# HG changeset patch # User Matt Johnston # Date 1307447744 0 # Node ID 895fbe068f2c2aec794bf362100b6571b8420394 # Parent e27d7fb2337649a1b734d9a8becee0ecf9c5ef9d Fix case where "-K 1" would cause a SSH_MSG_IGNORE packet to be sent with the wrong encryption key ("bad packet length" symptom) while key exchange was happening. diff -r e27d7fb23376 -r 895fbe068f2c kex.h --- a/kex.h Tue Jun 07 11:08:47 2011 +0000 +++ b/kex.h Tue Jun 07 11:55:44 2011 +0000 @@ -52,8 +52,8 @@ unsigned sentkexinit : 1; /*set when we've sent/recv kexinit packet */ unsigned recvkexinit : 1; unsigned firstfollows : 1; /* true when first_kex_packet_follows is set */ - unsigned sentnewkeys : 1; /* set once we've send/recv'ed MSG_NEWKEYS*/ - unsigned recvnewkeys : 1; + unsigned sentnewkeys : 1; /* set once we've send MSG_NEWKEYS (will be cleared once we have also received */ + unsigned recvnewkeys : 1; /* set once we've received MSG_NEWKEYS (cleared once we have also sent */ unsigned donefirstkex : 1; /* Set to 1 after the first kex has completed, ie the transport layer has been set up */ diff -r e27d7fb23376 -r 895fbe068f2c packet.c --- a/packet.c Tue Jun 07 11:08:47 2011 +0000 +++ b/packet.c Tue Jun 07 11:55:44 2011 +0000 @@ -441,10 +441,16 @@ TRACE(("encrypt_packet type is %d", packet_type)) - if (!ses.dataallowed && !packet_is_okay_kex(packet_type)) { + if ((!ses.dataallowed && !packet_is_okay_kex(packet_type)) + || ses.kexstate.sentnewkeys) { /* During key exchange only particular packets are allowed. Since this packet_type isn't OK we just enqueue it to send after the KEX, see maybe_flush_reply_queue */ + + /* We also enqueue packets here when we have sent a MSG_NEWKEYS + * packet but are yet to received one. For simplicity we just switch + * over all the keys at once. This is the 'ses.kexstate.sentnewkeys' + * case. */ enqueue_reply_packet(); return; }