[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] diffie-hellman-group-exchange-sha256
[Thread Prev] | [Thread Next]
- Subject: Re: [PATCH] diffie-hellman-group-exchange-sha256
- From: Aris Adamantiadis <aris@xxxxxxxxxxxx>
- Reply-to: libssh@xxxxxxxxxx
- Date: Wed, 28 Jan 2015 21:14:41 +0100
- To: libssh@xxxxxxxxxx
Hi Yanis, Thank you for your patches, I'll review them asap. The kex bug with dropbear is interesting. I don't have any dropbear installed nearby, could you drop me some logs from openssh trying to negociate a curve25519 kex with dropbear? It's probably a bug in dropbear (I don't think we implemented our specs wrong :p) but the protocol is so simple I don't see why OpenSSH wouldn't exhibit the same problem. Thanks, Aris Le 28/01/15 20:35, Yanis Kurganov a écrit : > It was a long nice evening, but I found a problem =))) > It's only with dropbear & curve25519-sha256@xxxxxxxxxx > <mailto:curve25519-sha256@xxxxxxxxxx> kex algo. > > See logs from original libssh from master with dropbear > (samplesshd-cb_server_from_dropbear_client_original.log): > [2015/01/28 21:15:37.870161, 3] ssh_packet_process: Dispatching > handler for packet type 30 > [2015/01/28 21:15:37.870200, 3] ssh_packet_kexdh_init: Received > SSH_MSG_KEXDH_INIT > [2015/01/28 21:15:37.913360, 2] ssh_server_curve25519_init: > SSH_MSG_KEX_ECDH_REPLY sent > [2015/01/28 21:15:37.913389, 2] ssh_server_curve25519_init: > SSH_MSG_NEWKEYS sent > [2015/01/28 21:15:37.916199, 3] ssh_packet_process: Dispatching > handler for packet type 30 > [2015/01/28 21:15:37.916205, 3] ssh_packet_kexdh_init: Received > SSH_MSG_KEXDH_INIT > [2015/01/28 21:15:37.916211, 1] ssh_packet_kexdh_init: Invalid state > for SSH_MSG_KEXDH_INIT (!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!) > [2015/01/28 21:15:37.916228, 3] ssh_packet_process: Dispatching > handler for packet type 21 > [2015/01/28 21:15:37.916234, 2] ssh_packet_newkeys: Received > SSH_MSG_NEWKEYS > > So, libssh received SSH_MSG_KEXDH_INIT packet twice! > It seems a bug in dropbear! > > Let's see logs from original libssh from master with > openssh (samplesshd-cb_server_from_openssh_client_original.log): > [2015/01/28 21:14:34.509147, 3] ssh_packet_process: Dispatching > handler for packet type 30 > [2015/01/28 21:14:34.509154, 3] ssh_packet_kexdh_init: Received > SSH_MSG_KEXDH_INIT > [2015/01/28 21:14:34.544184, 2] ssh_server_curve25519_init: > SSH_MSG_KEX_ECDH_REPLY sent > [2015/01/28 21:14:34.544235, 2] ssh_server_curve25519_init: > SSH_MSG_NEWKEYS sent > [2015/01/28 21:14:34.559318, 3] ssh_packet_process: Dispatching > handler for packet type 21 > [2015/01/28 21:14:34.559346, 2] ssh_packet_newkeys: Received > SSH_MSG_NEWKEYS > > I fixed this in my code. I just don't set session->session_state = > SSH_SESSION_STATE_ERROR; as in original code. > Logs and new patch (on fresh master) are attached! > > P.S. pkd_hello works fine. All tests have been passed successfully. >
| Re: [PATCH] diffie-hellman-group-exchange-sha256 | Yanis Kurganov <yanis.kurganov@xxxxxxxxx> |