PuTTY semi-bug kexinit-unimplemented

PuTTY semi-bug kexinit-unimplemented

This is a mirror. The primary PuTTY web site can be found here.

Home | Licence | FAQ | Docs | Download | Keys | Links
Mirrors | Updates | Feedback | Changes | Wishlist | Team

summary: SSH_MSG_UNIMPLEMENTED in response to SSH_MSG_KEXINIT is ignored
class: semi-bug: This might or might not be a bug, depending on your precise definition of what a bug is.
difficulty: tricky: Needs many tuits.
priority: medium: This should be fixed one day.
present-in: 2005-01-11

---------------------------------------------------[Tue Jan 11 15:08:58 2005]--
From: Not ordinarily borrowable.  (bjh:1)
To: anakin:8

Curious:  If I use PuTTY to connect to wraith.csi.cam.ac.uk, and request key
re-exchange before typing the user name, the packet log shows PuTTY getting an
SSH2_MSG_UNIMPLEMENTED, but PuTTY doesn't bombout(("expected key exchange
packet from server")) as I'd expect.  Of course, it also doesn't give up on the
key exchange, which it perhaps should.

---------------------------------------------------[Tue Jan 11 15:13:37 2005]--
From: `Wombling *freely*', dammit!  (anakin:8)
To: bjh:1

> Curious:  If I use PuTTY to connect to wraith.csi.cam.ac.uk, and request key
> re-exchange before typing the user name, the packet log shows PuTTY getting a
> SSH2_MSG_UNIMPLEMENTED, but PuTTY doesn't bombout(("expected key exchange
> packet from server")) as I'd expect.

Well, UNIMPLEMENTED won't be going to do_ssh2_transport(), because it's not in
the transport layer range of message numbers [20,50). So I suppose it'd go to
do_ssh2_authconn().

My guess is that it's being swallowed in the crWaitUntilV(!pktin) at line 6076,
which I suppose ought to be fixed somehow.

Responding to the UNIMPLEMENTED by abandoning that particular key exchange
sounds above the call of duty to me, I have to say, when the fault is obviously
OpenSSH's.

---------------------------------------------------[Tue Jan 11 15:25:54 2005]--
From: Not ordinarily borrowable.  (bjh:1)
To: anakin:8

> Well, UNIMPLEMENTED won't be going to do_ssh2_transport(), because it's not i
> the transport layer range of message numbers [20,50). So I suppose it'd go to
> do_ssh2_authconn().

Ah.  That would explain my confusion.

> Responding to the UNIMPLEMENTED by abandoning that particular key exchange
> sounds above the call of duty to me, I have to say, when the fault is obvious
> OpenSSH's.

I suppose so.  It's not as if we're likely to do an automatic re-exchange
before authentication is complete, so exiting with an error at that stage would
be reasonable.  I'll add a wishlist item, since that code scares me.

Audit trail for this semi-bug.

If you want to comment on this web site, see the Feedback page.
(last revision of this bug record was at 2005-01-12 19:23:42 +0000)