From 701d43b8594365b55421e8bc4c53efa920c09ed5 Mon Sep 17 00:00:00 2001 From: Matt Johnston Date: Sun, 24 May 2020 14:16:58 +0800 Subject: send and handle SSH_MSG_EXT_INFO only at the correct point - other fixes for rsa pubkey auth - only include ext-info handling when rsa pubkey auth is compiled --- cli-kex.c | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'cli-kex.c') diff --git a/cli-kex.c b/cli-kex.c index 99370eb..98b0245 100644 --- a/cli-kex.c +++ b/cli-kex.c @@ -418,6 +418,15 @@ void recv_msg_ext_info(void) { unsigned int num_ext; unsigned int i; + TRACE(("enter recv_msg_ext_info")) + + /* Must be after the first SSH_MSG_NEWKEYS */ + TRACE(("last %d, donefirst %d, donescond %d", ses.lastpacket, ses.kexstate.donefirstkex, ses.kexstate.donesecondkex)) + if (!(ses.lastpacket == SSH_MSG_NEWKEYS && !ses.kexstate.donesecondkex)) { + TRACE(("leave recv_msg_ext_info: ignoring packet received at the wrong time")) + return; + } + num_ext = buf_getint(ses.payload); TRACE(("received SSH_MSG_EXT_INFO with %d items", num_ext)) @@ -435,4 +444,5 @@ void recv_msg_ext_info(void) { } m_free(ext_name); } + TRACE(("leave recv_msg_ext_info")) } -- cgit v1.2.3