200 (EET)
Received: from torni.ssh.fi (torni.ssh.fi [192.168.2.43])
	by ssh.fi (8.9.1/8.9.1/EPIPE-1.15) with ESMTP id OAA02443
	for <ietf-ssh@clinet.fi>; Fri, 6 Nov 1998 14:44:31 +0200 (EET)
Received: from torni.ssh.fi (torni.ssh.fi [192.168.2.43])
	by torni.ssh.fi (8.9.1/8.9.1/EPIPE-1.13) with ESMTP id OAA21251
	for <ietf-ssh@clinet.fi>; Fri, 6 Nov 1998 14:44:31 +0200 (EET)
Date: Fri, 6 Nov 1998 14:44:31 +0200 (EET)
From: Ssh Mailing List Administrator <sshlist@ssh.fi>
To: ietf-ssh@clinet.fi
Subject: BOUNCE ietf-ssh@clinet.fi:     taboo body match "/([A-Z,\!,\?]|((\s)+)|(\d+)){21,}/"
 at line 4  taboo body match "/([A-Z,\!,\?]|((\s)+)|(\d+)){21,}/" at line 5
   (fwd)
Message-ID: <Pine.OSF.4.05.9811061444100.21068-100000@torni.ssh.fi>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=ISO-8859-1
Content-Transfer-Encoding: 8BIT
Sender: owner-ietf-ssh@clinet.fi
Precedence: bulk
Content-Length: 2099
Lines: 51

Received: from ssh.fi (ssh.fi [194.100.44.97])
	by lohi.clinet.fi (8.9.1/8.9.0) with ESMTP id XAA28943
	for <ietf-ssh@clinet.fi>; Thu, 5 Nov 1998 23:17:53 +0200 (EET)
Received: from torni.ssh.fi (torni.ssh.fi [192.168.2.43])
	by ssh.fi (8.9.1/8.9.1/EPIPE-1.15) with ESMTP id XAA26285
	for <ietf-ssh@clinet.fi>; Thu, 5 Nov 1998 23:17:40 +0200 (EET)
Received: from torni.ssh.fi (torni.ssh.fi [192.168.2.43])
	by torni.ssh.fi (8.9.1/8.9.1/EPIPE-1.13) with ESMTP id XAA05509
	for <ietf-ssh@clinet.fi>; Thu, 5 Nov 1998 23:17:39 +0200 (EET)
Date: Thu, 5 Nov 1998 23:17:39 +0200 (EET)
From: Tatu Ylonen <ylo@ssh.fi>
To: ietf-ssh@clinet.fi
Subject: Re: Comment on the ssh2 protocol: signal numbers (fwd)
Message-ID: <Pine.OSF.4.05.9811052317260.5130-100000@torni.ssh.fi>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=ISO-8859-1
Content-Transfer-Encoding: 8BIT



SSH Communications Security           http://www.ssh.fi/
SSH IPSEC Toolkit                     http://www.ipsec.com/
Free Unix SSH                         http://www.ssh.fi/sshprotocols2/

---------- Forwarded message ----------
Date: 05 Nov 1998 21:20:06 +0100
From: Niels Mller <nisse@lysator.liu.se>
To: Tom Proett <proett@nas.nasa.gov>
Cc: psst@net.lut.ac.uk, ylo@ssh.fi
Subject: Re: Comment on the ssh2 protocol: signal numbers

Tom Proett <proett@nas.nasa.gov> writes:

> The POSIX standard defines signals by name.  How about letting the local
> machine map each signal name to the locally correct number and sending the
> name over the wire?  They all start with SIG so names like ABRT, KILL
> and PIPE would do it.  Some names are longer than 4 chars following the
> SIG (like SIGWINCH) so a fixed size might not do.

Sounds kludgy to me, but perhaps it could work. Even if there's only
32-bits in the protocol for the signal.

But I'm afraid that it would (i) violate the meaning of the spec,
which explicitly says signal *number*, and (ii) be completely
incompatible with the existing ssh2 implementation, which, I suspect,
uses raw signal numbers without any translation at all.

So I'd prefer some other mechanism.

/Niels

From owner-ietf-ssh@clinet.fi  Fri Nov  6 14:47:06 1998
Return-Path: <owner-ietf-ssh@clinet.fi>
Received: from ssh.fi (muuri.ssh.fi [192.168.2.254])
	by torni.ssh.fi (8.9.1/8.9.1/EPIPE-1.13) with ESMTP id OAA21403;
	Fri, 6 Nov 1998 14:47:06 +0200 (EET)
Received: from lohi.clinet.fi (majordom@lohi.clinet.fi [194.100.0.7])
	by ssh.fi (8.9.1/8.9.1/EPIPE-1.15) with ESMTP id OAA02519;
	Fri, 6 Nov 1998 14:47:05 +0200 (EET)
Received: (from majordom@localhost)
	by lohi.clinet.fi (8.9.1/8.9.0) id OAA04993
	for ietf-ssh-outgoing; Fri, 6 Nov 1998 14:45:18 +0200 (EET)
X-Authentication-Warning: lohi.clinet.fi: majordom set sender to owner-ietf-ssh@clinet.fi using -f
Received: from ssh.fi (ssh.fi [194.100.44.97])
	by lohi.clinet.fi (8.9.1/8.9.0) with ESMTP id OAA04985
	for <ietf-ssh@clinet.fi>; Fri, 6 Nov 1998 14:45:17 +0200 (EET)
Received: from torni.ssh.fi (torni.ssh.fi [192.168.2.43])
	by ssh.fi (8.9.1/8.9.1/EPIPE-1.15) with ESMTP id OAA02453
	for <ietf-ssh@clinet.fi>; Fri, 6 Nov 1998 14:44:58 +0200 (EET)
Received: from torni.ssh.fi (torni.ssh.fi [192.168.2.43])
	by torni.ssh.fi (8.9.1/8.9.1/EPIPE-1.13) with ESMTP id OAA20928
	for <ietf-ssh@clinet.fi>; Fri, 6 Nov 1998 14:44:58 +0200 (EET)
Date: Fri, 6 Nov 1998 14:44:58 +0200 (EET)
From: Ssh Mailing List Administrator <sshlist@ssh.fi>
To: ietf-ssh@clinet.fi
Subject: BOUNCE ietf-ssh@clinet.fi:     taboo body match "/([A-Z,\!,\?]|((\s)+)|(\d+)){21,}/"
 at line 4  taboo body match "/([A-Z,\!,\?]|((\s)+)|(\d+)){21,}/" at line 5
   (fwd)
Message-ID: <Pine.OSF.4.05.9811061444370.21068-100000@torni.ssh.fi>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=ISO-8859-1
Content-Transfer-Encoding: 8BIT
Sender: owner-ietf-ssh@clinet.fi
Precedence: bulk
Content-Length: 1935
Lines: 46

Received: from ssh.fi (ssh.fi [194.100.44.97])
	by lohi.clinet.fi (8.9.1/8.9.0) with ESMTP id XAA29259
	for <ietf-ssh@clinet.fi>; Thu, 5 Nov 1998 23:19:24 +0200 (EET)
Received: from torni.ssh.fi (torni.ssh.fi [192.168.2.43])
	by ssh.fi (8.9.1/8.9.1/EPIPE-1.15) with ESMTP id XAA26307
	for <ietf-ssh@clinet.fi>; Thu, 5 Nov 1998 23:19:11 +0200 (EET)
Received: from torni.ssh.fi (torni.ssh.fi [192.168.2.43])
	by torni.ssh.fi (8.9.1/8.9.1/EPIPE-1.13) with ESMTP id XAA05533
	for <ietf-ssh@clinet.fi>; Thu, 5 Nov 1998 23:19:10 +0200 (EET)
Date: Thu, 5 Nov 1998 23:19:10 +0200 (EET)
From: Tatu Ylonen <ylo@ssh.fi>
To: ietf-ssh@clinet.fi
Subject: Re: Comment on the ssh2 protocol: signal numbers (fwd)
Message-ID: <Pine.OSF.4.05.9811052319030.5130-100000@torni.ssh.fi>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=ISO-8859-1
Content-Transfer-Encoding: 8BIT



SSH Communications Security           http://www.ssh.fi/
SSH IPSEC Toolkit                     http://www.ipsec.com/
Free Unix SSH                         http://www.ssh.fi/sshprotocols2/

---------- Forwarded message ----------
Date: 05 Nov 1998 15:52:19 -0500
From: Ted Rathkopf <trathkopf@bigfoot.com>
To: Niels Mller <nisse@lysator.liu.se>
Cc: Tom Proett <proett@nas.nasa.gov>, psst@net.lut.ac.uk, ylo@ssh.fi
Subject: Re: Comment on the ssh2 protocol: signal numbers


nisse@lysator.liu.se (Niels Mller) writes:

> But I'm afraid that it would (i) violate the meaning of the spec,
> which explicitly says signal *number*, and (ii) be completely
> incompatible with the existing ssh2 implementation, which, I suspect,
> uses raw signal numbers without any translation at all.

How about:

Find out what "standard signals" ssh2 expects its raw signal numbers
to correspond to, and use a translation table.  Translate to these raw
values before sending them over the wire, and translate from these raw
values into names/local values when you receive them over the wire.

