Releases: rapier1/hpn-ssh
HPN-SSH 18.4.1
This is a bug fix release for HPN-SSH.
In some cases the output buffer for the ssh channel, specifically the buffer that writes to local I/O, might experience unregulated growth. This seems to happen most frequently where there are dramatic shifts in the write speed caused by excessive I/O contention. This can cause the buffer to grow above the maximum size leading to connection termination. This release resolves that problem but may not be the optimal solution. In some situations the channel output buffer can still grow quite large (up to a maximum of 128MB) but it will no longer overflow that buffer. More work on optimizing buffer handling is going to be required in the long term.
Additionally, the HPNBufferLimit option was intended to clamp the inbound flow control buffer to half of the available window. Unfortunately, it looks like it's been broken for some time with a tendency to reduce the window to zero and cut the connection. As this option was specifically to deal with one special case and it's broken, fixing it doesn't seem like the right thing to do. As such, we've removed the HPNBufferLimit option.
HPN-SSH 18.4.0
We've just released HPN-SSH 18.4.0. This release brings us up to currency with OpenSSH 9.7p1.
There are relatively few changes in this release outside of the 9.7 merge. Some minor documentation fixes, an update to our binary notation library (used by the metrics option), and the removal of a unnecessary double dereferencing in metrics.c.
This took a little longer to roll out than expected due to other obligations that we needed to prioritize.
Binary packages are currently available at:
Fedora: https://copr.fedorainfracloud.org/coprs/rapier1/hpnssh/
Ubuntu: https://launchpad.net/~rapier1/+archive/ubuntu/hpnssh
Debian: https://download.opensuse.org/repositories/home:/rapier1
(available shortly)
We've also updated the DynamicWindow branch to version 9.7 as well. Look for it under the hpn-DynamicWindow-9_7_P1 tag.
If you have any problems, concerns, or suggestions please let us know.
Thanks for your continued support of HPN-SSH.
18.4.0 Release Candidate
This pre-release incorporates OpenSSH 9.7p1. On the HPN-SSH side of things this also includes the latest version of binn.[c|h] which is used to serialize data between the server and client when using the inband metrics gathering option. Aside from that only minor updates to the documentation were made.
HPN-SSH 18.3.1
Temporary bug fix for 128bit xors in AES-CTR-MT. Not sure of the cause but it's happening under GCC13 and not GCC12 or GCC11 so we are thinking something has changed there. This shouldn't impact performance all that much.
Once we have a better solution in place we will release a new version. However, since this is in a critical code path we wanted to get this out immediately.
HPN-SSH 18.3.0 for OpenSSH 9.6p1
HPN-SSH 18.3.0 incorporates the most recent OpenSSH release, 9.6p1. This version does not introduce any new functionality. However, this release addresses a potential bug that may be encountered when an OpenSSH install is sending data to an HPN-SSH install. In some circumstances, especially at higher RTTs, it is possible that the transfer will enter into a pathological state typified by greatly reduced performance and excessive CPU usage on the sender side. We believe that this might be caused by poor interactions in OpenSSH when large receive windows are advertised to the client. This has been addressed by reducing the maximum size of the window advertised to OpenSSH to 15MB. This is a non-optimal solution especially in high RTT environments. We will be continuing to explore the causes and work towards creating a more performant solution for these situations.
HPN-SSH 18.2.0
This release brings HPN-SSH up to parity with OpenSSH 9.5p1. The only other change is that the HPNBufferSize and TcpRcvBuf options were removed. Both of the options were used to limit the throughput by imposing constraints on the receive buffer - either at the application layer for HPNBufferSize or at the TCP layer with TcpRcvBuf. Due to changes in the way that flow control was implemented (around 8.9p1) neither of these options actually had any effect. If, at some point, we do need to implement a throughput limiter there are better and more transparent ways to do this.
HPN-SSH 18.1.0 for OpenSSH 9.4
This is the 18.1.0 release of HPN-SSH based on OpenSSH 9.4. The major changes
included in this release are the introduction of a parallel ChaCha20-Poly1305 cipher
called chacha20-poly1305-mt@hpnssh.org. This is now the default cipher used by
HPN-SSH. You may use the serial version of the cipher by explicitly calling it
with -cchacha20-poly1035@openssh.com if you prefer. However, this will only have
an impact on the local instantiation of hpnssh or hpnsshd. To use serial ChaCha20
on both ends of the connection you must run both the server and client with the
serial version.
We have also improved the efficacy of the Poly1305 MAC by using OpenSSL functions
to compute the MAC instead of the portable C implementation included in OpenSSH. Our
implementation of Poly1305 will fall back to the portable implementation if the OpenSSL
EVP is not available.
There have been other minor changes to improve code readability, improve compatibility
with LibreSSL, support Alpine more gracefully, and so forth.
Lastly, the versioning scheme as been normalize to Major.Minor.Fix. For example,
this version is 18.1.0 meaning that it is the 18th Major release, the 1st minor
release, and there 0 fixes/patches applied. In this scheme a minor bug fix will
increment the Fix value. A forward port to a new version of OpenSSH or a performance
improvement will increment the Minor value (and reset the Fix value). The introduction
of a major change or functionality will increment the Major value while resetting
both Minor and Fix to 1 and 0 respectively.
Okayed by mwd@psc.edu and rapier@psc.edu
What's Changed
- Fix deadlocks in cipher ctr mt by @chutz in #7
- Use an exit flag as well as pthread_cancel to tell worker threads to terminate by @chutz in #8
- fix typos in HPN-README by @allanjude in #12
- HPN-README: Mention correct OpenSSH buffer size by @nh2 in #24
- Create FUNDING.yml by @rapier1 in #33
- cipher-ctr-mt: Fix fscanf() on FILE *fp == NULL on non-SMT machines by @S-trace in #34
- Reorder user creation and install steps in install instructions by @mpounsett in #43
New Contributors
- @chutz made their first contribution in #7
- @allanjude made their first contribution in #12
- @nh2 made their first contribution in #24
- @fscheiner made their first contribution in #28
- @rapier1 made their first contribution in #33
- @S-trace made their first contribution in #34
- @mpounsett made their first contribution in #43
Full Changelog: https://github.com/rapier1/openssh-portable/commits/hpn-18.1.0
Contributors
Assets 2
v18.1.0-test
Source code for the v18.1.0 HPN-SSH Release