From owner-freebsd-stable@freebsd.org  Wed Mar  9 22:06:16 2016
Return-Path: <owner-freebsd-stable@freebsd.org>
Delivered-To: freebsd-stable@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 76723ACA18D
 for <freebsd-stable@mailman.ysv.freebsd.org>;
 Wed,  9 Mar 2016 22:06:16 +0000 (UTC) (envelope-from dim@FreeBSD.org)
Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org
 [IPv6:2001:1900:2254:206a::50:5])
 by mx1.freebsd.org (Postfix) with ESMTP id 5BAF5814
 for <freebsd-stable@freebsd.org>; Wed,  9 Mar 2016 22:06:16 +0000 (UTC)
 (envelope-from dim@FreeBSD.org)
Received: by mailman.ysv.freebsd.org (Postfix)
 id 5AFCCACA18C; Wed,  9 Mar 2016 22:06:16 +0000 (UTC)
Delivered-To: stable@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5A8FBACA18B
 for <stable@mailman.ysv.freebsd.org>; Wed,  9 Mar 2016 22:06:16 +0000 (UTC)
 (envelope-from dim@FreeBSD.org)
Received: from tensor.andric.com (tensor.andric.com
 [IPv6:2001:7b8:3a7:1:2d0:b7ff:fea0:8c26])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "tensor.andric.com",
 Issuer "COMODO RSA Domain Validation Secure Server CA" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id D363D813;
 Wed,  9 Mar 2016 22:06:15 +0000 (UTC) (envelope-from dim@FreeBSD.org)
Received: from [IPv6:2001:7b8:3a7::dd44:f53f:bd83:81a6] (unknown
 [IPv6:2001:7b8:3a7:0:dd44:f53f:bd83:81a6])
 (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by tensor.andric.com (Postfix) with ESMTPSA id F262F3E9A3;
 Wed,  9 Mar 2016 23:06:11 +0100 (CET)
Subject: Re: [FreeBSD-Stable] svn commit: r296462 - in stable/9:
 crypto/openssl/crypto/bio crypto/openssl/crypto/bn crypto/openssl/doc/apps
 crypto/openssl/ssl secure/usr.bin/openssl/man
Mime-Version: 1.0 (Mac OS X Mail 9.2 \(3112\))
Content-Type: multipart/signed;
 boundary="Apple-Mail=_8B1C0F85-A33A-44AB-94DA-FFE39C83CB21";
 protocol="application/pgp-signature"; micalg=pgp-sha1
X-Pgp-Agent: GPGMail 2.6b2 (ebbf3ef)
From: Dimitry Andric <dim@FreeBSD.org>
In-Reply-To: <86h9gf8xfq.fsf@srvbsdfenssv.interne.associated-bears.org>
Date: Wed, 9 Mar 2016 23:06:04 +0100
Cc: Mike Tancsa <mike@sentex.net>, Craig Green <cgreen@sentex.net>,
 Xin LI <delphij@freebsd.org>, src-committers@freebsd.org,
 "stable@freebsd.org" <stable@freebsd.org>
Message-Id: <E4DBB4C8-A74F-410C-B9BF-92529D7945CA@FreeBSD.org>
References: <201603071618.u27GI736079901@repo.freebsd.org>
 <56DEC973.5000106@sentex.net> <56DF1654.7010308@sentex.net>
 <56E040E5.8080205@sentex.net>
 <86h9gf8xfq.fsf@srvbsdfenssv.interne.associated-bears.org>
To: Eric Masson <emss@free.fr>
X-Mailer: Apple Mail (2.3112)
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-stable>, 
 <mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable/>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Mar 2016 22:06:16 -0000


--Apple-Mail=_8B1C0F85-A33A-44AB-94DA-FFE39C83CB21
Content-Type: multipart/mixed;
	boundary="Apple-Mail=_3666F486-DB98-4D7D-8E91-25553EDE4386"


--Apple-Mail=_3666F486-DB98-4D7D-8E91-25553EDE4386
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
	charset=iso-8859-1

On 09 Mar 2016, at 16:48, Eric Masson <emss@free.fr> wrote:
> 
> Mike Tancsa <mike@sentex.net> writes:
> 
> Hi,
> 
>> good trace - pre openssl commit
>> ....
>> debug2: kex_parse_kexinit:
>> hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,umac-64@openssh.com [preauth]
>> debug2: kex_parse_kexinit:
>> hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,umac-64@openssh.com [preauth]
>> debug2: kex_parse_kexinit: none [preauth]
>> debug2: kex_parse_kexinit: none [preauth]
>> debug2: kex_parse_kexinit:  [preauth]
>> debug2: kex_parse_kexinit:  [preauth]
>> debug2: kex_parse_kexinit: first_kex_follows 0  [preauth]
>> debug2: kex_parse_kexinit: reserved 0  [preauth]
>> debug2: mac_setup: setup hmac-sha1 [preauth]
>> debug1: kex: client->server aes256-ctr hmac-sha1 none [preauth]
>> debug2: mac_setup: setup hmac-sha1 [preauth]
>> debug1: kex: server->client aes256-ctr hmac-sha1 none [preauth]
>> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received [preauth]
>> debug3: mm_request_send entering: type 0 [preauth]
>> debug3: mm_request_receive entering
>> debug3: monitor_read: checking request 0
>> debug3: mm_answer_moduli: got parameters: 1024 2048 2048
>> bad trace - with openssl commit.
>> 
>> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received [preauth]
>> debug3: mm_request_send entering: type 0 [preauth]
>> debug3: mm_choose_dh: waiting for MONITOR_ANS_MODULI [preauth]
>> debug3: mm_request_receive_expect entering: type 1 [preauth]
>> debug3: mm_request_receive entering [preauth]
>> debug3: mm_request_receive entering
>> debug3: monitor_read: checking request 0
>> debug3: mm_answer_moduli: got parameters: 1024 2048 2048
>> debug3: mm_request_send entering: type 1
>> debug2: monitor_read: 0 used once, disabling now
>> debug3: mm_choose_dh: remaining 0 [preauth]
>> *debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent [preauth]*
>> debug1: monitor_read_log: child log fd closed
>> debug3: mm_request_receive entering
>> debug1: do_cleanup
>> debug3: PAM: sshpam_thread_cleanup entering
>> debug1: Killing privsep child 1837
> 
> Similar symptoms on 9.3-p37 when trying to connect with putty from a Win
> 7 station.
> 
> Using cygwin's openssh client doesn't trigger the issue.

Can you please try the attached patch, which I also attached to PR
207783?  I think this will solve the crashes.

It should be enough to rebuild secure/lib/libcrypto, and install it.

-Dimitry

--Apple-Mail=_3666F486-DB98-4D7D-8E91-25553EDE4386
Content-Disposition: attachment;
	filename=fix-pr207783-1.diff
Content-Type: application/octet-stream;
	name="fix-pr207783-1.diff"
Content-Transfer-Encoding: 7bit

Index: crypto/openssl/crypto/bn/bn_exp.c
===================================================================
--- crypto/openssl/crypto/bn/bn_exp.c	(revision 296583)
+++ crypto/openssl/crypto/bn/bn_exp.c	(working copy)
@@ -758,7 +758,7 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BI
          * Fetch the appropriate pre-computed value from the pre-buf
          */
         if (!MOD_EXP_CTIME_COPY_FROM_PREBUF
-            (computeTemp, top, powerbuf, wvalue, numPowers))
+            (computeTemp, top, powerbuf, wvalue, window))
             goto err;
 
         /* Multiply the result into the intermediate result */

--Apple-Mail=_3666F486-DB98-4D7D-8E91-25553EDE4386--

--Apple-Mail=_8B1C0F85-A33A-44AB-94DA-FFE39C83CB21
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
	filename=signature.asc
Content-Type: application/pgp-signature;
	name=signature.asc
Content-Description: Message signed with OpenPGP using GPGMail

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.29

iEYEARECAAYFAlbgnlMACgkQsF6jCi4glqMt+QCeOy8HatYrQh2BbkQjDZ8UH/2K
PUwAoNs88zflmt4rbFepjzb2Cgt8tYEe
=HaMW
-----END PGP SIGNATURE-----

--Apple-Mail=_8B1C0F85-A33A-44AB-94DA-FFE39C83CB21--