diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2021-01-31 22:55:29 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2021-02-01 09:57:28 +1100 |
| commit | 3dd0c64e08f1bba21d71996d635c7256c8c139d1 (patch) | |
| tree | 8b1e590fba33fd7ebd8637970a8c67a266cf6035 /kex.h | |
| parent | 7a92a324a2e351fabd0ba8ef9b434d3b12d54ee3 (diff) | |
| download | openssh-git-3dd0c64e08f1bba21d71996d635c7256c8c139d1.tar.gz | |
upstream: more strictly enforce KEX state-machine by banning packet
types once they are received. Fixes memleak caused by duplicate
SSH2_MSG_KEX_DH_GEX_REQUEST (spotted by portable OpenSSH kex_fuzz via
oss-fuzz #30078).
ok markus@
OpenBSD-Commit-ID: 87331c715c095b587d5c88724694cdeb701c9def
Diffstat (limited to 'kex.h')
| -rw-r--r-- | kex.h | 3 |
1 files changed, 2 insertions, 1 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: kex.h,v 1.113 2021/01/27 10:05:28 djm Exp $ */ +/* $OpenBSD: kex.h,v 1.114 2021/01/31 22:55:29 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -193,6 +193,7 @@ int kex_verify_host_key(struct ssh *, struct sshkey *); int kex_send_kexinit(struct ssh *); int kex_input_kexinit(int, u_int32_t, struct ssh *); int kex_input_ext_info(int, u_int32_t, struct ssh *); +int kex_protocol_error(int, u_int32_t, struct ssh *); int kex_derive_keys(struct ssh *, u_char *, u_int, const struct sshbuf *); int kex_send_newkeys(struct ssh *); int kex_start_rekex(struct ssh *); |