Hi, OpenSSH 7.6p1 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This is a bugfix release. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is also available via git using the instructions at http://www.openssh.com/portable.html#cvs At https://anongit.mindrot.org/openssh.git/ or via a mirror at Github: https://github.com/openssh/openssh-portable Running the regression tests supplied with Portable OpenSSH does not require installation and is a simply: $ ./configure && make tests Live testing on suitable non-production systems is also appreciated. Please send reports of success or failure to openssh-unix-dev at mindrot.org. Security bugs should be reported directly to openssh at openssh.com. Below is a summary of changes. More detail may be found in the ChangeLog in the portable OpenSSH tarballs. Thanks to the many people who contributed to this release. Potentially-incompatible changes =============================== This release includes a number of changes that may affect existing configurations: * ssh(1): delete SSH protocol version 1 support, associated configuration options and documentation. * ssh(1)/sshd(8): remove support for the hmac-ripemd160 MAC. * ssh(1)/sshd(8): remove support the arcfour, blowfish and CAST ciphers. * Refuse RSA keys <1024 bits in length and improve reporting for keys that do not meet this requirement. * ssh(1): do not offer CBC ciphers by default. Changes since OpenSSH 7.5 ======================== This is primarily a bugfix release. It also contains substantial internal refactoring. New Features ------------ * ssh(1): add RemoteCommand option to specify a command in the ssh config file instead of giving it on the client's command line. This allows the configuration file to specify the command that will be executed on the remote host. * sshd(8): add ExposeAuthInfo option that enables writing details of the authentication methods used (including public keys where applicable) to a file that is exposed via a $SSH_USER_AUTH environment variable in the subsequent session. * sshd(8): allow LogLevel directive in sshd_config Match blocks; bz#2717 * ssh-keygen(1): allow inclusion of arbitrary string or flag certificate extensions and critical options. * ssh-keygen(1): allow ssh-keygen to use a key held in ssh-agent as a CA when signing certificates. bz#2377 * ssh(1)/sshd(8): allow IPQoS=none in ssh/sshd to not set an explicit ToS/DSCP value and just use the operating system default. * ssh-add(1): added -q option to make ssh-add quiet on success. * ssh(1): expand the StrictModes option with two new settings. The first "accept-new" will automatically accept hitherto-unseen keys but will refuse connections for changed or invalid hostkeys. This is a safer subset of the current behaviour of StrictModes=no. The second setting "off", is a synonym for the current behaviour of StrictModes=no: accept hitherto-unseen keys, and continue connection for hosts with mismatched/changed hostkeys. A future release will change the meaning of StrictModes=no to the behaviour of "accept-new". bz#2400 * ssh(1): add SyslogFacility option to ssh(1) matching the equivalent option in sshd(8). bz#2705 Bugfixes -------- * ssh(1): use HostKeyAlias if specified instead of hostname for matching host certificate principal names; bz#2728 * sftp(1): implement sorting for globbed ls; bz#2649 * ssh(1): add a user at host prefix to client's "Permisison denied" messages, useful in particular when using "stacked" connections (e.g. ssh -J) where it's not clear which host is denying. bz#2720 * ssh(1): accept unknown EXT_INFO extension values that contain \0 characters. This is legal, but would previously cause fatal connection errors if received. * ssh(1)/sshd(8): repair compression statistics printed at connection exit * sftp(1): print '?' instead of incorrect link count (that the protocol doesn't provide) for remote listings. bz#2710 * ssh(1): return failure rather than fatal() for more cases during session multiplexing negotiations. Causes the session to fall back to a non-mux connection if they occur. bz#2707 * ssh(1): mention that the server may send debug messages to explain public key authentication problems under some circumstances; bz#2709 * Translate OpenSSL error codes to better report incorrect passphrase errors when loading private keys; bz#2699 * sshd(8): adjust compatibility patterns for WinSCP to correctly identify versions that implement only the legacy DH group exchange scheme. bz#2748 * ssh(1): print the "Killed by signal 1" message only at LogLevel verbose so that it is not shown at the default level; prevents it from appearing during ssh -J and equivalent ProxyCommand configs. bz#1906, bz#2744 * ssh-keygen(1): when generating all hostkeys (ssh-keygen -A), clobber existing keys if they exist but are zero length. zero-length keys could previously be made if ssh-keygen failed or was interrupted part way through generating them. bz#2561 * ssh(1): fix pledge(2) violation in the escape sequence "~&" used to place the current session in the background. * ssh-keyscan(1): avoid double-close() on file descriptors; bz#2734 * sshd(8): avoid reliance on shared use of pointers shared between monitor and child sshd processes. bz#2704 * sshd_config(8): document available AuthenticationMethods; bz#2453 * ssh(1): avoid truncation in some login prompts; bz#2768 * sshd(8): Fix various compilations failures, inc bz#2767 * ssh(1): make "--" before the hostname terminate argument processing after the hostname too. * ssh-keygen(1): switch from aes256-cbc to aes256-ctr for encrypting new-style private keys. Fixes problems related to private key handling for no-OpenSSL builds. bz#2754 * ssh(1): warn and do not attempt to use keys when the public and private halves do not match. bz#2737 * sftp(1): don't print verbose error message when ssh disconnects from under sftp. bz#2750 * sshd(8): fix keepalive scheduling problem: activity on a forwarded port from preventing the keepalive from being sent; bz#2756 * sshd(8): when started without root privileges, don't require the privilege separation user or path to exist. Makes running the regression tests easier without touching the filesystem. * Make integrity.sh regression tests more robust against timeouts. bz#2658 * ssh(1)/sshd(8): correctness fix for channels implementation: accept channel IDs greater than 0x7FFFFFFF. Portability ----------- * sshd(9): drop two more privileges in the Solaris sandbox: PRIV_DAX_ACCESS and PRIV_SYS_IB_INFO; bz#2723 * sshd(8): expose list of completed authentication methods to PAM via the SSH_AUTH_INFO_0 PAM environment variable. bz#2408 * ssh(1)/sshd(8): fix several problems in the tun/tap forwarding code, mostly to do with host/network byte order confusion. bz#2735 * Add --with-cflags-after and --with-ldflags-after configure flags to allow setting CFLAGS/LDFLAGS after configure has completed. These are useful for setting santiser/fuzzing options that may interfere with configure's operation. * sshd(8): avoid Linux seccomp violations on ppc64le over the socketcall syscall. * Fix use of ldns when using ldns-config; bz#2697 * configure: set cache variables when cross-compiling. The cross- compiling fallback message was saying it assumed the test passed, but it wasn't actually set the cache variables and this would cause later tests to fail. * Add clang libFuzzer harnesses for public key parsing and signature verification. OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt, Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre, Tim Rice and Ben Lindstrom.
On Wed, Sep 20, 2017 at 07:47:59PM CDT, Damien Miller wrote:>Hi, > >OpenSSH 7.6p1 is almost ready for release, so we would appreciate testing >on as many platforms and systems as possible. This is a bugfix release. >Commit: 5b8da1f53854 System: Void Linux (up to date) Configure flags: --with-pam --with-pie --with-sandbox=seccomp_filter Build: successful, though it produced a number of undeclared-function warnings about arc4random_buf() and one about explicit_bzero() in openbsd-compat/freezero.c. As I think has been the case for a while, arc4random_buf() doesn't appear to be declared anywhere in any headers in /usr/include on Void as far as I can tell; not sure where it should in theory be (the symbol is defined in libressl's libcrypto.so, which I guess is why configure didn't decide to use the built-in openbsd-compat version). explicit_bzero() is declared in <string.h> however. 'make tests': my first attempt ran into 'ssh-keygen: .../openssh/regress//t12.out.pub: No such file or directory'; at first I figured this was probably a result of a race condition due to having run make with '-j', but on some (but not all) subsequent serial runs it also occurred. That notwithstanding, however, it also failed (consistently) on this: test_kex: regress/unittests/kex/test_kex.c:91 test #1 "sshkey_generate" ASSERT_INT_EQ(sshkey_generate(keytype, bits, &private), 0) failed: sshkey_generate(keytype, bits, &private) = -56 0 = 0 Aborted Happy to provide any other info that would be useful for debugging. Zev
On 21 September 2017 at 17:22, Zev Weiss <zev at bewilderbeest.net> wrote:> at first I > figured this was probably a result of a race condition due to having run > make with '-j'The regular build works fine with -j but tests currently don't. I usually do something like ./configure && make -j 8 && make tests> test_kex: regress/unittests/kex/test_kex.c:91 test #1 "sshkey_generate" > ASSERT_INT_EQ(sshkey_generate(keytype, bits, &private), 0) failed: > sshkey_generate(keytype, bits, &private) = -56I'll take a look at this but in the mean time you can run the rest of the regression tests using SUDO=sudo make tests SKIP_UNIT=1 Thanks. -- Darren Tucker (dtucker at zip.com.au) GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
On Thu, Sep 21, 2017 at 10:47:59AM +1000, Damien Miller wrote:> Running the regression tests supplied with Portable OpenSSH does not > require installation and is a simply: > > $ ./configure && make testsAll tests pass on Debian unstable amd64 (using openssh.git master). I don't suppose it would be possible to get https://bugzilla.mindrot.org/show_bug.cgi?id=2752 into 7.6? We're carrying those patches at the moment, but I'd like to avoid having to carry sandbox patches if possible. Thanks, -- Colin Watson [cjwatson at debian.org]
So far on FreeBSD 11.1 reject openssl 1.1.0 make with Openssl 1.0.2 l no issues Attempt to test in openssl 1.0.2m -dev -fips chokes on tests. -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism Talk Sense to a fool and he calls you foolish - Euripides
On Thu, 21 Sep 2017, Colin Watson wrote:> On Thu, Sep 21, 2017 at 10:47:59AM +1000, Damien Miller wrote: > > Running the regression tests supplied with Portable OpenSSH does not > > require installation and is a simply: > > > > $ ./configure && make tests > > All tests pass on Debian unstable amd64 (using openssh.git master). > > I don't suppose it would be possible to get > https://bugzilla.mindrot.org/show_bug.cgi?id=2752 into 7.6? We're > carrying those patches at the moment, but I'd like to avoid having to > carry sandbox patches if possible.I don't think that will make it, and I don't much like some of the changes in those patches (e.g. adding SysV IPC). IMO it would be better to disable the OpenSSL engine that requires it for the pre-auth phase entirely. -d
On Thu, Sep 21, 2017 at 02:22:10AM -0500, Zev Weiss wrote:> test_kex: regress/unittests/kex/test_kex.c:91 test #1 "sshkey_generate" > ASSERT_INT_EQ(sshkey_generate(keytype, bits, &private), 0) failed: > sshkey_generate(keytype, bits, &private) = -56That error code is: $ grep -- -56 ssherr.h #define SSH_ERR_KEY_LENGTH -56 Unfortunately there's lots of places in that code that can return that. I have seen that on one Cygwin system (OpenSSL 1.0.2k) here so I added the below code to try to narrow it down. On mine it gave: test_kex: dsa_generate_private_key bits 2048 expected 1024 but I don't understand how. Don't try to use ssh or sshd with this diff as it'll probably mess things up pretty good. diff --git a/ssh-sandbox.h b/ssh-sandbox.h index bd5fd83..6bd76b3 100644 --- a/ssh-sandbox.h +++ b/ssh-sandbox.h @@ -22,3 +22,4 @@ struct ssh_sandbox *ssh_sandbox_init(struct monitor *); void ssh_sandbox_child(struct ssh_sandbox *); void ssh_sandbox_parent_finish(struct ssh_sandbox *); void ssh_sandbox_parent_preauth(struct ssh_sandbox *, pid_t); +#define setrlimit(x,y) (0) diff --git a/sshkey.c b/sshkey.c index e91c54f..cfdd437 100644 --- a/sshkey.c +++ b/sshkey.c @@ -1394,8 +1394,11 @@ rsa_generate_private_key(u_int bits, RSA **rsap) if (rsap == NULL) return SSH_ERR_INVALID_ARGUMENT; if (bits < SSH_RSA_MINIMUM_MODULUS_SIZE || - bits > SSHBUF_MAX_BIGNUM * 8) + bits > SSHBUF_MAX_BIGNUM * 8) { + fprintf(stderr, "%s bits %d min %d max %d\n", __func__, bits, + SSH_RSA_MINIMUM_MODULUS_SIZE, SSHBUF_MAX_BIGNUM); return SSH_ERR_KEY_LENGTH; + } *rsap = NULL; if ((private = RSA_new()) == NULL || (f4 = BN_new()) == NULL) { ret = SSH_ERR_ALLOC_FAIL; @@ -1425,8 +1428,10 @@ dsa_generate_private_key(u_int bits, DSA **dsap) if (dsap == NULL) return SSH_ERR_INVALID_ARGUMENT; - if (bits != 1024) + if (bits != 1024) { + fprintf(stderr, "%s bits %d expected %d\n", __func__, bits, 1024); return SSH_ERR_KEY_LENGTH; + } if ((private = DSA_new()) == NULL) { ret = SSH_ERR_ALLOC_FAIL; goto out; @@ -1505,8 +1510,10 @@ ecdsa_generate_private_key(u_int bits, int *nid, EC_KEY **ecdsap) if (nid == NULL || ecdsap == NULL) return SSH_ERR_INVALID_ARGUMENT; - if ((*nid = sshkey_ecdsa_bits_to_nid(bits)) == -1) + if ((*nid = sshkey_ecdsa_bits_to_nid(bits)) == -1) { + fprintf(stderr, "%s bits %d\n", __func__, bits); return SSH_ERR_KEY_LENGTH; + } *ecdsap = NULL; if ((private = EC_KEY_new_by_curve_name(*nid)) == NULL) { ret = SSH_ERR_ALLOC_FAIL; @@ -1881,6 +1888,8 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp, goto out; } if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) { + fprintf(stderr, "%s num_bits %d min %d\n", __func__, + BN_num_bits(key->rsa->n), SSH_RSA_MINIMUM_MODULUS_SIZE); ret = SSH_ERR_KEY_LENGTH; goto out; } @@ -2664,6 +2673,8 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp) (r = ssh_rsa_generate_additional_parameters(k)) != 0) goto out; if (BN_num_bits(k->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) { + fprintf(stderr, "%s num_bits %d min %d\n", __func__, + BN_num_bits(k->rsa->n), SSH_RSA_MINIMUM_MODULUS_SIZE); r = SSH_ERR_KEY_LENGTH; goto out; } @@ -2678,6 +2689,8 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp) (r = ssh_rsa_generate_additional_parameters(k)) != 0) goto out; if (BN_num_bits(k->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) { + fprintf(stderr, "%s num_bits %d min %d\n", __func__, + BN_num_bits(k->rsa->n), SSH_RSA_MINIMUM_MODULUS_SIZE); r = SSH_ERR_KEY_LENGTH; goto out; } @@ -3476,6 +3489,8 @@ sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type, goto out; } if (BN_num_bits(prv->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) { + fprintf(stderr, "%s num_bits %d min %d\n", __func__, + BN_num_bits(prv->rsa->n), SSH_RSA_MINIMUM_MODULUS_SIZE); r = SSH_ERR_KEY_LENGTH; goto out; } -- Darren Tucker (dtucker at zip.com.au) GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
[ Take 2, this time with outputs on web-server not attached ] On 2017-09-21 at 10:47 +1000, Damien Miller wrote:> OpenSSH 7.6p1 is almost ready for release, so we would appreciate testing > on as many platforms and systems as possible. This is a bugfix release.Using vagrant, I brought this up on a few different boxes. SHA256(openssh-SNAP-20170922.tar.gz)= c40ee9c2e03ef8e6e8558066e51cdb8ed19e3c2339f64a00a68159d938c302b0 "bento" as a prefix means that it's from Chef's "Bento" project and just means "tuned by people who probably know what they're doing for VMs" and is otherwise the base OS. Failures: * Bento Fedora 26: because system openssl is OpenSSL 1.1.0f Success: * Bento Debian 9.1 * Bento Centos 7 * Bento FreeBSD 11 * Debian Jessie * Debian Stretch * NetBSD 7 * Ubuntu Trusty * Ubuntu Xenial Test script as run within the VM is attached as "openssh-snapshot-basetemplate", it chose the installs of dependencies to take from "stock" to "ready to compile". Result files, if anyone cares, at: https://people.spodhuis.org/phil.pennock/openssh-testing/SNAP-20170922/bento-centos7.txt https://people.spodhuis.org/phil.pennock/openssh-testing/SNAP-20170922/bento-debian9.1.txt https://people.spodhuis.org/phil.pennock/openssh-testing/SNAP-20170922/bento-fedora26.txt https://people.spodhuis.org/phil.pennock/openssh-testing/SNAP-20170922/bento-freebsd11.txt https://people.spodhuis.org/phil.pennock/openssh-testing/SNAP-20170922/jessie.txt https://people.spodhuis.org/phil.pennock/openssh-testing/SNAP-20170922/netbsd7.txt https://people.spodhuis.org/phil.pennock/openssh-testing/SNAP-20170922/stretch.txt https://people.spodhuis.org/phil.pennock/openssh-testing/SNAP-20170922/trusty.txt https://people.spodhuis.org/phil.pennock/openssh-testing/SNAP-20170922/xenial.txt -Phil -------------- next part -------------- #!/bin/sh -eux # Filled in when template converted: tarball='/tmp/XXX_SNAPBALL_XXX' id if [ -d /etc/apt ]; then ( export DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true apt-get -q -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confnew" build-dep openssh ) elif [ -f /etc/yum.conf ] || [ -d /etc/yum ]; then ( yum -y install yum-utils yum -y groupinstall 'Development Tools' yum-builddep -y openssh ) fi # netbsd doesn't support -v: mkdir -p /var/empty sudo -Hiu "${PT_VAGRANT_USER:-vagrant}" <<EOSCRIPT set -x cd tar zxf $tarball cd openssh ( ./configure && make tests ) >/tmp/openssh-output-log.txt 2>&1 EOSCRIPT -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 996 bytes Desc: Digital signature URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20170922/9c6e8441/attachment-0001.asc>
On 2017-09-22 at 16:34 -0400, Phil Pennock wrote:> SHA256(openssh-SNAP-20170922.tar.gz)= c40ee9c2e03ef8e6e8558066e51cdb8ed19e3c2339f64a00a68159d938c302b0Redone against: SHA256(openssh-SNAP-20170923.tar.gz)= e5e660f4bfbf2acacb0a1daeaec3478b572108ed8b838f8e9ca9f930db5ad0bb No changes relative to 20170923. Outputs are in: https://people.spodhuis.org/phil.pennock/openssh-testing/SNAP-20170923 and there's an index in: https://people.spodhuis.org/phil.pennock/openssh-testing/ too. I've slightly cleaned up my Vagrant setup and shoved it up on GitHub, slapped a MIT license in there, plus some documentation (README.md in the top level) so that it doesn't assume familiarity with Vagrant. https://github.com/philpennock/etc-vagrant It's a poor-man's CI system, but it lets you work locally with VMs to do the OpenSSH testing and it's ~fully automated for the snapshots. Consider it very much v0.0.2. It's fully working. For me. At present, you'd need to check it out to ~/etc/vagrant because I wrote it for personal use, not really for sharing, and you'll need `not_at_home` to be a command in your path. I use that with Match exec directives in my ~/.ssh/config to auto-proxy if needed. I re-used it for my Vagrant stuff, around finding proxies/caches. Just symlink it to `true` if you don't want to worry about it. You'll need zsh installed locally. You'd need decent bandwidth the first time, to download the VM images. If you care about backups and large unnecessary blobs, then exclude `~/.vagrant.d` as a fixed path and `.vagrant` in any dir. I just run ./all.sh in ~/etc/vagrant/openssh to run the tests and pull back the reports to the local box, updating an HTML index, and then ./publish-reports to copy to the URL above. Currently runs VMs to build/test OpenSSH in a clean environment on: arch centos7 debian9.1 fedora26 freebsd11 jessie netbsd7 stretch trusty xenial ("stretch" is Debian's VM image, "debian9.1" is a bento image) To test on a new snapshot, edit `Version.sh`. To add a new machine, edit the PTMACHINES list in `stub/Vagrantfile` and if you want it used by default, edit `openssh/all.sh`. -Phil -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 996 bytes Desc: Digital signature URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20170923/297f381b/attachment.asc>
On 24 September 2017 at 02:14, Tom G. Christensen <tgc at jupiterrise.com> wrote: [...]> I am seeing the exact same error consistently on Solaris 7/SPARC. > > $ ./test_kex > test_kex: dsa_generate_private_key bits 2048 expected 1024What version of OpenSSL do you have? (on both the good and bad machines?) We have one data point of the problem occurring with OpenSSL 1.0.2k but we don't know if the version is significant. -- Darren Tucker (dtucker at zip.com.au) GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
On 24/09/17 07:13, Darren Tucker wrote:> On 24 September 2017 at 02:14, Tom G. Christensen <tgc at jupiterrise.com> wrote: > [...] >> I am seeing the exact same error consistently on Solaris 7/SPARC. >> >> $ ./test_kex >> test_kex: dsa_generate_private_key bits 2048 expected 1024 > > What version of OpenSSL do you have? (on both the good and bad > machines?) We have one data point of the problem occurring with > OpenSSL 1.0.2k but we don't know if the version is significant. >All my Solaris hosts have 1.0.2k installed. -tgc
On 09/20/2017 05:47 PM, Damien Miller wrote:> Hi, > > OpenSSH 7.6p1 is almost ready for release, so we would appreciate testing > on as many platforms and systems as possible. This is a bugfix release.openssh-SNAP-20170925.tar.gz && git clone as of 2017/09/24 @ 17:20 PDT OpSys??? ?? ? ? Compiler?? OpenSSL???? Build???? Test Debian 8.9??? gcc 4.9.2??? 1.0.1t??? ??? YES??? ??? all tests passed Debian 9.1??? gcc 6.3.0??? 1.1.0f??? ??? NO *1 Looks like the default openssl version on Debian 9 is 1.1.0f, which according to the INSTALL doc is a deal-breaker (LibreSSL or OpenSSL >= 0.9.8f < 1.1.0). I'm hesitant to backrev the default openssl package. Simply trying to install the openssl 1.0 dev kit will force several other dev packages to un-install (like libclamav and php7.0-dev). LibreSSL doesn't appear to be a Debian package (not an issue for me - building a side-package isn't a big deal), but this could be a dealbreaker for J. Random LinuxD00d. Thoughts? **1 Build Failure pretty early on:* gcc -g -O2 -pipe -Wall -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security -Wsizeof-pointer-memaccess -Wno-pointer-sign -Wno-unused-result -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -ftrapv -fno-builtin-memset -fstack-protector-strong -fPIE?? -I. -I.? -D_XOPEN_SOURCE=600 -D_BSD_SOURCE -D_DEFAULT_SOURCE -DSSHDIR=\"/usr/local/etc\" -D_PATH_SSH_PROGRAM=\"/usr/local/bin/ssh\" -D_PATH_SSH_ASKPASS_DEFAULT=\"/usr/local/libexec/ssh-askpass\" -D_PATH_SFTP_SERVER=\"/usr/local/libexec/sftp-server\" -D_PATH_SSH_KEY_SIGN=\"/usr/local/libexec/ssh-keysign\" -D_PATH_SSH_PKCS11_HELPER=\"/usr/local/libexec/ssh-pkcs11-helper\" -D_PATH_SSH_PIDDIR=\"/var/run\" -D_PATH_PRIVSEP_CHROOT_DIR=\"/var/empty\" -DHAVE_CONFIG_H -c sshkey.c -o sshkey.o sshkey.c: In function ?sshkey_size?: sshkey.c:267:28: error: dereferencing pointer to incomplete type ?RSA {aka struct rsa_st}? ?? return BN_num_bits(k->rsa->n); ??????????????????????????? ^~ sshkey.c:270:28: error: dereferencing pointer to incomplete type ?DSA {aka struct dsa_st}? ?? return BN_num_bits(k->dsa->p); ??????????????????????????? ^~ sshkey.c: In function ?sshkey_new?: sshkey.c:470:11: error: dereferencing pointer to incomplete type ?RSA {aka struct rsa_st}? ?????? (rsa->n = BN_new()) == NULL || ?????????? ^~ sshkey.c:482:11: error: dereferencing pointer to incomplete type ?DSA {aka struct dsa_st}? ?????? (dsa->p = BN_new()) == NULL || ?????????? ^~ sshkey.c: In function ?translate_libcrypto_error?: sshkey.c:3398:8: error: ?EVP_R_BN_DECODE_ERROR? undeclared (first use in this function) ?? case EVP_R_BN_DECODE_ERROR: ??????? ^~~~~~~~~~~~~~~~~~~~~ sshkey.c:3398:8: note: each undeclared identifier is reported only once for each function it appears in sshkey.c: In function ?sshkey_parse_private_pem_fileblob?: sshkey.c:3463:8: error: dereferencing pointer to incomplete type ?EVP_PKEY {aka struct evp_pkey_st}? ? if (pk->type == EVP_PKEY_RSA && ??????? ^~ Makefile:152: recipe for target 'sshkey.o' failed make: *** [sshkey.o] Error 1
On 2017-09-24 at 17:37 -0700, Kevin Brott wrote:> On 09/20/2017 05:47 PM, Damien Miller wrote: > > Hi, > > > > OpenSSH 7.6p1 is almost ready for release, so we would appreciate testing > > on as many platforms and systems as possible. This is a bugfix release. > > openssh-SNAP-20170925.tar.gz && git clone as of 2017/09/24 @ 17:20 PDT > > OpSys??? ?? ? ? Compiler?? OpenSSL???? Build???? Test > Debian 8.9??? gcc 4.9.2??? 1.0.1t??? ??? YES??? ??? all tests passed > Debian 9.1??? gcc 6.3.0??? 1.1.0f??? ??? NO *1 > > Looks like the default openssl version on Debian 9 is 1.1.0f, which according to the INSTALL doc is a deal-breaker (LibreSSL or OpenSSL >= 0.9.8f < 1.1.0).Debian 9.1 is one of the ones I tested on and it worked, so I looked into this: it looks like Debian 9.1 has libssl installed for both 1.0.2l and 1.1.0f, but then the openssl package for the latter, providing only the command-line interface. https://people.spodhuis.org/phil.pennock/openssh-testing/SNAP-20170925/bento-debian9.1.txt A plain install of Debian includes neither set of dev headers, the "apt-get build-dep openssh" step installed "libssl1.0-dev". The plain install I got included both binary-library packages by default. "libssl1.0-dev" and "libssl-dev" have mutual Conflicts: declarations so installing one should auto-remove the other. -----------------------------8< cut here >8----------------------------- vagrant at debian-9:~$ dpkg -l \*openssl\* libssl\* Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) ||/ Name Version Architecture Description +++-============================-===================-===================-=============================================================un libssl-dev <none> <none> (no description available) ii libssl1.0-dev:amd64 1.0.2l-2 amd64 Secure Sockets Layer toolkit - development files ii libssl1.0.2:amd64 1.0.2l-2 amd64 Secure Sockets Layer toolkit - shared libraries ii libssl1.1:amd64 1.1.0f-3 amd64 Secure Sockets Layer toolkit - shared libraries ii openssl 1.1.0f-3 amd64 Secure Sockets Layer toolkit - cryptographic utility un python3-openssl <none> <none> (no description available) -----------------------------8< cut here >8----------------------------- -Phil
On Fri, 2017-09-22 at 16:34 -0400, Phil Pennock wrote:> [ Take 2, this time with outputs on web-server not attached ] > > On 2017-09-21 at 10:47 +1000, Damien Miller wrote: > > OpenSSH 7.6p1 is almost ready for release, so we would appreciate > > testing > > on as many platforms and systems as possible. This is a bugfix > > release. > > Using vagrant, I brought this up on a few different boxes. > > SHA256(openssh-SNAP-20170922.tar.gz)> c40ee9c2e03ef8e6e8558066e51cdb8ed19e3c2339f64a00a68159d938c302b0 > > > "bento" as a prefix means that it's from Chef's "Bento" project and > just > means "tuned by people who probably know what they're doing for VMs" > and > is otherwise the base OS. > > Failures: > * Bento Fedora 26: because system openssl is OpenSSL 1.1.0fFor testing purposes, you should be able to install compat-openssl10- devel (OpenSSL 1.0.x) on Fedora 26, instead of openssl-devel, which provides 1.1 interface. Though I plan some more extensive testing with Fedora and new OpenSSL in coming days. Regards, -- Jakub Jelen Software Engineer Security Technologies Red Hat, Inc.
Damien Miller wrote:> Hi, > > OpenSSH 7.6p1 is almost ready for release, so we would appreciate testing > on as many platforms and systems as possible. This is a bugfix release. > >Using the 20170927 snapshot, the following combinations passed all tests on SPARC Solaris 10: Oracle's OpenSSL 1.0.2k & Sun Studio 12.0 Locally built OpenSSL 1.0.2l & Sun Studio 12.0 Oracle's OpenSSL 1.0.2k & Solaris Studio 12.2 Locally built OpenSSL 1.0.2l & Solaris Studio 12.2 Oracle's OpenSSL 1.0.2k & Solaris Studio 12.4 Locally built OpenSSL 1.0.2l & Solaris Studio 12.4 I generally build with Studio 12.2, as it works better/faster with some of the old systems that I have around. I'm still working on getting it to build with the version of gcc that installswith Solaris 10. -- Jeff Wieland, UNIX/Network Systems Administrator Purdue University IT Infrastructure Services UNIX Platforms
> Damien Miller wrote: >> Hi, >> >> OpenSSH 7.6p1 is almost ready for release, so we would appreciate testing >> on as many platforms and systems as possible. This is a bugfix release. >> >> > Using the 20170927 snapshot, the following combinations passed all > tests on SPARC Solaris 10: > > Oracle's OpenSSL 1.0.2k & Sun Studio 12.0 > Locally built OpenSSL 1.0.2l & Sun Studio 12.0 > Oracle's OpenSSL 1.0.2k & Solaris Studio 12.2 > Locally built OpenSSL 1.0.2l & Solaris Studio 12.2 > Oracle's OpenSSL 1.0.2k & Solaris Studio 12.4 > Locally built OpenSSL 1.0.2l & Solaris Studio 12.4 > > I generally build with Studio 12.2, as it works better/faster with some > of the old systems that I have around. > > I'm still working on getting it to build with the version of gcc that > installswith Solaris 10. > > -- > Jeff Wieland, UNIX/Network Systems Administrator > Purdue University IT Infrastructure Services UNIX Platforms >Success with gcc: Oracle's OpenSSL 1.0.2k & gcc version 3.4.3 Locally built OpenSSL 1.0.2l & gcc version 3.4.3 -- Jeff Wieland, UNIX/Network Systems Administrator Purdue University IT Infrastructure Services UNIX Platforms
all tests passed on Ubuntu 16.04.3 LTS and Scientific Linux release 6.9 (Carbon) On SUSE Linux Enterprise Server 11 SP3 LTSS I had to provide a local installation of a newer openssl. I have chosen their current LTS version 1.0.2l with shared library support enabled, and I had to tweak with CFLAGS and LDFLAGS to pass the configure checks (otherwise, the OS provided, heavily patched 0.9.8j-fips version was used, even when configure was told to use the local installation via --with-ssl-dir). Anyhow, I managed to build, but then make tests fails with: run test agent.sh ... ssh-add -l via agent fwd failed (exit code 255) agent fwd failed (exit code 255) failed simple agent test I know it's an old distribution, but with the newer openssl installation one would maybe expect the tests to pass. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5254 bytes Desc: S/MIME Cryptographic Signature URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20170927/9ec2f7ff/attachment.p7s>
On Wed, 27 Sep 2017, Martin Hecht wrote:> all tests passed on > > Ubuntu 16.04.3 LTS and > Scientific Linux release 6.9 (Carbon) > > On SUSE Linux Enterprise Server 11 SP3 LTSS I had to provide a local > installation of a newer openssl. I have chosen their current LTS version > 1.0.2l with shared library support enabled, and I had to tweak with > CFLAGS and LDFLAGS to pass the configure checks (otherwise, the OS > provided, heavily patched 0.9.8j-fips version was used, even when > configure was told to use the local installation via --with-ssl-dir). > Anyhow, I managed to build, but then make tests fails with: > > run test agent.sh ... > ssh-add -l via agent fwd failed (exit code 255) > agent fwd failed (exit code 255) > failed simple agent testWhen tests fail, you can check regress/failed-* for details of what went wrong. -d
On Thu, Sep 21, 2017 at 10:47:59 +1000, Damien Miller wrote:> Hi, > > OpenSSH 7.6p1 is almost ready for release, so we would appreciate testing > on as many platforms and systems as possible. This is a bugfix release. >Hi Damien, I sent this report last week, but due to a prlblem at my end it never made it to the list. The 20170922 snapshot successfully builds on RHEL 6.9/x86_64 with LibreSSL 2.6.1. However, the regression tests fail with regress/authinfo.sh: run test authinfo.sh ... ExposeAuthInfo=no SSH_USER_AUTH: Undefined variable. SSH_USER_AUTH present ExposeAuthInfo=yes failed authinfo make[1]: *** [t-exec] Error 1 make[1]: Leaving directory `/u/wk/imorgan/src/openssh/build/openssh/regress' make: *** [tests] Error 2 This is due to my shell being csh, which is pickier about undefined variables than the Bourne-style shells. The attached patch fixes the issue. -- Iain Morgan diff --git a/regress/authinfo.sh b/regress/authinfo.sh index e725296..e4275be 100644 --- a/regress/authinfo.sh +++ b/regress/authinfo.sh @@ -6,7 +6,7 @@ tid="authinfo" # Ensure the environment variable doesn't leak when ExposeAuthInfo=no. verbose "ExposeAuthInfo=no" env SSH_USER_AUTH=blah ${SSH} -F $OBJ/ssh_proxy x \ - 'test -z "$SSH_USER_AUTH"' || fail "SSH_USER_AUTH present" + 'test -z `printenv SSH_USER_AUTH`' || fail "SSH_USER_AUTH present" verbose "ExposeAuthInfo=yes" echo ExposeAuthInfo=yes >> $OBJ/sshd_proxy
On 29 September 2017 at 11:05, Iain Morgan <imorgan+openssh at nas.nasa.gov> wrote: [...]> This is due to my shell being csh, which is pickier about undefined > variables than the Bourne-style shells. The attached patch fixes the > issue.Thanks for figuring this out.> - 'test -z "$SSH_USER_AUTH"' || fail "SSH_USER_AUTH present" > + 'test -z `printenv SSH_USER_AUTH`' || fail "SSH_USER_AUTH present"Unfortunately printenv is not specified by posix (AFAICT it's a gnuism) so that would likely break many other currently working platforms. Would it be possible to do something like: 'test -z `sh -c "echo $SSH_USER_AUTH"`' || fail "SSH_USER_AUTH present" (plus or minus some quoting, probably) ? -- Darren Tucker (dtucker at zip.com.au) GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.