dbclient can't connect to cisco

Nik Soggia dropbear at niksoggia.it
Tue Nov 13 22:45:59 AWST 2018 

Hi,
openssh can connect to cisco appliances and dbclient can't (but cisco 
ssh client can connect to dropbear).
Thanks to tcpdump I think that I found the problem:

openssh sends "SSH-2.0-OpenSSH_7.4
\r\n"
cisco sends "SSH-2.0-Cisco-1.25\r\n"
openssh sends kexinit
cisco sends kexinit, then all runs fine.

dbclient sends "SSH-2.0-dropbear_2018.76\r\n" and kexinit
cisco sends "SSH-2.0-Cisco-1.25\r\n"
then cisco waits "ip ssh time-out" seconds and then closes the TCP socket.

my conjecture is that cisco empties its receive buffer after sendind the 
identification string and then waits for the lost kexinit.
To prove my idea I added a sleep() after the first write_packet(), and 
dbclient was able to connect to cisco (ios 12.4 and 15.1).

I took just a quick look at your sources and I think that waiting for a 
identification string before sending kexinit is a lot of work, am I right?

diff -Naubr dropbear-2018.76.old/packet.c dropbear-2018.76.new/packet.c
--- dropbear-2018.76.old/packet.c        2018-02-27 15:25:12.000000000 +0100
+++ dropbear-2018.76.new/packet.c        2018-11-13 14:52:43.696775952 +0100
@@ -54,10 +54,13 @@
  #endif

  /* non-blocking function writing out a current encrypted packet */
+int ciscobug = 1;
  void write_packet() {

          ssize_t written;
  #ifdef HAVE_WRITEV
+#endif
+#if defined(KEEP_CALM_AND_NEVER_USE_WRITEV)
          /* 50 is somewhat arbitrary */
          unsigned int iov_count = 50;
          struct iovec iov[50];
@@ -71,6 +74,8 @@
          dropbear_assert(!isempty(&ses.writequeue));

  #if defined(HAVE_WRITEV) && (defined(IOV_MAX) || defined(UIO_MAXIOV))
+#endif
+#if defined(KEEP_CALM_AND_NEVER_USE_WRITEV)

          packet_queue_to_iovec(&ses.writequeue, iov, &iov_count);
          /* This may return EAGAIN. The main loop sometimes
@@ -106,6 +111,8 @@
          dropbear_assert(len > 0);
          /* Try to write as much as possible */
          written = write(ses.sock_out, buf_getptr(writebuf, len), len);
+sleep(ciscobug);
+ciscobug = 0;

          if (written < 0) {
                  if (errno == EINTR || errno == EAGAIN) {

-- 
/\/ / /-<

More information about the Dropbear mailing list