kex: Do not negotiate extensions during rekey

The RFC 8308 clearly says, that the additional ext-info-c should be added only to the first SSH_MSG_KEXINIT. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-15 10:22:19 +01:00 · 2018-11-15 10:22:19 +01:00 · 83f2ac4abb
--- a/src/kex.c
+++ b/src/kex.c
@ -742,6 +742,11 @@ int ssh_set_client_kex(ssh_session session)
        }
    }

+    /* For rekeying, skip the extension negotiation */
+    if (session->session_state == SSH_SESSION_STATE_AUTHENTICATED) {
+        return SSH_OK;
+    }
+
    /* Here we append  ext-info-c  to the list of kex algorithms */
    kex = client->methods[SSH_KEX];
    len = strlen(kex);