diff options
| author | Han-Wen Nienhuys <hanwen@google.com> | 2016-04-06 22:15:54 +0200 |
|---|---|---|
| committer | Adam Langley <agl@golang.org> | 2016-04-12 17:14:56 +0000 |
| commit | d68c3ecb62c850b645dc072a8d78006286bf81ca (patch) | |
| tree | 775dc6f6b97f1c121295d3bca221635866f838cb /ssh/server.go | |
| parent | 3fbbcd23f1cb824e69491a5930cfeff09b12f4d2 (diff) | |
| download | go-x-crypto-d68c3ecb62c850b645dc072a8d78006286bf81ca.tar.xz | |
x/crypto/ssh: make sure the initial key exchange happens once.
This is done by running the key exchange and setting the session ID
under mutex. If the first exchange encounters an already set session
ID, then do nothing.
This fixes a race condition:
On setting up the connection, both sides sent a kexInit to initiate
the first (mandatory) key exchange. If one side was faster, the
faster side might have completed the key exchange, before the slow
side had a chance to send a kexInit. The slow side would send a
kexInit which would trigger a second key exchange. The resulting
confirmation message (msgNewKeys) would confuse the authentication
loop.
This fix removes sessionID from the transport struct.
This fix also deletes the unused interface rekeyingTransport.
Fixes #15066
Change-Id: I7f303bce5d3214c9bdd58f52d21178a185871d90
Reviewed-on: https://go-review.googlesource.com/21606
Reviewed-by: Adam Langley <agl@golang.org>
Reviewed-by: Han-Wen Nienhuys <hanwen@google.com>
Diffstat (limited to 'ssh/server.go')
| -rw-r--r-- | ssh/server.go | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/ssh/server.go b/ssh/server.go index 4781eb7..d530501 100644 --- a/ssh/server.go +++ b/ssh/server.go @@ -188,7 +188,7 @@ func (s *connection) serverHandshake(config *ServerConfig) (*Permissions, error) tr := newTransport(s.sshConn.conn, config.Rand, false /* not client */) s.transport = newServerTransport(tr, s.clientVersion, s.serverVersion, config) - if err := s.transport.requestKeyChange(); err != nil { + if err := s.transport.requestInitialKeyChange(); err != nil { return nil, err } |