openssh bugs - May 2020 - [Bug 3169] New: sshd listens to port 22 AND whatever port is specified in or after Include(s)

https://bugzilla.mindrot.org/show_bug.cgi?id=3169

            Bug ID: 3169
           Summary: sshd listens to port 22 AND whatever port is specified
                    in or after Include(s)
           Product: Portable OpenSSH
           Version: 8.2p1
          Hardware: amd64
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P5
         Component: sshd
          Assignee: unassigned-bugs at mindrot.org
          Reporter: mindrot.org at choam.com

Created attachment 3396
  --> https://bugzilla.mindrot.org/attachment.cgi?id=3396&action=edit
script to reproduce the bug

Another problem with the include functionality. A 'Port' statement
AFTER 'Include' will be accepted, BUT the server will listen to that
port AND to port 22. Note that the sshd_config as shipped does NOT have
a 'Port' statement - the server defaults to 22 if no Port is specified
(appearantly before 'Incude'(s) are evaluated.)

When I move the whole sshd_config to another name
(sshd_config_with_another_name) and include it from a new sshd_config
containing just two lines:

Include /etc/ssh/sshd_config_with_another_name
Port 7722

Then the server listens to Port 7722 AND 22.

When the order is reversed:

Port 7722
Include /etc/ssh/sshd_config_with_another_name

it will listen to port 7722 ONLY.

Previously reported to the Ubuntu people, but they referred me here.
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1876320 . I feel
this could be something simple, but I cannot find it in the source.
Sorry.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=3169

Jakub Jelen <jjelen at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |jjelen at redhat.com

--- Comment #1 from Jakub Jelen <jjelen at redhat.com> ---
Created attachment 3398
  --> https://bugzilla.mindrot.org/attachment.cgi?id=3398&action=edit
proposed patch

the attached patch should address the issue. The important part is not
to call process_queued_listen_addrs() for every included file, because
it sets the port to 22 if none is set before. I missed this on my first
run.

The following code snippet should reproduce this issue and verify the
fix in the regress testsuite (regress/servcfginclude.sh)

# Port in included file is correctly interpretted (bug #3169)
cat > $OBJ/sshd_config.i << _EOF
Include $OBJ/sshd_config.i.2
Port 7722
_EOF
cat > $OBJ/sshd_config.i.2 << _EOF
HostKey $OBJ/host.ssh-ed25519
_EOF

trace "Port after included files"
${SUDO} ${REAL_SSHD} -f $OBJ/sshd_config.i -T -ddd \
    -C "host=x,user=test,addr=127.0.0.1" > $OBJ/sshd_config.out ||
\
        fail "failed to parse Port after included files"
_port=`grep -i '^port ' $OBJ/sshd_config.out | awk '{print $2}'`
if test "x7722" != "x$_port" ; then
        fail "The Port in included file was intertepretted wrongly.
Expected 7722, got $_port"
fi

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=3169

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |djm at mindrot.org
             Status|NEW                         |RESOLVED
             Blocks|                            |3162
         Resolution|---                         |FIXED

--- Comment #2 from Damien Miller <djm at mindrot.org> ---
Thanks - Jakub's patch has been applied and will be in OpenSSH 8.4, due
in ~3 months.


Referenced Bugs:

https://bugzilla.mindrot.org/show_bug.cgi?id=3162
[Bug 3162] Tracking bug for 8.4 release
-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=3169

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |Flupp+bugzilla.mindrot.org@
                   |                            |mailbox.org

--- Comment #3 from Damien Miller <djm at mindrot.org> ---
*** Bug 3164 has been marked as a duplicate of this bug. ***

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=3169

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |CLOSED

--- Comment #4 from Damien Miller <djm at mindrot.org> ---
close bugs that were resolved in OpenSSH 8.5 release cycle

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=3169

egberts at yahoo.com changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |egberts at yahoo.com

--- Comment #5 from egberts at yahoo.com ---
Just a question (and perhaps a recap) here.

So there is no way to negate a prior Port setting in later
"included-sshd_config" files?

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=3169

Darren Tucker <dtucker at dtucker.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |dtucker at dtucker.net

--- Comment #6 from Darren Tucker <dtucker at dtucker.net> ---
(In reply to egberts from comment #5)
> Just a question (and perhaps a recap) here.
> 
> So there is no way to negate a prior Port setting in later
> "included-sshd_config" files?
The way the other accumulate-a-list options handle this is to take a
"none" option which empties the list.  Port does not currently do that
but it would not be hard to add.

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.