Fwd: Re: Inconsisten declaration of ssh_aes_ctr_iv()

[Iain Morgan]

On Tue, Feb 12, 2013 at 17:27:52 -0600, Damien Miller wrote:
> On Thu, 17 Jan 2013, Iain Morgan wrote:
> 
> > I applied the diff you supplied, along with the previous diff. The
> > regression tests got further along, but now fail in integrity.sh:
> > 
> > run test integrity.sh ...
> > test integrity: hmac-sha1 @2300 RSA_public_decrypt failed: error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01. key_verify failed for server_host_key.
> 
> I think that the integrity test script might be fuzzing too early in the
> stream and messing up the host keys rather than channel data. Could you
> try increasing the "startoffset" in regress/integrity.sh a bit? You
> probably only need crank it by a couple of hundred bytes.
> 
> FYI this is also on Darren's tinderbox:
> 
> http://tinderbox.dtucker.net/cgi-bin/gunzip.cgi?tree=OpenSSH_Portable&full-log=1360685541.11111
> 
> I'd like to figure out what is making KEX complete later in the stream though
> (assuming my hypothesis is correct).
> 
> -d

Hi Damien,

I tried the 20130201 snapshot with startoffset set to 2500 and had the
same results. I also tried 3000 without any success. The 20130214
snapshot with startoffset set to 2500 likewise fails.

With the 0214 snapshot, the same errors are reported, but the overall
test succeeds. It then fails for krl.sh.

test integrity: hmac-sha2-512-etm at openssh.com @2507 Corrupted MAC on input. Disconnecting: Packet corrupt.
test integrity: hmac-sha2-512-etm at openssh.com @2508 Corrupted MAC on input. Disconnecting: Packet corrupt.
test integrity: hmac-sha2-512-etm at openssh.com @2509 Corrupted MAC on input. Disconnecting: Packet corrupt.
test integrity: 10 errors: mac 10 padding 0 length 0
ok integrity
run test krl.sh ...
unknown key type ecdsa
FATAL: /u/wk/imorgan/src/openssh/integrity/openssh/ssh-keygen CA failed
make[1]: *** [t-exec] Error 1

The krl.sh issue does not occur when built against OpenSSL 1.0.1e.

-- 
Iain Morgan