Bug #6558: Incomplete SSH selector for 172.16/12 private IP block

Bug #6558

Incomplete SSH selector for 172.16/12 private IP block

Added by sajolida 2013-12-31 07:56:03 . Updated 2015-03-23 02:02:37 .

Status:

Resolved

Priority:

Normal

Assignee:

Category:

Target version:

Tails_1.3.1

Start date:

2013-12-31

Due date:

% Done:

100%

Feature Branch:

bugfix/6558-ssh-rfc1918-exceptions

Type of work:

Code

Blueprint:

Starter:

Affected tool:

Deliverable for:

Description

According to RFC1918, the 172 block is defined by prefix 172.16/12. So both 172.16.0.0 and 172.31.0.0 are private IP addresses.

But our selector for private IPs in .ssh/config only selects 172.16.*. So, for example, 172.31.0.0 is not matched.

Proposed fix:

Host 192.168.* 10.* 172.16.* 172.17.* 172.18.* 172.19.* 172.20.* 172.21.* 172.22.* 172.23.* 172.24.* 172.25.* 172.26.* 172.27.* 172.28.* 172.29.* 172.30.* 172.31.*

Should be reviewed and tested.

Subtasks

Related issues

Has duplicate Tails - ~~Bug #8794~~: /etc/ssh_config prevents connection to some local IP ranges

Duplicate

2015-01-25

History

#1 Updated by sajolida 2013-12-31 07:57:48

Subject changed from Imcomplete SSH selector for 172.16.0.0/12 private IP block to Imcomplete SSH selector for 172.16/12 private IP block

#2 Updated by intrigeri 2014-06-21 14:04:20

Status changed from Confirmed to In Progress
% Done changed from 0 to 10

#3 Updated by BitingBird 2014-06-21 14:53:15

Subject changed from Imcomplete SSH selector for 172.16/12 private IP block to Incomplete SSH selector for 172.16/12 private IP block

#4 Updated by intrigeri 2015-02-15 18:59:01

has duplicate ~~Bug #8794~~: /etc/ssh_config prevents connection to some local IP ranges added

#5 Updated by Tails 2015-02-15 19:04:12

Applied in changeset commit:8c4ba917b69b3c6c0a87f5bdc74a87dc8d03d628.

#6 Updated by intrigeri 2015-02-15 19:12:27

Target version set to Tails_1.3.2
Feature Branch set to bugfix/6558-ssh-rfc1918-exceptions

#7 Updated by intrigeri 2015-02-15 19:12:53

Assignee set to intrigeri

#8 Updated by Tails 2015-02-25 13:34:26

Applied in changeset commit:6972d4fe0de079db6ca5a00d7efaeeec4bf1e987.

#9 Updated by intrigeri 2015-03-02 17:54:19

Assignee deleted (~~intrigeri~~)
% Done changed from 10 to 50
QA Check set to Ready for QA

#10 Updated by kytv 2015-03-02 18:57:58

Looks good to me.

It’s a shame IMHO that ssh_config only accepts patterns and not regular expressions (not that /^(10|192\.168|172\.(1[6-9]|2[0-9]|3[01]))/ would be easier for everyone to understand).

#11 Updated by intrigeri 2015-03-14 09:42:24

Assignee set to alant

#12 Updated by alant 2015-03-22 16:39:21

Assignee changed from alant to intrigeri
QA Check changed from Ready for QA to Pass

I tested and reviewed bugfix/6558-ssh-rfc1918-exceptions as of commit:9c0aecc80cfd858bad95d58fbd70e58a81e51bbb. Everything is fine so the branch can be merged in stable. I let the RM of 1.3.1 decide when it’s appropriate.

#13 Updated by intrigeri 2015-03-22 16:53:43

Status changed from In Progress to Fix committed
% Done changed from 50 to 100

Applied in changeset commit:01e6a40e11810bb402f256ebd545591594105a2a.

#14 Updated by intrigeri 2015-03-22 16:57:15

Assignee deleted (~~intrigeri~~)

#15 Updated by intrigeri 2015-03-22 16:57:35

Target version changed from Tails_1.3.2 to Tails_1.3.1

#16 Updated by BitingBird 2015-03-23 02:02:37

Status changed from Fix committed to Resolved