diff options
author | Matt Johnston <matt@ucc.asn.au> | 2011-06-07 11:55:44 +0000 |
---|---|---|
committer | Matt Johnston <matt@ucc.asn.au> | 2011-06-07 11:55:44 +0000 |
commit | 4b42ee4a3d866e6ccdb1ed49a742cd73764da227 (patch) | |
tree | e5621d96aad5611e969fb6c09c9cee2b5a228e1d | |
parent | 24c6d458699893a70bee9e12f0c2851a164c1048 (diff) | |
download | dropbear-4b42ee4a3d866e6ccdb1ed49a742cd73764da227.tar.gz |
Fix case where "-K 1" would cause a SSH_MSG_IGNORE packet to be sent
with the wrong encryption key ("bad packet length" symptom) while
key exchange was happening.
-rw-r--r-- | kex.h | 4 | ||||
-rw-r--r-- | packet.c | 8 |
2 files changed, 9 insertions, 3 deletions
@@ -52,8 +52,8 @@ struct KEXState { unsigned sentkexinit : 1; /*set when we've sent/recv kexinit packet */ unsigned recvkexinit : 1; unsigned firstfollows : 1; /* true when first_kex_packet_follows is set */ - unsigned sentnewkeys : 1; /* set once we've send/recv'ed MSG_NEWKEYS*/ - unsigned recvnewkeys : 1; + unsigned sentnewkeys : 1; /* set once we've send MSG_NEWKEYS (will be cleared once we have also received */ + unsigned recvnewkeys : 1; /* set once we've received MSG_NEWKEYS (cleared once we have also sent */ unsigned donefirstkex : 1; /* Set to 1 after the first kex has completed, ie the transport layer has been set up */ @@ -441,10 +441,16 @@ void encrypt_packet() { TRACE(("encrypt_packet type is %d", packet_type)) - if (!ses.dataallowed && !packet_is_okay_kex(packet_type)) { + if ((!ses.dataallowed && !packet_is_okay_kex(packet_type)) + || ses.kexstate.sentnewkeys) { /* During key exchange only particular packets are allowed. Since this packet_type isn't OK we just enqueue it to send after the KEX, see maybe_flush_reply_queue */ + + /* We also enqueue packets here when we have sent a MSG_NEWKEYS + * packet but are yet to received one. For simplicity we just switch + * over all the keys at once. This is the 'ses.kexstate.sentnewkeys' + * case. */ enqueue_reply_packet(); return; } |