On Wed, Feb 10, 2016 at 8:08 AM, Randall S. Becker <rsbecker@xxxxxxxxxxxxx> wrote: > Hi All, > > Just reporting in on how testing has gone. After reducing obs to 32k max and > banners to a max of 10000, plus some minor platform changes - root is not 0, > for example, all normal tests have passed except for: Did you need to make any code changes? If so, what? > multiplex - hangs at the end of this output. We had a similar issue that > single reads of data were not working in dd but that does not seem to be the > case in this test suite. > test connection multiplexing: envpass > environment not found > test connection multiplexing: transfer > Binary files /home/git/openssh-portable/regress/data and > /home/git/openssh-portable/regress/copy differ > ssh -Sctl: corrupted copy of /home/git/openssh-portable/regress/data > Binary files /home/git/openssh-portable/regress/data and > /home/git/openssh-portable/regress/copy differ These tests are for ControlMaster and requires descriptor passing over Unix domain sockets to work. Does you platform have that? [...] > AuthorizedKeysCommand with arguments > connect failed > AuthorizedKeysCommand without arguments > connect failed These ones might be port reuse or race conditions. the failed-ssh.log and failed-sshd.log should say why the connect failed. > integrity (a sample... pretty much all of the tests do this) > test integrity: hmac-sha1 @2900 > unexpected error mac hmac-sha1 at 2900: Bytes per second: sent > 40854.2, received 34836.9. > principals-command (a sample. Every 3 to 5 executions fail. Nothing apparent > the logs as to why. Could this be a timing issue on recycling ports?). The integrity test failures aren't due to TCP port recycling because they run sshd via a proxycommand and does not depend on TCP ports. It does depend somewhat on what ciphers and macs are offered because those banners affect how many bytes are on the wire before the encrypted traffic starts. These lists of ciphers are macs are in the debug logs which you are yet to share. > authorized principals command: privsep yes empty > authorized_principals > authorized principals command: privsep yes wrong > authorized_principals > authorized principals command: privsep yes correct > authorized_principals > ssh cert connect failed > > The build did not use any pthreads, and used c89. Unfortunately, the logs > were not particularly helpful identifying why there were issues. You keep saying that but don't show them. We might be able to make something out of them if we can see them. > I am not > sure we can deploy the code at this stage, although it does work for the > most of the pretty normal things I need to do. Anyone have any advice? -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev