aboutsummaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
authorJon Simons <jon@jonsimons.org>2014-04-09 15:24:04 -0700
committerAndreas Schneider <asn@cryptomilk.org>2014-04-10 08:54:10 +0200
commit5865b9436fda96ac9fc7c18e4dffe5fb12dcc515 (patch)
tree0277dbd961c319e20020a8f78592dca1be326b8f /doc
parentad1313c2e5cf273aec7bf5415876d389ea8d8ae7 (diff)
downloadlibssh-5865b9436fda96ac9fc7c18e4dffe5fb12dcc515.tar.gz
libssh-5865b9436fda96ac9fc7c18e4dffe5fb12dcc515.tar.xz
libssh-5865b9436fda96ac9fc7c18e4dffe5fb12dcc515.zip
kex: server fix for first_kex_packet_follows
Ensure to honor the 'first_kex_packet_follow' field when processing KEXINIT messages in the 'ssh_packet_kexinit' callback. Until now libssh would assume that this field is always unset (zero). But some clients may set this (dropbear at or beyond version 2013.57), and it needs to be included when computing the session ID. Also include logic for handling wrongly-guessed key exchange algorithms. Save whether a client's guess is wrong in a new field in the session struct: when set, the next KEX_DHINIT message to be processed will be ignored per RFC 4253, 7.1. While here, update both 'ssh_packet_kexinit' and 'make_sessionid' to use softabs with a 4 space indent level throughout, and also convert various error-checking to store intermediate values into an explicit 'rc'. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'doc')
0 files changed, 0 insertions, 0 deletions