From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 77079 invoked by alias); 29 Jan 2016 11:44:50 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 77070 invoked by uid 89); 29 Jan 2016 11:44:50 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-93.9 required=5.0 tests=BAYES_50,KAM_LAZY_DOMAIN_SECURITY,KHOP_DYNAMIC,RCVD_IN_PBL,RDNS_DYNAMIC,USER_IN_WHITELIST autolearn=no version=3.3.2 spammy=despair, x64, 10000000, 2311 X-HELO: calimero.vinschen.de Received: from ipbcc0d020.dynamic.kabel-deutschland.de (HELO calimero.vinschen.de) (188.192.208.32) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Fri, 29 Jan 2016 11:44:48 +0000 Received: by calimero.vinschen.de (Postfix, from userid 500) id C6F70A8042C; Fri, 29 Jan 2016 12:44:45 +0100 (CET) Date: Fri, 29 Jan 2016 12:56:00 -0000 From: Corinna Vinschen To: cygwin@cygwin.com Subject: Re: sshd refuses connections since upgrade to 2.4.0-1 Message-ID: <20160129114445.GA14874@calimero.vinschen.de> Reply-To: cygwin@cygwin.com Mail-Followup-To: cygwin@cygwin.com References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="6c2NcOVqGQ03X4Wi" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.24 (2015-08-30) X-SW-Source: 2016-01/txt/msg00464.txt.bz2 --6c2NcOVqGQ03X4Wi Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-length: 2265 On Jan 28 19:56, prs_cygwin@quantentunnel.de wrote: > Hi! >=20 > Long time Cygwin user but first time error reporter to this mailing list. > Since upgrading my 32-bit Cygwin installation on Win7SP1 x64 from > 2.3.1-1 to the current 2.4.0-1 (and also 2.5.0-0.1 in my despair) I > can't connect to sshd running as a service anymore. > The service starts and spawns a child in order to handle the > connection request, but that fails even when connecting from > localhost. > I triaged the problem by trying snapshots between the two releases and > traced it to a change after 20151129: > cygwin1-20151129.dll works > cygwin1-20151203.dll fails >=20 > The sshd.log remains empty. > In order to create more information to go on I ran strace on the > parent (cyg_server spawned) sshd and tried to connect, the strace-log > (sshd_cygwin2.4.0_20160109) is attached together with a slightly > redacted cygcheck.out >=20 > Thanks for looking into this! >=20 > P.S. As can be seen from the strace I'm running Agnitum Outpost > Firewall Pro and the current EMET - both has never been a problem with > Cygwin's sshd (in this installation since May 2010). An "Access denied" error occurs, apparently in a Windows DLL while loading Windows DLLs. It's hard to tell what the reason is, but what strikes me as weird is that the crash occurs right after this Agnitum thingy has been injected into the process: --- Process 17828 loaded C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll at 100000= 00 --- Process 17828 unloaded DLL at 10000000 --- Process 17828 loaded C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll at 012800= 00 --- Process 17828 loaded C:\Windows\SysWOW64\shell32.dll at 762F0000 --- Process 17828 loaded C:\Windows\SysWOW64\shlwapi.dll at 75DE0000 --- Process 17828 thread 18284 exited with status 0xc0000022 --- Process 17828 thread 18412 exited with status 0xc0000022 --- Process 17828 thread 17624 exited with status 0xc0000022 --- Process 17828 exited with status 0xc0000022 154769 11583429 [waitproc] sshd 8404 pinfo::status_exit: *** STATUS_0xC0000= 022 Did you try excluding sshd from the checks of that scanner? Corinna --=20 Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat --6c2NcOVqGQ03X4Wi Content-Type: application/pgp-signature; name="signature.asc" Content-length: 819 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJWq1CtAAoJEPU2Bp2uRE+gnqUP/RYJFlpVqQoa6mnshiN2DLOs Yb3Sqxzb0Rcl/ZikbKccjXLRfmP69nPoxfNH/X3jm4jAA8SgDZO5onVPB2aVZxG8 7Vw172u+epyQGe16RpIczmGE8mQQNIOaCOZ9uDN/eh4ggCpKrWxdm9+Ihm59A7Ll 8dRLeV/a8+t+7zX6OBlnfV2EGIy3BQxBXMYsCWFsTjlMTXNmAaZAYm7MHnjYjUQK g4CVciUKOqGKtxTO7AHwXjZI0NxzTsKHc73Hca4IqxcNjktVGnA3r0Mj6laE2KdT YDAacwhigQd5vY/3PFXA806Uz9RPpZiqAfkLjXTREpt7JdEni5V7dr47SSTpoRXl u5VDBeIEse6vllETcLTP6kePZNgcwfik+hReKUVtGDhIhhwdqi5awlXwHTHgaEFE Dbs6wjnJB4OoWCn9neo9ZDEb6HWTSsRXiTJ3tm5/DK9zcxKJOqeRemLVdQl/ZfKF jdaY2nZiVjSMlCENN/1OBo5dkkpNryuU2q/A8lQTvU6a/CNNwpOvxyj+F5Tvlfvn Tr9xUuo4Q/a+ApuApWrnA5kXPaVxfKlIElnhewxLtZkSkxzAG5rn+1lOlui9vl7X 86FNyNXEdY9YRWDgLna+KshFUO6yadtDurRrkKGd5jAteU69nudBNBQ2I54ifAd9 7JYXnNwEF/CeVXCWvqNj =y3Xr -----END PGP SIGNATURE----- --6c2NcOVqGQ03X4Wi--