id	summary	reporter	owner	description	type	status	priority	milestone	component	resolution	keywords	cc	branch	branch_author	launchpad_bug
5776	twisted.conch.ssh.userauth depends on hash ordering	antoine		"Running the cftp script can fail with hash randomization:

{{{
$ python2.6 -R bin/conch/cftp -v pitrou.net
2012-07-13 18:58:43+0200 [-] Log opened.
2012-07-13 18:58:43+0200 [-] Starting factory <twisted.conch.client.direct.SSHClientFactory instance at 0x2118f80>
2012-07-13 18:58:43+0200 [SSHClientTransport,client] kex alg, key alg: diffie-hellman-group-exchange-sha1 ssh-rsa
2012-07-13 18:58:43+0200 [SSHClientTransport,client] outgoing: aes256-ctr hmac-sha1 none
2012-07-13 18:58:43+0200 [SSHClientTransport,client] incoming: aes256-ctr hmac-sha1 none
2012-07-13 18:58:43+0200 [SSHClientTransport,client] REVERSE
2012-07-13 18:58:43+0200 [SSHClientTransport,client] NEW KEYS
2012-07-13 18:58:43+0200 [SSHClientTransport,client] setting client server to <twisted.conch.client.default.SSHUserAuthClient instance at 0x2118ef0>
2012-07-13 18:58:43+0200 [SSHClientTransport,client] starting service ssh-userauth
2012-07-13 18:58:43+0200 [SSHClientTransport,client] using agent
2012-07-13 18:58:43+0200 [SSHAgentClient,client] got 3 public keys
2012-07-13 18:58:43+0200 [SSHService ssh-userauth on SSHClientTransport,client] can continue with: ['publickey', 'password']
2012-07-13 18:58:43+0200 [SSHService ssh-userauth on SSHClientTransport,client] trying to auth with publickey
2012-07-13 18:58:43+0200 [SSHService ssh-userauth on SSHClientTransport,client] using key of type RSA
2012-07-13 18:58:43+0200 [SSHService ssh-userauth on SSHClientTransport,client] can continue with: ['publickey', 'password']
2012-07-13 18:58:43+0200 [SSHService ssh-userauth on SSHClientTransport,client] trying to auth with publickey
2012-07-13 18:58:43+0200 [SSHService ssh-userauth on SSHClientTransport,client] using key of type DSA
2012-07-13 18:58:43+0200 [SSHService ssh-userauth on SSHClientTransport,client] can continue with: ['publickey', 'password']
2012-07-13 18:58:43+0200 [SSHService ssh-userauth on SSHClientTransport,client] trying to auth with publickey
2012-07-13 18:58:43+0200 [SSHService ssh-userauth on SSHClientTransport,client] using key of type DSA
2012-07-13 18:58:43+0200 [SSHService ssh-userauth on SSHClientTransport,client] couldn't handle 60
[snip]
}}}

At this point, the script blocks instead of connecting successfully.
That's because in userauth.py, the messages table is initialized from the globals() dictionary, and there are duplicate message values. Message number 60 can be mapped to MSG_USERAUTH_PASSWD_CHANGEREQ, MSG_USERAUTH_INFO_REQUEST or MSG_USERAUTH_PK_OK depending on ordering. Without hash randomization, it is always mapped to MSG_USERAUTH_PK_OK.

"	defect	closed	high		conch	fixed	review	z3p