diff options
| author | Jakub Jelen <jjelen@redhat.com> | 2023-03-14 11:35:43 +0100 |
|---|---|---|
| committer | Andreas Schneider <asn@cryptomilk.org> | 2023-05-04 11:52:12 +0200 |
| commit | 247a4a761cfa745ed1090290c5107de6321143c9 (patch) | |
| tree | 63203d2b05fd0a320b4dd864744b80b18f92dff9 | |
| parent | a30339d7b16da7784413e4a4667feb3604ed0458 (diff) | |
| download | libssh-247a4a761cfa745ed1090290c5107de6321143c9.tar.gz libssh-247a4a761cfa745ed1090290c5107de6321143c9.tar.xz libssh-247a4a761cfa745ed1090290c5107de6321143c9.zip | |
CVE-2023-1667:packet: Do not allow servers to initiate handshake
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
| -rw-r--r-- | src/packet.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/packet.c b/src/packet.c index 60fc7fa3..eb7eb42a 100644 --- a/src/packet.c +++ b/src/packet.c @@ -366,6 +366,11 @@ static enum ssh_packet_filter_result_e ssh_packet_incoming_filter(ssh_session se * - session->dh_handshake_state = DH_STATE_NEWKEYS_SENT * */ + if (!session->server) { + rc = SSH_PACKET_DENIED; + break; + } + if (session->session_state != SSH_SESSION_STATE_DH) { rc = SSH_PACKET_DENIED; break; |