Created attachment 2924 [details] Make integrity tests more robust against timeouts If the first test in a series for a given MAC happens to modify the low bytes of a packet length, then ssh will time out and this will be interpreted as a test failure. I'm seeing this in practice on Ubuntu ppc64el (e.g. https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-zesty/zesty/ppc64el/o/openssh/20161231_121729_ebc8a@/log.gz). Fortunately there was already an XXX comment indicating what might be going wrong here, and although I haven't been able to reproduce it directly on a system where I can experiment interactively, I can at least reproduce it by fiddling with the start offset, which was enough to be able to put together a patch to make the tests more robust. That patch is attached.
Applied, thanks.
Only part of this patch was actually applied (compare https://bugzilla.mindrot.org/attachment.cgi?id=2924&action=diff with https://anongit.mindrot.org/openssh.git/commit/?id=e5c7ec67cdc42ae2584085e0fc5cc5ee91133cf5). Could you please check again?
will take a look
Comment on attachment 2924 [details] Make integrity tests more robust against timeouts Looks ok to me
Sorry about that; there were unnoticed rejects due to differences between -portable and upstream. I've resynced and applied the missing part of the patch, it should all be there now: https://anongit.mindrot.org/openssh.git/commit/?id=9504ea6b27f9f0ece64e88582ebb9235e664a100 Thanks.
closing resolved bugs as of 8.6p1 release