[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Problems exchanging data with remote server


On Monday 01 August 2011 09:50:15 you wrote:
> Hi all,

Hi,

it looks like libssh sent the package which your F-Secure SSH server doesn't 
like. This is really strange since I don't the a window adjustment. I think 
wie need really a full log of this and you have to wait until Aris is back 
from his "vacataion" :)
I think this is a bug in F-Secure cause there are reports for this problem 
with OpenSSH too bug maybe we can work around it.

So could you please create a full debug log and attach it here or send it in 
private.

> Q1. Could it be that window size negotiation is indeed a problem here and
> that it can/may not be adjusted after the connection establishment and
> authentication have been completed?

The window is set up when you create the channel:

[2] Received a CHANNEL_OPEN_CONFIRMATION for channel 43:0
[2] Remote window : 100000, maxpacket : 32000

The only thing I see is that the max packet size here is to small. From the 
spec:

   All implementations MUST be able to process packets with an
   uncompressed payload length of 32768 bytes or less and a total packet
   size of 35000 bytes or less.

It could be an issue but doesn't have to.
 
> Q2. Are you aware of any issues with the implementation of SSHv2 in the
> F-Secure SSH server?

Not at the moment cause you're the first user which reports problems.

> Q3. Is there any difference in the 'ssh_channel_write()' and the
> 'ssh_channel_request_exec()' functions? Currently we are using the former
> call and the data is actually just a string with the command we wish to
> execute (and len is set to the length of the string). Could we, or perhaps
> should we, be using the latter function call?

Did you request a shell and execute commands there? I don't understand how 
just ssh_channel_write() should work without a shell :)


If I send you patches could you apply and test them?

Cheers,


	-- andreas


> This e-mail and any attachment is for authorised use by the intended
> recipient(s) only. It contains proprietary material, confidential
> information and/or be subject to legal privilege. It should not be copied,
> disclosed to, retained or used by, any other party. If you are not an
> intended recipient then please promptly delete this e-mail and any
> attachment and all copies and inform the sender. Thank you.

This is a strange statement for a mail sent to a public mailing list :)

-- 
Andreas Schneider                   GPG-ID: F33E3FC6
www.cryptomilk.org                asn@xxxxxxxxxxxxxx


Follow-Ups:
RE: Problems exchanging data with remote server"Herwin Kleinjan" <herwin.kleinjan@xxxxxxxxxxx>
Re: Problems exchanging data with remote serverAndreas Schneider <asn@xxxxxxxxxxxxxx>
Archive administrator: postmaster@lists.cynapses.org