[Bug 1246] Protocol version identification errors don't log the sender IP anymore, always UNKNOWN

Tue Oct 3 19:13:47 EST 2006

http://bugzilla.mindrot.org/show_bug.cgi?id=1246

           Summary: Protocol version identification errors don't log the
                    sender IP anymore, always UNKNOWN
           Product: Portable OpenSSH
           Version: 4.4p1
          Platform: ix86
        OS/Version: Linux
            Status: NEW
          Severity: minor
          Priority: P2
         Component: sshd
        AssignedTo: bitbucket at mindrot.org
        ReportedBy: jan.iven at cern.ch

Errors on the initial protocol message do not log the IP of the sender
anymore. I.e. doing
$ echo "GOOD MORNING" >/dev/tcp/somehost.somedomain/22
results in
sshd[28192]: Bad protocol version identification 'GOOD MORNING' from
UNKNOWN

This appears to be due to the fact that sock_in gets closed before
get_remote_ipaddr() has a chance to find out who is at the remote end.
Apparently, this worked somehow at least in openssh-3.6p1, perhaps the
IP caching was different then.

Since the process will exit immediately afterwards anyway, maybe there
is no need to close these two sockets? They don't get closed on other
codepaths with similar functionality (e.g after the "scanned from ..
Don't panic."-piece).

------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.