From 9af705352d2ca149cc7c2200af82b72b4fdc4d45 Mon Sep 17 00:00:00 2001 From: Simon Tatham Date: Sat, 10 Sep 2022 10:19:03 +0100 Subject: [PATCH] Uppity: clear the right KEXINIT packet at kex startup! Just spotted this in eyeball review: we're about to construct our new outgoing KEXINIT and write it into the strbuf s->outgoing_kexinit. So we should clear that strbuf first. But in fact we were clearing s->client_kexinit, which aliases s->outgoing_kexinit in an SSH client, but in a server, aliases s->incoming_kexinit. This was harmless in PuTTY (since the strbuf we cleared was the right one anyway). And it was harmless in Uppity's initial kex (since the strbuf we _meant_ to clear was empty anyway). But if Uppity had ever initiated a rekey, this would have exploded messily. --- ssh/transport2.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ssh/transport2.c b/ssh/transport2.c index 62ad6ffd..ce6318aa 100644 --- a/ssh/transport2.c +++ b/ssh/transport2.c @@ -1375,7 +1375,7 @@ static void ssh2_transport_process_queue(PacketProtocolLayer *ppl) * Construct our KEXINIT packet, in a strbuf so we can refer to it * later. */ - strbuf_clear(s->client_kexinit); + strbuf_clear(s->outgoing_kexinit); put_byte(s->outgoing_kexinit, SSH2_MSG_KEXINIT); random_read(strbuf_append(s->outgoing_kexinit, 16), 16); ssh2_write_kexinit_lists(