Skip to content

Commit

Permalink
OpenSSH fix
Browse files Browse the repository at this point in the history 
Don't reply to PING in preauth phase or during KEX
Reported by the Qualys Security Advisory team. ok markus@

OpenBSD-Commit-ID: c656ac4abd1504389d1733d85152044b15830217
  • Loading branch information
@laffer1
laffer1 committed Feb 18, 2025
1 parent 96d8238 commit a836a37
Showing 1 changed file with 9 additions and 1 deletion.
10 changes: 9 additions & 1 deletion crypto/openssh/packet.c
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
/* $OpenBSD: packet.c,v 1.313 2023/12/18 14:45:17 djm Exp $ */
/* $OpenBSD: packet.c,v 1.318 2025/02/18 08:02:12 djm Exp $ */
/*
* Author: Tatu Ylonen <[email protected]>
* Copyright (c) 1995 Tatu Ylonen <[email protected]>, Espoo, Finland
Expand Down Expand Up @@ -1774,6 +1774,14 @@ ssh_packet_read_poll_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
if ((r = sshpkt_get_string_direct(ssh, &d, &len)) != 0)
return r;
DBG(debug("Received SSH2_MSG_PING len %zu", len));
if (!ssh->state->after_authentication) {
DBG(debug("Won't reply to PING in preauth"));
break;
}
if (ssh_packet_is_rekeying(ssh)) {
DBG(debug("Won't reply to PING during KEX"));
break;
}
if ((r = sshpkt_start(ssh, SSH2_MSG_PONG)) != 0 ||
(r = sshpkt_put_string(ssh, d, len)) != 0 ||
(r = sshpkt_send(ssh)) != 0)
Expand Down

0 comments on commit a836a37

Please sign in to comment.