From 15517300d83d01ad643e97a6013bd07631af5067 Mon Sep 17 00:00:00 2001
From: Simon Tatham <anakin@pobox.com>
Date: Wed, 21 Nov 2001 22:06:53 +0000
Subject: [PATCH] Send SSH2_MSG_NEWKEYS _before_ expecting to receive it,
 rather than after. Shouldn't make a difference for any server that previously
 worked, but we should now interoperate sensibly with servers that wait to
 receive our NEWKEYS before sending their own. Apparently Unisphere produce
 one such.

[originally from svn r1390]
---
 ssh.c | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/ssh.c b/ssh.c
index 9b16d83b..7943d071 100644
--- a/ssh.c
+++ b/ssh.c
@@ -3499,15 +3499,6 @@ static int do_ssh2_transport(unsigned char *in, int inlen, int ispkt)
 	crReturn(0);
     }
 
-    /*
-     * Expect SSH2_MSG_NEWKEYS from server.
-     */
-    crWaitUntil(ispkt);
-    if (pktin.type != SSH2_MSG_NEWKEYS) {
-	bombout(("expected new-keys packet from server"));
-	crReturn(0);
-    }
-
     /*
      * Authenticate remote host: verify host key. (We've already
      * checked the signature of the exchange hash.)
@@ -3530,6 +3521,15 @@ static int do_ssh2_transport(unsigned char *in, int inlen, int ispkt)
     ssh2_pkt_init(SSH2_MSG_NEWKEYS);
     ssh2_pkt_send();
 
+    /*
+     * Expect SSH2_MSG_NEWKEYS from server.
+     */
+    crWaitUntil(ispkt);
+    if (pktin.type != SSH2_MSG_NEWKEYS) {
+	bombout(("expected new-keys packet from server"));
+	crReturn(0);
+    }
+
     /*
      * Create and initialise session keys.
      */