[SSHD-771] SFTP server closes the connection when hmac-sha2-512 is used - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Cannot Reproduce
Affects Version/s: 1.6.0
Fix Version/s: 1.7.0
Labels:
None

Description

It seems like the SFTP server in sshd does not handle HMAC SHA-2-512 very well. If I set up a server which only accepts that HMAC, the server closes the connection as soon as I connect with a client.

The server throws an exception in AbstractSession (row 1380) before closing the connection:

// Check the computed result with the received mac (just after the packet data)
if (!BufferUtils.equals(inMacResult, 0, data, decoderLength + 4, macSize)) {
  throw new SshException(SshConstants.SSH2_DISCONNECT_MAC_ERROR, "MAC Error");
}

If I switch the HMAC to SHA-2-256 everything works ok.

I've attached a sample program which sets up a server. I've tested with a couple of different clients and all of them exposes the error in the server.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

SshdTest.java
11/Sep/17 08:48
2 kB
Andreas Bergander

Activity

People

Assignee:: Lyor Goldstein

Reporter:: Andreas Bergander

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 11/Sep/17 08:57

Updated:: 12/Sep/17 09:32

Resolved:: 12/Sep/17 08:02