bugzilla-daemon at mindrot.org
2006-Oct-03 09:13 UTC
[Bug 1246] Protocol version identification errors don't log the sender IP anymore, always UNKNOWN
http://bugzilla.mindrot.org/show_bug.cgi?id=1246 Summary: Protocol version identification errors don't log the sender IP anymore, always UNKNOWN Product: Portable OpenSSH Version: 4.4p1 Platform: ix86 OS/Version: Linux Status: NEW Severity: minor Priority: P2 Component: sshd AssignedTo: bitbucket at mindrot.org ReportedBy: jan.iven at cern.ch Errors on the initial protocol message do not log the IP of the sender anymore. I.e. doing $ echo "GOOD MORNING" >/dev/tcp/somehost.somedomain/22 results in sshd[28192]: Bad protocol version identification 'GOOD MORNING' from UNKNOWN This appears to be due to the fact that sock_in gets closed before get_remote_ipaddr() has a chance to find out who is at the remote end. Apparently, this worked somehow at least in openssh-3.6p1, perhaps the IP caching was different then. Since the process will exit immediately afterwards anyway, maybe there is no need to close these two sockets? They don't get closed on other codepaths with similar functionality (e.g after the "scanned from .. Don't panic."-piece). ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2006-Oct-23 15:41 UTC
[Bug 1246] Protocol version identification errors don't log the sender IP anymore, always UNKNOWN
http://bugzilla.mindrot.org/show_bug.cgi?id=1246 ------- Comment #1 from jan.iven at cern.ch 2006-10-24 01:41 ------- Created an attachment (id=1201) --> (http://bugzilla.mindrot.org/attachment.cgi?id=1201&action=view) minimal patch ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2006-Oct-23 22:19 UTC
[Bug 1246] Protocol version identification errors don't log the sender IP anymore, always UNKNOWN
http://bugzilla.mindrot.org/show_bug.cgi?id=1246 ------- Comment #2 from dtucker at zip.com.au 2006-10-24 08:19 ------- (From update of attachment 1201) While the diff looks reasonable to I can't see this behaviour with 4.4p1 (that area of code was somewhat restructured). Can you reproduce with 4.4p1? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2006-Oct-24 08:42 UTC
[Bug 1246] Protocol version identification errors don't log the sender IP anymore, always UNKNOWN
http://bugzilla.mindrot.org/show_bug.cgi?id=1246 jan.iven at cern.ch changed: What |Removed |Added ---------------------------------------------------------------------------- Version|4.4p1 |4.3p2 Status|NEW |RESOLVED Resolution| |FIXED ------- Comment #3 from jan.iven at cern.ch 2006-10-24 18:42 ------- Appears indeed to have been fixed in 4.4. Sorry for not checking earlier.. Jan ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
Maybe Matching Threads
- [Bug 1246] Protocol version identification errors don't log the sender IP anymore, always UNKNOWN
- [Bug 324] privsep break KRB4 auth, KRB4 TGT forwarding and AFS token forwarding
- [Bug 44] Can't pass KRB4 TGT on RH7.2 due to glibc mkstemp
- scp remote path specification
- sshd also talking HTTP