[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: libssh 0.7.0 ssh_connect() failed but 0.6.5 was OK


Hi Aris,

I test 0.7.0 again on VS2013 update 4, still not work.

In my old production Win2003 + VS2008
I remove va_copy() from buffer.c of libssh 0.7.0
    /* copy the argument list in case a rollback is needed */
    //va_copy(ap_copy, ap);
Build success
But compare with 0.6.5, 0.7.0 generate some warnings from compiler, FYI.
0.7.0 with VS2008 still got ssh_connect() error.

======== 0.6.5 with VS2008 =============
2>curve25519_ref.c
2>..\..\src\curve25519_ref.c(64) : warning C4146: unary minus operator
applied to unsigned type, result still unsigned

======== 0.7.0 with VS2008 =============
2>pki_ed25519.c
2>..\..\src\pki_ed25519.c(88) : warning C4244: 'function' : conversion from
'unsigned __int64' to 'size_t', possible loss of data
2>ge25519.c
2>..\..\src\external\ge25519.c(190) : warning C4244: 'return' : conversion
from 'unsigned __int64' to 'unsigned char', possible loss of data
2>fe25519.c
2>..\..\src\external\fe25519.c(88) : warning C4146: unary minus operator
applied to unsigned type, result still unsigned
2>..\..\src\external\fe25519.c(160) : warning C4146: unary minus operator
applied to unsigned type, result still unsigned
2>error.c
2>ed25519.c
2>..\..\src\external\ed25519.c(75) : warning C4244: 'function' : conversion
from 'unsigned __int64' to 'unsigned long', possible loss of data
2>..\..\src\external\ed25519.c(147) : warning C4244: 'function' : conversion
from 'unsigned __int64' to 'unsigned long', possible loss of data
2>ecdh.c
2>dh.c
2>curve25519_ref.c
2>..\..\src\external\curve25519_ref.c(64) : warning C4146: unary minus
operator applied to unsigned type, result still unsigned

Charles

-----Original Message-----
From: Charles@Hinet [mailto:cylee@xxxxxxxxxxxxxx] 
Sent: Thursday, May 14, 2015 9:10 PM
To: libssh@xxxxxxxxxx
Subject: RE: libssh 0.7.0 ssh_connect() failed but 0.6.5 was OK

Hi Aris,

Thanks for your reply.

For 0.6.x, I use Windows 2003 + VS 2008 to build libssh and openssl

But 0.7.0 use va_copy() in buffer.c, that need Visual Studio 2013 and above.
So, I upgrade my configuration
* Windows Server 2012R2 Standard(clean install without patch)
* Visual Studio 2013 Ultimate(clean install without patch)
* CMake 3.2.2 (config for VS2013)
* openssl 0.9.8zc (build by Visual Studio 2008) & openssl 0.9.8zf (build by
Visual Studio 2013)
* zlib 1.2.8
* libssh 0.7.0 from both web site tarball and git (clone in yesterday) got
the same result

Today I have do some other tests:
* Use the new configuration (Win2012R2 + VS2013 + CMake 3.2.2 + openssl
0.9.8zc) to build 0.6.5
  Libssh work fine for ssh_connect()
* Create another configuration (Win7 SP1 + VS2013 + openssl 0.9.8zc)
  Libssh 0.7.0 ssh_connect() fail on same error
  Libssh 0.6.5 (build by VS2013) ssh_connect() OK
* And the other test scenarios and results
  My_App	libssh			openssl			Result
 
----------------------------------------------------------------------------
----
  VS2013	0.6.5(VS2013)		0.9.8zf(VS2013)	ssh_connect() OK
  VS2013	0.6.5(VS2013)		0.9.8zc(VS2008)	ssh_connect() OK,
but My_App call openssl function AES_encrypt() get strange result
  VS2013	0.7.0(VS2013)		0.9.8zf(VS2013)	ssh_connect() fail
  VS2012	0.6.5(VS2013)		0.9.8zf(VS2013)	ssh_connect() OK
  VS2012	0.7.0(VS2013)		0.9.8zf(VS2013)	ssh_connect() fail

  It seems VS2013 have changed something, I'll try download VS2013 Update 4,
and test it again

Charles

-----Original Message-----
From: Aris Adamantiadis [mailto:aris@xxxxxxxxxxxx]
Sent: Thursday, May 14, 2015 1:04 AM
To: libssh@xxxxxxxxxx
Subject: Re: libssh 0.7.0 ssh_connect() failed but 0.6.5 was OK

Hi Charles,

Thanks for your bug report. It looks like 3des support is partially
supported in the headers and we end up with a build that advertise a cipher
that's not supported (but should be ?) I don't understand why libssh didn't
try to negotiate an AES mode.
Could you tell us which compiler you used and which windows version? Did you
use a git version or the tarball on the website?

Thanks,

Aris

Le 13/05/15 16:23, Charles@Hinet a écrit :
>
> Hello,
>
>  
>
> I?ve using 0.6.5 (with openssl 0.9.8zc) on Windows platform.
>
> And, works fine.
>
>  
>
> When I upgrade libssh to 0.7.0 (with same openssl 0.9.8zc) I got the 
> following error message
>
>     crypt_set_algorithms2: crypt_set_algorithms2: no crypto algorithm 
> function found for 3des-cbc
>
>  
>
> Below was the log message from libssh 0.6.5 & 0.7.0, could you help me 
> solve this problem?
>
>  
>
> ===== Log from 0.6.5 ===========
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: kex algos:
> diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-
> hellman-group1-sha1
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: server host key
> algo: ssh-dss
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: encryption
> client->server:
> aes256-cbc,twofish256-cbc,twofish-cbc,aes128-cbc,twofish128-cbc,blowfi
> sh-cbc,3des-cbc,arcfour,cast128-cbc,aes256-ctr,twofish256-ctr,twofish-
> ctr,aes128-ctr,twofish128-ctr,blowfish-ctr,3des-ctr,cast128-ctr
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: encryption
> server->client:
> aes256-cbc,twofish256-cbc,twofish-cbc,aes128-cbc,twofish128-cbc,blowfi
> sh-cbc,3des-cbc,arcfour,cast128-cbc,aes256-ctr,twofish256-ctr,twofish-
> ctr,aes128-ctr,twofish128-ctr,blowfish-ctr,3des-ctr,cast128-ctr
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: mac algo
> client->server:
> hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-9
> 6
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: mac algo
> server->client:
> hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-9
> 6
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: compression algo
> client->server: none,zlib
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: compression algo
> server->client: none,zlib
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: languages
> client->server:
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: languages
> server->client:
>
> (Wed May 13 17:11:57 2015):[394536] ssh_knownhosts_algorithms: server
> 172.16.210.28:0 has ssh-dss in known_hosts
>
> (Wed May 13 17:11:57 2015):[394536] ssh_knownhosts_algorithms: server
> 172.16.210.28:0 has ssh-dss in known_hosts
>
> (Wed May 13 17:11:57 2015):[394536] ssh_knownhosts_algorithms: server
> 172.16.210.28:0 has ssh-dss in known_hosts
>
> (Wed May 13 17:11:57 2015):[394536] ssh_client_select_hostkeys:
> Changing host key method to "ssh-dss"
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: kex algos:
> curve25519-sha256@xxxxxxxxxx,ecdh-sha2-nistp256,diffie-hellman-group14
> -sha1,diffie-hellman-group1-sha1
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: server host key
> algo: ssh-dss
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: encryption
> client->server:
> aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,blow
> fish-cbc,3des-cbc,des-cbc-ssh1
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: encryption
> server->client:
> aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,blow
> fish-cbc,3des-cbc,des-cbc-ssh1
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: mac algo
> client->server: hmac-sha1
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: mac algo
> server->client: hmac-sha1
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: compression algo
> client->server: none
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: compression algo
> server->client: none
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: languages
> client->server:
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: languages
> server->client:
>
> (Wed May 13 17:11:57 2015):[394536] ssh_socket_unbuffered_write:
> Enabling POLLOUT for socket
>
> (Wed May 13 17:11:57 2015):[394536] packet_send2: packet: wrote 
> [len=404,padding=6,comp=397,payload=397]
>
> (Wed May 13 17:11:57 2015):[394536] packet_send2: packet: wrote 
> [len=268,padding=5,comp=262,payload=262]
>
> (Wed May 13 17:11:57 2015):[394536] ssh_socket_unbuffered_write:
> Enabling POLLOUT for socket
>
> (Wed May 13 17:11:57 2015):[394536] ssh_packet_socket_callback:
> packet: read type 31 [len=764,padding=5,comp=758,payload=758]
>
> (Wed May 13 17:11:57 2015):[394536] ssh_packet_process: Dispatching 
> handler for packet type 31
>
> (Wed May 13 17:11:57 2015):[394536] ssh_packet_dh_reply: Received 
> SSH_KEXDH_REPLY
>
>  
>
>  
>
> ===== Log from 0.7.0 ========
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: kex algos:
> diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-
> hellman-group1-sha1
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: server host key
> algo: ssh-dss
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: encryption
> client->server:
> aes256-cbc,twofish256-cbc,twofish-cbc,aes128-cbc,twofish128-cbc,blowfi
> sh-cbc,3des-cbc,arcfour,cast128-cbc,aes256-ctr,twofish256-ctr,twofish-
> ctr,aes128-ctr,twofish128-ctr,blowfish-ctr,3des-ctr,cast128-ctr
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: encryption
> server->client:
> aes256-cbc,twofish256-cbc,twofish-cbc,aes128-cbc,twofish128-cbc,blowfi
> sh-cbc,3des-cbc,arcfour,cast128-cbc,aes256-ctr,twofish256-ctr,twofish-
> ctr,aes128-ctr,twofish128-ctr,blowfish-ctr,3des-ctr,cast128-ctr
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: mac algo
> client->server:
> hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-9
> 6
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: mac algo
> server->client:
> hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-9
> 6
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: compression algo
> client->server: none,zlib
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: compression algo
> server->client: none,zlib
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: languages
> client->server:
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: languages
> server->client:
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: kex algos:
> diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: server host key
> algo: ssh-ed25519,ssh-rsa,ssh-dss
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: encryption
> client->server: 3des-cbc
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: encryption
> server->client: 3des-cbc
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: mac algo
> client->server: hmac-sha1,hmac-sha2-256,hmac-sha2-512
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: mac algo
> server->client: hmac-sha1,hmac-sha2-256,hmac-sha2-512
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: compression algo
> client->server: none
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: compression algo
> server->client: none
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: languages
> client->server:
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: languages
> server->client:
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_socket_unbuffered_write:
> Enabling POLLOUT for socket
>
> (Wed May 13 14:15:53 2015):[6947732] packet_send2: packet: wrote 
> [len=252,padding=10,comp=241,payload=241]
>
> (Wed May 13 14:15:53 2015):[6947732] packet_send2: packet: wrote 
> [len=268,padding=6,comp=261,payload=261]
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_socket_unbuffered_write:
> Enabling POLLOUT for socket
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_packet_socket_callback:
> packet: read type 31 [len=764,padding=6,comp=757,payload=757]
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_packet_process: Dispatching 
> handler for packet type 31
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_packet_dh_reply: Received 
> SSH_KEXDH_REPLY
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_socket_unbuffered_write:
> Enabling POLLOUT for socket
>
> (Wed May 13 14:15:53 2015):[6947732] packet_send2: packet: wrote 
> [len=12,padding=10,comp=1,payload=1]
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_client_dh_reply:
> SSH_MSG_NEWKEYS sent
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_packet_socket_callback:
> Processing 16 bytes left in socket buffer
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_packet_socket_callback:
> packet: read type 21 [len=12,padding=10,comp=1,payload=1]
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_packet_process: Dispatching 
> handler for packet type 21
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_packet_newkeys: Received 
> SSH_MSG_NEWKEYS
>
> (Wed May 13 14:15:53 2015):[6947732] crypt_set_algorithms2:
> crypt_set_algorithms2: no crypto algorithm function found for 3des-cbc
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_connect: current state : 9
>








Follow-Ups:
Re: libssh 0.7.0 ssh_connect() failed but 0.6.5 was OKAris Adamantiadis <aris@xxxxxxxxxxxx>
References:
libssh 0.7.0 ssh_connect() failed but 0.6.5 was OK"Charles@Hinet" <cylee@xxxxxxxxxxxxxx>
Re: libssh 0.7.0 ssh_connect() failed but 0.6.5 was OKAris Adamantiadis <aris@xxxxxxxxxxxx>
RE: libssh 0.7.0 ssh_connect() failed but 0.6.5 was OK"Charles@Hinet" <cylee@xxxxxxxxxxxxxx>
Archive administrator: postmaster@lists.cynapses.org