Page MenuHomePhabricator

Open Tasks

Needs Triage (10)

High (5)

Active Repositories

Recent Activity

Yesterday

Jakuje added a comment to T174: pkd_hello fails for some host key types.

The tests/pkd/pkd_util.c already parses the openssh version so it can be used with a bit of refactoring. Or you can adjust the tests/CMakeLists.txt to expose the already-collected versions also the pkd tests and allow these alogirhtms only on the newer openssh.

Thu, Sep 19, 5:32 PM

Wed, Sep 18

Jakuje updated subscribers of T75: OpenSSH : ssh_channel_new and ssh_channel_open_session blocks when we reach MaxSessions limit.

Thank you for testing. Whether and where to list your perl bindings in the main page, that is more up to @asn, but I do not think it should be a problem.

Wed, Sep 18, 10:43 AM · Restricted Project
qgarnier added a comment to T75: OpenSSH : ssh_channel_new and ssh_channel_open_session blocks when we reach MaxSessions limit.

I have a request. Could you add the perl binding in the listing ? Or is not enough finished for that ?

Wed, Sep 18, 9:41 AM · Restricted Project
qgarnier added a comment to T75: OpenSSH : ssh_channel_new and ssh_channel_open_session blocks when we reach MaxSessions limit.

I have tested and it's working now! Thanks

Wed, Sep 18, 9:35 AM · Restricted Project

Tue, Sep 17

qgarnier added a comment to T75: OpenSSH : ssh_channel_new and ssh_channel_open_session blocks when we reach MaxSessions limit.

Thanks! I test tomorrow with your patch on libssh. I give you a feedback if it solved or not.

Tue, Sep 17, 4:50 PM · Restricted Project
Jakuje added a comment to T75: OpenSSH : ssh_channel_new and ssh_channel_open_session blocks when we reach MaxSessions limit.

Thank you for the reproducer. I can confirm and reproduce with your attached code. This is the backtrace:

#0  0x00007f8df8576c10 in __poll_nocancel () from /lib64/libc.so.6
#1  0x00007f8df14d58c0 in ssh_poll () from /lib64/libssh.so.4
#2  0x00007f8df14d6033 in ssh_poll_ctx_dopoll () from /lib64/libssh.so.4
#3  0x00007f8df14d798c in ssh_handle_packets () from /lib64/libssh.so.4
#4  0x00007f8df14d7a93 in ssh_handle_packets_termination () from /lib64/libssh.so.4
#5  0x00007f8df14ae889 in channel_request () from /lib64/libssh.so.4
#6  0x00007f8df14afa6b in ssh_channel_request_exec () from /lib64/libssh.so.4
#7  0x00007f8df1740837 in XS_Libssh__Session_ssh_channel_request_exec ()
   from /usr/lib64/perl5/vendor_perl/auto/Libssh/Session/Session.so
#8  0x00007f8df989c41f in Perl_pp_entersub () from /usr/lib64/perl5/CORE/libperl.so
#9  0x00007f8df9894b96 in Perl_runops_standard () from /usr/lib64/perl5/CORE/libperl.so
#10 0x00007f8df9831985 in perl_run () from /usr/lib64/perl5/CORE/libperl.so
#11 0x0000000000400ce9 in main ()

In the server, log the event of failed session opening is visible here:

Sep 17 14:59:42 jjelen-rhel-7.3 sshd[1553]: debug1: channel 10: new [server-session]
Sep 17 14:59:42 jjelen-rhel-7.3 sshd[1553]: debug1: session_open: channel 10
Sep 17 14:59:42 jjelen-rhel-7.3 sshd[1553]: error: no more sessions
Sep 17 14:59:42 jjelen-rhel-7.3 sshd[1553]: debug1: session open failed, free channel 10
Sep 17 14:59:42 jjelen-rhel-7.3 sshd[1553]: debug1: channel 10: free: server-session, nchannels 11
Sep 17 14:59:42 jjelen-rhel-7.3 sshd[1553]: debug3: channel 10: status: The following connections are open:\r\n ...
Sep 17 14:59:42 jjelen-rhel-7.3 sshd[1553]: debug1: server_input_channel_open: failure session
Tue, Sep 17, 4:46 PM · Restricted Project
qgarnier added a comment to T75: OpenSSH : ssh_channel_new and ssh_channel_open_session blocks when we reach MaxSessions limit.

You can test it if you have a rhel/centos 7. Need to install rpm:
https://github.com/garnier-quentin/perl-libssh/tree/master/contrib/RPMS

Tue, Sep 17, 9:21 AM · Restricted Project
akobel added a comment to T169: Support multi-criteria Match like Match host `hostname` exec `statement`.

Hi Jakub,

Tue, Sep 17, 9:19 AM · Restricted Project
qgarnier added a comment to T75: OpenSSH : ssh_channel_new and ssh_channel_open_session blocks when we reach MaxSessions limit.

I didn't test with 'MaxSession 0'. I let the default value. I have done a new test with libssh 0.9.0. I tried to open 12 channels at the same time. Now it hangs on 'ssh_channel_request_exec'.
I should have an error before when i tries to open a session with 'ssh_channel_open_session' no ?

Tue, Sep 17, 9:18 AM · Restricted Project

Mon, Sep 16

Jakuje claimed T169: Support multi-criteria Match like Match host `hostname` exec `statement`.

I implemented the match exec. Can you try if it works for you as expected in your use case? There are several commits adjusting the tests and as well as I had to implement new token parsing function, but my basic tests looked good. This code also does not work on windows since I am not Windows developer, but if interested, I believe there will be somebody who could implement that.

Mon, Sep 16, 6:11 PM · Restricted Project
Jakuje closed T165: 0.9.0 gcc compiler warnings deprecated-declarations as Resolved.
Mon, Sep 16, 12:56 PM · Restricted Project
Jakuje closed T137: Difference between sftp_new() and sftp_init() is not clear as Resolved.
Mon, Sep 16, 12:56 PM · Restricted Project
Jakuje closed T142: torture_proxycommand failing as Resolved.

The original issue should be resolved in master now.

Mon, Sep 16, 12:56 PM · Restricted Project
Jakuje committed rLIBSSH4900ab6ca9a0: Skip the proxycommand test in case the netcat is not avaliable (authored by Jakuje).
Skip the proxycommand test in case the netcat is not avaliable
Mon, Sep 16, 12:44 PM
Jakuje committed rLIBSSH83fa060cec0f: known_hosts: Avoid using deprecated functions (even from deprecated functions) (authored by Jakuje).
known_hosts: Avoid using deprecated functions (even from deprecated functions)
Mon, Sep 16, 12:44 PM
Jakuje committed rLIBSSH618b858e49ce: sftp: Improve the documentation of sftp_init() and sftp_new() (authored by Jakuje).
sftp: Improve the documentation of sftp_init() and sftp_new()
Mon, Sep 16, 12:44 PM
foxge triaged T176: I have upgraded libssh from 0.7.6 to 0.9.0 to use diffie-hellman-group-exchange-sha256 kex algo both in client and server, but I found that memory leak , see details as High priority.
Mon, Sep 16, 10:33 AM · Restricted Project
Jakuje added a project to T172: libssh 0.8.7 failed to build in debug mode with openssl 1.1.1c: Restricted Project.
Mon, Sep 16, 9:49 AM · Restricted Project
Jakuje added a project to T175: Building v9.0.0 with gcc 7.4.0 fails.: Restricted Project.
Mon, Sep 16, 9:47 AM · Restricted Project
Jakuje added a comment to T142: torture_proxycommand failing.

Aris, can you open a new bug for this, ideally with more debug information as proposed by @ansasaki?

Mon, Sep 16, 9:42 AM · Restricted Project
TheMarlboroMan created T175: Building v9.0.0 with gcc 7.4.0 fails..
Mon, Sep 16, 8:44 AM · Restricted Project

Sun, Sep 15

aris added a comment to T137: Difference between sftp_new() and sftp_init() is not clear.
In T137#2665, @adelton wrote:

I like the proposed wording, @Jakuje.
If the semantics get changed later, the documentation will change with it. But I'd prefer not waiting for the refactoring and just update the description now, as the first step.

Sun, Sep 15, 9:11 PM · Restricted Project
adelton added a comment to T137: Difference between sftp_new() and sftp_init() is not clear.

I like the proposed wording, @Jakuje.

Sun, Sep 15, 3:56 PM · Restricted Project

Fri, Sep 13

aris added a comment to T137: Difference between sftp_new() and sftp_init() is not clear.

That code is awfully old (probably 2004-2005). The idea was probably separating the SSH part and the SFTP parts. Today it makes little sense. Also both calls are synchronous and blocking. Your proposed patch describes well what it does today. Given the time I'd improve the actual implementation and move everything that handles network into sftp_init() and leave sftp_new() to memory allocation only like it's standard in the rest of the library.

Fri, Sep 13, 6:37 PM · Restricted Project
aris added a comment to T142: torture_proxycommand failing.

Hi Jakub,

Fri, Sep 13, 6:08 PM · Restricted Project
Jakuje added a comment to T142: torture_proxycommand failing.

Can you check the following patch if t addresses the issue for you?

Fri, Sep 13, 5:41 PM · Restricted Project
Jakuje added a comment to T142: torture_proxycommand failing.

I am getting exactly the same result as the OP when I remove the /usr/bin/nc, which is used in the respective failing test so I assume that this is the issue, but the error should be more properly reported and the test probably skipped in case the netcat is not in place. I will submit a patch.

Fri, Sep 13, 5:30 PM · Restricted Project
Jakuje added a comment to T142: torture_proxycommand failing.

Thank you for having a look into that. In that case, I am wondering why it did work for me and for the CI we run, but I think most of that is on Fedora, which might be a difference. Can you check whether the netcat (nc) is installed in your system?

Fri, Sep 13, 5:23 PM · Restricted Project
aris triaged T174: pkd_hello fails for some host key types as Low priority.
Fri, Sep 13, 5:22 PM
aris reopened T142: torture_proxycommand failing as "Open".

Closed it by mistake

Fri, Sep 13, 5:12 PM · Restricted Project
aris closed T142: torture_proxycommand failing as Resolved.

cc @Jakuje, git blame says you touched that code last :)

Fri, Sep 13, 5:11 PM · Restricted Project
aris added a comment to T142: torture_proxycommand failing.

I found this problem too when trying to set up the test environment on Ubuntu 18.04. The root cause is that the test calls the ssh binary from the fake root user. It fails because ssh can't find uid 0 in /etc/passwd, then fails because of missing known hosts keys and authentication keys. I don't know how that test could work elsewhere.
I made a patch that assumes it's running as root and create the missing keys. A better way would be to force the test cases to run as bob but I haven't found the proper way of doing this.

Fri, Sep 13, 5:10 PM · Restricted Project
Jakuje added a comment to T75: OpenSSH : ssh_channel_new and ssh_channel_open_session blocks when we reach MaxSessions limit.

I just tested the ssh-client from examples, which is using channel_open with sshd configured with MaxSessions 0 and it is correctly failing and not hanging for me. Can you test with current libssh master or 0.9 and provide more ellaborate reproducer?

Fri, Sep 13, 2:59 PM · Restricted Project
Jakuje added a comment to T137: Difference between sftp_new() and sftp_init() is not clear.

The file doc/sftp.dox contains the following information (not sure whether it is rendered somewhere on the web):

Fri, Sep 13, 2:47 PM · Restricted Project
TheMarlboroMan created T173: v9.0 example and cpp wrappers returning -1 on ssh_channel_read and ssh_channel_read_timeout.
Fri, Sep 13, 1:55 PM
Jakuje added a comment to T165: 0.9.0 gcc compiler warnings deprecated-declarations.

This should be addressed by using the new API even inside of the deprecated functions without the change of functionality. Can you try the following patch?

Fri, Sep 13, 1:29 PM · Restricted Project
davidwed closed T170: Add HAVE_INTTYPES_H as Wontfix.
Fri, Sep 13, 1:20 PM · Restricted Project
davidwed added a comment to T170: Add HAVE_INTTYPES_H.

I wanted to compile the lib with the bcc32 compiler ( Win32 / Borland / Embarcadero ).

Fri, Sep 13, 1:19 PM · Restricted Project
Jakuje added a comment to T170: Add HAVE_INTTYPES_H.

The modification of the libssh.h is breaking other applications (for example the applications in example directory) using this header file not defining HAVE_INTTYPES_H and HAVE_UNISTD_H themselves. Can you clarify what problem are you solving by this and on what system you do not have these header files?

Fri, Sep 13, 12:46 PM · Restricted Project
Jakuje added a comment to T172: libssh 0.8.7 failed to build in debug mode with openssl 1.1.1c.

Did you try the latest libssh 0.9 [1]. Not sure what went wrong with the old version, but the windows builds are part of CI and they should work in recent version

Fri, Sep 13, 12:04 PM · Restricted Project