Page MenuHomePhabricator

The server should not send the SSH_MSG_EXT_INFO message after rekeying
Open, Needs TriagePublic


The RFC 8308 specifies, that the SSH_MSG_EXT_INFO message should be sent after the *first* SSH_MSG_NEWKEYS message, while the current implementation sends it also after the rekey:

o  As the next packet following the server's first SSH_MSG_NEWKEYS.

The same bug is in OpenSSH:

This is not a high-priority since the clients are pretty tolerant, but it would be good to follow the recommendation.