[openssh-commits] [openssh] 01/01: upstream commit

[git+noreply at mindrot.org]

This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 2adbe1e63bc313d03e8e84e652cc623af8ebb163
Author: markus at openbsd.org <markus at openbsd.org>
Date:   Wed Mar 15 07:07:39 2017 +0000

    upstream commit
    
    disallow KEXINIT before NEWKEYS; ok djm; report by
    vegard.nossum at oracle.com
    
    Upstream-ID: 3668852d1f145050e62f1da08917de34cb0c5234
---
 kex.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/kex.c b/kex.c
index 8ac0029..cf4ac0d 100644
--- a/kex.c
+++ b/kex.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.c,v 1.130 2017/03/10 04:07:20 djm Exp $ */
+/* $OpenBSD: kex.c,v 1.131 2017/03/15 07:07:39 markus Exp $ */
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
  *
@@ -341,7 +341,6 @@ kex_reset_dispatch(struct ssh *ssh)
 {
 	ssh_dispatch_range(ssh, SSH2_MSG_TRANSPORT_MIN,
 	    SSH2_MSG_TRANSPORT_MAX, &kex_protocol_error);
-	ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_input_kexinit);
 }
 
 static int
@@ -431,6 +430,7 @@ kex_input_newkeys(int type, u_int32_t seq, void *ctxt)
 
 	debug("SSH2_MSG_NEWKEYS received");
 	ssh_dispatch_set(ssh, SSH2_MSG_NEWKEYS, &kex_protocol_error);
+	ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_input_kexinit);
 	if ((r = sshpkt_get_end(ssh)) != 0)
 		return r;
 	if ((r = ssh_set_newkeys(ssh, MODE_IN)) != 0)
@@ -545,6 +545,7 @@ kex_new(struct ssh *ssh, char *proposal[PROPOSAL_MAX], struct kex **kexp)
 		goto out;
 	kex->done = 0;
 	kex_reset_dispatch(ssh);
+	ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_input_kexinit);
 	r = 0;
 	*kexp = kex;
  out:

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.