search for: typep

...There are lots of error messages which start with this which are sent with error() or fatal() or fprint(stderr, ...), but two which stand out as being a bit different: # kex.c ?invalid: ??????????????? send_error(ssh, "Invalid SSH identification string."); # packet.c ??????? if (*typep < SSH2_MSG_MIN || *typep >= SSH2_MSG_LOCAL_MIN) { ??????????????? if ((r = sshpkt_disconnect(ssh, ??????????????????? "Invalid ssh2 packet type: %d", *typep)) != 0 || If it happens to be either of these, then the tcpdump showing the exchange prior to this point would be enlighte...

I have a cron script that polls various machines for their configs and archives any changes. When it connects to an OpenWrt router running "OpenSSH_9.1p1, OpenSSL 1.1.1s 1 Nov 2022", it sometimes gets this error: Bad packet length 1231976033. ssh_dispatch_run_fatal: Connection to 192.168.8.1 port 22: message authentication code incorrect What's odd is that the length is *always*

...tart with this which are sent with error() or fatal() or fprint(stderr, ...), but two which stand out as being a bit different: > > # kex.c > > invalid: > send_error(ssh, "Invalid SSH identification string."); > > # packet.c > > if (*typep < SSH2_MSG_MIN || *typep >= SSH2_MSG_LOCAL_MIN) { > if ((r = sshpkt_disconnect(ssh, > "Invalid ssh2 packet type: %d", *typep)) != 0 || > > If it happens to be either of these, then the tcpdump showing the exchange prior to this point...

...Connection closed" error. As the error is non-specific, here's the backtrace: #0 0x00007ffff6802d50 in _exit () from /lib64/libc.so.6 #1 0x00007ffff7fc2048 in cleanup_exit (i=255) at ../cleanup.c:31 #2 0x00007ffff7f9fa99 in ssh_packet_read_seqnr (ssh=0x7ffff86f4520, typep=0x7fffffffde0f "", seqnr_p=0x7fffffffde10) at ../packet.c:1330 #3 0x00007ffff7fa69f5 in ssh_dispatch_run (ssh=0x7ffff86f4520, mode=0, done=0x7ffff8207178, ctxt=0x7ffff86f4520) at ../dispatch.c:101 #4 0x00007ffff7f85aef in keygrab_ssh2 (c=0x7ffff8207160) at ../ssh...

...minutes. And it's wedged pretty tight, too---nothing happens even after letting it sit for several minutes more. Here's the backtrace: #0 0x00007ffff6836353 in __select_nocancel () from /lib64/libc.so.6 #1 0x00007ffff7f9f4d6 in ssh_packet_read_seqnr (ssh=0x7ffffb6e9cb0, typep=0x7fffffffde0f "", seqnr_p=0x7fffffffde10) at ../packet.c:1313 #2 0x00007ffff7fa669b in ssh_dispatch_run (ssh=0x7ffffb6e9cb0, mode=0, done=0x7ffff8207d78, ctxt=0x7ffffb6e9cb0) at ../dispatch.c:101 #3 0x00007ffff7f84cef in keygrab_ssh2 (c=0x7ffff8207d60) at ../ss...

...state->outgoing_packet, + state->compression_buffer)) != 0) + goto out; + } sshbuf_reset(state->outgoing_packet); if ((r = sshbuf_put(state->outgoing_packet, "\0\0\0\0\0", 5)) != 0 || @@ -1657,9 +1859,15 @@ ssh_packet_read_poll2(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p) sshbuf_len(state->incoming_packet))); if (comp && comp->enabled) { sshbuf_reset(state->compression_buffer); - if ((r = uncompress_buffer(ssh, state->incoming_packet, - state->compression_buffer)) != 0) - goto out; + if (comp->enable...

I added ZSTD support to OpenSSH roughly three years ago and I've been playing with it ever since. The nice part is that ZSTD achieves reasonable compression (like zlib) but consumes little CPU so it is unlikely that compression becomes the bottle neck of a transfer. The compression overhead (CPU) is negligible even when uncompressed data is tunneled over the SSH connection (SOCKS proxy, port

In sshconnect.c there are two global variables for server_version_string client_version_string. These are used just in a few functions and can easily be passed as parameters. Also, there is a strange construct, where their memory is allocated to the global pointers, then copies of these pointers are assigned to the kex structure. The kex_free finally frees them via cleanup of the kex

I hacked zstd support into OpenSSH a while ago and just started to clean it up in the recent days. The cleanup includes configuration support among other things that I did not have. During testing I noticed the following differences compared to zlib: - highly interactive shell output (as in refreshed at a _very_ high rate) may result in higher bandwidth compared to zlib. Since zstd is quicker

I added ZSTD support to OpenSSH roughly over a year and I've been playing with it ever since. The nice part is that ZSTD achieves reasonable compression (like zlib) but consumes little CPU so it is unlikely that compression becomes the bottle neck of a transfer. The compression overhead (CPU) is negligible even when uncompressed data is tunneled over the SSH connection (SOCKS proxy, port

https://bugzilla.mindrot.org/show_bug.cgi?id=2687 Bug ID: 2687 Summary: Coverity scan fixes Product: Portable OpenSSH Version: 7.4p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: Miscellaneous Assignee: unassigned-bugs at mindrot.org