Bug 1246 - Protocol version identification errors don't log the sender IP anymore, always UNKNOWN
Summary: Protocol version identification errors don't log the sender IP anymore, alway...
Status: CLOSED FIXED
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: sshd (show other bugs)
Version: 4.3p2
Hardware: ix86 Linux
: P2 minor
Assignee: Assigned to nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2006-10-03 19:13 AEST by Jan Iven
Modified: 2008-04-04 09:56 AEDT (History)
0 users

See Also:

Attachments
minimal patch (601 bytes, patch)
2006-10-24 01:41 AEST, Jan Iven 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Jan Iven 2006-10-03 19:13:46 AEST 
Errors on the initial protocol message do not log the IP of the sender anymore. I.e. doing
$ echo "GOOD MORNING" >/dev/tcp/somehost.somedomain/22
results in
sshd[28192]: Bad protocol version identification 'GOOD MORNING' from UNKNOWN

This appears to be due to the fact that sock_in gets closed before get_remote_ipaddr() has a chance to find out who is at the remote end. Apparently, this worked somehow at least in openssh-3.6p1, perhaps the IP caching was different then.

Since the process will exit immediately afterwards anyway, maybe there is no need to close these two sockets? They don't get closed on other codepaths with similar functionality (e.g after the "scanned from .. Don't panic."-piece).
Comment 1 Jan Iven 2006-10-24 01:41:45 AEST 
Created attachment 1201 [details]
minimal patch
Comment 2 Darren Tucker 2006-10-24 08:19:20 AEST 
Comment on attachment 1201 [details]
minimal patch

While the diff looks reasonable to I can't see this behaviour with 4.4p1 (that area of code was somewhat restructured).

Can you reproduce with 4.4p1?
Comment 3 Jan Iven 2006-10-24 18:42:56 AEST 
Appears indeed to have been fixed in 4.4. Sorry for not checking earlier..
Jan
Comment 4 Damien Miller 2008-04-04 09:56:42 AEDT 
Close resolved bugs after release.