Bug 3169

Summary: sshd listens to port 22 AND whatever port is specified in or after Include(s)
Product: Portable OpenSSH Reporter: Adriaan van Nijendaal <mindrot.org>
Component: sshdAssignee: Assigned to nobody <unassigned-bugs>
Status: CLOSED FIXED    
Severity: normal CC: djm, dtucker, egberts, Flupp+bugzilla.mindrot.org, jjelen
Priority: P5    
Version: 8.2p1   
Hardware: amd64   
OS: Linux   
Bug Depends on:    
Bug Blocks: 3162    
Attachments:
Description Flags
script to reproduce the bug
none
proposed patch none

Description Adriaan van Nijendaal 2020-05-23 22:23:27 AEST 
Created attachment 3396 [details]
script to reproduce the bug

Another problem with the include functionality. A 'Port' statement AFTER 'Include' will be accepted, BUT the server will listen to that port AND to port 22. Note that the sshd_config as shipped does NOT have a 'Port' statement - the server defaults to 22 if no Port is specified (appearantly before 'Incude'(s) are evaluated.)

When I move the whole sshd_config to another name (sshd_config_with_another_name) and include it from a new sshd_config containing just two lines:

Include /etc/ssh/sshd_config_with_another_name
Port 7722

Then the server listens to Port 7722 AND 22.

When the order is reversed:

Port 7722
Include /etc/ssh/sshd_config_with_another_name

it will listen to port 7722 ONLY.

Previously reported to the Ubuntu people, but they referred me here.
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1876320 . I feel this could be something simple, but I cannot find it in the source. Sorry.
Comment 1 Jakub Jelen 2020-05-26 01:00:32 AEST 
Created attachment 3398 [details]
proposed patch

the attached patch should address the issue. The important part is not to call process_queued_listen_addrs() for every included file, because it sets the port to 22 if none is set before. I missed this on my first run.

The following code snippet should reproduce this issue and verify the fix in the regress testsuite (regress/servcfginclude.sh)

# Port in included file is correctly interpretted (bug #3169)
cat > $OBJ/sshd_config.i << _EOF
Include $OBJ/sshd_config.i.2
Port 7722
_EOF
cat > $OBJ/sshd_config.i.2 << _EOF
HostKey $OBJ/host.ssh-ed25519
_EOF

trace "Port after included files"
${SUDO} ${REAL_SSHD} -f $OBJ/sshd_config.i -T -ddd \
    -C "host=x,user=test,addr=127.0.0.1" > $OBJ/sshd_config.out || \
        fail "failed to parse Port after included files"
_port=`grep -i '^port ' $OBJ/sshd_config.out | awk '{print $2}'`
if test "x7722" != "x$_port" ; then
        fail "The Port in included file was intertepretted wrongly. Expected 7722, got $_port"
fi
Comment 2 Damien Miller 2020-05-28 08:43:04 AEST 
Thanks - Jakub's patch has been applied and will be in OpenSSH 8.4, due in ~3 months.
Comment 3 Damien Miller 2020-05-29 15:21:13 AEST 
*** Bug 3164 has been marked as a duplicate of this bug. ***
Comment 4 Damien Miller 2021-03-04 09:52:17 AEDT 
close bugs that were resolved in OpenSSH 8.5 release cycle
Comment 5 egberts 2021-09-26 22:51:08 AEST 
Just a question (and perhaps a recap) here.

So there is no way to negate a prior Port setting in later "included-sshd_config" files?
Comment 6 Darren Tucker 2021-09-27 19:01:43 AEST 
(In reply to egberts from comment #5)
> Just a question (and perhaps a recap) here.
> 
> So there is no way to negate a prior Port setting in later
> "included-sshd_config" files?

The way the other accumulate-a-list options handle this is to take a "none" option which empties the list.  Port does not currently do that but it would not be hard to add.