There's a side issue of the proxy commands is being left open. Still looking into that

I have something working. If the theory holds and that's a reasonable check then I'll do that.

Theory sounds right. Were you able to confirm this theory and fix your code to handle empty responses?

i have a theory about this now :)

I think supporting mbedtls in future would be nice as it is GPL licensed. libgcrypt is just a mess and we should remove it at one point.

I think this was addressed by https://gitlab.com/libssh/libssh-mirror/merge_requests/63 for OpenSSL.

I think we should update the documentation so it is clear that the structure needs to be valid as long as the channel/session is valid.

Hi Jakub,

The first issue was fixed in 65bc24d8 which is already in libssh 0.9 release. The second is probably fixed by 58113d48, which is also part of 0.9 release. Can you retest with 0.9?

Yes, of course. I am not at it right now, but it is am almost sure it is an Ubuntu 16, 64bit, with GCC 7.4.0. The system itself is standard issue but GCC i had to add some PPAs (I think) and apt-get install. Let me know if you need anything else.

Can you clarify on what platform you are experiencing these issues?

Thank you for the bug report. Indeed, the handling of the modulus and generator is wrong. These bignums are copied in the ssh_dh_set_parameters() into the keypair structures (when using openssl backend), but the calling function did not free them as expected. Also the handling of errors was wrong in case of some failures checking them.

The tests/pkd/pkd_util.c already parses the openssh version so it can be used with a bit of refactoring. Or you can adjust the tests/CMakeLists.txt to expose the already-collected versions also the pkd tests and allow these alogirhtms only on the newer openssh.

Thank you for testing. Whether and where to list your perl bindings in the main page, that is more up to @asn, but I do not think it should be a problem.

I have a request. Could you add the perl binding in the listing ? Or is not enough finished for that ?

I have tested and it's working now! Thanks

== authentification succeeded
================================================
=== exit = -1
error: Channel opening failure: channel 53 error (1) open failed
================================================
================================================
=== exit = -1
error: Channel opening failure: channel 54 error (1) open failed
================================================
================================================
=== exit = -1
error: Channel opening failure: channel 55 error (1) open failed
...

Thanks! I test tomorrow with your patch on libssh. I give you a feedback if it solved or not.

Thank you for the reproducer. I can confirm and reproduce with your attached code. This is the backtrace:

#0  0x00007f8df8576c10 in __poll_nocancel () from /lib64/libc.so.6
#1  0x00007f8df14d58c0 in ssh_poll () from /lib64/libssh.so.4
#2  0x00007f8df14d6033 in ssh_poll_ctx_dopoll () from /lib64/libssh.so.4
#3  0x00007f8df14d798c in ssh_handle_packets () from /lib64/libssh.so.4
#4  0x00007f8df14d7a93 in ssh_handle_packets_termination () from /lib64/libssh.so.4
#5  0x00007f8df14ae889 in channel_request () from /lib64/libssh.so.4
#6  0x00007f8df14afa6b in ssh_channel_request_exec () from /lib64/libssh.so.4
#7  0x00007f8df1740837 in XS_Libssh__Session_ssh_channel_request_exec ()
   from /usr/lib64/perl5/vendor_perl/auto/Libssh/Session/Session.so
#8  0x00007f8df989c41f in Perl_pp_entersub () from /usr/lib64/perl5/CORE/libperl.so
#9  0x00007f8df9894b96 in Perl_runops_standard () from /usr/lib64/perl5/CORE/libperl.so
#10 0x00007f8df9831985 in perl_run () from /usr/lib64/perl5/CORE/libperl.so
#11 0x0000000000400ce9 in main ()

In the server, log the event of failed session opening is visible here:

Sep 17 14:59:42 jjelen-rhel-7.3 sshd[1553]: debug1: channel 10: new [server-session]
Sep 17 14:59:42 jjelen-rhel-7.3 sshd[1553]: debug1: session_open: channel 10
Sep 17 14:59:42 jjelen-rhel-7.3 sshd[1553]: error: no more sessions
Sep 17 14:59:42 jjelen-rhel-7.3 sshd[1553]: debug1: session open failed, free channel 10
Sep 17 14:59:42 jjelen-rhel-7.3 sshd[1553]: debug1: channel 10: free: server-session, nchannels 11
Sep 17 14:59:42 jjelen-rhel-7.3 sshd[1553]: debug3: channel 10: status: The following connections are open:\r\n ...
Sep 17 14:59:42 jjelen-rhel-7.3 sshd[1553]: debug1: server_input_channel_open: failure session

You can test it if you have a rhel/centos 7. Need to install rpm:
https://github.com/garnier-quentin/perl-libssh/tree/master/contrib/RPMS

Hi Jakub,

I didn't test with 'MaxSession 0'. I let the default value. I have done a new test with libssh 0.9.0. I tried to open 12 channels at the same time. Now it hangs on 'ssh_channel_request_exec'.
I should have an error before when i tries to open a session with 'ssh_channel_open_session' no ?

I implemented the match exec. Can you try if it works for you as expected in your use case? There are several commits adjusting the tests and as well as I had to implement new token parsing function, but my basic tests looked good. This code also does not work on windows since I am not Windows developer, but if interested, I believe there will be somebody who could implement that.

The original issue should be resolved in master now.

Aris, can you open a new bug for this, ideally with more debug information as proposed by @ansasaki?