I don't see a matching unit test in [2] so we are asking for a future regression IMO...
Gary On Fri, Jul 19, 2024, 5:34 PM Thomas Wolf <tw...@apache.org> wrote: > Could we do a bugfix release 2.13.2 for Apache MINA sshd, > please? > > I know it's only one change, but I think it's worth it. > > In 2.13.0 we had introduced an implementation for the > sntrup761x25519-s...@openssh.com key exchange method, > which is supposed to be quantum-safe. > > Unfortunately the implementation had a bug[1] that made this > key exchange method fail with a probability of roughly 1/256. > This went unnoticed in CI because our tests perform only a > small number of connections against a known (OpenSSH) server. > In the tests we were "lucky" so far that this bug has never > surfaced. > > The bug occurs if the 32-byte result of the curve25519 key > agreement happens to start with a zero byte. I only noticed > it when I was benchmarking and doing hundreds of connections > to an OpenSSH server. > > The bug is fixed[2] and the CI builds are green[3]. Since > the fix, my local benchmarks (against an OpenSSH server, > using this sntrup761x25519-s...@openssh.com key exchange) > have never failed again in thousands of connections, so > I'm confident that the fix indeed is correct. > > I would prefer to have a bugfix release for this and not mix > it with other things. The pending performance improvements > form PR 530 can go into the next 2.14.0 release then. > > Cheers, > > Thomas > > [1] https://github.com/apache/mina-sshd/issues/525 > [2] https://github.com/apache/mina-sshd/commit/5b00c1fc592 > [3] https://github.com/apache/mina-sshd/actions/runs/9943730618 > [4] https://github.com/apache/mina-sshd/pull/530 > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org > For additional commands, e-mail: dev-h...@mina.apache.org > >