briandfoy / net-ssh-perl

Development on the Net::SSH::Perl module to support latest ciphers, key exchange mechanisms, etc.
Other
4 stars 1 forks source link

Can't locate loadable object for module Crypt::OpenSSH::ChachaPoly in @INC #53

Open briandfoy opened 1 year ago

briandfoy commented 1 year ago

This ticket was imported from rt.cpan.org 115382

Hello,

My program is unable to open a Net::SFTP connection because Net::SSH::Perl::Cipher::Chacha tries to load Crypt::OpenSSH::ChachaPoly, which doesn't seem to exist within CPAN, and fallback to other ciphers is not happening.

[someone@box ~]$ /tmp/temp-test-deleteme.pl

Creating SFTP connection to [IP REDACTED]

usvtalimg302: Reading configuration data /home/someone/.ssh/config

usvtalimg302: Reading configuration data /etc/ssh_config

usvtalimg302: Connecting to [IP REDACTED], port 22.

usvtalimg302: Remote version string: SSH-2.0-OpenSSH_6.6.1

usvtalimg302: Remote protocol version 2.0, remote software version
OpenSSH_6.6.1

usvtalimg302: Net::SSH::Perl Version 2.01, protocol version 2.0.

usvtalimg302: No compat match: OpenSSH_6.6.1.

usvtalimg302: Connection established.

usvtalimg302: Sent key-exchange init (KEXINIT), waiting for response.

Can't locate loadable object for module Crypt::OpenSSH::ChachaPoly in @INC
(@INC contains: /usr/lib64/perl5/site_perl/5.8.8/x86_64-linux-thread-multi
/usr/lib/perl5/site_perl/5.8.8 /usr/lib/perl5/site_perl
/usr/lib64/perl5/vendor_perl/5.8.8/x86_64-linux-thread-multi
/usr/lib/perl5/vendor_perl/5.8.8 /usr/lib/perl5/vendor_perl
/usr/lib64/perl5/5.8.8/x86_64-linux-thread-multi /usr/lib/perl5/5.8.8 .) at
/usr/lib64/perl5/site_perl/5.8.8/x86_64-linux-thread-multi/Net/SSH/Perl/Cipher/ChachaPoly.pm
line 14

Compilation failed in require at
/usr/lib64/perl5/site_perl/5.8.8/x86_64-linux-thread-multi/Net/SSH/Perl/Cipher.pm
line 57.

"Net::SSH::Perl::Cipher::Chacha provides Chacha20 encryption with Poly1305 support for Net::SSH::Perl.

"This module requires Crypt::OpenSSH::ChachaPoly which provides a wrapper to the OpenSSH Chacha and Poly1305 functions."

http://search.cpan.org/dist/Net-SSH-Perl/lib/Net/SSH/Perl/Cipher/ChachaPoly.pm

view /usr/lib64/perl5/site_perl/5.8.8/x86_64-linux-thread-multi/Net/SSH/Perl/Cipher/ChachaPoly.pm

14 XSLoader::load('Crypt::OpenSSH::ChachaPoly');

After some googling I did find this github: https://github.com/lkinley/Crypt-OpenSSH-ChachaPoly

This commit:

https://github.com/renormalist/Net-SSH-Perl/commit/12ec269ba38d3c195997a2426198f5695a5073f3

states:

+The module Crypt::OpenSSH::ChachaPoly is required if

+you wish to use the chacha20-poly1305@openssh.com cipher.

+It can be acquired from Git Hub at:

+https://github.com/lkinley/Crypt-OpenSSH-ChachaPoly

+or using git:

+git clone https://github.com/lkinley/Crypt-OpenSSH-ChachaPoly.git

+If the module is not installed, Net::SSH::Perl will fall back on

+other ciphers.

But successfulf fallback does not appear to be happening. I'm on a box where installing modules from outside CPAN is frowned upon, can you advise?

Thanks.

briandfoy commented 1 year ago

from schwigon@cpan.org


On Thu Jun 16 20:33:01 2016, bracdt@gmail.com wrote:

My program is unable to open a Net::SFTP connection because Net::SSH::Perl::Cipher::Chacha tries to load Crypt::OpenSSH::ChachaPoly, which doesn’t seem to exist within CPAN, and fallback to other ciphers is not happening.

Thanks for your report.

I once uploaded lkinley's version to CPAN but it made Net::SSH::Perl fail (in the tests IIRC). So I removed it again because I don't really have knowledge on the topic itself and couldn't rank the impact.

You could try

http://renormalist.net/misc/Crypt-OpenSSH-ChachaPoly-0.02.tar.gz

which is the tgz I built back then 2016-05-09 from

https://github.com/renormalist/Crypt-OpenSSH-ChachaPoly

and report here if that helps you.

In my case it did not. If you have time to dive deeper into it it would help if you can provide details, patches, etc.

In particular, lkinley also seems to have a new version 2.04 in his github repo which I didn't yet uploaded to CPAN but should probably do (lkinley's repo just lacks some CPAN polishing which I usually contribute).

However locally it could be installable for you with some perl Makefile.PL; make; make test; make install.

I hope that helps you a bit further.

Kind regards, Steffen

briandfoy commented 1 year ago

from bracdt@gmail.com


Thanks much for rapid response.

Until it can be added back to CPAN, it seems like the attempt to load Crypt::OpenSSH::ChachaPoly should be removed, or code should be adjusted so fallback works. On a different box, my mac, I downloaded from github and installed. Unfortunately there's a new error in Net::SSH::Perl::Kex::C25519:

someone$ which perl
/opt/local/bin/perl
someone$ perl -version | grep version
This is perl 5, version 22, subversion 2 (v5.22.2) built for darwin-thread-multi-2level

manually installed from git (https://github.com/renormalist/Crypt-OpenSSH-ChachaPoly) on my osx10.11.5 mac

someone$ sudo perl Makefile.PL;
someone$ sudo make;
someone$ sudo make test;
someone$ sudo make install;

unfortunately a new error now:

someone$ sudo perl -MCPAN -e shell
Terminal does not support AddHistory.

cpan shell -- CPAN exploration and modules installation (v2.11)
Enter 'h' for help.

cpan[1]> install Net::SSH::Perl::Kex::C25519
Reading '/Users/someone/.cpan/Metadata'
 Database was generated on Thu, 16 Jun 2016 22:54:17 GMT
Net::SSH::Perl::Kex::C25519 is up to date (undef).

cpan[2]> install Net::SSH::Perl::Kex
Net::SSH::Perl::Kex is up to date (undef).

cpan[3]> install Net::SSH::Perl
Net::SSH::Perl is up to date (2.01).

cpan[4]> install Net::SSH
Net::SSH is up to date (0.09).
someone$ /tmp/tmp.pl 
Creating SFTP connection to [IP REDACTED]
2991: Reading configuration data /Users/someone/.ssh/config
2991: Reading configuration data /etc/ssh_config
2991: Connecting to [IP REDACTED], port 22.
2991: Remote version string: SSH-2.0-OpenSSH_6.6.1
2991: Remote protocol version 2.0, remote software version OpenSSH_6.6.1
2991: Net::SSH::Perl Version 2.01, protocol version 2.0.
2991: No compat match: OpenSSH_6.6.1.
2991: Connection established.
2991: Sent key-exchange init (KEXINIT), waiting for response.
2991: Using curve25519-sha256@libssh.org for key exchange
2991: Host key algorithm: ssh-ed25519
2991: Algorithms, c->s: chacha20-poly1305@openssh.com <implicit> none
2991: Algorithms, s->c: chacha20-poly1305@openssh.com <implicit> none
Can't locate object method "exchange" via package "Net::SSH::Perl::Kex::C25519" at /opt/local/lib/perl5/site_perl/5.22/darwin-thread-multi-2level/Net/SSH/Perl/Kex.pm line 107.
briandfoy commented 1 year ago

from schwigon@cpan.org


I just re-uploaded Crypt::OpenSSH::ChachaPoly to CPAN. This means this issue here is probably be back as described. Let's see what cpan testing reveals...

Kind regards, Steffen

briandfoy commented 1 year ago

from schwigon@cpan.org


I just created

https://github.com/lkinley/Net-SSH-Perl/issues/5

on lkinley's github repository because he is doing his current work there. Unless I mixed up things, that ticket should be related to this RT ticket here. Feel free to watch progress there or follow up on questions.

Thanks for your report.

Kind regards, Steffen

briandfoy commented 1 year ago

from schwigon@cpan.org


Hi,

can you please try if the just uploaded v2.12 fixes this issue?

As I'm just doing the CPAN uploads based on Lance Kinley's work at https://github.com/lkinley/Net-SSH-Perl I need your help on verifying this.

Thanks, Steffen