PuTTY bug ssh2-romsshell-badpacket

Home | Licence | FAQ | Docs | Download | Keys | Links
Mirrors | Updates | Feedback | Changes | Wishlist | Team

summary: PuTTY emits invalid SSH_MSG_IGNORE packets
class: bug: This is clearly an actual problem we want fixed.
difficulty: tricky: Needs many tuits.
priority: medium: This should be fixed one day.
absent-in: 0.58
present-in: 0.59
fixed-in: r7236 2007-02-07 (0.60) (0.61) (0.62)

Connecting to a Foundry router fails:

> 2007-01-29 09:37:53       Server version: SSH-2.0-RomSShell_4.31
  [...]
> 2007-01-29 09:37:53       Initialised triple-DES CBC client->server encryption
> 2007-01-29 09:37:53       Initialised HMAC-SHA1 client->server MAC algorithm
> 2007-01-29 09:37:53       Initialised triple-DES CBC server->client encryption
> 2007-01-29 09:37:53       Initialised HMAC-SHA1 server->client MAC algorithm
> 2007-01-29 09:37:53       Received disconnect message (protocol error)
> 2007-01-29 09:37:53       Disconnection message text: Bad packet content

More detail from an SSH packet log of a different session (same RomSShell version string; "Foundry BigIron16 running 2.3.0aT145"):

Outgoing packet type 21 / 0x15 (SSH2_MSG_NEWKEYS)
Event Log: Initialised triple-DES CBC client->server encryption
Event Log: Initialised HMAC-SHA1 client->server MAC algorithm
Incoming packet type 21 / 0x15 (SSH2_MSG_NEWKEYS)
Event Log: Initialised triple-DES CBC server->client encryption
Event Log: Initialised HMAC-SHA1 server->client MAC algorithm
Outgoing packet type 2 / 0x02 (SSH2_MSG_IGNORE)
Outgoing packet type 5 / 0x05 (SSH2_MSG_SERVICE_REQUEST)
  00000000  00 00 00 0c 73 73 68 2d 75 73 65 72 61 75 74 68  ....ssh-userauth
Incoming packet type 1 / 0x01 (SSH2_MSG_DISCONNECT)
  00000000  00 00 00 02 00 00 00 12 42 61 64 20 70 61 63 6b  ........Bad pack
  00000010  65 74 20 63 6f 6e 74 65 6e 74 00 00 00 00        et content....

It would appear that RomSShell is having problems with the empty SSH_MSG_IGNORE that we send before each packet in CBC mode (since it's complaining after seeing the first of these). This is perfectly reasonable, since SSH_MSG_IGNORE packets are meant to contain strings, which need four length bytes at the start. As of r7236, PuTTY sends packets containing empty strings instead, which should help. cryptlib complains about this bug as well, probably returning CRYPT_ERROR_BADDATA and (in the next release) the message "Bad message payload length 0 for packet type 2".

Refs: 000601c743cd$ff7e6a60$9823650a@DRMCKAY, 2AB5541EB33172459EE430FFB66B1EE901C0F465@BN-EXCH01.nuance.com, E1HVpbz-0002Zv-00@medusa01.cs.auckland.ac.nz

Audit trail for this bug.


If you want to comment on this web site, see the Feedback page.
(last revision of this bug record was at 2007-03-26 16:50:26 +0100)