You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Just recently my distro updated OpenSSH to version 8.9 and it seems this version started sending session-bind@openssh.com extension. This makes the agent library fail when deserializing the extension contents with:
It seems that the extension name is deserialized properly and that the next thing is treated as the extension_content but in reality it's a hostkey field from the spec:
The message format is:
byte SSH_AGENTC_EXTENSION (0x1b)
string session-bind@openssh.com
string hostkey
string session identifier
string signature
bool is_forwarding
After hostkey there are additional fields that are the "remaining bytes" the error speaks of.
It seems like only the extension name should be parsed from the byte stream and the rest treated as bytes and the deserialization process should stop there.
The text was updated successfully, but these errors were encountered:
OpenSSH 8.9 ssh client started sending EXTENSION commands. Unfortunately
ssh-agent.rs didn't deserialize them correctly and even though these
extensions were optional the agent didn't work.
This patch adjusts the deserialization of extension contents to properly
capture all bytes and includes a test code observed in the wild.
Fixes#30.
OpenSSH 8.9 ssh client started sending EXTENSION commands. Unfortunately
ssh-agent.rs didn't deserialize them correctly and even though these
extensions were optional the agent didn't work.
This patch adjusts the deserialization of extension contents to properly
capture all bytes and includes a test code observed in the wild.
Fixes#30.
Hi,
Just recently my distro updated OpenSSH to version 8.9 and it seems this version started sending
session-bind@openssh.com
extension. This makes the agent library fail when deserializing the extension contents with:It seems that
extension_contents
field of theExtension
struct is not defined correctly. I've browsed the spec but I don't see a clear definition on howbyte[]
should be serialized on the wire.I've added some further debugging to the request and got this:
It seems that the extension name is deserialized properly and that the next thing is treated as the
extension_content
but in reality it's ahostkey
field from the spec:After
hostkey
there are additional fields that are the "remaining bytes" the error speaks of.It seems like only the extension name should be parsed from the byte stream and the rest treated as bytes and the deserialization process should stop there.
The text was updated successfully, but these errors were encountered: