Mercurial > dropbear
comparison cli-kex.c @ 1681:435cfb9ec96e
send and handle SSH_MSG_EXT_INFO only at the correct point
- other fixes for rsa pubkey auth
- only include ext-info handling when rsa pubkey auth is compiled
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Sun, 24 May 2020 14:16:58 +0800 |
parents | d5cdc60db08e |
children | 8f93f37c01de |
comparison
equal
deleted
inserted
replaced
1680:5e763ad6e2e0 | 1681:435cfb9ec96e |
---|---|
416 /* This message is not client-specific in the protocol but Dropbear only handles | 416 /* This message is not client-specific in the protocol but Dropbear only handles |
417 a server-sent message at present. */ | 417 a server-sent message at present. */ |
418 unsigned int num_ext; | 418 unsigned int num_ext; |
419 unsigned int i; | 419 unsigned int i; |
420 | 420 |
421 TRACE(("enter recv_msg_ext_info")) | |
422 | |
423 /* Must be after the first SSH_MSG_NEWKEYS */ | |
424 TRACE(("last %d, donefirst %d, donescond %d", ses.lastpacket, ses.kexstate.donefirstkex, ses.kexstate.donesecondkex)) | |
425 if (!(ses.lastpacket == SSH_MSG_NEWKEYS && !ses.kexstate.donesecondkex)) { | |
426 TRACE(("leave recv_msg_ext_info: ignoring packet received at the wrong time")) | |
427 return; | |
428 } | |
429 | |
421 num_ext = buf_getint(ses.payload); | 430 num_ext = buf_getint(ses.payload); |
422 TRACE(("received SSH_MSG_EXT_INFO with %d items", num_ext)) | 431 TRACE(("received SSH_MSG_EXT_INFO with %d items", num_ext)) |
423 | 432 |
424 for (i = 0; i < num_ext; i++) { | 433 for (i = 0; i < num_ext; i++) { |
425 unsigned int name_len; | 434 unsigned int name_len; |
433 /* valid extension values could be >MAX_STRING_LEN */ | 442 /* valid extension values could be >MAX_STRING_LEN */ |
434 buf_eatstring(ses.payload); | 443 buf_eatstring(ses.payload); |
435 } | 444 } |
436 m_free(ext_name); | 445 m_free(ext_name); |
437 } | 446 } |
438 } | 447 TRACE(("leave recv_msg_ext_info")) |
448 } |