[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: libssh 0.9.7 and 0.10.5 were released


On 5/8/23 04:05, Orion Poplawski wrote:
On 5/4/23 06:23, Jakub Jelen wrote:
Hello,

the libssh team released libssh 0.9.7 and 0.10.5, fixing previously announced security issues CVE-2023-1667 and CVE-2023-2283:

https://www.libssh.org/2023/05/04/libssh-0-10-5-and-libssh-0-9-7-security-releases/

We're seeing a test failure just on i686 on Fedora rawhide:

40/62 Test #40: torture_rekey ....................***Failed   23.34 sec
[==========] tests: Running 14 test(s).
OK: SSH-2.0-OpenSSH_9.0
[ RUN      ] torture_rekey_default
[       OK ] torture_rekey_default
[ RUN      ] torture_rekey_time
[       OK ] torture_rekey_time
[ RUN      ] torture_rekey_recv
[       OK ] torture_rekey_recv
[ RUN      ] torture_rekey_send
[       OK ] torture_rekey_send
[ RUN      ] torture_rekey_different_kex
[  ERROR   ] --- 0x20 != 0x40
[   LINE   ] --- /builddir/build/BUILD/libssh-0.10.5/tests/client/torture_rekey.c:522: error: Failure!
[  FAILED  ] torture_rekey_different_kex
[ RUN      ] torture_rekey_send_compression_delayed
[       OK ] torture_rekey_send_compression_delayed
[ RUN      ] torture_rekey_recv_compression_delayed
[       OK ] torture_rekey_recv_compression_delayed
[ RUN      ] torture_rekey_server_different_kex
OK: SSH-2.0-OpenSSH_9.0
[  ERROR   ] --- 0x20 != 0x40
[   LINE   ] --- /builddir/build/BUILD/libssh-0.10.5/tests/client/torture_rekey.c:597: error: Failure!
[  FAILED  ] torture_rekey_server_different_kex
[ RUN      ] torture_rekey_server_send
OK: SSH-2.0-OpenSSH_9.0
[       OK ] torture_rekey_server_send
[ RUN      ] torture_rekey_guess_send
OK: SSH-2.0-OpenSSH_9.0
[       OK ] torture_rekey_guess_send
[ RUN      ] torture_rekey_guess_wrong_send
OK: SSH-2.0-OpenSSH_9.0
[       OK ] torture_rekey_guess_wrong_send
[ RUN      ] torture_rekey_server_recv
OK: SSH-2.0-OpenSSH_9.0
[       OK ] torture_rekey_server_recv
[ RUN      ] torture_rekey_guess_recv
OK: SSH-2.0-OpenSSH_9.0
[       OK ] torture_rekey_guess_recv
[ RUN      ] torture_rekey_guess_wrong_recv
OK: SSH-2.0-OpenSSH_9.0
[       OK ] torture_rekey_guess_wrong_recv
[==========] tests: 14 test(s) run.
[  PASSED  ] 12 test(s).
[  FAILED  ] tests: 2 test(s), listed below:
[  FAILED  ] torture_rekey_different_kex
[  FAILED  ] torture_rekey_server_different_kex
  2 FAILED TEST(S)


any idea what might be causing that?


Hi,
I was hoping I debugged all these issues while working on the release, but it looks like there are still some timing/memory/architecture variables.

This error happens in case the rekey did not happen as expected (unexpected size of digest size). I was bumping the amount of sent data in [1] and [2] in both branches, which looked like solving the problem in upstream tests. Other option might be adding some sleep between the sending and processing the packets to make sure the server gets its turn, but hard to say if this would help ... the packet processing and rekey is asynchronous ... but there might better ways to do that.

[1] https://gitlab.com/libssh/libssh-mirror/-/commit/31a33fd2fd0fdad7c814748fdff75c7390c7f06e [0.9] [2] https://gitlab.com/libssh/libssh-mirror/-/commit/dc1254d53e4fc6cbeb4797fc6ca1c9ed2c21f15c [0.10]

Regards,
--
Jakub Jelen
Crypto Team, Security Engineering
Red Hat, Inc.


Follow-Ups:
Re: libssh 0.9.7 and 0.10.5 were releasedJakub Jelen <jjelen@xxxxxxxxxx>
References:
libssh 0.9.7 and 0.10.5 were releasedJakub Jelen <jjelen@xxxxxxxxxx>
Re: libssh 0.9.7 and 0.10.5 were releasedOrion Poplawski <orion@xxxxxxxx>
Archive administrator: postmaster@lists.cynapses.org