New issue
Advanced search Search tips

Issue 707941 link

Starred by 1 user
Status: Fixed
Owner:
vapier@chromium.org
Closed: Apr 2017
Components:
EstimatedDays: ----
NextAction: ----
OS: All
Pri: 2
Type: Bug-Regression



Sign in to add a comment

ssh_client: loading of ssh keys fails: file changed while reading

Project Member Reported by vapier@chromium.org, Apr 3 2017 
after upgrading to openssh-7.5p1, trying to use -i on local keys fails:
Loading NaCl plugin... done.
Load key "/.ssh/id_rsa": file changed while reading
Permission denied (publickey).

this is because in our fstat stub, we just zero out the stat structure.  then when openssh runs, it does:
authfile.c:
int
sshkey_load_file(int fd, struct sshbuf *blob)
{   
...
    if ((st.st_mode & S_IFREG) == 0 || st.st_size <= 0) {
        debug("bumping stat size to 64KiB\n");
        st.st_size = 64*1024; /* 64k should be enough for anyone :) */
        dontmax = 1;
    }
...
    if ((st.st_mode & (S_IFSOCK|S_IFCHR|S_IFIFO)) == 0 &&
        st.st_size != (off_t)sshbuf_len(blob)) {
        debug("mode:%x size:%lli len:%zu\n", st.st_mode, st.st_size, sshbuf_len(blob));
        r = SSH_ERR_FILE_CHANGED;
        goto out;
    }
...

so in our case, it sees the stat size is 0, so it ups to 64KiB, and then later complains when the amount of key data it read wasn't 64KiB.
Project Member

Comment 2 by bugdroid1@chromium.org, Apr 4 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/platform/assets/+/649552f0764666e89dabc804d898cc3548e8c4a7

commit 649552f0764666e89dabc804d898cc3548e8c4a7
Author: Mike Frysinger <vapier@chromium.org>
Date: Tue Apr 04 01:14:15 2017

ssh_client: fix reading of key files

Our stat stub clears all the fields which tickles a bug in OpenSSH where
it sets the size to 64KiB and then turns around and complains when the
size of the key file isn't 64KiB.

BUG= chromium:707941 

Change-Id: I2ecb976d35694c8f2cb367ff06b63cc1a8a5fe2e
Reviewed-on: https://chromium-review.googlesource.com/466726
Reviewed-by: Brandon Gilmore <varz@google.com>
Reviewed-by: Rob Ginda <rginda@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>

[modify] https://crrev.com/649552f0764666e89dabc804d898cc3548e8c4a7/chromeapps/ssh_client/openssh-7.5p1.patch

Comment 3 by vapier@chromium.org, Apr 4 2017

Status: Fixed (was: Started)
pushed in 0.8.36.1

Sign in to add a comment