Mercurial > dropbear
diff svr-kex.c @ 1681:435cfb9ec96e
send and handle SSH_MSG_EXT_INFO only at the correct point
- other fixes for rsa pubkey auth
- only include ext-info handling when rsa pubkey auth is compiled
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Sun, 24 May 2020 14:16:58 +0800 |
| parents | 4b4cfc92c5b7 |
| children | 284c3837891c |
line wrap: on
line diff
--- a/svr-kex.c Sun May 24 13:34:19 2020 +0800 +++ b/svr-kex.c Sun May 24 14:16:58 2020 +0800 @@ -38,13 +38,15 @@ #include "gensignkey.h" static void send_msg_kexdh_reply(mp_int *dh_e, buffer *ecdh_qs); +#if DROPBEAR_EXT_INFO +static void send_msg_ext_info(void); +#endif /* Handle a diffie-hellman key exchange initialisation. This involves * calculating a session key reply value, and corresponding hash. These * are carried out by send_msg_kexdh_reply(). recv_msg_kexdh_init() calls * that function, then brings the new keys into use */ void recv_msg_kexdh_init() { - DEF_MP_INT(dh_e); buffer *ecdh_qs = NULL; @@ -87,9 +89,12 @@ send_msg_newkeys(); - if (ses.allow_ext_info) { +#if DROPBEAR_EXT_INFO + /* Only send it following the first newkeys */ + if (!ses.kexstate.donesecondkex && ses.allow_ext_info) { send_msg_ext_info(); } +#endif ses.requirenext = SSH_MSG_NEWKEYS; TRACE(("leave recv_msg_kexdh_init")) @@ -247,8 +252,9 @@ TRACE(("leave send_msg_kexdh_reply")) } +#if DROPBEAR_EXT_INFO /* Only used for server-sig-algs on the server side */ -void send_msg_ext_info(void) { +static void send_msg_ext_info(void) { TRACE(("enter send_msg_ext_info")) buf_putbyte(ses.writepayload, SSH_MSG_EXT_INFO); @@ -261,5 +267,5 @@ encrypt_packet(); TRACE(("leave send_msg_ext_info")) - } +#endif