Subject: Re: libssh2 failing to provide remote host key?

Re: libssh2 failing to provide remote host key?

From: Lars Kellogg-Stedman <>
Date: Fri, 18 Jun 2010 11:14:33 -0400

> I'm puzzled as well. I figure you need to set a break-point in kec.x and
> diffie_hellman_sha1() to see why (not) session->server_hostkey gets used
> properly.

After this code:

        rc = _libssh2_packet_require(session, packet_type_reply,
                                     &exchange_state->s_packet_len, 0, NULL,
                                     0, &exchange_state->req_state);
        if (rc == LIBSSH2_ERROR_EAGAIN) {
            return rc;
        if (rc) {
            ret = _libssh2_error(session, LIBSSH2_ERROR_TIMEOUT,
                                 "Timed out waiting for KEX reply");
            goto clean_exit;

        /* Parse KEXDH_REPLY */
        exchange_state->s = exchange_state->s_packet + 1;

exchange_state->s is "". If I dump the contents of
exchange_state->s_packet at this point, I see:

  (gdb) x/817xb exchange_state->s_packet
  0x8069960: 0x1f 0x00 0x00 0x01 0x15 0x00 0x00 0x00

You can see this at line 335 in the debug trace I posted. *s_packet
is 0x1f, so *(s_packet+1) is 0x00, thus the empty string. I don't
know anything about the ssh protocol, but this looks like a bug in the
libssh2 protocol implementation.
Received on 2010-06-18