Bug 1246

Summary: Protocol version identification errors don't log the sender IP anymore, always UNKNOWN
Product: Portable OpenSSH Reporter: Jan Iven <jan.iven>
Component: sshdAssignee: Assigned to nobody <unassigned-bugs>
Status: CLOSED FIXED    
Severity: minor    
Priority: P2    
Version: 4.3p2   
Hardware: ix86   
OS: Linux   
Attachments:
Description Flags
minimal patch none

Description Jan Iven 2006-10-03 19:13:46 AEST 
Errors on the initial protocol message do not log the IP of the sender anymore. I.e. doing
$ echo "GOOD MORNING" >/dev/tcp/somehost.somedomain/22
results in
sshd[28192]: Bad protocol version identification 'GOOD MORNING' from UNKNOWN

This appears to be due to the fact that sock_in gets closed before get_remote_ipaddr() has a chance to find out who is at the remote end. Apparently, this worked somehow at least in openssh-3.6p1, perhaps the IP caching was different then.

Since the process will exit immediately afterwards anyway, maybe there is no need to close these two sockets? They don't get closed on other codepaths with similar functionality (e.g after the "scanned from .. Don't panic."-piece).
Comment 1 Jan Iven 2006-10-24 01:41:45 AEST 
Created attachment 1201 [details]
minimal patch
Comment 2 Darren Tucker 2006-10-24 08:19:20 AEST 
Comment on attachment 1201 [details]
minimal patch

While the diff looks reasonable to I can't see this behaviour with 4.4p1 (that area of code was somewhat restructured).

Can you reproduce with 4.4p1?
Comment 3 Jan Iven 2006-10-24 18:42:56 AEST 
Appears indeed to have been fixed in 4.4. Sorry for not checking earlier..
Jan
Comment 4 Damien Miller 2008-04-04 09:56:42 AEDT 
Close resolved bugs after release.