mina-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andreas Bergander (JIRA)" <j...@apache.org>
Subject [jira] [Created] (SSHD-771) SFTP server closes the connection when hmac-sha2-512 is used
Date Mon, 11 Sep 2017 08:58:00 GMT
Andreas Bergander created SSHD-771:

             Summary: SFTP server closes the connection when hmac-sha2-512 is used
                 Key: SSHD-771
                 URL: https://issues.apache.org/jira/browse/SSHD-771
             Project: MINA SSHD
          Issue Type: Bug
    Affects Versions: 1.6.0
            Reporter: Andreas Bergander
         Attachments: SshdTest.java

It seems like the SFTP server in sshd does not handle HMAC SHA-2-512 very well. If I set up
a server which only accepts that HMAC, the server closes the connection as soon as I connect
with a client.

The server throws an exception in AbstractSession (row 1380) before closing the connection:
// Check the computed result with the received mac (just after the packet data)
if (!BufferUtils.equals(inMacResult, 0, data, decoderLength + 4, macSize)) {
  throw new SshException(SshConstants.SSH2_DISCONNECT_MAC_ERROR, "MAC Error");

If I switch the HMAC to SHA-2-256 everything works ok.

I've attached a sample program which sets up a server. I've tested with a couple of different
clients and all of them exposes the error in the server.

This message was sent by Atlassian JIRA

View raw message