upstream commit

disallow KEXINIT before NEWKEYS; ok djm; report by vegard.nossum at oracle.com Upstream-ID: 3668852d1f145050e62f1da08917de34cb0c5234
author: markus@openbsd.org <markus@openbsd.org> 2017-03-15 07:07:39 +0000
committer: Damien Miller <djm@mindrot.org> 2017-03-17 17:12:44 +1100
commit: 2adbe1e63bc313d03e8e84e652cc623af8ebb163 (patch)
tree: 7e0b20c631d1c3427b3e8a1eea988577692e5b2c
parent: 2fbf91684d76d38b9cf06550b69c9e41bca5a71c (diff)
1 files changed, 3 insertions, 2 deletions
diff --git a/kex.c b/kex.c
index 8ac00299c..cf4ac0dc5 100644
--- a/kex.c
+++ b/kex.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.c,v 1.130 2017/03/10 04:07:20 djm Exp $ */
+/* $OpenBSD: kex.c,v 1.131 2017/03/15 07:07:39 markus Exp $ */
 /*
 * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
 *
@@ -341,7 +341,6 @@ kex_reset_dispatch(struct ssh *ssh)
 {
        ssh_dispatch_range(ssh, SSH2_MSG_TRANSPORT_MIN,
            SSH2_MSG_TRANSPORT_MAX, &kex_protocol_error);
-        ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_input_kexinit);
 }
 static int
@@ -431,6 +430,7 @@ kex_input_newkeys(int type, u_int32_t seq, void *ctxt)
        debug("SSH2_MSG_NEWKEYS received");
        ssh_dispatch_set(ssh, SSH2_MSG_NEWKEYS, &kex_protocol_error);
+        ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_input_kexinit);
        if ((r = sshpkt_get_end(ssh)) != 0)
                return r;
        if ((r = ssh_set_newkeys(ssh, MODE_IN)) != 0)
@@ -545,6 +545,7 @@ kex_new(struct ssh *ssh, char *proposal[PROPOSAL_MAX], struct kex **kexp)
                goto out;
        kex->done = 0;
        kex_reset_dispatch(ssh);
+        ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_input_kexinit);
        r = 0;
        *kexp = kex;
 out:
author	markus@openbsd.org <markus@openbsd.org>	2017-03-15 07:07:39 +0000
committer	Damien Miller <djm@mindrot.org>	2017-03-17 17:12:44 +1100
commit	2adbe1e63bc313d03e8e84e652cc623af8ebb163 (patch)
tree	7e0b20c631d1c3427b3e8a1eea988577692e5b2c
parent	2fbf91684d76d38b9cf06550b69c9e41bca5a71c (diff)