Incoming packet was garbled on decryption errors in WinSCP 5

Advertisement

JMW
Guest

Incoming packet was garbled on decryption errors in WinSCP 5

Hi,

I recently upgraded to the latest release (5.7) and found I was getting lots of 'Incoming packet was garbled on decryption' errors when copying files to a server.

I've downgraded back to the previous version (5.5.6) and haven't seen this error occur once when copying the same set of files to the server.

Has something broke between the versions?

Cheers,
Jonathan

Reply with quote

Advertisement

martin
Site Admin
martin avatar
Joined:
Posts:
41,392
Location:
Prague, Czechia

Re: incoming packet was garbled on decryption errors in WinSCP 5

Please attach a full log file showing the problem (using both versions of WinSCP).

To generate log file, enable logging, log in to your server and do the operation and only the operation that causes the error. Submit the log with your post as an attachment. Note that passwords and passphrases not stored in the log. You may want to remove other data you consider sensitive though, such as host names, IP addresses, account names or file names (unless they are relevant to the problem). If you do not want to post the log publicly, you can mark the attachment as private.

Reply with quote

barrettcolin
Joined:
Posts:
1

I apologize for jumping into this thread, but maybe I can help; I too have observed "Incoming packet was garbled" errors when SFTPing files to a Debian wheezy/OpenSSH server using WinSCP 5.7.1 but not – as the OP indicated – with WinSCP 5.5.6.

I've attached logs from both (the operations weren't exactly the same, but hopefully that isn't important here) – let me know if there's anything else I can do

Reply with quote

martin
Site Admin
martin avatar

Thanks for your report. I have sent you a development version of WinSCP for testing. It might fix your problem. Let me know.

Reply with quote

Advertisement

martin
Site Admin
martin avatar
Joined:
Posts:
41,392
Location:
Prague, Czechia

Can you send me an email, so I can send you back a development version of WinSCP for testing? Please include link back to this topic in your email. Also note in this topic that you have sent the email. Thanks.

You will find my address (if you log in) in my forum profile.

Reply with quote

cedral
Joined:
Posts:
2
Location:
Austin, Texas, USA

Me too...

I am seeing this issue as well. I sent you an email as requested. And I am noting it here as requested also.

Reply with quote

martin
Site Admin
martin avatar
Joined:
Posts:
41,392
Location:
Prague, Czechia

Re: Me too...

@cedral: Please first attach a full log file showing the problem (using the latest version of WinSCP).

To generate log file, enable logging, log in to your server and do the operation and only the operation that causes the error. Submit the log with your post as an attachment. Note that passwords and passphrases not stored in the log. You may want to remove other data you consider sensitive though, such as host names, IP addresses, account names or file names (unless they are relevant to the problem). If you do not want to post the log publicly, you can mark the attachment as private.

Reply with quote

cedral
Joined:
Posts:
2
Location:
Austin, Texas, USA

Re: Me too...

Alright, I have generated logs from my server showing unencrypted outbound packets and iv encryption numbers followed by outbound encrypted packets. I have modified winscp to display the IV when decrypting and the blocksize long encrypted value when the decrypted packet length is garbled.

What I see is that winscp is skipping several packets and thus attempting to decrypt with the wrong IV. I generated a capture using network monitor on the server and found all the packets going out in order. I did notice that several packets are going out in the same TCP frame. The first one in that frame is the last one that winscp successfully decrypts. The rest in that frame get ignored and winscp tries to process the packet in the following frame is if though there had been no intervening packets.

I am attaching a zip with 3 files that show the problem.
  • server2client_tcpstream.txt, a text file containing the TCP payload for the 2 frames in question
  • debug.log, a pruned log showing the relevant outbound data from the server
  • ssh1.log, the modified WinSCP log.
If you want the network capture that file 1 was derived from just let me know. It is too large but I can put it on a webserver and send a url via email.

If you would like to contact me directly via email I can give you an account on this server. the bug is speed dependent. you need be able to upload at faster than about 1400 KB/s for it to happen so you may or may not be able to reproduce it. It varies when it happens, though it almost always happens before 200 MBs have been uploaded.
  • Archive.zip (59.7 KB, Private file)
Description: 1. server2client_tcpstream.txt, a text file containing the tcp payload for the 2 frames in question
2. debug.log, a pruned log showing the relevant outbound data from the server
3. ssh1.log, the modified winscp log.

Reply with quote

Advertisement

Advertisement

You can post new topics in this forum