Mercurial > dropbear
diff process-packet.c @ 885:19ce21bd198a
Fix failing rekeying when we receive a still-in-flight packet
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Thu, 23 Jan 2014 21:56:35 +0800 |
parents | 220f55d540ae |
children | cbc73a5aefb0 |
line wrap: on
line diff
--- a/process-packet.c Fri Jan 17 21:42:32 2014 +0800 +++ b/process-packet.c Thu Jan 23 21:56:35 2014 +0800 @@ -75,15 +75,34 @@ /* This applies for KEX, where the spec says the next packet MUST be * NEWKEYS */ if (ses.requirenext[0] != 0) { - if (ses.requirenext[0] != type - && (ses.requirenext[1] == 0 || ses.requirenext[1] != type)) { - dropbear_exit("Unexpected packet type %d, expected [%d,%d]", type, - ses.requirenext[0], ses.requirenext[1]); - } else { + if (ses.requirenext[0] == type || ses.requirenext[1] == type) + { /* Got what we expected */ + TRACE(("got expeced packet %d during kexinit", type)) ses.requirenext[0] = 0; ses.requirenext[1] = 0; } + else + { + /* RFC4253 7.1 - various messages are allowed at this point. + The only ones we know about have already been handled though, + so just return "unimplemented" */ + if (type >= 1 && type <= 49 + && type != SSH_MSG_SERVICE_REQUEST + && type != SSH_MSG_SERVICE_ACCEPT + && type != SSH_MSG_KEXINIT) + { + TRACE(("unknown allowed packet during kexinit")) + recv_unimplemented(); + goto out; + } + else + { + TRACE(("disallowed packet during kexinit")) + dropbear_exit("Unexpected packet type %d, expected [%d,%d]", type, + ses.requirenext[0], ses.requirenext[1]); + } + } } /* Check if we should ignore this packet. Used currently only for