send and handle SSH_MSG_EXT_INFO only at the correct point

- other fixes for rsa pubkey auth - only include ext-info handling when rsa pubkey auth is compiled
author: Matt Johnston <matt@ucc.asn.au> 2020-05-24 14:16:58 +0800
committer: Matt Johnston <matt@ucc.asn.au> 2020-05-24 14:16:58 +0800
commit: 701d43b8594365b55421e8bc4c53efa920c09ed5 (patch)
tree: aceb60a25d26b8d5f3b132df40e59c9218f8b66e /cli-kex.c
parent: 79bedc90a1efc9ba0b2c6565bd5264a7817e68d4 (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/cli-kex.c b/cli-kex.c
index 99370eb..98b0245 100644
--- a/cli-kex.c
+++ b/cli-kex.c
@@ -418,6 +418,15 @@ void recv_msg_ext_info(void) {
 	unsigned int num_ext;
 	unsigned int i;
 
+	TRACE(("enter recv_msg_ext_info"))
+
+	/* Must be after the first SSH_MSG_NEWKEYS */
+	TRACE(("last %d, donefirst %d, donescond %d", ses.lastpacket, ses.kexstate.donefirstkex, ses.kexstate.donesecondkex))
+	if (!(ses.lastpacket == SSH_MSG_NEWKEYS && !ses.kexstate.donesecondkex)) {
+		TRACE(("leave recv_msg_ext_info: ignoring packet received at the wrong time"))
+		return;
+	}
+
 	num_ext = buf_getint(ses.payload);
 	TRACE(("received SSH_MSG_EXT_INFO with %d items", num_ext))
 
@@ -435,4 +444,5 @@ void recv_msg_ext_info(void) {
 		}
 		m_free(ext_name);
 	}
+	TRACE(("leave recv_msg_ext_info"))
 }
author	Matt Johnston <matt@ucc.asn.au>	2020-05-24 14:16:58 +0800
committer	Matt Johnston <matt@ucc.asn.au>	2020-05-24 14:16:58 +0800
commit	701d43b8594365b55421e8bc4c53efa920c09ed5 (patch)
tree	aceb60a25d26b8d5f3b132df40e59c9218f8b66e /cli-kex.c
parent	79bedc90a1efc9ba0b2c6565bd5264a7817e68d4 (diff)