diff options
| author | markus@openbsd.org <markus@openbsd.org> | 2017-03-15 08:07:39 +0100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2017-03-17 07:12:44 +0100 |
| commit | 2adbe1e63bc313d03e8e84e652cc623af8ebb163 (patch) | |
| tree | 7e0b20c631d1c3427b3e8a1eea988577692e5b2c /kex.c | |
| parent | Include includes.h for compat bits. (diff) | |
| download | openssh-2adbe1e63bc313d03e8e84e652cc623af8ebb163.tar.xz openssh-2adbe1e63bc313d03e8e84e652cc623af8ebb163.zip | |
upstream commit
disallow KEXINIT before NEWKEYS; ok djm; report by
vegard.nossum at oracle.com
Upstream-ID: 3668852d1f145050e62f1da08917de34cb0c5234
Diffstat (limited to '')
| -rw-r--r-- | kex.c | 5 |
1 files changed, 3 insertions, 2 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: kex.c,v 1.130 2017/03/10 04:07:20 djm Exp $ */ +/* $OpenBSD: kex.c,v 1.131 2017/03/15 07:07:39 markus Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * @@ -341,7 +341,6 @@ kex_reset_dispatch(struct ssh *ssh) { ssh_dispatch_range(ssh, SSH2_MSG_TRANSPORT_MIN, SSH2_MSG_TRANSPORT_MAX, &kex_protocol_error); - ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_input_kexinit); } static int @@ -431,6 +430,7 @@ kex_input_newkeys(int type, u_int32_t seq, void *ctxt) debug("SSH2_MSG_NEWKEYS received"); ssh_dispatch_set(ssh, SSH2_MSG_NEWKEYS, &kex_protocol_error); + ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_input_kexinit); if ((r = sshpkt_get_end(ssh)) != 0) return r; if ((r = ssh_set_newkeys(ssh, MODE_IN)) != 0) @@ -545,6 +545,7 @@ kex_new(struct ssh *ssh, char *proposal[PROPOSAL_MAX], struct kex **kexp) goto out; kex->done = 0; kex_reset_dispatch(ssh); + ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_input_kexinit); r = 0; *kexp = kex; out: |