From e4ee11d4c2258974a871c2e06fdf65f40b8a42eb Mon Sep 17 00:00:00 2001 From: Simon Tatham Date: Tue, 25 Sep 2018 17:12:22 +0100 Subject: [PATCH] Fix accidental termination of wait-for-rekey loop. When I separated out the transport layer into its own source file, I also reworked the logic deciding when to rekey, and apparently that rework introduced a braino in which I compared rekey_reason (which is a pointer) to RK_NONE (which is a value of the enumerated type that lives in the similarly named variable rekey_class). Oops. The result was that after the first rekey, the loop would terminate the next time the transport coroutine got called, because the code just before the loop had zeroed out rekey_class but not rekey_reason. So there'd be a rekey on every keypress, or similar. --- ssh2transport.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ssh2transport.c b/ssh2transport.c index 1dcd4a8c..9a5a970d 100644 --- a/ssh2transport.c +++ b/ssh2transport.c @@ -2392,7 +2392,7 @@ static void ssh2_transport_process_queue(PacketProtocolLayer *ppl) s->rekey_reason)); } } - } while (s->rekey_reason == RK_NONE); + } while (s->rekey_class == RK_NONE); /* Once we exit the above loop, we really are rekeying. */ goto begin_key_exchange;