[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openssh-unix-dev
Subject:    Re: Duplicate value used in disconnect reason definitons
From:       Noah <noah () zalev ! ca>
Date:       2020-06-18 1:09:09
Message-ID: 20200617210909.e7dd2d1ea2f99758fe953f41 () zalev ! ca
[Download RAW message or body]

Thank you for this explanation. I am starting to research ssh trends in auth logs, \
but the duplicate value broke my PK in this table. So I now know which to go with.

Thanks,
Noah Zalev
 

On Wed, 17 Jun 2020 17:51:38 -0700
Ron Frederick <ronf@timeheart.net> wrote:

> On Jun 17, 2020, at 4:12 PM, Noah <noah@zalev.ca> wrote:
> > I could not find anything in the mailing list archive or bug tracker.
> > 
> > In ssh2.h, the value (4) is re-used
> > 
> > 148     #define SSH2_DISCONNECT_KEY_EXCHANGE_FAILED		3
> > 149     #define SSH2_DISCONNECT_HOST_AUTHENTICATION_FAILED	4
> > 150     #define SSH2_DISCONNECT_RESERVED			4
> > 151     #define SSH2_DISCONNECT_MAC_ERROR			5
> > 
> > 
> > Is this intentional?
> 
> 
> It looks like it is. The Internet Draft draft-ietf-secsh-transport up through \
> version 6 defines DISCONNECT_HOST_AUTHENTICATION_FAILED as the value 4, but version \
> 7 and later of the draft and RFC 4253 (which is what that draft eventually turned \
> into) seems to redefine it as DISCONNECT_RESERVED. Here's a diff between versions 6 \
> and 7 where you can see the change: \
> https://tools.ietf.org/rfcdiff?url2=draft-ietf-secsh-transport-07.txt \
> <https://tools.ietf.org/rfcdiff?url2=draft-ietf-secsh-transport-07.txt> 
> There isn't any text added which explains this change, and I don't see any \
> discussion online about this, but it would appear that \
>                 DISCONNECT_HOST_AUTHENTICATION_FAILED should not be used.
> -- 
> Ron Frederick
> ronf@timeheart.net
> 
> 
> 
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev@mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic