Mercurial > dropbear
comparison cli-kex.c @ 1681:435cfb9ec96e
send and handle SSH_MSG_EXT_INFO only at the correct point
- other fixes for rsa pubkey auth
- only include ext-info handling when rsa pubkey auth is compiled
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Sun, 24 May 2020 14:16:58 +0800 |
| parents | d5cdc60db08e |
| children | 8f93f37c01de |
comparison
equal
deleted
inserted
replaced
| 1680:5e763ad6e2e0 | 1681:435cfb9ec96e |
|---|---|
| 416 /* This message is not client-specific in the protocol but Dropbear only handles | 416 /* This message is not client-specific in the protocol but Dropbear only handles |
| 417 a server-sent message at present. */ | 417 a server-sent message at present. */ |
| 418 unsigned int num_ext; | 418 unsigned int num_ext; |
| 419 unsigned int i; | 419 unsigned int i; |
| 420 | 420 |
| 421 TRACE(("enter recv_msg_ext_info")) | |
| 422 | |
| 423 /* Must be after the first SSH_MSG_NEWKEYS */ | |
| 424 TRACE(("last %d, donefirst %d, donescond %d", ses.lastpacket, ses.kexstate.donefirstkex, ses.kexstate.donesecondkex)) | |
| 425 if (!(ses.lastpacket == SSH_MSG_NEWKEYS && !ses.kexstate.donesecondkex)) { | |
| 426 TRACE(("leave recv_msg_ext_info: ignoring packet received at the wrong time")) | |
| 427 return; | |
| 428 } | |
| 429 | |
| 421 num_ext = buf_getint(ses.payload); | 430 num_ext = buf_getint(ses.payload); |
| 422 TRACE(("received SSH_MSG_EXT_INFO with %d items", num_ext)) | 431 TRACE(("received SSH_MSG_EXT_INFO with %d items", num_ext)) |
| 423 | 432 |
| 424 for (i = 0; i < num_ext; i++) { | 433 for (i = 0; i < num_ext; i++) { |
| 425 unsigned int name_len; | 434 unsigned int name_len; |
| 433 /* valid extension values could be >MAX_STRING_LEN */ | 442 /* valid extension values could be >MAX_STRING_LEN */ |
| 434 buf_eatstring(ses.payload); | 443 buf_eatstring(ses.payload); |
| 435 } | 444 } |
| 436 m_free(ext_name); | 445 m_free(ext_name); |
| 437 } | 446 } |
| 438 } | 447 TRACE(("leave recv_msg_ext_info")) |
| 448 } |