[Bug 3475] clang-15 amd64 ED25519 signature verification nondeterministic spurious failure
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Mon Sep 26 01:53:58 AEST 2022
https://bugzilla.mindrot.org/show_bug.cgi?id=3475
Daniel Pouzzner <douzzer at mega.nu> changed:
What |Removed |Added
----------------------------------------------------------------------------
Severity|critical |minor
Summary|ED25519 signature |clang-15 amd64 ED25519
|verification |signature verification
|nondeterministic spurious |nondeterministic spurious
|failure |failure
--- Comment #1 from Daniel Pouzzner <douzzer at mega.nu> ---
This glitch turns out to have been caused by building with the
llvm-15.0.1+clang-15.0.1 toolchain (by accident/Gentoo portage/package
bug). It's highly repeatable, and is either a bug in the
compiler/toolchain, or a bug somewhere in openssh around the handling
of ED25519 signature blobs and whatnot.
The ssh and sshd built under clang-15 cause the "incorrect signature"
failure for ED25519 on incoming connections to ED25519-hostkeyed sshd,
and outgoing connections to e.g. github.com, which use ED25519
hostkeys.
Building under gcc-11.3.1 resolves all ED25519 problems, inbound and
outbound.
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list