Ubuntu
proxychains-ng package

  1. Bug #1974058
  2. Activity log

Activity log for bug #1974058

Date Who What changed Old value New value Message
2022-05-18 15:57:22 Bin Meng bug added bug
2022-06-13 22:00:14 Boyuan Yang bug added subscriber Boyuan Yang
2022-06-14 02:12:43 Launchpad Janitor proxychains-ng (Ubuntu): status New Fix Released
2022-06-14 16:49:54 Boyuan Yang description On Ubuntu 22.04, proxychains-ng (version 4.16) doesn't work with ssh: $ proxychains4 ssh git@github.com [proxychains] config file found: /etc/proxychains4.conf [proxychains] preloading /usr/lib/x86_64-linux-gnu/libproxychains.so.4 select2: Bad file descriptor ssh: Could not resolve hostname github.com: Unknown error Other commands (e.g.: wget) work with proxychains-ng correctly. The Ubuntu 22.04 ships the proxychains-ng v4.16 https://packages.ubuntu.com/source/jammy/proxychains-ng The following upstream patch fixed the bug: https://github.com/rofl0r/proxychains-ng/commit/000000006265577643cdcdefbc94aef903ffaf5e This patch should be backported to v4.16 and integrated into the next version of Ubuntu 22.04 proxychains-ng package. SRU Justification ================= [ Impact ] On Ubuntu 22.04, proxychains-ng (version 4.16) doesn't work with ssh: $ proxychains4 ssh git@github.com [proxychains] config file found: /etc/proxychains4.conf [proxychains] preloading /usr/lib/x86_64-linux-gnu/libproxychains.so.4 select2: Bad file descriptor ssh: Could not resolve hostname github.com: Unknown error Other commands (e.g.: wget) work with proxychains-ng correctly. This bug does not occur on Ubuntu 22.10 or earlier releases. It should be treated as a regression. Upstream bug report: https://github.com/rofl0r/proxychains-ng/issues/439 Upstream explanation: > due to the new close_range syscall > which was added in linux 5.9 and recently activated in glibc: > https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=456b3c08b6fe78938af5d12b6869dc8c704696d6;hp=e186fc5a31e46f2cbf5ea1a75223b4412907f3d8 > https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=286286283e9bdc7ef894306e2dbcf4c115b97ba2 > this causes our close() hook to become ineffective and ssh closing our pipes to the dns lookup thread behind our back. [ Test Plan ] * Prepare pre-installed virutal machines running up-to-date Ubuntu 21.10, 22.04 and 22.10 (dev). On each installed virtual machine: 0. Execute "sudo apt install proxychains4 ssh ; sudo systemctl start ssh". 1. Configure proxychains-ng to use socks5 connection by editing the last line of /etc/proxychains4.conf to be "socks5 127.0.0.1 1080". 2. Execute "ssh -D 1080 localhost". 3. In a new terminal emulator, execute "proxychains4 ssh git@github.com". * On Ubuntu 21.10 (with proxychains-ng 4.14-3) and Ubuntu 22.10 (with proxychains-ng 4.16-2), the following output is expected, indicating successful connection: [proxychains] config file found: /etc/proxychains4.conf [proxychains] preloading /usr/lib/x86_64-linux-gnu/libproxychains.so.4 [proxychains] DLL init: proxychains-ng 4.16 [proxychains] Strict chain ... 127.0.0.1:1080 ... github.com:22 ... OK git@github.com: Permission denied (publickey). Connection to github.com closed. * On Ubuntu 22.04 (with proxychains-ng 4.16-1), the following output is expected, indicating broken connection and regression: [proxychains] config file found: /etc/proxychains4.conf [proxychains] preloading /usr/lib/x86_64-linux-gnu/libproxychains.so.4 select2: Bad file descriptor ssh: Could not resolve hostname github.com: Unknown error 4. In all systems, non-ssh proxychains connection should always success. For example, executiong "proxychains4 wget https://github.com/" will always finish successfully. [ Fix ] Upstream commit 000000006265577643cdcdefbc94aef903ffaf5e, present as debian/patches/0003-Add-hook-to-close_range-function-solves-439.-0.patch in proxchains-ng/4.16-2 upload. See https://github.com/rofl0r/proxychains-ng/commit/000000006265577643cdcdefbc94aef903ffaf5e . [ Where the problem could occur ] * In the worst case, the patch provided by upstream could went wrong and make non-ssh proxyhains connection to break as well. * Proxychains-ng is a leaf package. No other packages will be affected in any circumstances. [ Other Info ] * The fix is initially prepared by me (as Debian Developer) as Debian's proxychains-ng/4.16-2. * The fix is also tested on the Debian side. Since current Debian Sid has a lower glibc version (2.33), the bug does not occur with any proxychains-ng version. ---------------------------------------------------------------- On Ubuntu 22.04, proxychains-ng (version 4.16) doesn't work with ssh: $ proxychains4 ssh git@github.com [proxychains] config file found: /etc/proxychains4.conf [proxychains] preloading /usr/lib/x86_64-linux-gnu/libproxychains.so.4 select2: Bad file descriptor ssh: Could not resolve hostname github.com: Unknown error Other commands (e.g.: wget) work with proxychains-ng correctly. The Ubuntu 22.04 ships the proxychains-ng v4.16 https://packages.ubuntu.com/source/jammy/proxychains-ng The following upstream patch fixed the bug: https://github.com/rofl0r/proxychains-ng/commit/000000006265577643cdcdefbc94aef903ffaf5e This patch should be backported to v4.16 and integrated into the next version of Ubuntu 22.04 proxychains-ng package.