session: Add 'open_session_retries' option

Improve pylibssh handling when libssh ssh_channel_open_session()
returns SSH_AGAIN. Add a new 'open_session_retries' session connect()
parameter to allow a configurable number of retries. SSH_AGAIN may be
returned when setting a low SSH options timeout value.

The default option value is 0, no retries will be attempted.

Author: justin-stephenson

src/pylibsshext/channel.pyx

@@ -24,7 +24,7 @@ from libc.string cimport memset
 
 from pylibsshext.errors cimport LibsshChannelException
 from pylibsshext.errors import LibsshChannelReadFailure
-from pylibsshext.session cimport get_libssh_session
+from pylibsshext.session cimport get_libssh_session, get_session_retries
 
 from subprocess import CompletedProcess
 
@@ -63,12 +63,20 @@ cdef class Channel:
 
         if self._libssh_channel is NULL:
             raise MemoryError
-        rc = libssh.ssh_channel_open_session(self._libssh_channel)
 
-        if rc != libssh.SSH_OK:
-            libssh.ssh_channel_free(self._libssh_channel)
-            self._libssh_channel = NULL
-            raise LibsshChannelException("Failed to open_session: [%d]" % rc)
+        retry = get_session_retries(session)
+
+        for attempt in range(retry + 1):
+            rc = libssh.ssh_channel_open_session(self._libssh_channel)
+            if rc == libssh.SSH_OK:
+                break
+            if rc == libssh.SSH_AGAIN and attempt < retry:
+                continue
+            # either SSH_ERROR, or SSH_AGAIN with final attempt
+            if rc != libssh.SSH_OK:
+                libssh.ssh_channel_free(self._libssh_channel)
+                self._libssh_channel = NULL
+                raise LibsshChannelException("Failed to open_session: [%d]" % rc)
 
     def __dealloc__(self):
         if self._libssh_channel is not NULL:
@@ -164,10 +172,18 @@ cdef class Channel:
         if channel is NULL:
             raise MemoryError
 
-        rc = libssh.ssh_channel_open_session(channel)
-        if rc != libssh.SSH_OK:
-            libssh.ssh_channel_free(channel)
-            raise LibsshChannelException("Failed to open_session: [{0}]".format(rc))
+        retry = get_session_retries(self._session)
+
+        for attempt in range(retry + 1):
+            rc = libssh.ssh_channel_open_session(channel)
+            if rc == libssh.SSH_OK:
+                break
+            if rc == libssh.SSH_AGAIN and attempt < retry:
+                continue
+            # either SSH_ERROR, or SSH_AGAIN with final attempt
+            if rc != libssh.SSH_OK:
+                libssh.ssh_channel_free(channel)
+                raise LibsshChannelException("Failed to open_session: [{0}]".format(rc))
 
         result = CompletedProcess(args=command, returncode=-1, stdout=b'', stderr=b'')
 

src/pylibsshext/session.pxd

@@ -26,6 +26,8 @@ cdef class Session:
     cdef _hash_py
     cdef _fingerprint_py
     cdef _keytype_py
+    cdef _retries
     cdef _channel_callbacks
 
 cdef libssh.ssh_session get_libssh_session(Session session)
+cdef int get_session_retries(Session session)

src/pylibsshext/session.pyx

@@ -108,6 +108,7 @@ cdef class Session(object):
         self._hash_py = None
         self._fingerprint_py = None
         self._keytype_py = None
+        self._retries = 0
         # Due to delayed freeing of channels, some older libssh versions might expect
         # the callbacks to be around even after we free the underlying channels so
         # we should free them only when we terminate the session.
@@ -235,6 +236,11 @@ cdef class Session(object):
         file should be validated. It defaults to True
         :type host_key_checking: boolean
 
+        :param open_session_retries: The number of retries to attempt when libssh
+        channel function ssh_channel_open_session() returns SSH_AGAIN. It defaults
+        to 0, no retries attempted.
+        :type open_session_retries: integer
+
         :param timeout: The timeout in seconds for the TCP connect
         :type timeout: long integer
 
@@ -261,6 +267,9 @@ cdef class Session(object):
                 libssh.ssh_disconnect(self._libssh_session)
                 raise
 
+        if kwargs.get('open_session_retries'):
+            self._retries = kwargs.get('open_session_retries')
+
         # We need to userauth_none before we can query the available auth types
         rc = libssh.ssh_userauth_none(self._libssh_session, NULL)
         if rc == libssh.SSH_AUTH_SUCCESS:
@@ -553,3 +562,6 @@ cdef class Session(object):
 
 cdef libssh.ssh_session get_libssh_session(Session session):
     return session._libssh_session
+
+cdef int get_session_retries(Session session):
+    return session._retries

tests/_service_utils.py

@@ -69,6 +69,7 @@ def wait_for_svc_ready_state(
 
 def ensure_ssh_session_connected(  # noqa: WPS317
         ssh_session, sshd_addr, ssh_clientkey_path,  # noqa: WPS318
+        ssh_session_retries=0
 ):
     """Attempt connecting to the SSH server until successful.
 
@@ -88,5 +89,5 @@ def ensure_ssh_session_connected(  # noqa: WPS317
         user=getpass.getuser(),
         private_key=ssh_clientkey_path.read_bytes(),
         host_key_checking=False,
-        look_for_keys=False,
+        open_session_retries=ssh_session_retries,
     )

tests/conftest.py

@@ -83,6 +83,18 @@ def sshd_hostkey_path(sshd_path):
     return path
 
 
+@pytest.fixture
+def ssh_session_retries():
+    """Return a ssh session retry value
+
+    :return: SSH Open session retries
+    :rtype: int
+
+    # noqa: DAR101
+    """
+    return 5
+
+
 @pytest.fixture
 def ssh_clientkey_path(sshd_path):
     """Generate an SSH keypair.
@@ -127,7 +139,7 @@ def ssh_client_session(ssh_session_connect):
 
 
 @pytest.fixture
-def ssh_session_connect(sshd_addr, ssh_clientkey_path):
+def ssh_session_connect(sshd_addr, ssh_clientkey_path, ssh_session_retries):
     """
     Authenticate existing session object against SSHD with a private SSH key.
 
@@ -140,6 +152,7 @@ def ssh_session_connect(sshd_addr, ssh_clientkey_path):
         ensure_ssh_session_connected,
         sshd_addr=sshd_addr,
         ssh_clientkey_path=ssh_clientkey_path,
+        ssh_session_retries=ssh_session_retries,
     )