Subject: Re: userauth_publickey_fromfile() fails occasionally for no reason

Re: userauth_publickey_fromfile() fails occasionally for no reason

From: Simon Josefsson <simon_at_josefsson.org>
Date: Thu, 17 Dec 2009 08:55:15 +0100

Simon Josefsson <simon_at_josefsson.org> writes:

> Peter Stuge <peter_at_stuge.se> writes:
>
>> Simon Josefsson wrote:
>>> > ping
>>>
>>> I pushed your patch, please test whether what is in git now works
>>> for both RSA and DSA.
>>
>> So I was looking into this. The reason I didn't immediately apply the
>> patch to bring back the previous behavior of the libgcrypt code is
>> that it makes some assumptions on how r and s are stored internally
>> by libgcrypt and that doesn't seem as reliable as can be.
>
> Do we have any reports that the old code didn't work?

Oops, sorry I now see that we do. :-( Anyway, it seems both the old code
and the new code are broken.

> It would be good to improve the code to not make those assumptions, but
> I'm not sure what you are referring to here. What I think the code is
> assuming is that we know exactly how the DSA S-exp outputs looks like,
> which may not be ideal, but S-exp's is a fairly well-known format [1] so
> the assumption doesn't seem all that strange to me. But patches
> welcome. :-)

This still holds though. :-) If you can get your fix into git relatively
soon, that would be good, otherwise I guess the safest is to revert back
to the old code.

Sorry for causing confusion here, I read Kamil's ping as a indication
that the patch was tested and he was looking for it to be applied, but I
guess it was a ping for further discussion instead.

/Simon
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2009-12-17