From: djm@openbsd.org <djm@openbsd.org>
Date: Fri, 13 Nov 2015 04:39:35 +0000 (+0000)
Subject: upstream commit
X-Git-Tag: V_7_2_P1~114
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d87063d9baf5479b6e813d47dfb694a97df6f6f5;p=thirdparty%2Fopenssh-portable.git

upstream commit

send SSH2_MSG_UNIMPLEMENTED replies to unexpected
 messages during KEX; bz#2949, ok dtucker@

Upstream-ID: 2b3abdff344d53c8d505f45c83a7b12e84935786
---

diff --git a/kex.c b/kex.c
index d8793b919..b409f276b 100644
--- a/kex.c
+++ b/kex.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.c,v 1.111 2015/10/13 00:21:27 djm Exp $ */
+/* $OpenBSD: kex.c,v 1.112 2015/11/13 04:39:35 djm Exp $ */
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
  *
@@ -315,7 +315,14 @@ kex_prop_free(char **proposal)
 static int
 kex_protocol_error(int type, u_int32_t seq, void *ctxt)
 {
-	error("Hm, kex protocol error: type %d seq %u", type, seq);
+	struct ssh *ssh = active_state; /* XXX */
+	int r;
+
+	error("kex protocol error: type %d seq %u", type, seq);
+	if ((r = sshpkt_start(ssh, SSH2_MSG_UNIMPLEMENTED)) != 0 ||
+	    (r = sshpkt_put_u32(ssh, seq)) != 0 ||
+	    (r = sshpkt_send(ssh)) != 0)
+		return r;
 	return 0;
 }