-
-
Notifications
You must be signed in to change notification settings - Fork 939
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Implement OpenSSH strict key exchange extension #1366
Conversation
is only valid in the initial SSH2_MSG_KEXINIT and MUST be ignored if they are present in subsequent SSH2_MSG_KEXINIT packets.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It looks good so far. I know that the integration tests are testing this in the positive case (i.e. they are using strict KEX), but it would make sense to add some tests in the negative cases assuming a bad actor, e.g.
- When we have strict KEX established, and we receive SSH_MSG_IGNORE (or other) during the key exchange. We should check that the connection fails.
- Conversely, when we don't have strict KEX established, we should not fail when receiving SSH_MSG_IGNORE (or other) during the key exchange
- When we have strict KEX established, and the peer does not reset the sequence number. We should check that the connection fails.
- Maybe some other cases?
test/Renci.SshNet.Tests/Classes/SessionTest_ConnectedBase.cs is probably a good starting point for simulating connections (either deriving from that or copying stuff out)
Strictly disable non-kex massages in strict kex mode.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for all the tests. I will run this in production for a week or two
...hNet.Tests/Classes/SessionTest_Connecting_ServerSendsDebugMessageAfterKexInit_NoStrictKex.cs
Outdated
Show resolved
Hide resolved
...nci.SshNet.Tests/Classes/SessionTest_Connecting_ServerSendsMaxIgnoreMessagesBeforeKexInit.cs
Outdated
Show resolved
Hide resolved
…s about to wrap during init kex.
Thanks |
The PR implements the algorithm described in section 1.10 of https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.
All integration tests passed, especially
*-etm@openssh.com
HMAC variants.Resolves #1285
Terrapin Scanner report without this PR:
Terrapin Scanner report with this PR: