[Bug 2929] OpenSSH server should not send the SSH_MSG_EXT_INFO message after rekeying

Wed Nov 14 21:24:45 AEDT 2018

https://bugzilla.mindrot.org/show_bug.cgi?id=2929

Darren Tucker <dtucker at dtucker.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |dtucker at dtucker.net

--- Comment #1 from Darren Tucker <dtucker at dtucker.net> ---
(In reply to Jakub Jelen from comment #0)
> The RFC 8308 specifies, that the SSH_MSG_EXT_INFO message should be
> sent after the *first* SSH_MSG_NEWKEYS message, while the OpenSSH
> server sends it also after the rekey:
> 
> >    o  As the next packet following the server's first SSH_MSG_NEWKEYS.

Under what conditions does the server send SSH_MSG_EXT_INFO a second
time?  The client removes it from the proposal once sent:

sshconnect2.c:().
        /* remove ext-info from the KEX proposals for rekeying */
        myproposal[PROPOSAL_KEX_ALGS] =
            compat_kex_proposal(options.kex_algorithms);

and kex.c sets the handler to return an error after the first instance:

kex.c:kex_input_ext_info():
        debug("SSH2_MSG_EXT_INFO received");
        ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, &kex_protocol_error);

even removing that dispatch_set on the client side I can only see a
single SSH2_MSG_EXT_INFO received on the client side.

> Side note:
> The draft-ssh-ext-info-04  from [1] is already RFC [2], so the page
> could make use of an update. Also the draft-rsa-dsa-sha2-256-03 is
> already RFC [3].
> 
> [1] http://www.openssh.com/specs.html
> [2] https://tools.ietf.org/html/rfc8308
> [3] https://tools.ietf.org/html/rfc8332

Fixed those, thanks.  I periodically check them but don't always catch
status changes.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.