Just recently my distro updated OpenSSH to version 8.9 and it seems this version started sending session-bind@openssh.com extension. This makes the agent library fail when deserializing the extension contents with:
Error while handling message; error = Proto(Deserialization("Buffer not depleted. Remaining bytes: [0, 0, 0, 32, 31, 92, 89, 168, 63, 119, 109, 158, 157, 181, 208, 89, 2, 30, 180, 210, 255, 25, 137, 122, 89, 202, 215, 36, 138, 117, 129, 147, 165, 82, 137, 17, 0, 0, 0, 83, 0, 0, 0, 11, 115, 115, 104, 45, 101, 100, 50, 53, 53, 49, 57, 0, 0, 0, 64, 188, 188, 199, 20, 11, 19, 240, 109, 186, 82, 210, 236, 15, 242, 13, 15, 72, 199, 139, 139, 115, 208, 157, 112, 8, 248, 92, 55, 181, 17, 117, 115, 168, 51, 99, 61, 79, 1, 186, 190, 140, 144, 234, 172, 144, 64, 47, 93, 157, 71, 20, 36, 134, 76, 254, 7, 67, 176, 15, 19, 24, 129, 191, 3, 0]"))
Error while handling message; error = Proto(Deserialization("Buffer not depleted. All bytes: [27, 0, 0, 0, 24, 115, 101, 115, 115, 105, 111, 110, 45, 98, 105, 110, 100, 64, 111, 112, 101, 110, 115, 115, 104, 46, 99, 111, 109, 0, 0, 0, 51, 0, 0, 0, 11, 115, 115, 104, 45, 101, 100, 50, 53, 53, 49, 57, 0, 0, 0, 32, 177, 185, 198, 92, 165, 45, 127, 95, 202, 195, 226, 63, 6, 115, 10, 104, 18, 137, 172, 240, 153, 154, 174, 74, 83, 7, 1, 204, 14, 177, 153, 40, 0, 0, 0, 32, 175, 96, 42, 133, 218, 171, 58, 220, 97, 78, 155, 114, 20, 67, 90, 133, 24, 185, 156, 71, 128, 163, 234, 195, 202, 15, 160, 177, 130, 229, 114, 164, 0, 0, 0, 83, 0, 0, 0, 11, 115, 115, 104, 45, 101, 100, 50, 53, 53, 49, 57, 0, 0, 0, 64, 4, 235, 93, 135, 144, 110, 220, 24, 17, 150, 40, 11, 143, 37, 207, 58, 215, 159, 23, 233, 95, 218, 115, 22, 205, 101, 55, 159, 146, 42, 121, 190, 229, 82, 75, 174, 143, 199, 121, 141, 52, 155, 73, 215, 119, 220, 104, 241, 116, 83, 96, 129, 184, 12, 93, 93, 33, 243, 171, 236, 201, 123, 17, 1, 0].
Result: Extension(Extension { extension_type: \"session-bind@openssh.com\", extension_contents: [0, 0, 0, 11, 115, 115, 104, 45, 101, 100, 50, 53, 53, 49, 57, 0, 0, 0, 32, 177, 185, 198, 92, 165, 45, 127, 95, 202, 195, 226, 63, 6, 115, 10, 104, 18, 137, 172, 240, 153, 154, 174, 74, 83, 7, 1, 204, 14, 177, 153, 40] }).
Remaining bytes: [0, 0, 0, 32, 175, 96, 42, 133, 218, 171, 58, 220, 97, 78, 155, 114, 20, 67, 90, 133, 24, 185, 156, 71, 128, 163, 234, 195, 202, 15, 160, 177, 130, 229, 114, 164, 0, 0, 0, 83, 0, 0, 0, 11, 115, 115, 104, 45, 101, 100, 50, 53, 53, 49, 57, 0, 0, 0, 64, 4, 235, 93, 135, 144, 110, 220, 24, 17, 150, 40, 11, 143, 37, 207, 58, 215, 159, 23, 233, 95, 218, 115, 22, 205, 101, 55, 159, 146, 42, 121, 190, 229, 82, 75, 174, 143, 199, 121, 141, 52, 155, 73, 215, 119, 220, 104, 241, 116, 83, 96, 129, 184, 12, 93, 93, 33, 243, 171, 236, 201, 123, 17, 1, 0]"))
It seems that the extension name is deserialized properly and that the next thing is treated as the extension_content but in reality it's a hostkey field from the spec:
It seems like only the extension name should be parsed from the byte stream and the rest treated as bytes and the deserialization process should stop there.
Hi,
Just recently my distro updated OpenSSH to version 8.9 and it seems this version started sending
session-bind@openssh.comextension. This makes the agent library fail when deserializing the extension contents with:It seems that
extension_contentsfield of theExtensionstruct is not defined correctly. I've browsed the spec but I don't see a clear definition on howbyte[]should be serialized on the wire.I've added some further debugging to the request and got this:
It seems that the extension name is deserialized properly and that the next thing is treated as the
extension_contentbut in reality it's ahostkeyfield from the spec:After
hostkeythere are additional fields that are the "remaining bytes" the error speaks of.It seems like only the extension name should be parsed from the byte stream and the rest treated as bytes and the deserialization process should stop there.