Bug 825

Summary:

OpenSSH 3.8p1 breaks on Solaris 8 with 4in6 mapped addresses

Product:

Portable OpenSSH

Reporter:

Markus Germeier <mager>

Component:

sshd

Assignee:

OpenSSH Bugzilla mailing list <openssh-bugs>

Status:

CLOSED FIXED

Severity:

normal

CC:

roland.mainz

Priority:

Version:

3.8p1

Hardware:

All

OS:

Solaris

Bug Depends on:

Bug Blocks:

821

Attachments:

Description	Flags
Server 1, Solaris8/sparc, dual stack, sshd -ddd	none
Client 1, Solaris8/sparc, IPv4 only, ssh -vvv	none
Server 2, Solaris8/x86, IPv4 only, sshd -ddd	none
Client 2, Linux/x86, dual stack, ssh -vvv	none
Call check_ip_options before mapped address normalisation	dtucker: ok+

Description Markus Germeier 2004-03-31 02:28:53 AEST

Hello,
Darren Tucker asked me to file a bug report here.

Short: OpenSSH 3.8p1 breaks on my Solaris 8 boxes (sparc and x86) when using
4in6 mapped addresses. IPv6 connections work fine.
Longer: http://marc.theaimsgroup.com/?l=secure-shell&m=107850542916554

Build with gcc 3.3.3 and this configure line:
./configure --prefix=/usr/opt/ssh --with-zlib=../zlib-1.2.1
--with-ssl-dir=../openssl-0.9.7d

Server: Solaris8 sparc+x86, with OpenSSH3.8.1p1
        using "ListenAddress ::" on dual IPv4/6 stack or IPv4-only
Client: Linux, Solaris, OpenSSH3.8.1p1, ssh.com 3.2.5
Remark: All connections are non-local (always two machines are involved)

Debug logs follow shortly.

Regards
   Markus

Comment 1 Markus Germeier 2004-03-31 02:39:13 AEST

Created attachment 582 [details]
Server 1, Solaris8/sparc, dual stack, sshd -ddd

Comment 2 Markus Germeier 2004-03-31 02:41:12 AEST

Created attachment 583 [details]
Client 1, Solaris8/sparc, IPv4 only, ssh -vvv

Comment 3 Markus Germeier 2004-03-31 02:42:41 AEST

Created attachment 584 [details]
Server 2, Solaris8/x86, IPv4 only, sshd -ddd

Comment 4 Markus Germeier 2004-03-31 02:43:38 AEST

Created attachment 585 [details]
Client 2, Linux/x86, dual stack, ssh -vvv

Comment 5 Markus Germeier 2004-03-31 02:45:31 AEST

*** Bug 824 has been marked as a duplicate of this bug. ***

Comment 6 Markus Germeier 2004-03-31 03:57:00 AEST

Just another note:
* OpenSSH 3.7.1p2 works fine
* configure reports:
    Translate v4 in v6 hack: no
  while the Changelog says:
    20031123
 - (djm) [canohost.c] Move IPv4inV6 mapped address normalisation to its own
   function and call it unconditionally
* Checking the source proves the Changelog right
  (see the "fix" in my original posting to the mailinglist which revokes the
"unconditionally" part)

Comment 7 Darren Tucker 2004-03-31 12:59:18 AEST

OK, I can now reproduce it.  Should fix for 3.8.1p1 (not sure how yet).

Comment 8 Damien Miller 2004-03-31 14:40:18 AEST

Created attachment 587 [details]
Call check_ip_options before mapped address normalisation

This is dying because we found IP options, but this check (for now) is supposed
to be IPv4 only. Unfortunately we have normalised the address format before
this is conditionally called, so it was being called for mapped IPv6 addresses
too.

Please try this patch.

Comment 9 Darren Tucker 2004-03-31 14:56:31 AEST

Comment on attachment 587 [details]
Call check_ip_options before mapped address normalisation

Patch fixes the problem for me.

Comment 10 Markus Germeier 2004-03-31 20:49:35 AEST

Hello,

the patch fixes this problem for me on Solaris/sparc+x86 while it does not break
linux. ;-) Great!

Thanks for the quick fix.

Regards
  Markus

Comment 11 Darren Tucker 2004-03-31 20:52:35 AEST

Patch has been committed and will be in 3.8.1p1.  Thanks for the report.

Comment 12 Damien Miller 2004-04-19 23:32:30 AEST

Closed with release of portable OpenSSH 3.8.1p1