Re: SVN r339216 breaks ssh to i386 devices
On 10/9/18 3:18 PM, Dag-Erling Smørgrav wrote: > Michael Butler writes: >> Marek Zarychta writes: >>> I have connected serial console to affected box and upgraded system >>> from patched sources. I am sorry to say that this patch doesn't >>> solve the issue for 32-bit ARM (RPi2). Still sshd terminates session >>> with the error "fatal: mm_getpwnamallow: receive get struct passwd >>> failed [preauth]". >> My experience is similar - there maybe another 32/64-bit issue :-( > > Correct, there is a size_t being passed as as an u64 as well. That > explains why arm32 was broken too, and not just i386. The quick fix is > to replace size_t with u_int64_t in sshbuf_get_passwd(), on line 513 of > sshbuf-getput-basic.c (with my previous patch applied). I have a full > patch in the pipeline. I can confirm that SVN r339263 solves this for me - thanks! imb ___ freebsd-current@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
Re: SVN r339216 breaks ssh to i386 devices
Michael Butler writes: > Marek Zarychta writes: > > I have connected serial console to affected box and upgraded system > > from patched sources. I am sorry to say that this patch doesn't > > solve the issue for 32-bit ARM (RPi2). Still sshd terminates session > > with the error "fatal: mm_getpwnamallow: receive get struct passwd > > failed [preauth]". > My experience is similar - there maybe another 32/64-bit issue :-( Correct, there is a size_t being passed as as an u64 as well. That explains why arm32 was broken too, and not just i386. The quick fix is to replace size_t with u_int64_t in sshbuf_get_passwd(), on line 513 of sshbuf-getput-basic.c (with my previous patch applied). I have a full patch in the pipeline. DES -- Dag-Erling Smørgrav - d...@des.no ___ freebsd-current@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
Re: SVN r339216 breaks ssh to i386 devices
On 10/9/18 1:43 PM, Marek Zarychta wrote: > W dniu 09.10.2018 o 01:28, Dag-Erling Smørgrav pisze: >> Please try the attached patch. I expect it to fix i386. If it also >> fixes arm32, all the better, although I don't quite see why it would. > > I have connected serial console to affected box and upgraded system from > patched sources. I am sorry to say that this patch doesn't solve the > issue for 32-bit ARM (RPi2). Still sshd terminates session with the > error "fatal: mm_getpwnamallow: receive get struct passwd failed [preauth]". > My experience is similar - there maybe another 32/64-bit issue :-( imb ___ freebsd-current@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
Re: SVN r339216 breaks ssh to i386 devices
W dniu 09.10.2018 o 01:28, Dag-Erling Smørgrav pisze: > Please try the attached patch. I expect it to fix i386. If it also > fixes arm32, all the better, although I don't quite see why it would. I have connected serial console to affected box and upgraded system from patched sources. I am sorry to say that this patch doesn't solve the issue for 32-bit ARM (RPi2). Still sshd terminates session with the error "fatal: mm_getpwnamallow: receive get struct passwd failed [preauth]". -- Marek Zarychta signature.asc Description: OpenPGP digital signature
Re: SVN r339216 breaks ssh to i386 devices
Please try the attached patch. I expect it to fix i386. If it also
fixes arm32, all the better, although I don't quite see why it would.
DES
--
Dag-Erling Smørgrav - d...@des.no
Index: crypto/openssh/sshbuf-getput-basic.c
===
--- crypto/openssh/sshbuf-getput-basic.c (revision 339244)
+++ crypto/openssh/sshbuf-getput-basic.c (working copy)
@@ -482,7 +482,9 @@
(r = sshbuf_put_cstring(buf, "*")) != 0 ||
(r = sshbuf_put_u32(buf, pwent->pw_uid)) != 0 ||
(r = sshbuf_put_u32(buf, pwent->pw_gid)) != 0 ||
- (r = sshbuf_put_u64(buf, pwent->pw_change)) != 0 ||
+#ifdef HAVE_STRUCT_PASSWD_PW_CHANGE
+ (r = sshbuf_put_time(buf, pwent->pw_change)) != 0 ||
+#endif
#ifdef HAVE_STRUCT_PASSWD_PW_GECOS
(r = sshbuf_put_cstring(buf, pwent->pw_gecos)) != 0 ||
#endif
@@ -491,7 +493,9 @@
#endif
(r = sshbuf_put_cstring(buf, pwent->pw_dir)) != 0 ||
(r = sshbuf_put_cstring(buf, pwent->pw_shell)) != 0 ||
- (r = sshbuf_put_u64(buf, pwent->pw_expire)) != 0 ||
+#ifdef HAVE_STRUCT_PASSWD_PW_EXPIRE
+ (r = sshbuf_put_time(buf, pwent->pw_expire)) != 0 ||
+#endif
(r = sshbuf_put_u32(buf, pwent->pw_fields)) != 0) {
return r;
}
@@ -518,7 +522,9 @@
sshbuf_get_cstring(buf, >pw_passwd, NULL) != 0 ||
sshbuf_get_u32(buf, >pw_uid) != 0 ||
sshbuf_get_u32(buf, >pw_gid) != 0 ||
- sshbuf_get_u64(buf, >pw_change) != 0 ||
+#ifdef HAVE_STRUCT_PASSWD_PW_CHANGE
+ sshbuf_get_time(buf, >pw_change) != 0 ||
+#endif
#ifdef HAVE_STRUCT_PASSWD_PW_GECOS
sshbuf_get_cstring(buf, >pw_gecos, NULL) != 0 ||
#endif
@@ -527,7 +533,9 @@
#endif
sshbuf_get_cstring(buf, >pw_dir, NULL) != 0 ||
sshbuf_get_cstring(buf, >pw_shell, NULL) != 0 ||
- sshbuf_get_u64(buf, >pw_expire) != 0 ||
+#ifdef HAVE_STRUCT_PASSWD_PW_EXPIRE
+ sshbuf_get_time(buf, >pw_expire) != 0 ||
+#endif
sshbuf_get_u32(buf, >pw_fields) != 0) {
sshbuf_free_passwd(pw);
return NULL;
Index: crypto/openssh/sshbuf.h
===
--- crypto/openssh/sshbuf.h (revision 339244)
+++ crypto/openssh/sshbuf.h (working copy)
@@ -177,6 +177,14 @@
int sshbuf_put_u16(struct sshbuf *buf, u_int16_t val);
int sshbuf_put_u8(struct sshbuf *buf, u_char val);
+#if defined(__FreeBSD__) && defined(__i386__)
+#define sshbuf_get_time(b, vp) sshbuf_get_u32((b), (u_int32_t *)(vp))
+#define sshbuf_put_time(b, v) sshbuf_put_u32((b), (u_int32_t)(v))
+#else
+#define sshbuf_get_time(b, vp) sshbuf_get_u64((b), (u_int64_t *)(vp))
+#define sshbuf_put_time(b, v) sshbuf_put_u64((b), (u_int64_t)(v))
+#endif
+
/*
* Functions to extract or store SSH wire encoded strings (u32 len || data)
* The "cstring" variants admit no \0 characters in the string contents.
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
Re: SVN r339216 breaks ssh to i386 devices
Marek Zarychta writes: > Michael Butler writes: > > With an i386 system, ssh sessions to the updated sshd fail with: > > > > sshd[28771]: fatal: mm_getpwnamallow: receive get struct passwd failed > > [preauth] > > > > This is reproducible on both real hardware and in a VM running an i386 > > build, > sshd running on 32-bit ARM architecture seems to be also affected after > update to 12.0-ALPHA8 r339223. r339216 introduced some code which assumes that time_t is always 64 bits wide, which is not the case for i386. I'm not 100% that's the cause, as it shouldn't break arm32, where time_t *is* 64 bits wide, but it still needs fixing. Are you getting the exact same error message as Michael? DES -- Dag-Erling Smørgrav - d...@des.no ___ freebsd-current@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
Re: SVN r339216 breaks ssh to i386 devices
On Mon, Oct 08, 2018 at 02:43:32PM -0400, Michael Butler wrote: > With an i386 system, ssh sessions to the updated sshd fail with: > > sshd[28771]: fatal: mm_getpwnamallow: receive get struct passwd failed > [preauth] > > This is reproducible on both real hardware and in a VM running an i386 > build, > sshd running on 32-bit ARM architecture seems to be also affected after update to 12.0-ALPHA8 r339223. -- Marek Zarychta signature.asc Description: PGP signature
SVN r339216 breaks ssh to i386 devices
With an i386 system, ssh sessions to the updated sshd fail with: sshd[28771]: fatal: mm_getpwnamallow: receive get struct passwd failed [preauth] This is reproducible on both real hardware and in a VM running an i386 build, imb ___ freebsd-current@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
