lib/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2025-09-11 13:30:43 +03:00
Code Activity

CVE-2023-1667:kex: Add support for sending first_kex_packet_follows flag

Browse Source 
This is not completely straightforward as it requires us to do some state
shuffling.

We introduce internal flag that can turn this on in client side, so far for
testing only as we do not want to universally enable this. We also repurpose the
server flag indicating the guess was wrong also for the client to make desired
decisions.

If we found out our guess was wrong, we need to hope the server was able to
figure out this much, we need to revert the DH FSM state, drop the callbacks
from the "wrong" key exchange method and initiate the right one.

The server side is already tested by the pkd_hello_i1, which is executing tests
against dropbrear clients, which is using this flag by default out of the box.

Tested manually also with the pkd_hello --rekey to make sure the server is able
to handle the rekeying with all key exchange methods.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
This commit is contained in:
Jakub Jelen
2023-03-16 11:55:12 +01:00
committed by Andreas Schneider
parent 8dbe055328
commit 08386d4787
4 changed files with 93 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/client.c
View File

@@ -246,10 +246,13 @@ end:
* @warning this function returning is no proof that DH handshake is
* completed
*/
static int dh_handshake(ssh_session session)
int dh_handshake(ssh_session session)
{
int rc = SSH_AGAIN;
SSH_LOG(SSH_LOG_TRACE, "dh_handshake_state = %d, kex_type = %d",
session->dh_handshake_state, session->next_crypto->kex_type);
switch (session->dh_handshake_state) {
case DH_STATE_INIT:
switch(session->next_crypto->kex_type){
@@ -391,6 +394,8 @@ static void ssh_client_connection_callback(ssh_session session)
{
int rc;
SSH_LOG(SSH_LOG_DEBUG, "session_state=%d", session->session_state);
switch (session->session_state) {
case SSH_SESSION_STATE_NONE:
case SSH_SESSION_STATE_CONNECTING:
@@ -452,6 +457,9 @@ static void ssh_client_connection_callback(ssh_session session)
goto error;
set_status(session, 0.8f);
session->session_state = SSH_SESSION_STATE_DH;
/* If the init packet was already sent in previous step, this will be no
* operation */
if (dh_handshake(session) == SSH_ERROR) {
goto error;
}