I've experienced some strange behaviour in OpenSSH portable v7.7 (on ArchLinux) when I tried to create a layer-3 VPN connection. Running ssh with "-w 444:444" (or any other argument, even "any:any") failed with "Tunnel device open failed.". I traced this error back to the following check [1]: """ if (ifname != NULL && (*ifname = strdup(ifr.ifr_name))) goto failed; """ In my case this check is always true, resulting in the error message mentioned above. The following strace output shows how ssh successfully opens and configures the tun device, but ultimately goes to "failed": """ [pid 6229] write(2, "debug1: Requesting tun unit 444 "..., 43debug1: Requesting tun unit 444 in mode 1 ) = 43 [pid 6229] openat(AT_FDCWD, "/dev/net/tun", O_RDWR) = 3 [pid 6229] ioctl(3, TUNSETIFF, 0x7ffca40818b0) = 0 [pid 6229] write(2, "debug1: sys_tun_open: tun444 mod"..., 42debug1: sys_tun_open: tun444 mode 1 fd 3 ) = 42 [pid 6229] close(3) = 0 [pid 6229] write(2, "Tunnel device open failed.\r\n", 28Tunnel device open failed. """ The write call after ioctl corresponds to the debug output here [2]. Where everything seems to be fine, but then it just closes the fd and returns "an error". I don't see why the check in [1] should fail, I haven't run it in gdb yet. But maybe the issue is more obvious to you guys? Rolling back to 7.6 resolves the issue, seems like this has been introduced in 7.7 (the files have also been renamed). [1] https://github.com/openssh/openssh-portable/blob/V_7_7/openbsd-compat/port-net.c#L188-L189 [2] https://github.com/openssh/openssh-portable/blob/V_7_7/openbsd-compat/port-net.c#L186
Created attachment 3140 [details] fix strdup failure tests I think this fixes the bug. Could you give it a try?
The patch fixes the issue for me, thanks.
Fix is applied in master and on the V_7_7 branch. commit cfb1d9bc76734681e3dea532a1504fcd466fbe91 (HEAD -> master, origin/master, origin/HEAD) Author: Damien Miller <djm@mindrot.org> Date: Fri Apr 13 13:38:06 2018 +1000 Fix tunnel forwarding broken in 7.7p1 bz2855, ok dtucker@
*** Bug 2864 has been marked as a duplicate of this bug. ***
Close RESOLVED bugs with the release of openssh-8.0