| Summary: | Log needs to contain the port on which connection is made | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Portable OpenSSH | Reporter: | Zzu <yuri> | ||||
| Component: | sshd | Assignee: | Damien Miller <djm> | ||||
| Status: | CLOSED FIXED | ||||||
| Severity: | normal | CC: | djm, dtucker | ||||
| Priority: | P5 | ||||||
| Version: | 6.2p1 | ||||||
| Hardware: | All | ||||||
| OS: | FreeBSD | ||||||
| Bug Depends on: | |||||||
| Bug Blocks: | 2130 | ||||||
| Attachments: |
|
||||||
|
Description
Zzu
2013-10-18 06:06:56 AEDT
Created attachment 2355 [details]
include port in invalid banner message
Patch has been committed; this will be in OpenSSH-6.4 due in 2-3 months time. Comment on attachment 2355 [details] include port in invalid banner message >+ logit("Bad protocol version identification '%.100s' " >+ "from %s port %d", client_version_string, >+ get_remote_ipaddr(), get_remote_port()); that's the remote port, the request was for the local (ie listening) port. Certainly I think it's worth having the remote port (eg for NAT pools). Also, there are other messages of the same kind (issued per-connection) that should be fixed as well. Ex. "Did not receive identification string from %s" I suggest you create the variant of logit for this. I realize with the current code just using "va_list args" this isn't trivial to do without the code duplication. I don't mind adding full host/port information to a few important messages (authentication events, etc.), but I don't think that every message needs to include the same redundant information. We have a "Connection from ..." message that should include it all.
How about:
> - verbose("Connection from %.500s port %d", remote_ip, remote_port);
> + verbose("Connection from %s port %d on %s port %d",
> + remote_ip, remote_port,
> + get_local_ipaddr(sock_in), get_local_port());
?
I added the local host address and port to the "Connection from ..." message that is shown at loglevel>=verbose. closing resolved bugs as of 8.6p1 release |