From bf2c7128ab67cca007b2ba6a59fbfb82afb8c8c6 Mon Sep 17 00:00:00 2001 From: Jakub Jelen Date: Thu, 15 Nov 2018 10:44:37 +0100 Subject: [PATCH] server: Do not send SSH_MSG_EXT_INFO after rekey This should not be a problem for well-behaving clients that do not append the ext-info-c to the rekey, but if they do, we should not send it either. Resolves: T121 Signed-off-by: Jakub Jelen Reviewed-by: Andreas Schneider --- src/server.c | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/src/server.c b/src/server.c index b998c9cb..8197fd86 100644 --- a/src/server.c +++ b/src/server.c @@ -518,20 +518,22 @@ static void ssh_server_connection_callback(ssh_session session){ goto error; } + /* + * If the client supports extension negotiation, we will send + * our supported extensions now. This is the first message after + * sending NEWKEYS message and after turning on crypto. + */ + if (session->extensions && + session->session_state != SSH_SESSION_STATE_AUTHENTICATED) { + ssh_server_send_extensions(session); + } + set_status(session,1.0f); session->connected = 1; session->session_state=SSH_SESSION_STATE_AUTHENTICATING; if (session->flags & SSH_SESSION_FLAG_AUTHENTICATED) session->session_state = SSH_SESSION_STATE_AUTHENTICATED; - /* - * If the client supports extension negotiation, we will send - * our supported extensions now. This is the first message after - * sending NEWKEYS message and after turning on crypto. - */ - if (session->extensions) { - ssh_server_send_extensions(session); - } } break; case SSH_SESSION_STATE_AUTHENTICATING: