diff options
| author | Jon Simons <jon@jonsimons.org> | 2019-04-24 11:09:26 -0700 |
|---|---|---|
| committer | Andreas Schneider <asn@cryptomilk.org> | 2019-04-29 14:00:39 +0200 |
| commit | 19cb6f1b6c07db50ce314e2cee59bc046b0835ca (patch) | |
| tree | 6a98c0321bc985f459a747b0954c4b798a0e54e1 /src/server.c | |
| parent | c0f3a96089613ada8cb97de84ce071aac1efe9d6 (diff) | |
| download | libssh-19cb6f1b6c07db50ce314e2cee59bc046b0835ca.tar.gz libssh-19cb6f1b6c07db50ce314e2cee59bc046b0835ca.tar.xz libssh-19cb6f1b6c07db50ce314e2cee59bc046b0835ca.zip | |
server: fix sending SSH_MSG_EXT_INFO upon rekey
Fix libssh server sending SSH_MSG_EXT_INFO messages upon rekey: clients
do not expect that message during rekey, and OpenSSH in particular will
log error messages along the lines of:
"kex protocol error: type 7 seq 15"
when the message is received during a rekey.
To fix, check against the session connected flag, which only transitions
to non-zero following the first successful authentication.
bf2c7128ab67cca007b2ba6a59fbfb82afb8c8c6 adds logic to resolve this
issue, but it turns out that checking the session_state to avoid
sending the message is insufficient, because that state is re-set
to SSH_SESSION_STATE_KEXINIT_RECEIVED during rekey.
The before-and-after effects of this change can be observed using the
pkd --rekey flag as so:
./pkd_hello -t torture_pkd_openssh_rsa_rsa_sha2_256 \
-i1 --rekey=16 -v -v -v 2>&1 |
grep -e 'KEY' -e 'EXT'
^ where before the change, multiple SSH_MSG_EXT_INFO send messages are
logged; after, there is only a single SSH_MSG_EXT_INFO logged once upon
the first initial key exchange.
Cross-reference: https://bugs.libssh.org/T121.
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'src/server.c')
| -rw-r--r-- | src/server.c | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/src/server.c b/src/server.c index 2d7e91f1..b2c81b60 100644 --- a/src/server.c +++ b/src/server.c @@ -361,7 +361,22 @@ static void ssh_server_connection_callback(ssh_session session){ */ if (session->extensions & SSH_EXT_NEGOTIATION && session->session_state != SSH_SESSION_STATE_AUTHENTICATED) { - ssh_server_send_extensions(session); + + /* + * Only send an SSH_MSG_EXT_INFO message the first time the client + * undergoes NEWKEYS. It is unexpected for this message to be sent + * upon rekey, and may cause clients to log error messages. + * + * The session_state can not be used for this purpose because it is + * re-set to SSH_SESSION_STATE_KEXINIT_RECEIVED during rekey. So, + * use the connected flag which transitions from non-zero below. + * + * See also: + * - https://bugzilla.mindrot.org/show_bug.cgi?id=2929 + */ + if (session->connected == 0) { + ssh_server_send_extensions(session); + } } set_status(session,1.0f); |