Mike Tancsa
2016-Mar-09 15:27 UTC
[FreeBSD-Stable] svn commit: r296462 - in stable/9: crypto/openssl/crypto/bio crypto/openssl/crypto/bn crypto/openssl/doc/apps crypto/openssl/ssl secure/usr.bin/openssl/man
On 3/8/2016 1:13 PM, Craig Green wrote:> > > On 2016-03-08 7:45 AM, Mike Tancsa wrote: >> Hi, >> I tried on 2 separate boxes, and sshd segfaults when this rev is >> applied >> >> ---Mike > > Just adding some debug logs showing a couple places where sshd exited. > Encryption algorithm, kex and hmac didn't seem to matter.Here is an example of where sshd chokes good trace - pre openssl commit .... debug2: kex_parse_kexinit: hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,umac-64 at openssh.com [preauth] debug2: kex_parse_kexinit: hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,umac-64 at openssh.com [preauth] debug2: kex_parse_kexinit: none [preauth] debug2: kex_parse_kexinit: none [preauth] debug2: kex_parse_kexinit: [preauth] debug2: kex_parse_kexinit: [preauth] debug2: kex_parse_kexinit: first_kex_follows 0 [preauth] debug2: kex_parse_kexinit: reserved 0 [preauth] debug2: mac_setup: setup hmac-sha1 [preauth] debug1: kex: client->server aes256-ctr hmac-sha1 none [preauth] debug2: mac_setup: setup hmac-sha1 [preauth] debug1: kex: server->client aes256-ctr hmac-sha1 none [preauth] debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received [preauth] debug3: mm_request_send entering: type 0 [preauth] debug3: mm_request_receive entering debug3: monitor_read: checking request 0 debug3: mm_answer_moduli: got parameters: 1024 2048 2048 debug3: mm_request_send entering: type 1 debug2: monitor_read: 0 used once, disabling now debug3: mm_choose_dh: waiting for MONITOR_ANS_MODULI [preauth] debug3: mm_request_receive_expect entering: type 1 [preauth] debug3: mm_request_receive entering [preauth] debug3: mm_choose_dh: remaining 0 [preauth] *debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent [preauth]* *debug2: bits set: 1063/2048 [preauth]* debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT [preauth] debug2: bits set: 1041/2048 [preauth] debug3: mm_key_sign entering [preauth] debug3: mm_request_send entering: type 6 [preauth] debug3: mm_request_receive entering debug3: monitor_read: checking request 6 debug3: mm_answer_sign debug3: mm_answer_sign: signature 0x8034173c0(55) debug3: mm_request_send entering: type 7 debug2: monitor_read: 6 used once, disabling now debug3: mm_key_sign: waiting for MONITOR_ANS_SIGN [preauth] bad trace - with openssl commit. debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received [preauth] debug3: mm_request_send entering: type 0 [preauth] debug3: mm_choose_dh: waiting for MONITOR_ANS_MODULI [preauth] debug3: mm_request_receive_expect entering: type 1 [preauth] debug3: mm_request_receive entering [preauth] debug3: mm_request_receive entering debug3: monitor_read: checking request 0 debug3: mm_answer_moduli: got parameters: 1024 2048 2048 debug3: mm_request_send entering: type 1 debug2: monitor_read: 0 used once, disabling now debug3: mm_choose_dh: remaining 0 [preauth] *debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent [preauth]* debug1: monitor_read_log: child log fd closed debug3: mm_request_receive entering debug1: do_cleanup debug3: PAM: sshpam_thread_cleanup entering debug1: Killing privsep child 1837 -- ------------------- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, mike at sentex.net Providing Internet services since 1994 www.sentex.net Cambridge, Ontario Canada http://www.tancsa.com/
Eric Masson
2016-Mar-09 15:48 UTC
[FreeBSD-Stable] svn commit: r296462 - in stable/9: crypto/openssl/crypto/bio crypto/openssl/crypto/bn crypto/openssl/doc/apps crypto/openssl/ssl secure/usr.bin/openssl/man
Mike Tancsa <mike at sentex.net> writes: Hi,> good trace - pre openssl commit > .... > debug2: kex_parse_kexinit: > hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,umac-64 at openssh.com [preauth] > debug2: kex_parse_kexinit: > hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,umac-64 at openssh.com [preauth] > debug2: kex_parse_kexinit: none [preauth] > debug2: kex_parse_kexinit: none [preauth] > debug2: kex_parse_kexinit: [preauth] > debug2: kex_parse_kexinit: [preauth] > debug2: kex_parse_kexinit: first_kex_follows 0 [preauth] > debug2: kex_parse_kexinit: reserved 0 [preauth] > debug2: mac_setup: setup hmac-sha1 [preauth] > debug1: kex: client->server aes256-ctr hmac-sha1 none [preauth] > debug2: mac_setup: setup hmac-sha1 [preauth] > debug1: kex: server->client aes256-ctr hmac-sha1 none [preauth] > debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received [preauth] > debug3: mm_request_send entering: type 0 [preauth] > debug3: mm_request_receive entering > debug3: monitor_read: checking request 0 > debug3: mm_answer_moduli: got parameters: 1024 2048 2048 > bad trace - with openssl commit. > > debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received [preauth] > debug3: mm_request_send entering: type 0 [preauth] > debug3: mm_choose_dh: waiting for MONITOR_ANS_MODULI [preauth] > debug3: mm_request_receive_expect entering: type 1 [preauth] > debug3: mm_request_receive entering [preauth] > debug3: mm_request_receive entering > debug3: monitor_read: checking request 0 > debug3: mm_answer_moduli: got parameters: 1024 2048 2048 > debug3: mm_request_send entering: type 1 > debug2: monitor_read: 0 used once, disabling now > debug3: mm_choose_dh: remaining 0 [preauth] > *debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent [preauth]* > debug1: monitor_read_log: child log fd closed > debug3: mm_request_receive entering > debug1: do_cleanup > debug3: PAM: sshpam_thread_cleanup entering > debug1: Killing privsep child 1837Similar symptoms on 9.3-p37 when trying to connect with putty from a Win 7 station. Using cygwin's openssh client doesn't trigger the issue. ?ric Masson -- J'ai essay? de creer un news un alt.west.virginia ou sur d'autres alt.west.wirginia.xxx mais quand je vais sur ces forums rien n'apparait? l'emetteur d'un new recoit il un avertissement si celui ci est censur?? -+- LM in: <http://www.le-gnu.net> - Bien sansurer ses news sur C-I -+-