[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: libssh 0.7.0 ssh_connect() failed but 0.6.5 was OK


Hi Charles,

I think the problem with ssh_connect is due to a change in our cmake
files. Could you try these two git commits:
6c7e55250927859ad2b7fee06e710402ff564f4c (I expect it to fail)
b1cb8de3858b4fb6878f3e10e7b749ef55b2574c (commit that was right before).
Don't forget to clear the cmake cache between builds.

Thanks,

Aris

Le 15/05/15 04:55, Charles@Hinet a écrit :
> Hi Aris,
>
> I test 0.7.0 again on VS2013 update 4, still not work.
>
> In my old production Win2003 + VS2008
> I remove va_copy() from buffer.c of libssh 0.7.0
>     /* copy the argument list in case a rollback is needed */
>     //va_copy(ap_copy, ap);
> Build success
> But compare with 0.6.5, 0.7.0 generate some warnings from compiler, FYI.
> 0.7.0 with VS2008 still got ssh_connect() error.
>
> ======== 0.6.5 with VS2008 =============
> 2>curve25519_ref.c
> 2>..\..\src\curve25519_ref.c(64) : warning C4146: unary minus operator
> applied to unsigned type, result still unsigned
>
> ======== 0.7.0 with VS2008 =============
> 2>pki_ed25519.c
> 2>..\..\src\pki_ed25519.c(88) : warning C4244: 'function' : conversion from
> 'unsigned __int64' to 'size_t', possible loss of data
> 2>ge25519.c
> 2>..\..\src\external\ge25519.c(190) : warning C4244: 'return' : conversion
> from 'unsigned __int64' to 'unsigned char', possible loss of data
> 2>fe25519.c
> 2>..\..\src\external\fe25519.c(88) : warning C4146: unary minus operator
> applied to unsigned type, result still unsigned
> 2>..\..\src\external\fe25519.c(160) : warning C4146: unary minus operator
> applied to unsigned type, result still unsigned
> 2>error.c
> 2>ed25519.c
> 2>..\..\src\external\ed25519.c(75) : warning C4244: 'function' : conversion
> from 'unsigned __int64' to 'unsigned long', possible loss of data
> 2>..\..\src\external\ed25519.c(147) : warning C4244: 'function' : conversion
> from 'unsigned __int64' to 'unsigned long', possible loss of data
> 2>ecdh.c
> 2>dh.c
> 2>curve25519_ref.c
> 2>..\..\src\external\curve25519_ref.c(64) : warning C4146: unary minus
> operator applied to unsigned type, result still unsigned
>
> Charles
>
> -----Original Message-----
> From: Charles@Hinet [mailto:cylee@xxxxxxxxxxxxxx] 
> Sent: Thursday, May 14, 2015 9:10 PM
> To: libssh@xxxxxxxxxx
> Subject: RE: libssh 0.7.0 ssh_connect() failed but 0.6.5 was OK
>
> Hi Aris,
>
> Thanks for your reply.
>
> For 0.6.x, I use Windows 2003 + VS 2008 to build libssh and openssl
>
> But 0.7.0 use va_copy() in buffer.c, that need Visual Studio 2013 and above.
> So, I upgrade my configuration
> * Windows Server 2012R2 Standard(clean install without patch)
> * Visual Studio 2013 Ultimate(clean install without patch)
> * CMake 3.2.2 (config for VS2013)
> * openssl 0.9.8zc (build by Visual Studio 2008) & openssl 0.9.8zf (build by
> Visual Studio 2013)
> * zlib 1.2.8
> * libssh 0.7.0 from both web site tarball and git (clone in yesterday) got
> the same result
>
> Today I have do some other tests:
> * Use the new configuration (Win2012R2 + VS2013 + CMake 3.2.2 + openssl
> 0.9.8zc) to build 0.6.5
>   Libssh work fine for ssh_connect()
> * Create another configuration (Win7 SP1 + VS2013 + openssl 0.9.8zc)
>   Libssh 0.7.0 ssh_connect() fail on same error
>   Libssh 0.6.5 (build by VS2013) ssh_connect() OK
> * And the other test scenarios and results
>   My_App	libssh			openssl			Result
>  
> ----------------------------------------------------------------------------
> ----
>   VS2013	0.6.5(VS2013)		0.9.8zf(VS2013)	ssh_connect() OK
>   VS2013	0.6.5(VS2013)		0.9.8zc(VS2008)	ssh_connect() OK,
> but My_App call openssl function AES_encrypt() get strange result
>   VS2013	0.7.0(VS2013)		0.9.8zf(VS2013)	ssh_connect() fail
>   VS2012	0.6.5(VS2013)		0.9.8zf(VS2013)	ssh_connect() OK
>   VS2012	0.7.0(VS2013)		0.9.8zf(VS2013)	ssh_connect() fail
>
>   It seems VS2013 have changed something, I'll try download VS2013 Update 4,
> and test it again
>
> Charles
>
> -----Original Message-----
> From: Aris Adamantiadis [mailto:aris@xxxxxxxxxxxx]
> Sent: Thursday, May 14, 2015 1:04 AM
> To: libssh@xxxxxxxxxx
> Subject: Re: libssh 0.7.0 ssh_connect() failed but 0.6.5 was OK
>
> Hi Charles,
>
> Thanks for your bug report. It looks like 3des support is partially
> supported in the headers and we end up with a build that advertise a cipher
> that's not supported (but should be ?) I don't understand why libssh didn't
> try to negotiate an AES mode.
> Could you tell us which compiler you used and which windows version? Did you
> use a git version or the tarball on the website?
>
> Thanks,
>
> Aris
>
> Le 13/05/15 16:23, Charles@Hinet a écrit :
>> Hello,
>>
>>  
>>
>> I’ve using 0.6.5 (with openssl 0.9.8zc) on Windows platform.
>>
>> And, works fine.
>>
>>  
>>
>> When I upgrade libssh to 0.7.0 (with same openssl 0.9.8zc) I got the 
>> following error message
>>
>>     crypt_set_algorithms2: crypt_set_algorithms2: no crypto algorithm 
>> function found for 3des-cbc
>>
>>  
>>
>> Below was the log message from libssh 0.6.5 & 0.7.0, could you help me 
>> solve this problem?
>>
>>  
>>
>> ===== Log from 0.6.5 ===========
>>
>> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: kex algos:
>> diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-
>> hellman-group1-sha1
>>
>> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: server host key
>> algo: ssh-dss
>>
>> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: encryption
>> client->server:
>> aes256-cbc,twofish256-cbc,twofish-cbc,aes128-cbc,twofish128-cbc,blowfi
>> sh-cbc,3des-cbc,arcfour,cast128-cbc,aes256-ctr,twofish256-ctr,twofish-
>> ctr,aes128-ctr,twofish128-ctr,blowfish-ctr,3des-ctr,cast128-ctr
>>
>> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: encryption
>> server->client:
>> aes256-cbc,twofish256-cbc,twofish-cbc,aes128-cbc,twofish128-cbc,blowfi
>> sh-cbc,3des-cbc,arcfour,cast128-cbc,aes256-ctr,twofish256-ctr,twofish-
>> ctr,aes128-ctr,twofish128-ctr,blowfish-ctr,3des-ctr,cast128-ctr
>>
>> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: mac algo
>> client->server:
>> hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-9
>> 6
>>
>> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: mac algo
>> server->client:
>> hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-9
>> 6
>>
>> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: compression algo
>> client->server: none,zlib
>>
>> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: compression algo
>> server->client: none,zlib
>>
>> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: languages
>> client->server:
>>
>> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: languages
>> server->client:
>>
>> (Wed May 13 17:11:57 2015):[394536] ssh_knownhosts_algorithms: server
>> 172.16.210.28:0 has ssh-dss in known_hosts
>>
>> (Wed May 13 17:11:57 2015):[394536] ssh_knownhosts_algorithms: server
>> 172.16.210.28:0 has ssh-dss in known_hosts
>>
>> (Wed May 13 17:11:57 2015):[394536] ssh_knownhosts_algorithms: server
>> 172.16.210.28:0 has ssh-dss in known_hosts
>>
>> (Wed May 13 17:11:57 2015):[394536] ssh_client_select_hostkeys:
>> Changing host key method to "ssh-dss"
>>
>> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: kex algos:
>> curve25519-sha256@xxxxxxxxxx,ecdh-sha2-nistp256,diffie-hellman-group14
>> -sha1,diffie-hellman-group1-sha1
>>
>> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: server host key
>> algo: ssh-dss
>>
>> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: encryption
>> client->server:
>> aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,blow
>> fish-cbc,3des-cbc,des-cbc-ssh1
>>
>> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: encryption
>> server->client:
>> aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,blow
>> fish-cbc,3des-cbc,des-cbc-ssh1
>>
>> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: mac algo
>> client->server: hmac-sha1
>>
>> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: mac algo
>> server->client: hmac-sha1
>>
>> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: compression algo
>> client->server: none
>>
>> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: compression algo
>> server->client: none
>>
>> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: languages
>> client->server:
>>
>> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: languages
>> server->client:
>>
>> (Wed May 13 17:11:57 2015):[394536] ssh_socket_unbuffered_write:
>> Enabling POLLOUT for socket
>>
>> (Wed May 13 17:11:57 2015):[394536] packet_send2: packet: wrote 
>> [len=404,padding=6,comp=397,payload=397]
>>
>> (Wed May 13 17:11:57 2015):[394536] packet_send2: packet: wrote 
>> [len=268,padding=5,comp=262,payload=262]
>>
>> (Wed May 13 17:11:57 2015):[394536] ssh_socket_unbuffered_write:
>> Enabling POLLOUT for socket
>>
>> (Wed May 13 17:11:57 2015):[394536] ssh_packet_socket_callback:
>> packet: read type 31 [len=764,padding=5,comp=758,payload=758]
>>
>> (Wed May 13 17:11:57 2015):[394536] ssh_packet_process: Dispatching 
>> handler for packet type 31
>>
>> (Wed May 13 17:11:57 2015):[394536] ssh_packet_dh_reply: Received 
>> SSH_KEXDH_REPLY
>>
>>  
>>
>>  
>>
>> ===== Log from 0.7.0 ========
>>
>> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: kex algos:
>> diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-
>> hellman-group1-sha1
>>
>> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: server host key
>> algo: ssh-dss
>>
>> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: encryption
>> client->server:
>> aes256-cbc,twofish256-cbc,twofish-cbc,aes128-cbc,twofish128-cbc,blowfi
>> sh-cbc,3des-cbc,arcfour,cast128-cbc,aes256-ctr,twofish256-ctr,twofish-
>> ctr,aes128-ctr,twofish128-ctr,blowfish-ctr,3des-ctr,cast128-ctr
>>
>> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: encryption
>> server->client:
>> aes256-cbc,twofish256-cbc,twofish-cbc,aes128-cbc,twofish128-cbc,blowfi
>> sh-cbc,3des-cbc,arcfour,cast128-cbc,aes256-ctr,twofish256-ctr,twofish-
>> ctr,aes128-ctr,twofish128-ctr,blowfish-ctr,3des-ctr,cast128-ctr
>>
>> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: mac algo
>> client->server:
>> hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-9
>> 6
>>
>> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: mac algo
>> server->client:
>> hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-9
>> 6
>>
>> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: compression algo
>> client->server: none,zlib
>>
>> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: compression algo
>> server->client: none,zlib
>>
>> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: languages
>> client->server:
>>
>> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: languages
>> server->client:
>>
>> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: kex algos:
>> diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
>>
>> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: server host key
>> algo: ssh-ed25519,ssh-rsa,ssh-dss
>>
>> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: encryption
>> client->server: 3des-cbc
>>
>> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: encryption
>> server->client: 3des-cbc
>>
>> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: mac algo
>> client->server: hmac-sha1,hmac-sha2-256,hmac-sha2-512
>>
>> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: mac algo
>> server->client: hmac-sha1,hmac-sha2-256,hmac-sha2-512
>>
>> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: compression algo
>> client->server: none
>>
>> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: compression algo
>> server->client: none
>>
>> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: languages
>> client->server:
>>
>> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: languages
>> server->client:
>>
>> (Wed May 13 14:15:53 2015):[6947732] ssh_socket_unbuffered_write:
>> Enabling POLLOUT for socket
>>
>> (Wed May 13 14:15:53 2015):[6947732] packet_send2: packet: wrote 
>> [len=252,padding=10,comp=241,payload=241]
>>
>> (Wed May 13 14:15:53 2015):[6947732] packet_send2: packet: wrote 
>> [len=268,padding=6,comp=261,payload=261]
>>
>> (Wed May 13 14:15:53 2015):[6947732] ssh_socket_unbuffered_write:
>> Enabling POLLOUT for socket
>>
>> (Wed May 13 14:15:53 2015):[6947732] ssh_packet_socket_callback:
>> packet: read type 31 [len=764,padding=6,comp=757,payload=757]
>>
>> (Wed May 13 14:15:53 2015):[6947732] ssh_packet_process: Dispatching 
>> handler for packet type 31
>>
>> (Wed May 13 14:15:53 2015):[6947732] ssh_packet_dh_reply: Received 
>> SSH_KEXDH_REPLY
>>
>> (Wed May 13 14:15:53 2015):[6947732] ssh_socket_unbuffered_write:
>> Enabling POLLOUT for socket
>>
>> (Wed May 13 14:15:53 2015):[6947732] packet_send2: packet: wrote 
>> [len=12,padding=10,comp=1,payload=1]
>>
>> (Wed May 13 14:15:53 2015):[6947732] ssh_client_dh_reply:
>> SSH_MSG_NEWKEYS sent
>>
>> (Wed May 13 14:15:53 2015):[6947732] ssh_packet_socket_callback:
>> Processing 16 bytes left in socket buffer
>>
>> (Wed May 13 14:15:53 2015):[6947732] ssh_packet_socket_callback:
>> packet: read type 21 [len=12,padding=10,comp=1,payload=1]
>>
>> (Wed May 13 14:15:53 2015):[6947732] ssh_packet_process: Dispatching 
>> handler for packet type 21
>>
>> (Wed May 13 14:15:53 2015):[6947732] ssh_packet_newkeys: Received 
>> SSH_MSG_NEWKEYS
>>
>> (Wed May 13 14:15:53 2015):[6947732] crypt_set_algorithms2:
>> crypt_set_algorithms2: no crypto algorithm function found for 3des-cbc
>>
>> (Wed May 13 14:15:53 2015):[6947732] ssh_connect: current state : 9
>>
>
>
>
>
>
>
>


Follow-Ups:
RE: libssh 0.7.0 ssh_connect() failed but 0.6.5 was OK"Charles@Hinet" <cylee@xxxxxxxxxxxxxx>
References:
libssh 0.7.0 ssh_connect() failed but 0.6.5 was OK"Charles@Hinet" <cylee@xxxxxxxxxxxxxx>
Re: libssh 0.7.0 ssh_connect() failed but 0.6.5 was OKAris Adamantiadis <aris@xxxxxxxxxxxx>
RE: libssh 0.7.0 ssh_connect() failed but 0.6.5 was OK"Charles@Hinet" <cylee@xxxxxxxxxxxxxx>
RE: libssh 0.7.0 ssh_connect() failed but 0.6.5 was OK"Charles@Hinet" <cylee@xxxxxxxxxxxxxx>
Archive administrator: postmaster@lists.cynapses.org