[Bug 2494] New: kex_protocol_error should send SSH2_MSG_UNIMPLEMENTED

[bugzilla-daemon at bugzilla.mindrot.org]

https://bugzilla.mindrot.org/show_bug.cgi?id=2494

            Bug ID: 2494
           Summary: kex_protocol_error should send SSH2_MSG_UNIMPLEMENTED
           Product: Portable OpenSSH
           Version: 6.9p1
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P5
         Component: sshd
          Assignee: unassigned-bugs at mindrot.org
          Reporter: cjwatson at debian.org

At least in the compat20 case, kex_protocol_error should send
SSH2_MSG_UNIMPLEMENTED as dispatch_protocol_error does rather than
simply logging and ignoring the message.  This would make it possible
for a client to actually find out that a message it has sent was
unrecognised rather than simply hanging, and perhaps even have a
fallback.  This would appear to be a MUST in RFC 4253 section 11.4, if
I'm reading it correctly.

(Discovered while debugging a twisted.conch hang that turned out to be
due to sending SSH2_MSG_KEX_DH_GEX_REQUEST_OLD, but it would have been
easier to spot if I'd got an unimplemented packet back from sshd.)

-- 
You are receiving this mail because:
You are watching the assignee of the bug.