[Bug 3489] New: "MaxStartups 0" passes "sshd -t", but configuration reload dies the server

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Mon Oct 24 06:56:52 AEDT 2022 

https://bugzilla.mindrot.org/show_bug.cgi?id=3489

            Bug ID: 3489
           Summary: "MaxStartups 0" passes "sshd -t", but configuration
                    reload dies the server
           Product: Portable OpenSSH
           Version: 9.1p1
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: sshd
          Assignee: unassigned-bugs at mindrot.org
          Reporter: petr.pisar at atlas.cz

I tried disabling MaxStartups feature (disabling is not documented in a
manual) in openssh-9.1_p1 with setting:

MaxStartups 0

"sshd -t" command did not report any errors. So I sent SIGHUP to the
deamon to reload the configuration, and then I tried to ssh-login to
the machine and I found I cannot connect it.

I assumed 0 was interpreted as no connections allowed, thus I reverted
the change in sshd configuration file, sent SIGHUP signal again, and my
init (OpenRC) system reported the daemon is not running. It was obvious
the sshd daemon "crashed".

A system log contains:

Oct 23 21:18:48 router start-stop-daemon[23658]: Will stop PID 3640
Oct 23 21:18:48 router start-stop-daemon[23658]: Sending signal 1 to
PID 3640
Oct 23 21:18:48 router sshd[3640]: Received SIGHUP; restarting.
Oct 23 21:18:49 router sshd[3640]: Server listening on 0.0.0.0 port 22.
Oct 23 21:18:49 router sshd[3640]: Server listening on :: port 22.
Oct 23 21:18:49 router sshd[3640]: fatal: xcalloc: zero size
Oct 23 21:19:14 router start-stop-daemon[23691]: Will stop PID 3640
Oct 23 21:19:14 router /etc/init.d/sshd[23691]: start-stop-daemon: no
matching processes found

The "fatal: xcalloc: zero size" message explains the "crash". The
server attempted to allocate a memory for 0 MaxStartups connections, 0
was rejected as in invalid size by an allocator and the daemon
terminated.

Could you please patch "sshd -t" code path to reject "MaxStartups 0"
configuration line?

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

More information about the openssh-bugs mailing list