JSch Bugs

Status: Alpha

Brought to you by: ymnk

Bugs Maximize Restore

# Sort A -> Z Sort Z -> A	Summary▾ Sort A -> Z Sort Z -> A	Milestone▾ Sort A -> Z Sort Z -> A Filter by Milestone	Status▾ Sort A -> Z Sort Z -> A Filter by Status	Owner▾ Sort A -> Z Sort Z -> A Filter by Owner	Created▾ Sort A -> Z Sort Z -> A	Updated▾ Sort A -> Z Sort Z -> A	Priority▾ Sort A -> Z Sort Z -> A
112	1 Session multiple Channel blocking	v1.0 (example)	open	Atsuhiko Yamanaka	2017-07-13	2017-07-18	1
111	java.security.SignatureException: Invalid encoding for signature	v1.0 (example)	open		2017-04-07	2018-12-28	5
110	[JSchException - SignatureException] Signature length not correct: got 511 but was expecting 512	v1.0 (example)	open		2017-03-28	2017-03-28	2
109	Privacy violation in jsch/Util.java	v1.0 (example)	open		2017-03-07	2017-03-07	5
108	Path Injection in ChannelSFtp	v1.0 (example)	open		2017-03-07	2020-01-21	8
107	We are working in enabling cnsa cipher suite in jsch. It is likely that defacult jce in java doesnot support most of these algorithm, we have our own FIPS and CNSA supported JCE provider to support these algorithm.The cipher suite we need to be supported in jsch are as follows: 1. HMAC-SHA-512 2. ecdh-sha2-nistp384 3. ecdsa-sha2-nistp384 4. aes-256-ctr/cbc The issue we faced with hmac-sha-512 and ecdsa-sha2-nistp384 are as follows : 1. hmac-sha512 : on enabling this algorithm. We were getting the buffer out of bound exception. We debug further and did the following correction to make it to work. We increase the buffer size taken in the method from 100 to 120. Channel class : method genChannelOpenPacket() Buffer buf = new Buffer(120) ecdsa-sha2-nistp384 : Although jsch claims to support this algorithm as well but the implementation used is the old implementation as per open ssh client documentation. The issue here is the signature for ecdsa (irrespective of the curve used ) always uses the same com.jcraft.jsch.jce.SignatureECDSA class which uses signature=java.security.Signature.getInstance("SHA256withECDSA"); This results in failure of a signature verification if host used ecdsa-nist-p384. We implemented a new class SignatureECDSAp384 and changes this line to signature=java.security.Signature.getInstance("SHA384withECDSA"); which result this algorithm to work. This error is propagated from open sshClient implementation of SSH to JSCH which is already rectified in OpenSSHClient but i think jsch has not accomodated this change. Either please address our request for this change or inform us if there is a way by which we can make sure these changes should get accomaodated in next release.	v1.0 (example)	open		2016-12-12	2016-12-12	5
106	Using ecdsa identity on Android fails	v1.0 (example)	open		2016-12-10	2016-12-10	5
105	SftpProgressMonitor.init not called for put(String dst, ...)	v1.0 (example)	open		2016-08-23	2016-08-23	2
104	Not getting complete output data from InputStream	v1.0 (example)	open		2016-06-28	2016-06-28	5
103	ecdsa-sha2-nistp521: verify: false and key_verify: incorrect signature	v1.0 (example)	open		2016-06-19	2016-06-19	5
102	JSch SFTP put to IBM z/OS fails :failed to write file; nested exception is 3: Permission denied	v1.0 (example)	open		2016-06-09	2022-02-10	5
101	Deadlock is caused by locking KnownHosts instance and KnownHosts.pool in different order	v1.0 (example)	open		2016-03-24	2016-10-12	3
100	Session.connect() fails with "Auth fail" if username has '+' character	v1.0 (example)	open		2016-03-09	2016-03-09	2
99	Illegal data get mixed into a sent file	v1.0 (example)	open		2016-02-05	2016-06-08	7
98	NPE loading Encrypted PKCS#8 Identity File	v1.0 (example)	open		2016-01-13	2020-06-15	5
97	"packet corrupt" exception during session connect, if CTR ciphers are used.	v1.0 (example)	open	Atsuhiko Yamanaka	2015-12-09	2015-12-09	3
96	Session.connect: java.security.SignatureException: Signature encoding error	v1.0 (example)	open	Atsuhiko Yamanaka	2015-12-05	2017-04-07	5
95	Changelog does not contains last changes from 0.1.52 to 0.1.53	v1.0 (example)	open		2015-11-30	2016-01-18	8
94	com.jcraft.jsch.JSchException: Session.connect: java.io.IOException: End of IO Stream Read	v1.0 (example)	open		2015-11-25	2016-02-29	1
92	Seesion username is overridden by applyConfig()	v1.0 (example)	open	Atsuhiko Yamanaka	2015-10-05	2015-10-05	5
91	Idle for long and reconnecting SSH session remains in server.	v1.0 (example)	open		2015-09-15	2015-09-15	1
90	ECDSA signature verification fails on 521 bit key.	v1.0 (example)	open		2015-09-09	2015-10-25	5
89	Don't close InputStream in library method!	v1.0 (example)	open		2015-08-25	2015-08-25	5
88	Setting ptyType to dumb will still give escape sequences and can jumble up command sent in the response	v1.0 (example)	open		2015-08-18	2015-08-18	5

Ticket Number
Summary
Milestone
Status
Owner
Creator
Created
Updated
Labels
Priority

(applies to this page only)

<< < 1 2 3 4 .. 6 > >> (Page 2 of 6)