bugzilla-daemon at bugzilla.mindrot.org
2017-Aug-23 15:26 UTC
[Bug 2763] New: Broken parsing of link-local addresses
https://bugzilla.mindrot.org/show_bug.cgi?id=2763 Bug ID: 2763 Summary: Broken parsing of link-local addresses Product: Portable OpenSSH Version: 7.5p1 Hardware: Other OS: Linux Status: NEW Severity: normal Priority: P5 Component: ssh Assignee: unassigned-bugs at mindrot.org Reporter: uzytkownik2 at gmail.com I'm trying to connect through veth to link-local address. However ssh tries to resolve it: % ssh 'fe80::1' -v -v -v -S none OpenSSH_7.5p1-hpn14v12lpk, OpenSSL 1.0.2l 25 May 2017 debug1: Reading configuration data /home/mpiechotka/.ssh/config debug1: /home/mpiechotka/.ssh/config line 1: Applying options for * debug1: Reading configuration data /etc/ssh/ssh_config debug2: resolving "fe80::1" port 22 debug2: ssh_connect_direct: needpriv 0 debug1: Connecting to fe80::1 [fe80::1] port 22. debug1: connect to address fe80::1 port 22: Invalid argument ssh: connect to host fe80::1 port 22: Invalid argument % ssh 'fe80::1%xe-<NAME>' -v -v -v -S none OpenSSH_7.5p1-hpn14v12lpk, OpenSSL 1.0.2l 25 May 2017 debug1: Reading configuration data /home/mpiechotka/.ssh/config debug1: /home/mpiechotka/.ssh/config line 1: Applying options for * debug1: Reading configuration data /etc/ssh/ssh_config debug2: resolving "fe80::1%xe-<NAME>" port 22 ssh: Could not resolve hostname fe80::1%xe-<NAME>: Name or service not known -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2017-Aug-23 23:22 UTC
[Bug 2763] Broken parsing of link-local addresses
https://bugzilla.mindrot.org/show_bug.cgi?id=2763 Darren Tucker <dtucker at zip.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |dtucker at zip.com.au --- Comment #1 from Darren Tucker <dtucker at zip.com.au> --- (In reply to Maciej Piechotka from comment #0)> OpenSSH_7.5p1-hpn14v12lpkThat is a set of third party modifications that is not supported by the openssh team. Can you reproduce the problem with the stock code from openssh.com? -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2017-Aug-23 23:25 UTC
[Bug 2763] Broken parsing of link-local addresses
https://bugzilla.mindrot.org/show_bug.cgi?id=2763 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |djm at mindrot.org --- Comment #2 from Damien Miller <djm at mindrot.org> --- (In reply to Maciej Piechotka from comment #0)> I'm trying to connect through veth to link-local address. However > ssh tries to resolve it: > > % ssh 'fe80::1' -v -v -v -S noneThis link-local address is missing its interface scope> OpenSSH_7.5p1-hpn14v12lpk, OpenSSL 1.0.2l 25 May 2017This isn't what we ship - it contains vendor patches. Please try to reproduce your problems with unpatched OpenSSH, or report the problems to your vendor.> % ssh 'fe80::1%xe-<NAME>' -v -v -v -S noneI don't know what this syntax is for specifying the interface scope, but plain interface names work fine: [djm at argon ~]$ ssh fe80::744b:fff:d37:8a4a%em1 The authenticity of host 'fe80::744b:fff:d37:8a4a%em1 (fe80::744b:fff:d37:8a4a%em1)' can't be established. Perhaps your libc getaddrinfo(3) doesn't know about your interface naming scheme? -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2017-Aug-24 01:37 UTC
[Bug 2763] Broken parsing of link-local addresses when interface contains upper-case letter
https://bugzilla.mindrot.org/show_bug.cgi?id=2763 Maciej Piechotka <uzytkownik2 at gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|Broken parsing of |Broken parsing of |link-local addresses |link-local addresses when | |interface contains | |upper-case letter --- Comment #3 from Maciej Piechotka <uzytkownik2 at gmail.com> --- (In reply to Damien Miller from comment #2)> (In reply to Maciej Piechotka from comment #0) > > I'm trying to connect through veth to link-local address. However > > ssh tries to resolve it: > > > > % ssh 'fe80::1' -v -v -v -S none > > This link-local address is missing its interface scope >Yes, I was just showing as completeness that IPv6 is working.> > OpenSSH_7.5p1-hpn14v12lpk, OpenSSL 1.0.2l 25 May 2017 > > This isn't what we ship - it contains vendor patches. Please try to > reproduce your problems with unpatched OpenSSH, or report the > problems to your vendor. > > > % ssh 'fe80::1%xe-<NAME>' -v -v -v -S none > > I don't know what this syntax is for specifying the interface scope, > but plain interface names work fine: >xe-<NAME> is the name of interface. Edit: I can connect without upper case letter in interface name.> [djm at argon ~]$ ssh fe80::744b:fff:d37:8a4a%em1 > The authenticity of host 'fe80::744b:fff:d37:8a4a%em1 > (fe80::744b:fff:d37:8a4a%em1)' can't be established. > > Perhaps your libc getaddrinfo(3) doesn't know about your interface > naming scheme?It works with ping so I find it unlikely. Is ssh tries to normalize address by converting all upper case letters to lower case. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2017-Aug-24 01:43 UTC
[Bug 2763] Broken parsing of link-local addresses when interface contains upper-case letter
https://bugzilla.mindrot.org/show_bug.cgi?id=2763 --- Comment #4 from Maciej Piechotka <uzytkownik2 at gmail.com> ---> > [djm at argon ~]$ ssh fe80::744b:fff:d37:8a4a%em1 > > The authenticity of host 'fe80::744b:fff:d37:8a4a%em1 > > (fe80::744b:fff:d37:8a4a%em1)' can't be established. > > > > Perhaps your libc getaddrinfo(3) doesn't know about your interface > > naming scheme? > > It works with ping so I find it unlikely. Is ssh tries to normalize > address by converting all upper case letters to lower case.I confirmed by gdb that getaddrinfo is called with lower case which is called by resolve_host. I think the guilty line is (I used git master): 1021: lowercase(host); -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2017-Oct-19 18:36 UTC
[Bug 2763] Broken parsing of link-local addresses when interface contains upper-case letter
https://bugzilla.mindrot.org/show_bug.cgi?id=2763 --- Comment #5 from Maciej Piechotka <uzytkownik2 at gmail.com> --- Ping. I don't know why the line is there so I'm unable to send a patch fixing it but it shouldn't be hard to fix. I'm not sure about OpenBSD but it seems to be broken on any system where interfaces as case-sensitive. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2017-Oct-20 00:55 UTC
[Bug 2763] Broken parsing of link-local addresses when interface contains upper-case letter
https://bugzilla.mindrot.org/show_bug.cgi?id=2763 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #3068| |ok?(dtucker at zip.com.au) Flags| | --- Comment #6 from Damien Miller <djm at mindrot.org> --- Created attachment 3068 --> https://bugzilla.mindrot.org/attachment.cgi?id=3068&action=edit don't lowercase hostnames that look like addresses -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2017-Oct-20 02:31 UTC
[Bug 2763] Broken parsing of link-local addresses when interface contains upper-case letter
https://bugzilla.mindrot.org/show_bug.cgi?id=2763 Darren Tucker <dtucker at zip.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #3068|ok?(dtucker at zip.com.au) |ok+ Flags| | --- Comment #7 from Darren Tucker <dtucker at zip.com.au> --- Comment on attachment 3068 --> https://bugzilla.mindrot.org/attachment.cgi?id=3068 don't lowercase hostnames that look like addresses>+ memset(&hints, 0, sizeof(hints));maybe bzero?>+ if ((gaierr = getaddrinfo(name, strport, &hints, &res)) != 0)gaierr is never used. otherwise ok. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2017-Nov-03 06:05 UTC
[Bug 2763] Broken parsing of link-local addresses when interface contains upper-case letter
https://bugzilla.mindrot.org/show_bug.cgi?id=2763 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #3068|0 |1 is obsolete| | Attachment #3086| |ok? Flags| | --- Comment #8 from Damien Miller <djm at mindrot.org> --- Created attachment 3086 --> https://bugzilla.mindrot.org/attachment.cgi?id=3086&action=edit don't lowercase but explicitly canonicalise address I just realised that the previous patch will cause problems for people who have learned hostkeys for IPv6 addresses and then subsequently attempt to connect to them but using upper-case addresses, e.g. ssh FE80::1%lo0 This skips the lowercasing for addresses but still sends them through a getaddrinfo()/getnameinfo() wash to render them in canonical form. This should preserve uppercase interface scopes (modulo bugs in libc). It also aborts hostname canonicalisation for address-like strings that don't parse as addresses, such as addresses with unrecognised interface scoping. BTW, Darren - someone replaced all the bzero() calls with memset() in OpenSSH a while back. I complained at the time, but I don't want to be the guy who adds the first one back in :/ -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2018-Jan-05 02:49 UTC
[Bug 2763] Broken parsing of link-local addresses when interface contains upper-case letter
https://bugzilla.mindrot.org/show_bug.cgi?id=2763 Darren Tucker <dtucker at dtucker.net> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #3086|ok? |ok+ Flags| | -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2018-Jan-23 05:04 UTC
[Bug 2763] Broken parsing of link-local addresses when interface contains upper-case letter
https://bugzilla.mindrot.org/show_bug.cgi?id=2763 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |2782 --- Comment #9 from Damien Miller <djm at mindrot.org> --- Fix committed, this will be in OpenSSH 7.7 Referenced Bugs: https://bugzilla.mindrot.org/show_bug.cgi?id=2782 [Bug 2782] Tracking bug for OpenSSH 7.7 release -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2018-Feb-16 02:15 UTC
[Bug 2763] Broken parsing of link-local addresses when interface contains upper-case letter
https://bugzilla.mindrot.org/show_bug.cgi?id=2763 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |FIXED -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2018-Apr-06 02:26 UTC
[Bug 2763] Broken parsing of link-local addresses when interface contains upper-case letter
https://bugzilla.mindrot.org/show_bug.cgi?id=2763 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #10 from Damien Miller <djm at mindrot.org> --- Close all resolved bugs after release of OpenSSH 7.7. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.