From owner-freebsd-current@freebsd.org Fri Dec 21 23:55:21 2018 Return-Path: Delivered-To: freebsd-current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3AF5613379F3 for ; Fri, 21 Dec 2018 23:55:21 +0000 (UTC) (envelope-from yuripv@yuripv.net) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 961A689CB7 for ; Fri, 21 Dec 2018 23:55:20 +0000 (UTC) (envelope-from yuripv@yuripv.net) Received: by mailman.ysv.freebsd.org (Postfix) id 597B013379F2; Fri, 21 Dec 2018 23:55:20 +0000 (UTC) Delivered-To: current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 36EA213379F1 for ; Fri, 21 Dec 2018 23:55:20 +0000 (UTC) (envelope-from yuripv@yuripv.net) Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 07C3289CB5; Fri, 21 Dec 2018 23:55:17 +0000 (UTC) (envelope-from yuripv@yuripv.net) Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.nyi.internal (Postfix) with ESMTP id 2407622101; Fri, 21 Dec 2018 18:55:17 -0500 (EST) Received: from mailfrontend1 ([10.202.2.162]) by compute5.internal (MEProxy); Fri, 21 Dec 2018 18:55:17 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yuripv.net; h=to :cc:from:subject:message-id:date:mime-version:content-type; s= fm3; bh=aQkQ+qQixvRIGu3E9eHd+kgRDOI67y5JANvujBT1WL0=; b=vZ91Eij7 xSXPylHlI5H6t4YPZ/MMdmNJSktsLK8rFP1Az5lqo9+Ola1ajLNMBR03B/bq6kou cgfZmKqkdEBvmlSTl/ZffXmG8Hags8QBhGHzV/1MgWBFYG/2Av/yidziRlhD0PXo LwUfM7TAtgfDCQgGPeJ77uzcGWPGpKDDnTpnJ5eZJVQUo/22n5V0HjsuVMnJ0yeE DFzYcTOvy/z+0ejreUplrg+Ma5jQvE8u3Tw4Ktk5/JGu6Y5lpBhWY0Y3tFInHCet Hz3bCDWgxqHzJgiGSospOIMkm5+++AzooQ4T6A7GwRW+2wp3lXA0XarkD4n2Qx4c Al6resoHghL0IA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:message-id :mime-version:subject:to:x-me-proxy:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm1; bh=aQkQ+qQixvRIGu3E9eHd+kgRDOI67 y5JANvujBT1WL0=; b=xo5+DzSmCcLB0KEc46AZghh1UNxhiJlKkaIvhLzttMMGO R5biXmtgA+qeOYJ7oz605efQpHgylK4PHmPa1jsE4P+WuGDnxzw4Okm3wrLEKxhl g/U22YoSJlSpFwaFFO+VC32FpFBJbIY2f3kvwrIErRnHZuWe1FZgpABMnCZ4m9Rg zJNgyBKUwKsWsMZTEPem8YHNuujb9Uyhq6woYnjhJim/8XpgBQ/gYMak4/cDSX/c mbv2ypRfmf1ke63/uKigx2wud2naNo6Eu/w6RXqCxo2G70LlxVcFbwYLHOCyv7zm F8PX6I5uVWrQKVIvnRVKZp+ORNp7uV6YktlMV5peQ== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedtkedrudejiedgudejucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfquhhtnecuuegrihhlohhuthemucef tddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenucfjughrpefvhffukffffg ggtgesghdtrefotdefjeenucfhrhhomhepjghurhhiucfrrghnkhhovhcuoeihuhhrihhp vheshihurhhiphhvrdhnvghtqeenucffohhmrghinheprhgvughhrghtrdgtohhmpdhvmh ifrghrvgdrtghomhdpohhpvghnsghsugdrohhrghenucfkphepleegrddvfeefrddvfedu rdduleehnecurfgrrhgrmhepmhgrihhlfhhrohhmpeihuhhrihhpvheshihurhhiphhvrd hnvghtnecuvehluhhsthgvrhfuihiivgeptd X-ME-Proxy: Received: from [192.168.1.2] (unknown [94.233.231.195]) by mail.messagingengine.com (Postfix) with ESMTPA id 49EEDE40A1; Fri, 21 Dec 2018 18:55:15 -0500 (EST) To: =?UTF-8?Q?Dag-Erling_Sm=c3=b8rgrav?= Cc: freebsd-current From: Yuri Pankov Subject: workaround for VMware WS NAT bug triggered by OpenSSH 7.8p1 changes Openpgp: preference=signencrypt Autocrypt: addr=yuripv@yuripv.net; keydata= mQENBFu8u6IBCADB11gP0QwnorrHjqAtKLHKHNHskhy0s7jqJKfx0YqXgVBKGLJ9/mjLAz0F CBNvemHSDDTs0mEZ9cBKKi6cmsav6+UQgr//yai6hvXLBJqKchSFO4MhmdvBtsGFq1yKz5Zi uhjmimKyIpgBgvMdbgGbGq6cnSB2uEPmZuJr419SVRODOkXukU+F5WHgaHzDdHAIu1asCt2B +6msxqIqlFWcXyZyTGicTGGvC/PFIsVRUtD1dIJANTC876g7DTb7LZXWiWwJpSJ4GKMXMHVX Ct9BoQ4i3nhKbOxb6Io1wsy+NFyWsTJ9KYrxKKPJP3oG8BWb/cqlFqnE4eNSsiq2q7krABEB AAG0H1l1cmkgUGFua292IDx5dXJpcHZAeXVyaXB2Lm5ldD6JAVQEEwEKAD4WIQT4arc+w94t Pi0v/3CTi+B/sSrhbAUCW7y7ogIbAwUJBaOagAULCQgHAwUVCgkICwUWAwIBAAIeAQIXgAAK CRCTi+B/sSrhbJ+ACACqOlkjZ+iP8K8hcwz/G6+c1lVkhuMWL+hxFeE149QuJAXQvkOj/UXO 7jY9HSqFbOYYY44/hujpQCu+/u2dsJ5MAA7TJspWK2zUxtFAzgDp1fRXmCvMlFLdI0yVkKOB JaK+HQP8rBT6yHzGw1KJ6VyOXuuD0Kx02Ou61qjG9/vPRR0jtaxog0rKxpf+yf0UvSM4vb7+ LdY2GQxgfcLcJ8hThR4ElWJAkDsG4CiXixGJuFJ+9dpMK6LHmP6M+NxV4NkzpNddn3Eii8XQ y5spxcLszp8csFBDtAC6BI9sHLhJ9Va1VKpuvSlDsBv4ZtsjnUCIaOiF5MDTYkddSPGGMBck uQENBFu8u6IBCADKih3Q933rDNj4ZA8FhBQ2RlmBgvwOLcDPIL3h0V7h38y3+HisgFScXACD sdrTlYZ1bRXkD9FHENynBcv0l/3uGJDk8jaGIDE0TP8OQBRp+IaU9/BHnAqrKxTJGIolDahy 2m+yx2yhdc6B4ujWMDqCF1rWOD+ymOWw+VLllOkrHcZa5PJtX9UOGbApZl8ZTM8El4CANN8F 1bg9MWzUi+8LYoGWGc+BwsFS1OUB1c4SPgMu5fD4Wfsr9yRl06fdpEA2YT7B/j5/5RSC0sE2 Zs/tmJ/JRflHJ12ycj59ma2xQMfEJF40hZDpMFQmZvbVqgEg3ocQcltjbxlIKZ/mjC4zABEB AAGJATwEGAEKACYWIQT4arc+w94tPi0v/3CTi+B/sSrhbAUCW7y7ogIbDAUJBaOagAAKCRCT i+B/sSrhbIDcCACqAZMcoxUBLZa40a5b24j5i1jplvCYYb3h+Q5lt5+BFJ87kCb4dJuUD3kh 2i29BrxWQWa9WNue9ozxeYkbkfXubQYXexVolRsnh64OdGsE8KvorBFBB3zdK/GRt2Jy+jsn TfUWuQllbzMP0MfhCDMk1Mo8WvDH2/cOEP/yLKf20a+cd6nLs7bidjmGXo9pyuBKAtV6Kv+V Ru54AL+A/UBYu/eB3Dtvzcnut+1Zq6KaP++kUwPwINLIk04OBDwN0zRNTiqMAFYYyz2vZHBB 6E1th/l//ZC5b9Dk0ZpFI1bYdL9ymnrZe1MqbGPnDCToQxu00T/pZCm6Z92YrZQYuNwl Message-ID: <7c62852d-8be2-e351-99ba-d9e85f4c8a71@yuripv.net> Date: Sat, 22 Dec 2018 02:55:00 +0300 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:60.0) Gecko/20100101 Thunderbird/60.4.0 MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="TqPqiUNwPUb4a2XM8oPk8mDB5mLAFV03B" X-Rspamd-Queue-Id: 07C3289CB5 X-Spamd-Bar: --------- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=yuripv.net header.s=fm3 header.b=vZ91Eij7; dkim=pass header.d=messagingengine.com header.s=fm1 header.b=xo5+DzSm; spf=pass (mx1.freebsd.org: domain of yuripv@yuripv.net designates 66.111.4.25 as permitted sender) smtp.mailfrom=yuripv@yuripv.net X-Spamd-Result: default: False [-9.19 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:66.111.4.25]; HAS_ATTACHMENT(0.00)[]; RCVD_COUNT_THREE(0.00)[4]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[yuripv.net:+,messagingengine.com:+]; RCPT_COUNT_TWO(0.00)[2]; MIME_BASE64_TEXT(0.10)[]; MX_GOOD(-0.01)[in2-smtp.messagingengine.com,in1-smtp.messagingengine.com,in2-smtp.messagingengine.com,in1-smtp.messagingengine.com,in2-smtp.messagingengine.com,in1-smtp.messagingengine.com]; SIGNED_PGP(-2.00)[]; NEURAL_HAM_SHORT(-0.98)[-0.980,0]; FROM_EQ_ENVFROM(0.00)[]; IP_SCORE(-3.60)[ip: (-9.50), ipnet: 66.111.4.0/24(-4.66), asn: 11403(-3.78), country: US(-0.08)]; MIME_TRACE(0.00)[0:+,1:+,2:+,3:+,4:+]; ASN(0.00)[asn:11403, ipnet:66.111.4.0/24, country:US]; RCVD_TLS_LAST(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_IN_DNSWL_LOW(-0.10)[25.4.111.66.list.dnswl.org : 127.0.5.1]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; R_DKIM_ALLOW(-0.20)[yuripv.net:s=fm3,messagingengine.com:s=fm1]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.20)[multipart/signed,multipart/mixed,text/plain]; DMARC_NA(0.00)[yuripv.net] X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Dec 2018 23:55:21 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --TqPqiUNwPUb4a2XM8oPk8mDB5mLAFV03B Content-Type: multipart/mixed; boundary="U4ybSsOLfMyrv5BMcnAylgrTt8f3Jn1iC"; protected-headers="v1" From: Yuri Pankov To: =?UTF-8?Q?Dag-Erling_Sm=c3=b8rgrav?= Cc: freebsd-current Message-ID: <7c62852d-8be2-e351-99ba-d9e85f4c8a71@yuripv.net> Subject: workaround for VMware WS NAT bug triggered by OpenSSH 7.8p1 changes --U4ybSsOLfMyrv5BMcnAylgrTt8f3Jn1iC Content-Type: multipart/mixed; boundary="------------B62CC6903F713B5198EED8DA" Content-Language: en-US This is a multi-part message in MIME format. --------------B62CC6903F713B5198EED8DA Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hi, There's apparently a bug in VMware Workstation NAT implementation, made visible by the change to default values of IPQoS in OpenSSH 7.8p1, making all ssh connections from the guest behind the NAT to fail with obscure "Fssh_packet_write_wait: Connection to 192.168.1.53 port 22: Broken pipe". I wonder if we could integrate the attached patch (or some smarter version of it) for the time being as the bug affects several major WS releases, and it's not immediately clear where the problem is. The change itself: https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/readconf.c#rev1= =2E284 The bug reports (some of them): https://bugzilla.redhat.com/show_bug.cgi?id=3D1624437 https://communities.vmware.com/message/2803219#2803219 The patch itself is attached. --------------B62CC6903F713B5198EED8DA Content-Type: text/plain; charset=UTF-8; name="vmwssh.diff" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="vmwssh.diff" ZGlmZiAtLWdpdCBhL2NyeXB0by9vcGVuc3NoL3JlYWRjb25mLmMgYi9jcnlwdG8vb3BlbnNz aC9yZWFkY29uZi5jCmluZGV4IGY5N2E2YWM3MmE5NS4uOWVkNjkwMmEwZjQ2IDEwMDY0NAot LS0gYS9jcnlwdG8vb3BlbnNzaC9yZWFkY29uZi5jCisrKyBiL2NyeXB0by9vcGVuc3NoL3Jl YWRjb25mLmMKQEAgLTE2LDYgKzE2LDkgQEAKIF9fUkNTSUQoIiRGcmVlQlNEJCIpOwogCiAj aW5jbHVkZSA8c3lzL3R5cGVzLmg+CisjaWZkZWYgVk1XQVJFX0dVRVNUX1dPUktBUk9VTkQK KyNpbmNsdWRlIDxzeXMvc3lzY3RsLmg+CisjZW5kaWYKICNpbmNsdWRlIDxzeXMvc3RhdC5o PgogI2luY2x1ZGUgPHN5cy9zb2NrZXQuaD4KICNpbmNsdWRlIDxzeXMvd2FpdC5oPgpAQCAt MTk1NCw2ICsxOTU3LDE1IEBAIGZpbGxfZGVmYXVsdF9vcHRpb25zKE9wdGlvbnMgKiBvcHRp b25zKQogewogCWNoYXIgKmFsbF9jaXBoZXIsICphbGxfbWFjLCAqYWxsX2tleCwgKmFsbF9r ZXk7CiAJaW50IHI7CisjaWZkZWYgVk1XQVJFX0dVRVNUX1dPUktBUk9VTkQKKwljaGFyIHNj dmFsWzddOwkvKiAidm13YXJlXDAiICovCisJc2l6ZV90IHNjc2l6ID0gc2l6ZW9mKHNjdmFs KTsKKwlpbnQgdm13Z3Vlc3QgPSAwOworCisJaWYgKHN5c2N0bGJ5bmFtZSgia2Vybi52bV9n dWVzdCIsIHNjdmFsLCAmc2NzaXosIE5VTEwsIDApID09IDAgJiYKKwkgICAgc3RyY21wKHNj dmFsLCAidm13YXJlIikgPT0gMCkKKwkJdm13Z3Vlc3QgPSAxOworI2VuZGlmCiAKIAlpZiAo b3B0aW9ucy0+Zm9yd2FyZF9hZ2VudCA9PSAtMSkKIAkJb3B0aW9ucy0+Zm9yd2FyZF9hZ2Vu dCA9IDA7CkBAIC0yMDg4LDggKzIxMDAsMTggQEAgZmlsbF9kZWZhdWx0X29wdGlvbnMoT3B0 aW9ucyAqIG9wdGlvbnMpCiAJaWYgKG9wdGlvbnMtPnZpc3VhbF9ob3N0X2tleSA9PSAtMSkK IAkJb3B0aW9ucy0+dmlzdWFsX2hvc3Rfa2V5ID0gMDsKIAlpZiAob3B0aW9ucy0+aXBfcW9z X2ludGVyYWN0aXZlID09IC0xKQorI2lmZGVmIFZNV0FSRV9HVUVTVF9XT1JLQVJPVU5ECisJ CWlmICh2bXdndWVzdCkKKwkJCW9wdGlvbnMtPmlwX3Fvc19pbnRlcmFjdGl2ZSA9IElQVE9T X0xPV0RFTEFZOworCQllbHNlCisjZW5kaWYKIAkJb3B0aW9ucy0+aXBfcW9zX2ludGVyYWN0 aXZlID0gSVBUT1NfRFNDUF9BRjIxOwogCWlmIChvcHRpb25zLT5pcF9xb3NfYnVsayA9PSAt MSkKKyNpZmRlZiBWTVdBUkVfR1VFU1RfV09SS0FST1VORAorCQlpZiAodm13Z3Vlc3QpCisJ CQlvcHRpb25zLT5pcF9xb3NfYnVsayA9IElQVE9TX1RIUk9VR0hQVVQ7CisJCWVsc2UKKyNl bmRpZgogCQlvcHRpb25zLT5pcF9xb3NfYnVsayA9IElQVE9TX0RTQ1BfQ1MxOwogCWlmIChv cHRpb25zLT5yZXF1ZXN0X3R0eSA9PSAtMSkKIAkJb3B0aW9ucy0+cmVxdWVzdF90dHkgPSBS RVFVRVNUX1RUWV9BVVRPOwpkaWZmIC0tZ2l0IGEvc2VjdXJlL3Vzci5iaW4vc3NoL01ha2Vm aWxlIGIvc2VjdXJlL3Vzci5iaW4vc3NoL01ha2VmaWxlCmluZGV4IDYxNGNjNzYyN2ZjNS4u MDIzZmE0YTU1YmU5IDEwMDY0NAotLS0gYS9zZWN1cmUvdXNyLmJpbi9zc2gvTWFrZWZpbGUK KysrIGIvc2VjdXJlL3Vzci5iaW4vc3NoL01ha2VmaWxlCkBAIC0zNyw2ICszNyw5IEBAIExJ QkFERCs9CWNyeXB0bwogQ0ZMQUdTKz0gLURYQVVUSF9QQVRIPVwiJHtMT0NBTEJBU0V9L2Jp bi94YXV0aFwiCiAuZW5kaWYKIAorIyBXb3JrYXJvdW5kIFZNd2FyZSBXb3Jrc3RhdGlvbiBO QVQgYnVnCitDRkxBR1MrPS1EVk1XQVJFX0dVRVNUX1dPUktBUk9VTkQKKwogLmluY2x1ZGUg PGJzZC5wcm9nLm1rPgogCiAuUEFUSDoJJHtTU0hESVJ9Cg== --------------B62CC6903F713B5198EED8DA-- --U4ybSsOLfMyrv5BMcnAylgrTt8f3Jn1iC-- --TqPqiUNwPUb4a2XM8oPk8mDB5mLAFV03B Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEE+Gq3PsPeLT4tL/9wk4vgf7Eq4WwFAlwdfVQACgkQk4vgf7Eq 4WwxUQf/cXDPiKQH/XMwnusDJ4QVJ8lN0Yzlz+oEmST55yOaCo+fgmS5orfVhpCS V0f00O/4QDcQV7Dci2/oVSlWpbk8JOKOfucJZy/G4u5tQZexd8XS1sfvZvjbKPeX 0+Xb5/AeZLAmaZsqq+TElEvM/j8CUgd8ERqKTZJdsOLgnOu6rVhmjlw/IVkwyBUK GPe8F0CqEFoQlCpF1KX2Viuo/Nrmnt1lizQZDrNK7KeML664SxEpk3Y4tW4HaEg+ Bo6OHBrnA1sO68bruOTNXWxp7CuGetLS8aj24BYXPh2ADCdvcLC7jRPSbhWSS/9X biaBChL01Mpu+RlWJiBsHqan7w2rRg== =M0Di -----END PGP SIGNATURE----- --TqPqiUNwPUb4a2XM8oPk8mDB5mLAFV03B--