Mercurial > dropbear
changeset 1743:7d8462677355 fuzz
Disallow extra kexinit messages
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Sun, 18 Oct 2020 22:17:54 +0800 |
| parents | 6e71440b1e47 |
| children | 6cf465af5d9f |
| files | common-kex.c |
| diffstat | 1 files changed, 6 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/common-kex.c Sun Oct 18 15:08:54 2020 +0800 +++ b/common-kex.c Sun Oct 18 22:17:54 2020 +0800 @@ -487,6 +487,12 @@ TRACE(("continue recv_msg_kexinit: sent kexinit")) } + /* "Once a party has sent a SSH_MSG_KEXINIT message ... + further SSH_MSG_KEXINIT messages MUST NOT be sent" */ + if (ses.kexstate.recvkexinit) { + dropbear_exit("Unexpected KEXINIT"); + } + /* start the kex hash */ local_ident_len = strlen(LOCAL_IDENT); remote_ident_len = strlen(ses.remoteident);