diff options
| author | Matt Johnston <matt@ucc.asn.au> | 2020-10-18 22:17:54 +0800 |
|---|---|---|
| committer | Matt Johnston <matt@ucc.asn.au> | 2020-10-18 22:17:54 +0800 |
| commit | 9afd1d411c36e39b01693e2b38402e6496c55aa8 (patch) | |
| tree | 22c46cadf508dc66aebd61d9b6ab10c4e0ab1bd5 | |
| parent | cccb8a53062c77d28a76fcfa091cc4f4ccc88302 (diff) | |
| download | dropbear-9afd1d411c36e39b01693e2b38402e6496c55aa8.tar.gz | |
Disallow extra kexinit messages
| -rw-r--r-- | common-kex.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/common-kex.c b/common-kex.c index 4caa06e..39d916b 100644 --- a/common-kex.c +++ b/common-kex.c @@ -487,6 +487,12 @@ void recv_msg_kexinit() { TRACE(("continue recv_msg_kexinit: sent kexinit")) } + /* "Once a party has sent a SSH_MSG_KEXINIT message ... + further SSH_MSG_KEXINIT messages MUST NOT be sent" */ + if (ses.kexstate.recvkexinit) { + dropbear_exit("Unexpected KEXINIT"); + } + /* start the kex hash */ local_ident_len = strlen(LOCAL_IDENT); remote_ident_len = strlen(ses.remoteident); |