tomaswolf commented on a change in pull request #201:
URL: https://github.com/apache/mina-sshd/pull/201#discussion_r670204650
##########
File path:
sshd-core/src/main/java/org/apache/sshd/common/session/helpers/AbstractSession.java
##########
@@ -109,6 +109,16 @@
*/
public static final String SESSION = "org.apache.sshd.session";
+ /**
+ * A last-resort timeout for waiting after having received a KEX_INIT
message from the peer until we have prepared
+ * our own KEX proposal. This timeout should actually never be hit unless
there is a serious deadlock somewhere and
+ * the session is never closed.
+ *
+ * @see <a
href="https://issues.apache.org/jira/browse/SSHD-1197";>SSHD-1197</a>
+ * @see #doKexNegotiation()
+ */
+ private static final Duration KEX_PROPOSAL_SETUP_TIMEOUT =
Duration.ofSeconds(42);
Review comment:
I've been thinking more about this -- I'll add it with validation for
now. Reason: we are indeed waiting until sendKexInit has sent the buffer (or
rather, has queued it for sending on the IOSession). But I'm still not happy
with that whole KEX implementation. In particular, this having to wait until
the buffer is sent should not be necessary, but with the current implementation
is unavoidable because of the
`ReservedSessionMessagesHandler.sendKexInitRequest` hook added for SSHD-1097,
which can modify the buffer and even might send it on its own.
That hook was added recently, and is used only in that "endless tarpit"
thing, where it actually only suppresses writing the buffer. If that were
changed to something that could only say "don't send the message", I could
extract that whole KEX state machine in a separate class and it would even
possible to do an implementation that didn't have to wait at all for this race
condition case handled here.
I wouldn't add a full explanation of how KEX works, that's explained in the
RFCs. But the new timeout property will have a comment explaining what it is
for.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
