stasal opened a new issue, #434:
URL: https://github.com/apache/mina-sshd/issues/434
### Version
2.9.2
### Bug description
When receiving `hostkeys...@openssh.com` request, client by default uses
`org.apache.sshd.client.global.OpenSshHostKeysHandler` to process it. This
handler's `handleHostKeys` method does nothing but logging keys when debug is
enabled.
But there is no exception handling in parent
`org.apache.sshd.common.global.org.apache.sshd.common.global.AbstractOpenSshHostKeysHandler`
class.
Therefore if the host sends two keys (one RSA and one EdDSA for example),
but the client only supports RSA, the exception is being propagated from the
`org.apache.sshd.common.global.AbstractOpenSshHostKeysHandler#process` method
and
the host's request is processed as failed and the WARN message is generated
in logs.
### Actual behavior
Example:
`WARN 40340 --- []-nio2-thread-3] o.a.s.c.session.ClientConnectionService :
globalRequest(ClientConnectionService[ClientSessionImpl[test@localhost/127.0.0.1:2222]])[hostkeys...@openssh.com,
want-reply=false] failed (SshException) to process: EdDSA provider not
supported`
### Expected behavior
No warns are logged, and only the supported keys are handled by
`org.apache.sshd.client.global.OpenSshHostKeysHandler#handleHostKeys`
### Relevant log output
```Shell
org.apache.sshd.common.SshException: EdDSA provider not supported
at
org.apache.sshd.common.util.buffer.Buffer.getRawPublicKey(Buffer.java:544)
~[sshd-common-2.9.2.jar:2.9.2]
at
org.apache.sshd.common.util.buffer.Buffer.getPublicKey(Buffer.java:519)
~[sshd-common-2.9.2.jar:2.9.2]
at
org.apache.sshd.common.global.AbstractOpenSshHostKeysHandler.process(AbstractOpenSshHostKeysHandler.java:73)
~[sshd-core-2.9.2.jar:2.9.2]
at
org.apache.sshd.common.global.AbstractOpenSshHostKeysHandler.process(AbstractOpenSshHostKeysHandler.java:38)
~[sshd-core-2.9.2.jar:2.9.2]
at
org.apache.sshd.common.session.helpers.AbstractConnectionService.globalRequest(AbstractConnectionService.java:868)
~[sshd-core-2.9.2.jar:2.9.2]
at
org.apache.sshd.common.session.helpers.AbstractConnectionService.process(AbstractConnectionService.java:486)
~[sshd-core-2.9.2.jar:2.9.2]
at
org.apache.sshd.common.session.helpers.CurrentService.process(CurrentService.java:109)
~[sshd-core-2.9.2.jar:2.9.2]
at
org.apache.sshd.common.session.helpers.AbstractSession.doHandleMessage(AbstractSession.java:591)
~[sshd-core-2.9.2.jar:2.9.2]
at
org.apache.sshd.common.session.helpers.AbstractSession.lambda$handleMessage$0(AbstractSession.java:522)
~[sshd-core-2.9.2.jar:2.9.2]
at
org.apache.sshd.common.util.threads.ThreadUtils.runAsInternal(ThreadUtils.java:68)
~[sshd-common-2.9.2.jar:2.9.2]
at
org.apache.sshd.common.session.helpers.AbstractSession.handleMessage(AbstractSession.java:521)
~[sshd-core-2.9.2.jar:2.9.2]
at
org.apache.sshd.common.session.helpers.AbstractSession.decode(AbstractSession.java:1639)
~[sshd-core-2.9.2.jar:2.9.2]
at
org.apache.sshd.common.session.helpers.AbstractSession.messageReceived(AbstractSession.java:482)
~[sshd-core-2.9.2.jar:2.9.2]
at
org.apache.sshd.common.session.helpers.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:64)
~[sshd-core-2.9.2.jar:2.9.2]
at
org.apache.sshd.common.io.nio2.Nio2Session.handleReadCycleCompletion(Nio2Session.java:407)
~[sshd-core-2.9.2.jar:2.9.2]
at
org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:380)
~[sshd-core-2.9.2.jar:2.9.2]
at
org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:375)
~[sshd-core-2.9.2.jar:2.9.2]
at
org.apache.sshd.common.io.nio2.Nio2CompletionHandler.lambda$completed$0(Nio2CompletionHandler.java:38)
~[sshd-core-2.9.2.jar:2.9.2]
at
java.base/java.security.AccessController.doPrivileged(AccessController.java:318)
~[na:na]
at
org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:37)
~[sshd-core-2.9.2.jar:2.9.2]
at java.base/sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:129)
~[na:na]
at java.base/sun.nio.ch.Invoker$2.run(Invoker.java:221) ~[na:na]
at
java.base/sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:113)
~[na:na]
at
java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
~[na:na]
at
java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
~[na:na]
at java.base/java.lang.Thread.run(Thread.java:840) ~[na:na]
Caused by: java.security.NoSuchAlgorithmException: EdDSA provider not
supported
at
org.apache.sshd.common.util.security.SecurityUtils.generateEDDSAPublicKey(SecurityUtils.java:627)
~[sshd-common-2.9.2.jar:2.9.2]
at
org.apache.sshd.common.util.buffer.keys.ED25519BufferPublicKeyParser.getRawPublicKey(ED25519BufferPublicKeyParser.java:46)
~[sshd-common-2.9.2.jar:2.9.2]
at
org.apache.sshd.common.util.buffer.keys.BufferPublicKeyParser$2.getRawPublicKey(BufferPublicKeyParser.java:102)
~[sshd-common-2.9.2.jar:2.9.2]
at
org.apache.sshd.common.util.buffer.Buffer.getRawPublicKey(Buffer.java:542)
~[sshd-common-2.9.2.jar:2.9.2]
... 25 common frames omitted
```
### Other information
_No response_
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org
For additional commands, e-mail: dev-h...@mina.apache.org
