The server should not send the SSH_MSG_EXT_INFO message after rekeying
Open, Needs TriagePublic
Actions

Description

The RFC 8308 specifies, that the SSH_MSG_EXT_INFO message should be sent after the *first* SSH_MSG_NEWKEYS message, while the current implementation sends it also after the rekey:

o  As the next packet following the server's first SSH_MSG_NEWKEYS.

The same bug is in OpenSSH:

https://bugzilla.mindrot.org/show_bug.cgi?id=2929

This is not a high-priority since the clients are pretty tolerant, but it would be good to follow the recommendation.

Related Objects

Mentioned In: rLIBSSHbf2c7128ab67: server: Do not send SSH_MSG_EXT_INFO after rekey
rLIBSSH1d5215a5af2f: server: Do not send SSH_MSG_EXT_INFO after rekey

Event Timeline

Jakuje created this task.Tue, Nov 13, 3:39 PM

asn mentioned this in rLIBSSH1d5215a5af2f: server: Do not send SSH_MSG_EXT_INFO after rekey.Fri, Nov 23, 5:32 PM

asn mentioned this in rLIBSSHbf2c7128ab67: server: Do not send SSH_MSG_EXT_INFO after rekey.

The server should not send the SSH_MSG_EXT_INFO message after rekeyingOpen, Needs TriagePublicActions

Description

Related Objects

Event Timeline

The server should not send the SSH_MSG_EXT_INFO message after rekeying
Open, Needs TriagePublic
Actions