From owner-freebsd-current@freebsd.org Sun Dec 23 01:58:45 2018 Return-Path: Delivered-To: freebsd-current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0EA3F134466F for ; Sun, 23 Dec 2018 01:58:45 +0000 (UTC) (envelope-from yaneurabeya@gmail.com) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 6CC7583D70 for ; Sun, 23 Dec 2018 01:58:44 +0000 (UTC) (envelope-from yaneurabeya@gmail.com) Received: by mailman.ysv.freebsd.org (Postfix) id 30288134466E; Sun, 23 Dec 2018 01:58:44 +0000 (UTC) Delivered-To: current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0DADF134466D for ; Sun, 23 Dec 2018 01:58:44 +0000 (UTC) (envelope-from yaneurabeya@gmail.com) Received: from mail-pf1-x42f.google.com (mail-pf1-x42f.google.com [IPv6:2607:f8b0:4864:20::42f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 7C27E83D6D; Sun, 23 Dec 2018 01:58:43 +0000 (UTC) (envelope-from yaneurabeya@gmail.com) Received: by mail-pf1-x42f.google.com with SMTP id r136so4362559pfc.6; Sat, 22 Dec 2018 17:58:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=SSgfbHoVhAi+5DQP11VsWN9mm+IcllzjCPQQ9XumpDc=; b=MdYP8lv/9uTdkb0xFWq3rAT6hrcmp+6WKzz2xxq9xqgTP9IoXdFhRA3OOzO8Vcv9tB LbCOW8kr9uzHFc9t/QWaJwsMQ1VrrrcamwT1Sstc1MG0JZUOC8dKFkfWA4sqZUOX1MXx pL4qpJC2wMtb5qJkrwBm9FiuV1kgv1tlhFo4fGTXytjqpF65Abu/dCfZNgJw/OHrVMfv VuOclvU142vnP0aVacoi5VBFsZI9tNIcYPDa4zoFiv0q1PC/V4fknUdLwTPdDSJW0Yi1 5788FqKa+bNLT2FeTKIAA70OYorcNCCr/u8PgQCJcb7eVIH3S/SBHFMrEefKRd8jkB24 VECA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=SSgfbHoVhAi+5DQP11VsWN9mm+IcllzjCPQQ9XumpDc=; b=eTh/MpIK4BBKg0c3wob9KAE2L8T1pc6pNMSPCpKqX/7/1Am9nMFIX6h5zOg/06yHWP 99/9PhQ5NSYcfyipESzHQV6DmA/k3gwTgHAgzX/EUTtUhpCf9ZF+droPp+D2ZL1N51Zw LyVmIvl4pEX141A6Zt4RvmfdKkZJmwDoFW8xfzo64mqZmf/MyILmBp07A5W/tI4Yp2O2 4I6q5pw514H1qDzokfX1ok//1/QibKka4YnNb6y5A4Pob0CJRVAhpZB5VHg+NF/99GXD qAymZ1LQQ8D6y1n65c23z6oBekZkeg5U8JSS2oCHJwWZhSt6NdT7QEWtsM9GHAPXWdsB NYxQ== X-Gm-Message-State: AJcUukfjxVkVTNfjPd/Nc13bw9KWytCjrnEe9AaGaggBNjYS0UKR+1+V no6QqPFwq5257ugcwo6hKtfy8dMQ X-Google-Smtp-Source: ALg8bN6xGjkWGLcD4aurkoPXq/fU/2sXS+ZXgRgDG0WimzNgDYN0W+KNLm+v9Hf9vkVDKtn7Ztstkg== X-Received: by 2002:a63:d40a:: with SMTP id a10mr7716956pgh.394.1545530322283; Sat, 22 Dec 2018 17:58:42 -0800 (PST) Received: from [192.168.20.7] (c-73-19-52-228.hsd1.wa.comcast.net. [73.19.52.228]) by smtp.gmail.com with ESMTPSA id v13sm35821128pff.20.2018.12.22.17.58.40 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 22 Dec 2018 17:58:41 -0800 (PST) From: Enji Cooper Message-Id: <82004750-097A-47E5-9981-86B4B7A5F755@gmail.com> Content-Type: multipart/signed; boundary="Apple-Mail=_637E3201-9939-4613-85D7-E55AE3063E96"; protocol="application/pgp-signature"; micalg=pgp-sha256 Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\)) Subject: Re: workaround for VMware WS NAT bug triggered by OpenSSH 7.8p1 changes Date: Sat, 22 Dec 2018 17:58:39 -0800 In-Reply-To: <201812222103.wBML3C8G053162@slippy.cwsent.com> Cc: Yuri Pankov , Mark Peek , Warner Losh , =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= , freebsd-current To: Cy Schubert References: <201812222103.wBML3C8G053162@slippy.cwsent.com> X-Mailer: Apple Mail (2.3445.9.1) X-Rspamd-Queue-Id: 7C27E83D6D X-Spamd-Bar: ------ Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-6.99 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; NEURAL_HAM_SHORT(-0.99)[-0.988,0]; REPLY(-4.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0] X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 23 Dec 2018 01:58:45 -0000 --Apple-Mail=_637E3201-9939-4613-85D7-E55AE3063E96 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 > On Dec 22, 2018, at 1:03 PM, Cy Schubert = wrote: =E2=80=A6 > Regarding the Red Hat bugzilla bug, looks like they're doing the right > thing by reaching out to VMware. This should be our position as well. > Add it to ssh_config or sshd_config if one must but have VMware fix > their bugs. Putting workarounds in our O/S to work around a bug in = some > other vendor's virtualization is something I don't support. If we must > add the #ifdefs to our ssh, then add an UPDATING entry to say that to > enable it put VMWARE_GUEST_WORKAROUND or however we choose to enable = it > in src.conf. This is the reason why I CCed mp@ :).. Mark works for VMware (I worked = with him a bit when I was at Isilon). =E2=80=A6 > We, FreeBSD, should try to open a ticket or reach out to VMware to add > a +1 to the issue that RH has already opened. This is the right thing > to do. In this case we should consider ourselves an O/S vendor too, > which BTW we are. Yes, but unless there=E2=80=99s a champion internal to the project = driving this, it=E2=80=99s up to individual users to drive the bug = report/fix. If, however, there were regular regression tests run with = VMware (and this can be done with pyvmomi/paramiko, etc), then we the = project could provide this guarantee to VMware and vice versa if VMware = invested the time in making this so--which I thought they did with = 10.x=E2=80=A6 but if they don=E2=80=99t have an easy way to verify = changes, there=E2=80=99s a bit of a chicken and egg problem. > BTW the 2018-11-08 entry in the RH bug talks about adding the > workaround to sshd_config. =E2=80=A6 which is what I did instead of making the code change. Thanks so very much for the patch and (more importantly) for the = discussion/solution Yuri!! I really appreciate your unblocking me. Cheers, -Enji --Apple-Mail=_637E3201-9939-4613-85D7-E55AE3063E96 Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEE5bk3FaGcY5rvqmb79YOpJmkwhhUFAlwe688ACgkQ9YOpJmkw hhWlkQ//WfEx4qPAwnf9GMmh5qYRqV8Dht5GTmiVtJlwLBq/0dCQkq60eWjwSqHR tqNLl7Mysli7IzI30GyutiYeW0vhib7sJkAPb/bGMwESFLkJTUacEKGE4lNIDOdt KhQAUQpom4MYaRicVcEqmoNru2WTkBQ/tVCM67KPalWOjwXGUxpmR6oyR5Fzvr3o FaLTFW7/zC30G77QinMf3lEYew4cemGJkF9Q5BLwu/1f4VyhjjsNMkz3Nq/5a/eb xXiWJUUX5XIDnUtSmyOFC4ThYaMe+6hxe5VB0BEbIjZZCCUEdgL0mZv64DO3am1D bcvYJQ182WINAvgVKHQv3a5947GPErz6Jtv23jx4vcpJWaPZzgUbkgW4Zd+2x48r +iVvwwOzx+2+lEO1I0PVf0gsobxEQ3x1kbX7wxWdXp5AqymFCptYZQOv4DtCqQKa mmxubFtJi6aHJMpeFpPsnfMB4JCiPHrwj65dCsQxxavIw50Znkz6eys6xqH4MUa2 4l9WOFjYMfwf1Ld/8g1rMCnELGrYhk2B4FGnYXlOHOa/cv942dEybwwFtjdwIThG gAp2zkCzQBKWBJ4bmxEH9WNt+6Nc9aCvMncbEnrYKQEmzreyY4t3akDjsabBJ2wb J1FFOnvxUXcvSl16U8DHoGkrVSLpVYRpbhBlzxyfDSzRfbF8aEY= =Bnql -----END PGP SIGNATURE----- --Apple-Mail=_637E3201-9939-4613-85D7-E55AE3063E96--