[FreeBSD-Stable] svn commit: r296462 - in stable/9: crypto/openssl/crypto/bio crypto/openssl/crypto/bn crypto/openssl/doc/apps crypto/openssl/ssl secure/usr.bin/openssl/man
Dimitry Andric
dim at FreeBSD.org
Wed Mar 9 22:06:16 UTC 2016
On 09 Mar 2016, at 16:48, Eric Masson <emss at free.fr> wrote:
>
> Mike Tancsa <mike at sentex.net> writes:
>
> Hi,
>
>> good trace - pre openssl commit
>> ....
>> debug2: kex_parse_kexinit:
>> hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,umac-64 at openssh.com [preauth]
>> debug2: kex_parse_kexinit:
>> hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,umac-64 at openssh.com [preauth]
>> debug2: kex_parse_kexinit: none [preauth]
>> debug2: kex_parse_kexinit: none [preauth]
>> debug2: kex_parse_kexinit: [preauth]
>> debug2: kex_parse_kexinit: [preauth]
>> debug2: kex_parse_kexinit: first_kex_follows 0 [preauth]
>> debug2: kex_parse_kexinit: reserved 0 [preauth]
>> debug2: mac_setup: setup hmac-sha1 [preauth]
>> debug1: kex: client->server aes256-ctr hmac-sha1 none [preauth]
>> debug2: mac_setup: setup hmac-sha1 [preauth]
>> debug1: kex: server->client aes256-ctr hmac-sha1 none [preauth]
>> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received [preauth]
>> debug3: mm_request_send entering: type 0 [preauth]
>> debug3: mm_request_receive entering
>> debug3: monitor_read: checking request 0
>> debug3: mm_answer_moduli: got parameters: 1024 2048 2048
>> bad trace - with openssl commit.
>>
>> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received [preauth]
>> debug3: mm_request_send entering: type 0 [preauth]
>> debug3: mm_choose_dh: waiting for MONITOR_ANS_MODULI [preauth]
>> debug3: mm_request_receive_expect entering: type 1 [preauth]
>> debug3: mm_request_receive entering [preauth]
>> debug3: mm_request_receive entering
>> debug3: monitor_read: checking request 0
>> debug3: mm_answer_moduli: got parameters: 1024 2048 2048
>> debug3: mm_request_send entering: type 1
>> debug2: monitor_read: 0 used once, disabling now
>> debug3: mm_choose_dh: remaining 0 [preauth]
>> *debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent [preauth]*
>> debug1: monitor_read_log: child log fd closed
>> debug3: mm_request_receive entering
>> debug1: do_cleanup
>> debug3: PAM: sshpam_thread_cleanup entering
>> debug1: Killing privsep child 1837
>
> Similar symptoms on 9.3-p37 when trying to connect with putty from a Win
> 7 station.
>
> Using cygwin's openssh client doesn't trigger the issue.
Can you please try the attached patch, which I also attached to PR
207783? I think this will solve the crashes.
It should be enough to rebuild secure/lib/libcrypto, and install it.
-Dimitry
-------------- next part --------------
A non-text attachment was scrubbed...
Name: fix-pr207783-1.diff
Type: application/octet-stream
Size: 627 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20160309/5eb31166/attachment.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 194 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20160309/5eb31166/attachment.sig>
More information about the freebsd-stable
mailing list