search

briandfoy / net-ssh-perl

Development on the Net::SSH::Perl module to support latest ciphers, key exchange mechanisms, etc.
Other
4 stars 1 forks source link

Algorithm negotiation issue with Net::SSH::Perl::Kex v1.24 #45

Open briandfoy opened 1 year ago

briandfoy commented 1 year ago

This ticket was imported from rt.cpan.org 94574

There appears to be a bug in Net::SSH::Perl::Kex v1.24 starting on line

  1. The code starts waiting for SSH2_MSG_NEWKEYS before its sent that message. It looks like the sending and receiving are just backwards. Lines 105, 106 and 107 need to be moved above line 102. While the RFChttp://tools.ietf.org/html/rfc4253 is fairly clear that both parties need to send SSH2_MSG_NEWKEYS some servers don't. Specifically, CoreFTP http://www.coreftp.com/ doesn't so this.

This bug seems to be identical to 18324https://rt.cpan.org/Public/Bug/Display.html?id=18324 which was entered back in 2006. The patch applied to that bug should fix this too. Can we get this applied?

Brian Curnow | Brian.Curnow@gfs.com

briandfoy commented 1 year ago

from schwigon@cpan.org

Thanks for the report.

I'm just a co-maintainer but happily willing to apply it.

I'm heavily under water these days, so can you please make sure it applies to 1.37 and confirm it fixes your problem?

I then create a new release with that fix.

Thanks!

Kind regards, Steffen

briandfoy commented 1 year ago

from brian.curnow@gfs.com

Yes, I can confirm that it applies to 1.37 and that it fixes the problem.

Thanks!

Brian Curnow

briandfoy commented 1 year ago

from brian.curnow@gfs.com

Actually, I just tried to apply the actual patch file from 18324 and realized that the patch file itself doesn't work.

I regenerated a new one (see attached). This is the actual change we applied to our system under 1.37 that resolves the issue. It's effectively the same patch from bug 18324.

Brian Curnow

briandfoy commented 1 year ago

This may be related to #4 (RT 18324)