[sslh] sslh-1.22c - failing tests

Wed Oct 27 16:26:13 UTC 2021

On Sun 03/10/2021 09:14, Björn Ketelaars wrote:
> I'm experiencing a couple of failing regression tests with sslh-1.22c on
> OpenBSD current, which seem to be related to incorrect test
> conditions/assumptions. I can easily patch these tests locally but I
> would like to check them with someone who knows better:
> 
> Index: test.cfg
> --- test.cfg.orig
> +++ test.cfg
> @@ -18,7 +18,7 @@ listen:
>  (
>      { host: "localhost"; port: "8080"; keepalive: true; },
>      { host: "localhost"; port: "8081"; keepalive: true; },
> -    { host: "ip4-localhost"; is_udp: true; port: "8086"; }
> +    { host: "127.0.0.1"; is_udp: true; port: "8086"; }
>  );
> 
> OpenBSD does not understand ip4-localhost, so I guess 127.0.0.1 is ok.
> 
> @@ -32,7 +32,7 @@ protocols:
>       { name: "xmpp";  host: "localhost"; port: "9009"; },
>       { name: "adb";  host: "localhost"; port: "9010"; },
>       { name: "syslog"; host: "localhost"; port: "9013"; },
> -     { name: "regex"; host: "ip4-localhost"; is_udp: true; port: "9020";
> +     { name: "ssh"; host: "127.0.0.1"; is_udp: true; port: "9020";
>           udp_timeout: 30;
>           regex_patterns: [ "^foo" ];
>       },

I ran tests on Alpine Linux and found similar behaviour as on OpenBSD:
- ip4-localhost does not exit in hosts. Using this hostname results in
  a failure
- in order for the test above to pass protocol name has to be changed
  from regex to ssh. I do not know if this workaround is hiding a bug

> @@ -44,7 +44,7 @@ protocols:
>              { pattern: "fooo"; result: "regex"; },
>              { pattern: "bar"; result: "ssh"; },
>              { pattern: "barr"; result: "regex"; },
> -            { pattern: "barrrr"; result: "regex"; }
> +            { pattern: "barrr"; result: "regex"; }
>          );
>       },
>       { name: "tls"; host: "localhost"; port: "9021"; alpn_protocols: [ "alpn1", "alpn2" ]; sni_hostnames: [ "sni1" ]; },

^^^^^^ I'm unable to reproduce the issue which needed this change
(checked Alpine and OpenBSD (!)). Probably PEBKAC.

I will open a PR on Github for the first 2 changes.