Eric Masson
2016-Mar-09 15:48 UTC
[FreeBSD-Stable] svn commit: r296462 - in stable/9: crypto/openssl/crypto/bio crypto/openssl/crypto/bn crypto/openssl/doc/apps crypto/openssl/ssl secure/usr.bin/openssl/man
Mike Tancsa <mike at sentex.net> writes: Hi,> good trace - pre openssl commit > .... > debug2: kex_parse_kexinit: > hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,umac-64 at openssh.com [preauth] > debug2: kex_parse_kexinit: > hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,umac-64 at openssh.com [preauth] > debug2: kex_parse_kexinit: none [preauth] > debug2: kex_parse_kexinit: none [preauth] > debug2: kex_parse_kexinit: [preauth] > debug2: kex_parse_kexinit: [preauth] > debug2: kex_parse_kexinit: first_kex_follows 0 [preauth] > debug2: kex_parse_kexinit: reserved 0 [preauth] > debug2: mac_setup: setup hmac-sha1 [preauth] > debug1: kex: client->server aes256-ctr hmac-sha1 none [preauth] > debug2: mac_setup: setup hmac-sha1 [preauth] > debug1: kex: server->client aes256-ctr hmac-sha1 none [preauth] > debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received [preauth] > debug3: mm_request_send entering: type 0 [preauth] > debug3: mm_request_receive entering > debug3: monitor_read: checking request 0 > debug3: mm_answer_moduli: got parameters: 1024 2048 2048 > bad trace - with openssl commit. > > debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received [preauth] > debug3: mm_request_send entering: type 0 [preauth] > debug3: mm_choose_dh: waiting for MONITOR_ANS_MODULI [preauth] > debug3: mm_request_receive_expect entering: type 1 [preauth] > debug3: mm_request_receive entering [preauth] > debug3: mm_request_receive entering > debug3: monitor_read: checking request 0 > debug3: mm_answer_moduli: got parameters: 1024 2048 2048 > debug3: mm_request_send entering: type 1 > debug2: monitor_read: 0 used once, disabling now > debug3: mm_choose_dh: remaining 0 [preauth] > *debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent [preauth]* > debug1: monitor_read_log: child log fd closed > debug3: mm_request_receive entering > debug1: do_cleanup > debug3: PAM: sshpam_thread_cleanup entering > debug1: Killing privsep child 1837Similar symptoms on 9.3-p37 when trying to connect with putty from a Win 7 station. Using cygwin's openssh client doesn't trigger the issue. ?ric Masson -- J'ai essay? de creer un news un alt.west.virginia ou sur d'autres alt.west.wirginia.xxx mais quand je vais sur ces forums rien n'apparait? l'emetteur d'un new recoit il un avertissement si celui ci est censur?? -+- LM in: <http://www.le-gnu.net> - Bien sansurer ses news sur C-I -+-
Dimitry Andric
2016-Mar-09 22:06 UTC
[FreeBSD-Stable] svn commit: r296462 - in stable/9: crypto/openssl/crypto/bio crypto/openssl/crypto/bn crypto/openssl/doc/apps crypto/openssl/ssl secure/usr.bin/openssl/man
On 09 Mar 2016, at 16:48, Eric Masson <emss at free.fr> wrote:> > Mike Tancsa <mike at sentex.net> writes: > > Hi, > >> good trace - pre openssl commit >> .... >> debug2: kex_parse_kexinit: >> hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,umac-64 at openssh.com [preauth] >> debug2: kex_parse_kexinit: >> hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,umac-64 at openssh.com [preauth] >> debug2: kex_parse_kexinit: none [preauth] >> debug2: kex_parse_kexinit: none [preauth] >> debug2: kex_parse_kexinit: [preauth] >> debug2: kex_parse_kexinit: [preauth] >> debug2: kex_parse_kexinit: first_kex_follows 0 [preauth] >> debug2: kex_parse_kexinit: reserved 0 [preauth] >> debug2: mac_setup: setup hmac-sha1 [preauth] >> debug1: kex: client->server aes256-ctr hmac-sha1 none [preauth] >> debug2: mac_setup: setup hmac-sha1 [preauth] >> debug1: kex: server->client aes256-ctr hmac-sha1 none [preauth] >> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received [preauth] >> debug3: mm_request_send entering: type 0 [preauth] >> debug3: mm_request_receive entering >> debug3: monitor_read: checking request 0 >> debug3: mm_answer_moduli: got parameters: 1024 2048 2048 >> bad trace - with openssl commit. >> >> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received [preauth] >> debug3: mm_request_send entering: type 0 [preauth] >> debug3: mm_choose_dh: waiting for MONITOR_ANS_MODULI [preauth] >> debug3: mm_request_receive_expect entering: type 1 [preauth] >> debug3: mm_request_receive entering [preauth] >> debug3: mm_request_receive entering >> debug3: monitor_read: checking request 0 >> debug3: mm_answer_moduli: got parameters: 1024 2048 2048 >> debug3: mm_request_send entering: type 1 >> debug2: monitor_read: 0 used once, disabling now >> debug3: mm_choose_dh: remaining 0 [preauth] >> *debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent [preauth]* >> debug1: monitor_read_log: child log fd closed >> debug3: mm_request_receive entering >> debug1: do_cleanup >> debug3: PAM: sshpam_thread_cleanup entering >> debug1: Killing privsep child 1837 > > Similar symptoms on 9.3-p37 when trying to connect with putty from a Win > 7 station. > > Using cygwin's openssh client doesn't trigger the issue.Can you please try the attached patch, which I also attached to PR 207783? I think this will solve the crashes. It should be enough to rebuild secure/lib/libcrypto, and install it. -Dimitry -------------- next part -------------- A non-text attachment was scrubbed... Name: fix-pr207783-1.diff Type: application/octet-stream Size: 627 bytes Desc: not available URL: <http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20160309/5eb31166/attachment.obj> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 194 bytes Desc: Message signed with OpenPGP using GPGMail URL: <http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20160309/5eb31166/attachment.sig>