aboutsummaryrefslogtreecommitdiff
path: root/src/kex.c
diff options
context:
space:
mode:
authorJakub Jelen <jjelen@redhat.com>2018-11-15 10:22:19 +0100
committerAndreas Schneider <asn@cryptomilk.org>2018-11-23 17:30:16 +0100
commit83f2ac4abb7a36f774ede89fa860d7971a65566c (patch)
tree1a3854f19248443c7d1a87611f2279d20afa61c6 /src/kex.c
parent0b4c2a8e62d8911bd732918088ad6a4e5c12c1c6 (diff)
downloadlibssh-83f2ac4abb7a36f774ede89fa860d7971a65566c.tar.gz
libssh-83f2ac4abb7a36f774ede89fa860d7971a65566c.tar.xz
libssh-83f2ac4abb7a36f774ede89fa860d7971a65566c.zip
kex: Do not negotiate extensions during rekey
The RFC 8308 clearly says, that the additional ext-info-c should be added only to the first SSH_MSG_KEXINIT. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'src/kex.c')
-rw-r--r--src/kex.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/src/kex.c b/src/kex.c
index 8bb19db0..c3f84eff 100644
--- a/src/kex.c
+++ b/src/kex.c
@@ -742,6 +742,11 @@ int ssh_set_client_kex(ssh_session session)
}
}
+ /* For rekeying, skip the extension negotiation */
+ if (session->session_state == SSH_SESSION_STATE_AUTHENTICATED) {
+ return SSH_OK;
+ }
+
/* Here we append ext-info-c to the list of kex algorithms */
kex = client->methods[SSH_KEX];
len = strlen(kex);