[Bug 2929] OpenSSH server should not send the SSH_MSG_EXT_INFO message after rekeying

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Thu Nov 15 20:13:58 AEDT 2018


https://bugzilla.mindrot.org/show_bug.cgi?id=2929

--- Comment #2 from Jakub Jelen <jjelen at redhat.com> ---
I noticed this with different client than OpenSSH. This indeed happens
when the client sends the ext-info-c also with the rekeying
SSH_MGS_KEXINIT, which looks like wrong thing to do (and which I
probably missed in the first reads of the rfc):

>   Applications implementing this mechanism MUST add one of the
>   following indicator names to the field kex_algorithms in the
>   SSH_MSG_KEXINIT message sent by the application in the first key
>   exchange:

In that case, I will make sure this is fixed in libssh does not append
the ext-info-c to the rekeying requests.

But even though the client did not do the correct thing, I think server
should not be manipulated to do the bad thing either.

The message sending is triggered directly by setting the ext_info from
the current key exchange, but I think, there should be also a condition
to skip the call to kex_send_ext_info() if we are in state of rekeying.

https://github.com/openssh/openssh-portable/blob/120a1ec7/kex.c#L421

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list