upstream: Explicitly check for and start time-based rekeying in the

client and server mainloops.

Previously the rekey timeout could expire but rekeying would not start
until a packet was sent or received. This could cause us to spin in
select() on the rekey timeout if the connection was quiet.

ok markus@

OpenBSD-Commit-ID: 4356cf50d7900f3df0a8f2117d9e07c91b9ff987

1 files changed, 12 insertions, 7 deletions

diff --git a/packet.c b/packet.c
index 85784ac57..990899418 100644
--- a/packet.c
+++ b/packet.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.c,v 1.300 2021/04/03 06:18:40 djm Exp $ */
+/* $OpenBSD: packet.c,v 1.301 2021/07/16 09:00:23 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1002,6 +1002,15 @@ ssh_packet_need_rekeying(struct ssh *ssh, u_int outbound_packet_len)
 	    (state->p_read.blocks > state->max_blocks_in));
 }
 
+int
+ssh_packet_check_rekey(struct ssh *ssh)
+{
+	if (!ssh_packet_need_rekeying(ssh, 0))
+		return 0;
+	debug3_f("rekex triggered");
+	return kex_start_rekex(ssh);
+}
+
 /*
  * Delayed compression for SSH2 is enabled after authentication:
  * This happens on the server side after a SSH2_MSG_USERAUTH_SUCCESS is sent,
@@ -1695,12 +1704,8 @@ ssh_packet_read_poll2(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 	/* reset for next packet */
 	state->packlen = 0;
 
-	/* do we need to rekey? */
-	if (ssh_packet_need_rekeying(ssh, 0)) {
-		debug3_f("rekex triggered");
-		if ((r = kex_start_rekex(ssh)) != 0)
-			return r;
-	}
+	if ((r = ssh_packet_check_rekey(ssh)) != 0)
+		return r;
  out:
 	return r;
 }