php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #72897 The client to server MAC algorithm list is truncated when I call ssh2_connect
Submitted: 2016-08-19 13:18 UTC Modified: 2021-02-21 04:22 UTC
Votes:4
Avg. Score:4.8 ± 0.4
Reproduced:3 of 3 (100.0%)
Same Version:1 (33.3%)
Same OS:1 (33.3%)
From: benjamin dot cohen-solal at dalenys dot com Assigned: cmb (profile)
Status: No Feedback Package: ssh2 (PECL)
PHP Version: 5.6.25 OS: Debian 8
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2016-08-19 13:18 UTC] benjamin dot cohen-solal at dalenys dot com
Description:
------------
When I send the following algorithm list in client to server / mac field:
hmac-sha2-256,hmac-sha2-512,umac-64@openssh.com

I receive the error message:
ben@debian:~$ php script.php
PHP Warning:  ssh2_connect(): Error starting up SSH connection(-5): Unable to exchange encryption keys in /home/ben/scriptphp on line 3
PHP Stack trace:
PHP   1. {main}() /home/ben/script.php:0
PHP   2. ssh2_connect() /home/ben/script.php:3

I successfully configured a ProFTPd server on my server on port 443 and when I check its logs, I get the following error:

2016-08-17 14:53:36,048 mod_sftp/0.9.9[9930]: no shared client-to-server MAC algorithm found (client sent 'hmcom', server sent 'hmac-sha2-256,hmac-sha2-512,umac-64@openssh.com')

I never sent the "hmcom" value, it seems to have truncated the 2 first letters and the 3 last ones from my algorithm list: hmac-sha2-256,hmac-sha2-512,umac-64@openssh.com because for example if I changed the ".com" into ".cot", I get the error:
2016-08-17 14:53:36,048 mod_sftp/0.9.9[9930]: no shared client-to-server MAC algorithm found (client sent 'hmcot', server sent 'hmac-sha2-256,hmac-sha2-512,umac-64@openssh.com')

When I use the binary file sftp with shell_exec as following:
sftp -P 443 myhost.com
All is OK

---
From manual page: http://www.php.net/function.ssh2-connect
---


Test script:
---------------
<?php

ssh2_connect("myhost.com", 443, array(
    "client_to_server" => array(
      "mac" => 'hmac-sha2-256,hmac-sha2-512,umac-64@openssh.com'
    ),
  )
);


Expected result:
----------------
I don't expect any error message

Actual result:
--------------
I get the following error:

PHP Warning:  ssh2_connect(): Error starting up SSH connection(-5): Unable to exchange encryption keys in /home/ben/script.php on line 3
PHP Stack trace:
PHP   1. {main}() /home/bcohen/toto.php:0
PHP   2. ssh2_connect() /home/bcohen/toto.php:3
PHP Warning:  ssh2_connect(): Unable to connect to myhost.com in /home/ben/script.php on line 3
PHP Stack trace:
PHP   1. {main}() /home/ben/script.php:0
PHP   2. ssh2_connect() /home/ben/script.php:3


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2016-08-19 13:19 UTC] benjamin dot cohen-solal at dalenys dot com
-Summary: The client to server MAC algorithm list is truncated +Summary: The client to server MAC algorithm list is truncated when I call ssh2_connect
 [2016-08-19 13:19 UTC] benjamin dot cohen-solal at dalenys dot com
Add precision on title
 [2021-02-10 13:08 UTC] cmb@php.net
-Status: Open +Status: Feedback -Assigned To: +Assigned To: cmb
 [2021-02-10 13:08 UTC] cmb@php.net
This ticket apparently was not supposed to be documentation
problem, but a bug report.  However, I cannot reproduce it, nor
would it appear to be a PECL/ssh2 problem (potentially it would be
a libssh2 issue).

The point is that libssh2 strips unknown MACs from the given list,
and umac-64@openssh.com is not supported by libssh2 1.9.0, and
apparently not by other versions.  In my dev enviroment, that algo
is correctly stripped, though.

So, can you still reproduce this with any of the actively
supported PHP versions[1] and latest ssh2 1.2 (or if possible with
a snapshot build of the latest Git sources)?  If so, please
mention the libssh2 version you are using.

[1] <https://www.php.net/supported-versions.php>
 [2021-02-10 13:09 UTC] cmb@php.net
-Type: Documentation Problem +Type: Bug
 [2021-02-21 04:22 UTC] pecl-dev at lists dot php dot net
No feedback was provided. The bug is being suspended because
we assume that you are no longer experiencing the problem.
If this is not the case and you are able to provide the
information that was requested earlier, please do so and
change the status of the bug back to "Re-Opened". Thank you.
 
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Wed Aug 04 10:01:23 2021 UTC