diff options
| author | Damien Miller <djm@cvs.openbsd.org> | 2021-01-31 22:55:30 +0000 |
|---|---|---|
| committer | Damien Miller <djm@cvs.openbsd.org> | 2021-01-31 22:55:30 +0000 |
| commit | 327262607e3aa39b08d7aa4da6579dc376c29d6d (patch) | |
| tree | c3e40cb2c7d7960dd28a375acfeb874fdcdef9e6 /usr.bin/ssh/kex.h | |
| parent | e88f40783917b32a9b3ca146492d41caa15e16dc (diff) | |
more strictly enforce KEX state-machine by banning packet types
once they are received. Fixes memleak caused by duplicate
SSH2_MSG_KEX_DH_GEX_REQUEST (spotted by portable OpenSSH kex_fuzz
via oss-fuzz #30078).
ok markus@
Diffstat (limited to 'usr.bin/ssh/kex.h')
| -rw-r--r-- | usr.bin/ssh/kex.h | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/usr.bin/ssh/kex.h b/usr.bin/ssh/kex.h index c81b491188f..212fd35d56b 100644 --- a/usr.bin/ssh/kex.h +++ b/usr.bin/ssh/kex.h @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.h,v 1.113 2021/01/27 10:05:28 djm Exp $ */ +/* $OpenBSD: kex.h,v 1.114 2021/01/31 22:55:29 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -186,6 +186,7 @@ int kex_verify_host_key(struct ssh *, struct sshkey *); int kex_send_kexinit(struct ssh *); int kex_input_kexinit(int, u_int32_t, struct ssh *); int kex_input_ext_info(int, u_int32_t, struct ssh *); +int kex_protocol_error(int, u_int32_t, struct ssh *); int kex_derive_keys(struct ssh *, u_char *, u_int, const struct sshbuf *); int kex_send_newkeys(struct ssh *); int kex_start_rekex(struct ssh *); |