From 3dd0c64e08f1bba21d71996d635c7256c8c139d1 Mon Sep 17 00:00:00 2001
From: "djm@openbsd.org" <djm@openbsd.org>
Date: Sun, 31 Jan 2021 22:55:29 +0000
Subject: upstream: more strictly enforce KEX state-machine by banning packet

types once they are received. Fixes memleak caused by duplicate
SSH2_MSG_KEX_DH_GEX_REQUEST (spotted by portable OpenSSH kex_fuzz via
oss-fuzz #30078).

ok markus@

OpenBSD-Commit-ID: 87331c715c095b587d5c88724694cdeb701c9def
---
 kex.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'kex.c')

diff --git a/kex.c b/kex.c
index b73f14d3d..30425ab8a 100644
--- a/kex.c
+++ b/kex.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.c,v 1.166 2021/01/27 23:49:46 djm Exp $ */
+/* $OpenBSD: kex.c,v 1.167 2021/01/31 22:55:29 djm Exp $ */
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
  *
@@ -405,7 +405,7 @@ kex_prop_free(char **proposal)
 }
 
 /* ARGSUSED */
-static int
+int
 kex_protocol_error(int type, u_int32_t seq, struct ssh *ssh)
 {
 	int r;
-- 
cgit v1.2.3