ClearML/dropbear
1
0
Fork 0
mirror of https://github.com/clearml/dropbear synced 2025-06-26 18:17:32 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix failing rekeying when we receive a still-in-flight packet

Browse Source
This commit is contained in:
Matt Johnston
2014-01-23 21:56:35 +08:00
parent 8081b0e033
commit 8128b15e41
3 changed files with 25 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
process-packet.c
View File

@@ -75,15 +75,34 @@ void process_packet() {
/* This applies for KEX, where the spec says the next packet MUST be
* NEWKEYS */
if (ses.requirenext[0] != 0) {
if (ses.requirenext[0] != type
&& (ses.requirenext[1] == 0 || ses.requirenext[1] != type)) {
dropbear_exit("Unexpected packet type %d, expected [%d,%d]", type,
ses.requirenext[0], ses.requirenext[1]);
} else {
if (ses.requirenext[0] == type || ses.requirenext[1] == type)
{
/* Got what we expected */
TRACE(("got expeced packet %d during kexinit", type))
ses.requirenext[0] = 0;
ses.requirenext[1] = 0;
}
else
{
/* RFC4253 7.1 - various messages are allowed at this point.
The only ones we know about have already been handled though,
so just return "unimplemented" */
if (type >= 1 && type <= 49
&& type != SSH_MSG_SERVICE_REQUEST
&& type != SSH_MSG_SERVICE_ACCEPT
&& type != SSH_MSG_KEXINIT)
{
TRACE(("unknown allowed packet during kexinit"))
recv_unimplemented();
goto out;
}
else
{
TRACE(("disallowed packet during kexinit"))
dropbear_exit("Unexpected packet type %d, expected [%d,%d]", type,
ses.requirenext[0], ses.requirenext[1]);
}
}
}
/* Check if we should ignore this packet. Used currently only for