php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #63529 zlib compression not available with libssh2 >= 1.2.8
Submitted: 2012-11-15 16:04 UTC Modified: -
Votes:4
Avg. Score:4.2 ± 0.8
Reproduced:2 of 2 (100.0%)
Same Version:1 (50.0%)
Same OS:0 (0.0%)
From: trevor at blubolt dot com Assigned:
Status: Open Package: ssh2 (PECL)
PHP Version: Irrelevant OS:
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: trevor at blubolt dot com
New email:
PHP Version: OS:

 

 [2012-11-15 16:04 UTC] trevor at blubolt dot com
Description:
------------
Starting with libssh2 >= 1.2.8 the zlib compression method is not enabled for 
sessions by default and must instead be enabled with a call to  
http://www.libssh2.org/libssh2_session_flag.html

This prevents connections to servers which only accept zlib compressed messages. 
For reference the error reported is "Error starting up SSH connection(-5): Unable 
to exchange encryption keys".

Please find attached a quick patch against release 0.11.3 to do so for all new 
sessions created.  This seemed like the best approach to me as from what I can 
tell this now mimics the old expected behaviour.


Patches

enable_compression_add_new_option (last revision 2014-08-28 14:01 UTC by phpbugs2012 at joern dot heissler dot de)
enable-compression.patch (last revision 2012-11-15 16:04 UTC by trevor at blubolt dot com)

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2012-12-09 08:42 UTC] langemeijer@php.net
As discussed on the libssh2 mailing list:

In general compression is not such a good idea as it sounds... talking about the extra 
cpu load on already compressed data like jpg, mp3, zip, gz etc being sent over a sftp and 
scp, most things you transfer over SSH turn out to not compress very well and already 
compressed data only waste CPU and in fact make the transfer larger than without 
compression. 

And:
> A PHP ssh extension user is suggesting LIBSSH2_FLAG_COMPRESS should always be set, to 
allow for connections to servers which only accept zlib compressed connections.

If you find such odd servers than sure, enabling compression sounds like the correct 
action, but having it enabled by default because of that I don't know... 


My conclusion is that yes we should facilitate enabling compression, but certainly not 
enable it by default.
 [2012-12-09 09:49 UTC] trevor at blubolt dot com
In my particular use case the server in question is managed by a third
party and handles sending and receiving large large text files via
sftp. These compress well so I can understand the rationale for only
allowing zlib connections.

That said, I'd have no particular problem with compression not being
available by default. As you state for the majority of use cases it
doesn't make any sense.

Perhaps including "zlib" in the list of compression methods to
advertise via the ssh2_connect methods parameter should be enough to
trigger setting the new libssh2 session flag? That is to say the
default compression methods could default to "none" with the
following code being sufficient to enable zlib compression:

ssh2_connect(
    "ssh.example.com",
    22,
    [
        "client_to_server" => ["comp" => ["zlib"]], 
        "server_to_client" => ["comp" => ["zlib"]]
    ]
);
 [2014-08-28 13:58 UTC] phpbugs2012 at joern dot heissler dot de
Got the same problem,
I need to regularly download a 300MB text file from an sftp server, compressed size is about 25MB (gzip -6).

I created a patch that adds a new option "enable_compression" to the $methods array of ssh2_connect. Value must be a boolean, "true" or "false".

If LIBSSH2_FLAG_COMPRESS is not defined (old libssh2 versions) or if the user doesn't use the new option, nothing changes, so it should be safe for everyone.

However, things don't work as expected: ssh2_methods_negotiated() shows comp=>zlib, but the download speed looks like compression is *not* enabled.

Did I miss anything obvious?
 [2015-10-04 00:13 UTC] graeme at graemep dot me
I applied Joern's patch, and got the exact same result: zlib compression appears to be negotiated (I compared a tcpdump of traffic with and without the patch), but not used :-(
 
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Fri May 24 12:01:26 2019 UTC