NetBSD Problem Report #43221
From tron@zhadum.org.uk Thu Apr 29 08:01:21 2010
Return-Path: <tron@zhadum.org.uk>
Received: from mail.netbsd.org (mail.netbsd.org [204.152.190.11])
by www.NetBSD.org (Postfix) with ESMTP id C942263B8FE
for <gnats-bugs@gnats.NetBSD.org>; Thu, 29 Apr 2010 08:01:20 +0000 (UTC)
Message-Id: <20100429080117.B649BF931A@lyssa.zhadum.org.uk>
Date: Thu, 29 Apr 2010 09:01:17 +0100 (BST)
From: tron@zhadum.org.uk
Reply-To: tron@zhadum.org.uk
To: gnats-bugs@gnats.NetBSD.org
Subject: ssh(1) doesn't support MAC 'umac-64@openssh.com'
X-Send-Pr-Version: 3.95
>Number: 43221
>Category: bin
>Synopsis: ssh(1) doesn't support MAC 'umac-64@openssh.com'
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: tron
>State: closed
>Class: doc-bug
>Submitter-Id: net
>Arrival-Date: Thu Apr 29 08:05:00 +0000 2010
>Closed-Date: Thu May 20 08:58:02 +0000 2010
>Last-Modified: Thu May 20 08:58:02 +0000 2010
>Originator: tron@zhadum.org.uk
>Release: NetBSD 5.99.27
>Organization:
Matthias Scheler http://zhadum.org.uk/
>Environment:
System: NetBSD lyssa.zhadum.org.uk 5.99.27 NetBSD 5.99.27 (LYSSA) #0: Fri Apr 23 11:26:15 BST 2010 tron@lyssa.zhadum.org.uk:/src/sys/compile/LYSSA i386
Architecture: i386
Machine: i386
>Description:
The ssh_config(1) manual page claims that the default list of MAC algorithms
supported by ssh(1) looks like this:
hmac-md5,hmac-sha1,umac-64@openssh.com,
hmac-ripemd160,hmac-sha1-96,hmac-md5-96
But 'umac-64@openssh.com' doesn't actually work:
tron@lyssa:~>ssh -m umac-64@openssh.com colwyn
Unknown mac type 'umac-64@openssh.com'
The other algorithms are really supported:
tron@lyssa:~>ssh -m hmac-ripemd160 colwyn
Last login: Thu Apr 29 08:53:37 2010 from excalibur.zhadum.org.uk
NetBSD 5.0_STABLE (COLWYN.64) #0: Mon Jan 25 15:37:55 GMT 2010
Welcome to NetBSD!
tron@colwyn:~>
>How-To-Repeat:
ssh -m umac-64@openssh.com <hostname>
>Fix:
We should either change the manual page or enable support for the
missing MAC algorithm.
>Release-Note:
>Audit-Trail:
From: Martin Husemann <martin@duskware.de>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: bin/43221: ssh(1) doesn't support MAC 'umac-64@openssh.com'
Date: Thu, 29 Apr 2010 10:14:52 +0200
On Thu, Apr 29, 2010 at 08:05:00AM +0000, tron@zhadum.org.uk wrote:
> We should either change the manual page or enable support for the
> missing MAC algorithm.
It has been disabled because when it first appeared it died horribly on
alignement critical archs, and the code was XXXXX^W "not easily fixable".
If the code has been cleaned up upstream, feel free to reenable it.
Test case is simple: run ssh (using umac) on sparc64, connect to sshd on
sparc64, if you get a shell, everything is fine.
Martin
From: christos@zoulas.com (Christos Zoulas)
To: gnats-bugs@NetBSD.org, gnats-admin@netbsd.org, netbsd-bugs@netbsd.org
Cc:
Subject: Re: bin/43221: ssh(1) doesn't support MAC 'umac-64@openssh.com'
Date: Thu, 29 Apr 2010 08:59:46 -0400
On Apr 29, 8:05am, tron@zhadum.org.uk (tron@zhadum.org.uk) wrote:
-- Subject: bin/43221: ssh(1) doesn't support MAC 'umac-64@openssh.com'
| >Number: 43221
| >Category: bin
| >Synopsis: ssh(1) doesn't support MAC 'umac-64@openssh.com'
| >Confidential: no
| >Severity: non-critical
| >Priority: low
| >Responsible: bin-bug-people
| >State: open
| >Class: sw-bug
| >Submitter-Id: net
| >Arrival-Date: Thu Apr 29 08:05:00 +0000 2010
| >Originator: tron@zhadum.org.uk
| >Release: NetBSD 5.99.27
| >Organization:
| Matthias Scheler http://zhadum.org.uk/
| >Environment:
| System: NetBSD lyssa.zhadum.org.uk 5.99.27 NetBSD 5.99.27 (LYSSA) #0: Fri Apr 23 11:26:15 BST 2010 tron@lyssa.zhadum.org.uk:/src/sys/compile/LYSSA i386
| Architecture: i386
| Machine: i386
| >Description:
| The ssh_config(1) manual page claims that the default list of MAC algorithms
| supported by ssh(1) looks like this:
|
| hmac-md5,hmac-sha1,umac-64@openssh.com,
| hmac-ripemd160,hmac-sha1-96,hmac-md5-96
|
| But 'umac-64@openssh.com' doesn't actually work:
|
| tron@lyssa:~>ssh -m umac-64@openssh.com colwyn
| Unknown mac type 'umac-64@openssh.com'
|
| The other algorithms are really supported:
|
| tron@lyssa:~>ssh -m hmac-ripemd160 colwyn
| Last login: Thu Apr 29 08:53:37 2010 from excalibur.zhadum.org.uk
| NetBSD 5.0_STABLE (COLWYN.64) #0: Mon Jan 25 15:37:55 GMT 2010
|
| Welcome to NetBSD!
|
| tron@colwyn:~>
|
| >How-To-Repeat:
| ssh -m umac-64@openssh.com <hostname>
|
| >Fix:
| We should either change the manual page or enable support for the
| missing MAC algorithm.
Change the man page; the umac-64 code is poorly written and will not work
for architectures with alignment constraints.
christos
Responsible-Changed-From-To: bin-bug-people->tron
Responsible-Changed-By: tron@NetBSD.org
Responsible-Changed-When: Thu, 29 Apr 2010 17:37:33 +0000
Responsible-Changed-Why:
I'll handle this PR.
From: Matthias Scheler <tron@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/43221 CVS commit: src/crypto/external/bsd/openssh/dist
Date: Thu, 29 Apr 2010 17:56:53 +0000
Module Name: src
Committed By: tron
Date: Thu Apr 29 17:56:53 UTC 2010
Modified Files:
src/crypto/external/bsd/openssh/dist: ssh_config ssh_config.5
sshd_config.5
Log Message:
Don't mention "umac-64@openssh.com" MAC algorithm which is not enabled
in our SSH client and daemon as it causes crashes on architectures which
strict aligment requirements (e.g. NetBSD/sparc64).
This fixes PR bin/43221 by myself.
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssh/dist/ssh_config \
src/crypto/external/bsd/openssh/dist/ssh_config.5
cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/openssh/dist/sshd_config.5
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
State-Changed-From-To: open->pending-pullups
State-Changed-By: tron@NetBSD.org
State-Changed-When: Thu, 29 Apr 2010 18:01:42 +0000
State-Changed-Why:
The documentation and examples have been fixed in NetBSD-current.
I've requested a pullup into the "netbsd-5" branch.
From: Soren Jacobsen <snj@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/43221 CVS commit: [netbsd-5] src/crypto/dist/ssh
Date: Thu, 20 May 2010 05:25:30 +0000
Module Name: src
Committed By: snj
Date: Thu May 20 05:25:30 UTC 2010
Modified Files:
src/crypto/dist/ssh [netbsd-5]: ssh_config ssh_config.5 sshd_config.5
Log Message:
Pull up following revision(s) (requested by drochner in ticket #1384):
crypto/external/bsd/openssh/dist/ssh_config.5: revision 1.3 via patch
crypto/external/bsd/openssh/dist/sshd_config.5: revision 1.4 via patch
crypto/external/bsd/openssh/dist/ssh_config: revision 1.3 via patch
Don't mention "umac-64@openssh.com" MAC algorithm which is not enabled
in our SSH client and daemon as it causes crashes on architectures which
strict aligment requirements (e.g. NetBSD/sparc64).
This fixes PR bin/43221 by myself.
To generate a diff of this commit:
cvs rdiff -u -r1.14 -r1.14.6.1 src/crypto/dist/ssh/ssh_config
cvs rdiff -u -r1.16 -r1.16.8.1 src/crypto/dist/ssh/ssh_config.5
cvs rdiff -u -r1.15 -r1.15.8.1 src/crypto/dist/ssh/sshd_config.5
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
State-Changed-From-To: pending-pullups->closed
State-Changed-By: tron@NetBSD.org
State-Changed-When: Thu, 20 May 2010 08:58:02 +0000
State-Changed-Why:
The change has been pulled up.
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.