lib/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2025-12-14 04:18:54 +03:00
Code Activity

CVE-2023-48795: client side mitigation

Browse Source 
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
This commit is contained in:
Aris Adamantiadis
2023-12-12 23:09:57 +01:00
committed by Andreas Schneider
parent f353b39ff2
commit 7ecc6a704b
12 changed files with 125 additions and 69 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/ecdh_mbedcrypto.c
View File

@@ -318,16 +318,13 @@ SSH_PACKET_CALLBACK(ssh_packet_server_ecdh_init){
goto out;
}
rc = ssh_buffer_add_u8(session->out_buffer, SSH2_MSG_NEWKEYS);
if (rc < 0) {
rc = SSH_ERROR;
session->dh_handshake_state = DH_STATE_NEWKEYS_SENT;
/* Send the MSG_NEWKEYS */
rc = ssh_packet_send_newkeys(session);
if (rc == SSH_ERROR) {
goto out;
}
session->dh_handshake_state = DH_STATE_NEWKEYS_SENT;
rc = ssh_packet_send(session);
SSH_LOG(SSH_LOG_DEBUG, "SSH_MSG_NEWKEYS sent");
out:
mbedtls_ecp_group_free(&grp);
if (rc == SSH_ERROR) {