CVSROOT: /cvs Module name: src Changes by: [email protected] 2026/05/30 22:44:38
Modified files:
usr.bin/ssh : kex.c kex.h packet.c
Log message:
make the transport protocol stricter by disconnecting if the peer
sends non-KEX messages during a key re-exchange.
Previously an evil peer could continue sending non-KEX messages
without penalty, causing memory to be wasted up until the
connection terminated or the server/client hit a OOM limit.
reported by Marko Jevtic; ok markus@
