diff options
author | Matt Johnston <matt@ucc.asn.au> | 2020-10-18 22:17:54 +0800 |
---|---|---|
committer | Matt Johnston <matt@ucc.asn.au> | 2020-10-18 22:17:54 +0800 |
commit | 5567c238a749b992faa9dce4a1df05861dd14f7c (patch) | |
tree | 6fe588eebb6820ff4af85e8c2314a3aa37a7b25c | |
parent | 33eba22966a897cb4fca2395912176e2713b050d (diff) |
Disallow extra kexinit messages
--HG--
branch : fuzz
-rw-r--r-- | common-kex.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/common-kex.c b/common-kex.c index 4caa06e..39d916b 100644 --- a/common-kex.c +++ b/common-kex.c @@ -487,6 +487,12 @@ void recv_msg_kexinit() { TRACE(("continue recv_msg_kexinit: sent kexinit")) } + /* "Once a party has sent a SSH_MSG_KEXINIT message ... + further SSH_MSG_KEXINIT messages MUST NOT be sent" */ + if (ses.kexstate.recvkexinit) { + dropbear_exit("Unexpected KEXINIT"); + } + /* start the kex hash */ local_ident_len = strlen(LOCAL_IDENT); remote_ident_len = strlen(ses.remoteident); |