Page MenuHomePhabricator
Feed All Stories

Yesterday

fgariepy created T251: ssh_disconnect does not properly reset the pending_call_state to SSH_PENDING_CALL_NONE.
Sat, Sep 26, 6:39 PM

Fri, Sep 25

Jakuje added a comment to T250: 0.9.5: test suite is failing.

AVC errors are logged in journal or in audit.log. ausearch -m AVC is helpfult too.

Fri, Sep 25, 8:58 PM
kloczek added a comment to T250: 0.9.5: test suite is failing.

How can I check AVC errors?

Fri, Sep 25, 6:32 PM
Jakuje added a comment to T250: 0.9.5: test suite is failing.

Do you have some AVC errors? Does it work with SELinux in permissive?

Fri, Sep 25, 2:33 PM
kloczek added a comment to T250: 0.9.5: test suite is failing.

Yes I have enabled SELinux.

$ sestatus
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   enforcing
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Memory protection checking:     actual (secure)
Max kernel policy version:      33
Fri, Sep 25, 11:20 AM
Jakuje added a comment to T250: 0.9.5: test suite is failing.

Is your user somehow restricted (for example by SELinux)? Do you have some AVC errors? Does it work with SELinux in permissive?

Fri, Sep 25, 9:29 AM
kloczek added a comment to T250: 0.9.5: test suite is failing.

Just iun case .. I have installed uid_wrapper

]$ rpm -ql uid_wrapper
/usr/lib/.build-id
/usr/lib/.build-id/de
/usr/lib/.build-id/de/92a25d0d0241dee4c96f47ebc0ec9b76c8154a
/usr/lib64/cmake/uid_wrapper
/usr/lib64/cmake/uid_wrapper/uid_wrapper-config-version.cmake
/usr/lib64/cmake/uid_wrapper/uid_wrapper-config.cmake
/usr/lib64/libuid_wrapper.so
/usr/lib64/libuid_wrapper.so.0
/usr/lib64/libuid_wrapper.so.0.0.8
/usr/lib64/pkgconfig/uid_wrapper.pc
/usr/share/man/man1/uid_wrapper.1.gz
Fri, Sep 25, 7:13 AM
kloczek triaged T250: 0.9.5: test suite is failing as Normal priority.
Fri, Sep 25, 7:11 AM

Thu, Sep 24

qgarnier added a comment to T249: proxycommand still running event after connection closed.

I have the issue with libssh 0.9.2. I have tested with version 0.9.4 and it seems ok.

Thu, Sep 24, 9:44 AM

Wed, Sep 23

qgarnier created T249: proxycommand still running event after connection closed.
Wed, Sep 23, 3:57 PM
ansasaki updated the task description for T100: [ssh] Add support for no-more-sessions@openssh.com.
Wed, Sep 23, 1:53 PM · Unknown Object (Project)
ansasaki updated the task description for T160: Implement hostkeys-00@openssh.com global request.
Wed, Sep 23, 1:49 PM · Unknown Object (Project)
Jakuje triaged T248: Implement client/server configuration fuzzer as Normal priority.
Wed, Sep 23, 1:05 PM · Unknown Object (Project)

Tue, Sep 22

Jakuje added a comment to T204: Move Constructors / Move Assignment for C++ Wrappers Session and Channel.

We are not primarily C++ developers so the C++ wrapper is the minimal support we could provide. If you know how to do this in sensible way, submitting a pull request with the patch (ideally also with demonstration in examples) would be the simplest way how to get this in.

Tue, Sep 22, 4:58 PM · Unknown Object (Project)
Jakuje added a project to T204: Move Constructors / Move Assignment for C++ Wrappers Session and Channel: Unknown Object (Project).
Tue, Sep 22, 4:56 PM · Unknown Object (Project)
Jakuje added a project to T171: Allow specifiying algorithms in configuration file by adding or removing algorithms from default: Unknown Object (Project).
Tue, Sep 22, 4:56 PM · Unknown Object (Project)

Sun, Sep 20

chcg added a comment to T228: Access violation with MinGW-W64.

From https://github.com/ashkulz/NppFTP/pull/292
Build with https://git.libssh.org/projects/libssh.git/snapshot/libssh-b1bbd20dfa8adc784c03fa74d8c81c30671d011b.tar.gz
-> https://travis-ci.org/github/ashkulz/NppFTP/builds/728703640

Sun, Sep 20, 10:33 AM · Unknown Object (Project)

Fri, Sep 11

qgarnier added a comment to T247: [sftp] sftp_new - channel opening failure.

It's not an issue about libssh. In fact, we can only open 1 channel on the ssh connection. It's because of the software: Wallix bastion. Thanks for the help!

Fri, Sep 11, 6:36 PM
qgarnier closed T247: [sftp] sftp_new - channel opening failure as Invalid.
Fri, Sep 11, 6:36 PM

Thu, Sep 3

Jakuje added a comment to T247: [sftp] sftp_new - channel opening failure.

Some server logs might be helpful, but it looks like it is some non-standard ssh implementation so it might be hard.

Thu, Sep 3, 2:40 PM
qgarnier added a comment to T247: [sftp] sftp_new - channel opening failure.

I use exactly that functions: https://github.com/garnier-quentin/perl-libssh/blob/master/lib/Libssh/Sftp.pm#L69

Thu, Sep 3, 1:17 PM
Jakuje added a comment to T247: [sftp] sftp_new - channel opening failure.

Please, share what code did you use (what function calls). The server can be restrticted to SFTP only and if you try to open different channel, it can fail. To create sftp channel, you should use just sftp_new(), sftp_init() as in the examples/samplesftp.c.

Thu, Sep 3, 12:16 PM
qgarnier updated the task description for T247: [sftp] sftp_new - channel opening failure.
Thu, Sep 3, 11:56 AM
qgarnier created T247: [sftp] sftp_new - channel opening failure.
Thu, Sep 3, 11:54 AM

Aug 26 2020

Lakkan added a comment to T245: Do ssh.dll and ssh.lib work on windows 7 operating system..

Application works fine with out invoking (any) ssh.lib functions, only it is an issue when I invoke ssh library. It works fine in windows-10 not on windows-7

Aug 26 2020, 12:54 PM · Unknown Object (Project)
ansasaki added a comment to T245: Do ssh.dll and ssh.lib work on windows 7 operating system..

Could you please specify which API you have to comment out to make it to work?

Aug 26 2020, 11:02 AM · Unknown Object (Project)
Lakkan merged T246: Do ssh.dll and ssh.lib work on windows 7 operating system. into T245: Do ssh.dll and ssh.lib work on windows 7 operating system..
Aug 26 2020, 10:48 AM · Unknown Object (Project)
Lakkan merged task T246: Do ssh.dll and ssh.lib work on windows 7 operating system. into T245: Do ssh.dll and ssh.lib work on windows 7 operating system..
Aug 26 2020, 10:48 AM
Lakkan created T246: Do ssh.dll and ssh.lib work on windows 7 operating system..
Aug 26 2020, 10:45 AM
Lakkan created T245: Do ssh.dll and ssh.lib work on windows 7 operating system..
Aug 26 2020, 10:45 AM · Unknown Object (Project)

Aug 21 2020

WilburnHart updated WilburnHart.
Aug 21 2020, 6:43 PM
ansasaki committed rLIBSSH6672a457fb61: tests: Enable RSA SHA1 certs for testing against older OpenSSH (authored by Jakuje).
tests: Enable RSA SHA1 certs for testing against older OpenSSH
Aug 21 2020, 10:41 AM
ansasaki committed rLIBSSH645106a1cabd: tests: Enable all CASignatureAlgorithms as SHA1 certificates are now disabled… (authored by Jakuje).
tests: Enable all CASignatureAlgorithms as SHA1 certificates are now disabled…
Aug 21 2020, 10:41 AM
ansasaki committed rLIBSSH737ba4a6804b: CMakeLists: Shorten the keys lists passed to the ssh command (authored by Jakuje).
CMakeLists: Shorten the keys lists passed to the ssh command
Aug 21 2020, 10:41 AM
ansasaki committed rLIBSSHd4b07d16751b: tests: Use the path to SSH executable consistently (authored by Jakuje).
tests: Use the path to SSH executable consistently
Aug 21 2020, 10:41 AM
ansasaki committed rLIBSSHd462cc30c99c: pkd client run user executable (authored by aris).
pkd client run user executable
Aug 21 2020, 10:41 AM
ansasaki committed rLIBSSHc7f35f4d49fb: pkd: fix snprintf compiler warning (authored by aris).
pkd: fix snprintf compiler warning
Aug 21 2020, 10:41 AM
ansasaki committed rLIBSSH6a1dc7df87b8: tests: use detected sshd path (authored by aris).
tests: use detected sshd path
Aug 21 2020, 10:40 AM
ansasaki committed rLIBSSH41e54ce0421a: tests: use OpenSSH-provided ciphers (authored by aris).
tests: use OpenSSH-provided ciphers
Aug 21 2020, 10:40 AM
ansasaki committed rLIBSSHa7c0ccd35e83: tests: search for netcat binary (authored by aris).
tests: search for netcat binary
Aug 21 2020, 10:40 AM
ansasaki committed rLIBSSH9ec692347983: pkd: use detected OpenSSH supported key types (authored by aris).
pkd: use detected OpenSSH supported key types
Aug 21 2020, 10:40 AM
ansasaki committed rLIBSSHd9e37c4e0941: tests: detect OpenSSH supported ciphers (authored by aris).
tests: detect OpenSSH supported ciphers
Aug 21 2020, 10:40 AM

Aug 20 2020

Jakuje closed T244: Libssh v0.9.4 implementation linking against libgcrypt seems to be broken as Resolved.

Thank you for confirming it fixed your issue. Glad to help.

Aug 20 2020, 1:18 PM
jjnicola added a comment to T244: Libssh v0.9.4 implementation linking against libgcrypt seems to be broken .

Hi,
Thank you very much. Converting the key, I was able to login in the target system. This can be closed from my side.

Aug 20 2020, 12:31 PM

Aug 17 2020

Jakuje added a comment to T244: Libssh v0.9.4 implementation linking against libgcrypt seems to be broken .

If I remember and read the code well, gcrypt does not have PEM parser (as it is mostly library for gnupg) so not all key formats are supported with gcrypt (we can do only the simple legacy PEM format, not the new PKCS8 PEM, which is default for some years in OpenSSL). OpenSSL provides sensible PEM parser which can parse quite much any key.

Aug 17 2020, 11:41 AM
jjnicola added a comment to T244: Libssh v0.9.4 implementation linking against libgcrypt seems to be broken .

Well, the log shows
[2020/08/17 09:03:59.536616, 1] pki_private_key_from_base64: Unknown or invalid private key.

Aug 17 2020, 11:25 AM

Aug 14 2020

Jakuje added a comment to T244: Libssh v0.9.4 implementation linking against libgcrypt seems to be broken .

Can you share verbose libssh log from your application attempting to log in? It should give you some idea what went wrong with this attempt.

Aug 14 2020, 6:46 PM
jjnicola created T244: Libssh v0.9.4 implementation linking against libgcrypt seems to be broken .
Aug 14 2020, 2:56 PM

Aug 13 2020

ansasaki committed rLIBSSHbe419dee0d22: README.md: Add OSS-Fuzz badge (authored by ansasaki).
README.md: Add OSS-Fuzz badge
Aug 13 2020, 6:34 PM
ansasaki committed rLIBSSH56ebe3c7d098: pki_crypto: Use temporary pointer when using i2d_* (authored by ansasaki).
pki_crypto: Use temporary pointer when using i2d_*
Aug 13 2020, 5:34 PM
ansasaki committed rLIBSSH0a9268a60f2d: CVE-2020-16135: Add missing NULL check for ssh_buffer_new() (authored by asn).
CVE-2020-16135: Add missing NULL check for ssh_buffer_new()
Aug 13 2020, 3:38 PM
Jakuje committed rLIBSSHc0b65ccc5ac7: sftp: fix documentation typos (authored by sitter).
sftp: fix documentation typos
Aug 13 2020, 9:49 AM
Jakuje committed rLIBSSH88d4fa535282: sftp: Fix more typos (authored by Jakuje).
sftp: Fix more typos
Aug 13 2020, 9:49 AM
Jakuje closed T242: typos in sftp.h as Resolved.

Merged in master as c0b65cc

Aug 13 2020, 9:39 AM · Unknown Object (Project)

Aug 12 2020

Lakkan added a comment to T243: "cd outputFolder" - changed directory successfully, but it always returns the root directory "/" when I execute the command - "pwd".

My requirement is as below:

Aug 12 2020, 5:22 PM
Jakuje added a comment to T238: "ssh_init" and "ssh_finalize" leaks memory.

On windows yes, but it would fail everywhere else, where ssh_init_mutex is static mutex. Feel free to submit your suggested change in the gitlab -- it should run it through the CI to check if it works:

Aug 12 2020, 3:47 PM · Unknown Object (Project)
matick added a comment to T238: "ssh_init" and "ssh_finalize" leaks memory.

I guess that if in function "static int _ssh_finalize(unsigned destructor)"
this:

if (!destructor) {
    ssh_mutex_unlock(&ssh_init_mutex);
}
return 0;

would be replaced with this:

if (!destructor) {
    ssh_mutex_unlock(&ssh_init_mutex);
    if (!_ssh_initialized) {
        free(ssh_init_mutex);
        ssh_init_mutex = SSH_MUTEX_STATIC_INIT;
    }
}
return 0;
Aug 12 2020, 1:54 PM · Unknown Object (Project)
Jakuje triaged T238: "ssh_init" and "ssh_finalize" leaks memory as Low priority.

This looks like Windows-only issue. If the pthreads on Linux are used, the mutex is initialized statically, which is probably a reason why it does not pop up for us. It looks like windows locks do not support static initialization.

Aug 12 2020, 1:37 PM · Unknown Object (Project)
Jakuje added a comment to T243: "cd outputFolder" - changed directory successfully, but it always returns the root directory "/" when I execute the command - "pwd".

The ssh_channel_request_exec() executes separate command in separate ssh execute channel, which on the server results in starting a new shell, executing a command and exiting. Running separate commands this way does not work if you want the one affect the other. If you need this behavior, you should check how to open a shell, feed it with commands and read the output as described in the following chapter of the tutorial: https://api.libssh.org/stable/libssh_tutor_shell.html

Aug 12 2020, 1:01 PM
Lakkan updated the task description for T243: "cd outputFolder" - changed directory successfully, but it always returns the root directory "/" when I execute the command - "pwd".
Aug 12 2020, 12:57 PM
Lakkan created T243: "cd outputFolder" - changed directory successfully, but it always returns the root directory "/" when I execute the command - "pwd".
Aug 12 2020, 12:51 PM

Aug 7 2020

Lakkan added a comment to T241: Error Message : channel request exec failed..

Server Administrator is on vacation for a week, once he is back I will share the information from the server logs. I thank you very much for your response.

Aug 7 2020, 7:03 AM · Unknown Object (Project)

Aug 5 2020

sitter created T242: typos in sftp.h.
Aug 5 2020, 3:46 PM · Unknown Object (Project)
Lakkan updated the task description for T241: Error Message : channel request exec failed..
Aug 5 2020, 10:59 AM · Unknown Object (Project)
Lakkan renamed T241: Error Message : channel request exec failed. from ssh_channel_request_exec is failed. to Error Message : channel request exec failed..
Aug 5 2020, 10:58 AM · Unknown Object (Project)
Lakkan updated the task description for T241: Error Message : channel request exec failed..
Aug 5 2020, 10:54 AM · Unknown Object (Project)
Jakuje added a comment to T241: Error Message : channel request exec failed..

Do you see some errors in the server logs?

Aug 5 2020, 8:38 AM · Unknown Object (Project)

Aug 4 2020

Lakkan assigned T241: Error Message : channel request exec failed. to 4risu.
Aug 4 2020, 7:25 PM · Unknown Object (Project)
Lakkan added a comment to T241: Error Message : channel request exec failed..

Error message is shown in the picture below.

Aug 4 2020, 7:19 PM · Unknown Object (Project)
Lakkan added a project to T241: Error Message : channel request exec failed.: Unknown Object (Project).
Aug 4 2020, 7:18 PM · Unknown Object (Project)
Lakkan updated the task description for T241: Error Message : channel request exec failed..
Aug 4 2020, 7:09 PM · Unknown Object (Project)
Lakkan updated the task description for T241: Error Message : channel request exec failed..
Aug 4 2020, 6:59 PM · Unknown Object (Project)
Lakkan updated the task description for T241: Error Message : channel request exec failed..
Aug 4 2020, 6:47 PM · Unknown Object (Project)
Lakkan added a comment to T241: Error Message : channel request exec failed..
Aug 4 2020, 6:41 PM · Unknown Object (Project)
Lakkan updated the task description for T241: Error Message : channel request exec failed..
Aug 4 2020, 6:38 PM · Unknown Object (Project)
Lakkan updated the task description for T241: Error Message : channel request exec failed..
Aug 4 2020, 6:36 PM · Unknown Object (Project)
Lakkan updated the task description for T241: Error Message : channel request exec failed..
Aug 4 2020, 6:34 PM · Unknown Object (Project)
Lakkan updated the task description for T241: Error Message : channel request exec failed..
Aug 4 2020, 6:33 PM · Unknown Object (Project)
Lakkan updated the task description for T241: Error Message : channel request exec failed..
Aug 4 2020, 6:33 PM · Unknown Object (Project)
Lakkan created T241: Error Message : channel request exec failed..
Aug 4 2020, 6:31 PM · Unknown Object (Project)

Jul 23 2020

CBockelmann added a comment to T161: Implement certificate key types for hostkeys.

We are currently trying to get x2go running with a teleport (https://gravitational.com/teleport) based bastion host. Teleport issues host as well as user certificates, which currently blocks x2go usage through the bastion host.

Jul 23 2020, 1:29 PM · Unknown Object (Project)

Jul 16 2020

asn committed rLIBSSH7aad964cef39: tests: Add test case for T191 (authored by ansasaki).
tests: Add test case for T191
Jul 16 2020, 1:25 PM
asn committed rLIBSSH3e23fb8a24d1: tests: Add a test case for T75 (authored by ansasaki).
tests: Add a test case for T75
Jul 16 2020, 1:25 PM
asn closed T240: Create test case for T191 as Resolved by committing rLIBSSH7aad964cef39: tests: Add test case for T191.
Jul 16 2020, 1:25 PM · Unknown Object (Project)
asn committed rLIBSSH90e56df74e30: Disable *-cbc ciphers by default (authored by Jakuje).
Disable *-cbc ciphers by default
Jul 16 2020, 1:24 PM
asn closed T239: Create test case for T75 as Resolved by committing rLIBSSH3e23fb8a24d1: tests: Add a test case for T75.
Jul 16 2020, 1:24 PM · Unknown Object (Project)
asn closed T236: Disable *-cbc ciphers by default as Resolved by committing rLIBSSH90e56df74e30: Disable *-cbc ciphers by default.
Jul 16 2020, 1:24 PM · Unknown Object (Project)
asn committed rLIBSSHdcae43fa6bf0: misc: Do not confuse client/server in debug messages (authored by Jakuje).
misc: Do not confuse client/server in debug messages
Jul 16 2020, 1:24 PM
asn committed rLIBSSH906cc7e7e950: pki: Avoid memory leak on invalid curve NID (authored by Jakuje).
pki: Avoid memory leak on invalid curve NID
Jul 16 2020, 1:24 PM
asn committed rLIBSSHf85464b9002c: packet: Fix unterminated brace and better context name in debug message (authored by Jakuje).
packet: Fix unterminated brace and better context name in debug message
Jul 16 2020, 1:24 PM

Jul 15 2020

Jakuje closed T235: Consider libsodium as an alternative to nacl as Resolved.

No problem. I had to check how is this used in libssh myself as I never looked into this before.

Jul 15 2020, 9:18 PM · Unknown Object (Project)
Jakuje added a project to T237: ssh_packet_disconnect_callback: Received SSH_MSG_DISCONNECT 3:invalid DH value: Unknown Object (Project).
Jul 15 2020, 9:04 PM · Unknown Object (Project)
ansasaki triaged T240: Create test case for T191 as Normal priority.
Jul 15 2020, 12:41 PM · Unknown Object (Project)
ansasaki created T240: Create test case for T191.
Jul 15 2020, 11:51 AM · Unknown Object (Project)

Jul 14 2020

ansasaki triaged T239: Create test case for T75 as Normal priority.
Jul 14 2020, 4:47 PM · Unknown Object (Project)
matick created T238: "ssh_init" and "ssh_finalize" leaks memory.
Jul 14 2020, 3:23 PM · Unknown Object (Project)

Jul 11 2020

Jakuje added a comment to T237: ssh_packet_disconnect_callback: Received SSH_MSG_DISCONNECT 3:invalid DH value.

We test interoperability with OpenSSH so our implementation is compatible with OpenSSH one. So either we both are wrong or the srtSSHServer_11.00 is wrong. I would recommend you either check the server side for more logs or errors and/or contact the vendor/support of the server that you have this issue. It should be trivial for them to reproduce/debug the issue as libssh and openssh are opensource and they can reliably reproduce the issue. From just this log, we can hardly guess what the blackbox server does not like on this key exchange method implementation.

Jul 11 2020, 10:09 AM · Unknown Object (Project)

Jul 9 2020

qgarnier added a comment to T237: ssh_packet_disconnect_callback: Received SSH_MSG_DISCONNECT 3:invalid DH value.

Here the debug. It seems OpenSSH has the same issue.

Jul 9 2020, 11:43 AM · Unknown Object (Project)

Jul 8 2020

Jakuje added a comment to T237: ssh_packet_disconnect_callback: Received SSH_MSG_DISCONNECT 3:invalid DH value.

Thanks for confirmation. Even though you can not change the server settings, there might be something useful in the logs pointing out what is the issue. It could be bug in srtSSHServer implementation or libssh implementation of the new diffie-hellman-group18-sha512 so it is worth investigating.

Jul 8 2020, 8:01 AM · Unknown Object (Project)

Jul 7 2020

qgarnier added a comment to T237: ssh_packet_disconnect_callback: Received SSH_MSG_DISCONNECT 3:invalid DH value.

With following in ssh_config for my host, it's working:
Host 192.168.xxx.xxx

KexAlgorithms diffie-hellman-group1-sha1
Jul 7 2020, 5:09 PM · Unknown Object (Project)