Package: release.debian.org Severity: normal Tags: bullseye User: release.debian....@packages.debian.org Usertags: pu
After upgrade openssh client from 8.8 to 8.9 rejects tinyssh connections. [ Reason ] Tinyssh has very strict packet_length checking and when client doesn't horor max. packet lenght, closes the connection. [ Impact ] Using new openss client 8.9 stoped tinyssh working, rejects all connections. [ Tests ] The bug was catched by autopkgtest e.g. here: https://autopkgtest.ubuntu.com/results/autopkgtest-jammy/jammy/amd64/t/tinyssh/20220226_180547_e244f@/log.gz And can be triggered manually using 2 versions openssh: ~~~ openssh-8.8p1# ./ssh test@127.0.0.1 "cat >/tmp/testfile2" < /tmp/testfile1 && echo OK || echo BAD OK openssh-8.9p1# ./ssh test@127.0.0.1 "cat >/tmp/testfile2" < /tmp/testfile1 && echo OK || echo BAD client_loop: send disconnect: Broken pipe BAD ~~~ After fix: ~~~ openssh-8.9p1# ./ssh test@127.0.0.1 "cat >/tmp/testfile2" < /tmp/testfile1 && echo OK || echo BAD OK ~~~ [ Risks ] Patch is trivial. And already applied in ubuntu: http://launchpadlibrarian.net/590133636/tinyssh_20190101-1build1_20190101-1ubuntu1.diff.gz [ Checklist ] [x] *all* changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in (old)stable [x] the issue is verified as fixed in unstable diff -Nru tinyssh-20190101/debian/changelog tinyssh-20190101/debian/changelog --- tinyssh-20190101/debian/changelog 2019-01-02 06:01:58.000000000 +0100 +++ tinyssh-20190101/debian/changelog 2022-03-19 08:28:29.000000000 +0100 @@ -1,3 +1,10 @@ +tinyssh (20190101-1+deb11u1) bullseye; urgency=medium + + * Workaround for incoming packets that doesn't honor + the max. packet length (Closes: 1006801) + + -- Jan Mojžíš <jan.moj...@gmail.com> Sat, 19 Mar 2022 08:28:29 +0100 + tinyssh (20190101-1) unstable; urgency=medium * d/tests - added 03exitcodes test, it creates ssh connection, exits diff -Nru tinyssh-20190101/debian/patches/series tinyssh-20190101/debian/patches/series --- tinyssh-20190101/debian/patches/series 1970-01-01 01:00:00.000000000 +0100 +++ tinyssh-20190101/debian/patches/series 2022-03-19 08:28:29.000000000 +0100 @@ -0,0 +1 @@ +workaround-1006801-packet-length.patch diff -Nru tinyssh-20190101/debian/patches/workaround-1006801-packet-length.patch tinyssh-20190101/debian/patches/workaround-1006801-packet-length.patch --- tinyssh-20190101/debian/patches/workaround-1006801-packet-length.patch 1970-01-01 01:00:00.000000000 +0100 +++ tinyssh-20190101/debian/patches/workaround-1006801-packet-length.patch 2022-03-19 08:28:29.000000000 +0100 @@ -0,0 +1,24 @@ +From: Jan Mojzis <jan.moj...@gmail.com> +Date: Sat, 19 Mar 2022 08:36:48 +0100 +Origin: https://github.com/janmojzis/tinyssh/commit/0613ae9ef2fbac88522c8312456fb64d14020597 +Subject: Workaround for incoming packets that doesn't honor + the max. packet length + +Index: tinyssh-20190101/tinyssh/packet_channel_open.c +=================================================================== +--- tinyssh-20190101.orig/tinyssh/packet_channel_open.c ++++ tinyssh-20190101/tinyssh/packet_channel_open.c +@@ -49,7 +49,12 @@ int packet_channel_open(struct buf *b1, + buf_putnum32(b2, id); /* uint32 recipient channel */ + buf_putnum32(b2, id); /* uint32 sender channel */ + buf_putnum32(b2, localwindow); /* uint32 initial window size */ +- buf_putnum32(b2, PACKET_LIMIT); /* uint32 maximum packet size */ ++ /* ++ XXX ++ use PACKET_LIMIT/2 as maximum packet size, ++ workaround for miscalculated packet_length ++ */ ++ buf_putnum32(b2, PACKET_LIMIT / 2); /* uint32 maximum packet size */ + packet_put(b2); + buf_purge(b2); + return 1;