Bug 264599

Summary: openssh: blacklistd: message too short/no message errors
Product: Base System Reporter: Jose Luis Duran <jlduran>
Component: binAssignee: Ed Maste <emaste>
Status: Closed FIXED    
Severity: Affects Many People CC: emaste
Priority: --- Keywords: needs-patch, needs-qa
Version: CURRENTFlags: koobs: maintainer-feedback? (emaste)
koobs: mfc-stable13?
koobs: mfc-stable12?
Hardware: Any   
OS: Any   

Description Jose Luis Duran freebsd_committer freebsd_triage 2022-06-10 17:20:35 UTC 
After upgrading a public-facing SSH server, error messages have started to spam dmesg logs:

blacklistd: message too short 144
blacklistd: no message (No such file or directory)

Filing this as a bug to track it.

In the meantime, I have done this horrible thing:

--- crypto/openssh/auth.c
+++ crypto/openssh/auth.c
@@ -555,7 +555,7 @@ getpwnamallow(struct ssh *ssh, const char *user)
        aix_restoreauthdb();
 #endif
        if (pw == NULL) {
-               BLACKLIST_NOTIFY(ssh, BLACKLIST_BAD_USER, user);
+               BLACKLIST_NOTIFY(ssh, BLACKLIST_BAD_USER, "user");
                logit("Invalid user %.100s from %.100s port %d",
                    user, ssh_remote_ipaddr(ssh), ssh_remote_port(ssh));
 #ifdef CUSTOM_FAILED_LOGIN
Comment 1 Kubilay Kocak freebsd_committer freebsd_triage 2022-06-11 07:14:59 UTC 
^Triage: emaste updated OpenSSH in base most recently, request feedback
Comment 2 Kubilay Kocak freebsd_committer freebsd_triage 2022-06-11 07:16:34 UTC 
This may have already been addresses by base 0f9bafdfc325 via bug 1926107

If so, please close this as a duplicate
Comment 3 Kubilay Kocak freebsd_committer freebsd_triage 2022-06-11 07:17:47 UTC 
Hat was not a bug reference, but a commit reference: base 19261079b743
Comment 4 Jose Luis Duran freebsd_committer freebsd_triage 2022-06-11 14:01:50 UTC 
(In reply to Kubilay Kocak from comment #2)

I don't think this issue has been addressed yet. My understanding is that it triggers when there is no user. For example:

    $ ssh -l "" ssh-server

N times (N = the number of times to trigger blacklistd), and the SSH server is configured with:

    KbdInteractiveAuthentication no
    UseBlacklist yes

I would guess a validation, to check if user is not NULL/empty string, etc. is missing. But I'll let someone more familiar with the code actually address this issue.

Thank you for triaging!
Comment 5 Jose Luis Duran freebsd_committer freebsd_triage 2022-06-11 19:34:18 UTC 
I have also filed an issue upstream:

https://github.com/zoulasc/blocklist/issues/2
Comment 6 Jose Luis Duran freebsd_committer freebsd_triage 2022-06-12 18:03:35 UTC 
Upstream has committed a fix:

https://github.com/zoulasc/blocklist/commit/ada75856bc6fcabbdd25ffbe08fbad5cf2a2c08a
Comment 7 commit-hook freebsd_committer freebsd_triage 2022-07-18 12:56:01 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/src/commit/?id=b1e81e6ddee42efb0f0d49cfc6cebb48d52e3f08

commit b1e81e6ddee42efb0f0d49cfc6cebb48d52e3f08
Author:     Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2022-07-18 00:43:52 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2022-07-18 12:55:30 +0000

    blacklistd: Handle 0 sized messages

    Patch obtained from https://github.com/zoulasc/blocklist commit
    ada75856bc6fcabbdd25ffbe08fbad5cf2a2c08a

    PR:             264599
    MFC after:      1 week

 contrib/blacklist/lib/bl.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)
Comment 8 commit-hook freebsd_committer freebsd_triage 2022-07-25 14:58:24 UTC 
A commit in branch stable/13 references this bug:

URL: https://cgit.FreeBSD.org/src/commit/?id=35cdb601016b2dbdb9f5e296ac4b5f42248eddf5

commit 35cdb601016b2dbdb9f5e296ac4b5f42248eddf5
Author:     Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2022-07-18 00:43:52 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2022-07-25 14:57:24 +0000

    blacklistd: Handle 0 sized messages

    Patch obtained from https://github.com/zoulasc/blocklist commit
    ada75856bc6fcabbdd25ffbe08fbad5cf2a2c08a

    PR:             264599
    MFC after:      1 week

    (cherry picked from commit b1e81e6ddee42efb0f0d49cfc6cebb48d52e3f08)

 contrib/blacklist/lib/bl.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)
Comment 9 commit-hook freebsd_committer freebsd_triage 2022-07-25 15:01:25 UTC 
A commit in branch stable/12 references this bug:

URL: https://cgit.FreeBSD.org/src/commit/?id=5f7ae464db5bd1527a844c228afc269cedb6822c

commit 5f7ae464db5bd1527a844c228afc269cedb6822c
Author:     Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2022-07-18 00:43:52 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2022-07-25 15:00:11 +0000

    blacklistd: Handle 0 sized messages

    Patch obtained from https://github.com/zoulasc/blocklist commit
    ada75856bc6fcabbdd25ffbe08fbad5cf2a2c08a

    PR:             264599
    MFC after:      1 week

    (cherry picked from commit b1e81e6ddee42efb0f0d49cfc6cebb48d52e3f08)

 contrib/blacklist/lib/bl.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)
Comment 10 Jose Luis Duran freebsd_committer freebsd_triage 2022-07-25 16:43:15 UTC 
Thank you Ed!

I'll try to submit some minor fixes for blacklistd that aren't in the base system yet.