[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: HMAC error


Hi Aris,

My code is very basic and doesn't include recursive call.

ssh_channel channels[2] = { 0 };
channels[0] = chan;
sel_code = ssh_select(channels, outchannels, maxFD + 1, &my_fd_set, p_timeval);
if (sel_code == SSH_OK) {
                if (outchannels[0])
ssh_channel_read_nonblocking(chan, buf, numBytesToRead, 0);
}

As far as I can see there is a recursive call in libssh.

int ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user)
{
...
      if(processed < receivedlen){
                /* Handle a potential packet left in socket buffer */
                ssh_log(session,SSH_LOG_PACKET,"Processing %" PRIdS " bytes left in socket buffer", receivedlen-processed);
                rc = ssh_packet_socket_callback((char *)data + processed, receivedlen - processed,user);
                processed += rc;
      }
...
}

I suspect there is a problem receiving large payload.
I notice that buffer size in call to "recv" is currently set to 4096.
I will try to increase it and let you know if it solved my problem ...

Thanks in advance,
Aviv

From: Aris Adamantiadis [mailto:aris@xxxxxxxxxxxx]
Sent: Friday, July 06, 2012 11:51 AM
To: libssh@xxxxxxxxxx
Subject: Re: HMAC error

Hello,

Sorry I took so much time to answer.
Unfortunately I don't understand what's happening there.
These three lines :

leaving function ssh_packet_socket_callback line 294 in /auto/ns_nm/users/azilber/SSH/libssh/libssh-0.5.1/src/packet.c
leaving function ssh_packet_socket_callback line 282 in /auto/ns_nm/users/azilber/SSH/libssh/libssh-0.5.1/src/packet.c
leaving function ssh_packet_socket_callback line 282 in /auto/ns_nm/users/azilber/SSH/libssh/libssh-0.5.1/src/packet.c
leaving function ssh_packet_socket_callback line 282 in /auto/ns_nm/users/azilber/SSH/libssh/libssh-0.5.1/src/packet.c*1* entering function

Show that at some point, there was some recursion which is not expected in libssh.
Do you use callbacks ? It is unsafe to use ssh_channel_read-like function calls inside callback processing.
A sample of your code would help a lot.

Thx,

Aris



Le 2/07/12 15:07, Aviv Zilberman a écrit :
Hi,

I moved my application to single process but I am still facing HMAC error.
Below is a snap of the last few lines in log.

Thanks in advance,
Aviv


entering function ssh_channel_poll line 2495 in /auto/ns_nm/users/azilber/SSH/libssh/libssh-0.5.1/src/channels.c
entering function ssh_handle_packets line 446 in /auto/ns_nm/users/azilber/SSH/libssh/libssh-0.5.1/src/session.c
entering function ssh_packet_socket_callback line 138 in /auto/ns_nm/users/azilber/SSH/libssh/libssh-0.5.1/src/packet.c
Read a 1340 bytes packet
Decrypting 1328 bytes
20 bytes padding, 1339 bytes left in buffer
After padding, 1319 bytes left in buffer
entering function ssh_packet_parse_type line 406 in /auto/ns_nm/users/azilber/SSH/libssh/libssh-0.5.1/src/packet.c
Final size 1319
Type 94
leaving function ssh_packet_parse_type line 426 in /auto/ns_nm/users/azilber/SSH/libssh/libssh-0.5.1/src/packet.c
entering function ssh_packet_process line 342 in /auto/ns_nm/users/azilber/SSH/libssh/libssh-0.5.1/src/packet.c
Dispatching handler for packet type 94
entering function channel_rcv_data line 461 in /auto/ns_nm/users/azilber/SSH/libssh/libssh-0.5.1/src/channels.c
Channel receiving 1310 bytes data in 0 (local win=93430 remote win=36320)
placing 1310 bytes into channel buffer (stderr=0)
Channel windows are now (local win=92120 remote win=36320)
leaving function channel_rcv_data line 549 in /auto/ns_nm/users/azilber/SSH/libssh/libssh-0.5.1/src/channels.c
leaving function ssh_packet_process line 369 in /auto/ns_nm/users/azilber/SSH/libssh/libssh-0.5.1/src/packet.c
Processing 3044 bytes left in socket buffer
entering function ssh_packet_socket_callback line 138 in /auto/ns_nm/users/azilber/SSH/libssh/libssh-0.5.1/src/packet.c
Decrypting 16 bytes
Packet size decrypted: 1340 (0x53c)
Read a 1340 bytes packet
Decrypting 1328 bytes
20 bytes padding, 1339 bytes left in buffer
After padding, 1319 bytes left in buffer
entering function ssh_packet_parse_type line 406 in /auto/ns_nm/users/azilber/SSH/libssh/libssh-0.5.1/src/packet.c
Final size 1319
Type 94
leaving function ssh_packet_parse_type line 426 in /auto/ns_nm/users/azilber/SSH/libssh/libssh-0.5.1/src/packet.c
entering function ssh_packet_process line 342 in /auto/ns_nm/users/azilber/SSH/libssh/libssh-0.5.1/src/packet.c
Dispatching handler for packet type 94
entering function channel_rcv_data line 461 in /auto/ns_nm/users/azilber/SSH/libssh/libssh-0.5.1/src/channels.c
Channel receiving 1310 bytes data in 0 (local win=92120 remote win=36320)
placing 1310 bytes into channel buffer (stderr=0)
Channel windows are now (local win=90810 remote win=36320)
leaving function channel_rcv_data line 549 in /auto/ns_nm/users/azilber/SSH/libssh/libssh-0.5.1/src/channels.c
leaving function ssh_packet_process line 369 in /auto/ns_nm/users/azilber/SSH/libssh/libssh-0.5.1/src/packet.c
Processing 1680 bytes left in socket buffer
entering function ssh_packet_socket_callback line 138 in /auto/ns_nm/users/azilber/SSH/libssh/libssh-0.5.1/src/packet.c
Decrypting 16 bytes
Packet size decrypted: 28 (0x1c)
Read a 28 bytes packet
Decrypting 16 bytes
18 bytes padding, 27 bytes left in buffer
After padding, 9 bytes left in buffer
entering function ssh_packet_parse_type line 406 in /auto/ns_nm/users/azilber/SSH/libssh/libssh-0.5.1/src/packet.c
Final size 9
Type 93
leaving function ssh_packet_parse_type line 426 in /auto/ns_nm/users/azilber/SSH/libssh/libssh-0.5.1/src/packet.c
entering function ssh_packet_process line 342 in /auto/ns_nm/users/azilber/SSH/libssh/libssh-0.5.1/src/packet.c
Dispatching handler for packet type 93
entering function channel_rcv_change_window line 423 in /auto/ns_nm/users/azilber/SSH/libssh/libssh-0.5.1/src/channels.c
Adding 64 bytes to channel (43:85460946) (from 36320 bytes)
leaving function channel_rcv_change_window line 448 in /auto/ns_nm/users/azilber/SSH/libssh/libssh-0.5.1/src/channels.c
leaving function ssh_packet_process line 369 in /auto/ns_nm/users/azilber/SSH/libssh/libssh-0.5.1/src/packet.c
Processing 1628 bytes left in socket buffer
entering function ssh_packet_socket_callback line 138 in /auto/ns_nm/users/azilber/SSH/libssh/libssh-0.5.1/src/packet.c
Decrypting 16 bytes
Packet size decrypted: 1340 (0x53c)
Read a 1340 bytes packet
Decrypting 1328 bytes
Error : HMAC error
leaving function ssh_packet_socket_callback line 294 in /auto/ns_nm/users/azilber/SSH/libssh/libssh-0.5.1/src/packet.c
leaving function ssh_packet_socket_callback line 282 in /auto/ns_nm/users/azilber/SSH/libssh/libssh-0.5.1/src/packet.c
leaving function ssh_packet_socket_callback line 282 in /auto/ns_nm/users/azilber/SSH/libssh/libssh-0.5.1/src/packet.c
leaving function ssh_packet_socket_callback line 282 in /auto/ns_nm/users/azilber/SSH/libssh/libssh-0.5.1/src/packet.c*1* entering function

This e-mail message is intended for the recipient only and contains information which is CONFIDENTIAL and which may be proprietary to ECI Telecom. If you have received this transmission in error, please inform us by e-mail, phone or fax, and then delete the original and all copies thereof.


This e-mail message is intended for the recipient only and contains information which is CONFIDENTIAL and which may be proprietary to ECI Telecom. If you have received this transmission in error, please inform us by e-mail, phone or fax, and then delete the original and all copies thereof.


Follow-Ups:
RE: HMAC errorMilo Jhoran <milo.jhoran@xxxxxxxxx>
References:
HMAC errorAviv Zilberman <Aviv.Zilberman@xxxxxxxxxxx>
Re: HMAC errorAris Adamantiadis <aris@xxxxxxxxxxxx>
Archive administrator: postmaster@lists.cynapses.org