Menu
▾
▴
#32 State management during KEXDH_INIT
Working with some developers, we ran across a problem where SSH is disconnected with a message similar to "expected packet type 30, got 97" when communicating with OpenSSH (4.9 and 5.5) after sending data for days. After some further diagnosing, it looked like the issue was during a server initiated KEX process - at least I never saw it happen during a client initiated KEX. After hacking OpenSSH to generate KEX on demand - it looks like j2ssh is sending "Channel related messages" after sending a KEX_INIT, per RFC, no Channel related messages should not be sent until NEWKEYS message is sent.
The defect looks like it is at the point where the KEX_INIT is send prior to setting the state to "PERFORMINIG_KEYEXCHANGE". Therefore, there is a period of time with a thread sending a Channel related message between the time the KEX_INIT is sent and the state is set. So, I've changed the order where the state is set prior to sending the message. The test code that I've run with the hacked OpenSSH daemon runs with the patch for close to a day w/o issue, whereas w/o the patch experiences the issue normally within 40 minutes.
I've seen some possibly related bugs, but I'm not sure if this will fix those issues.
Reorders state management w/ sending KEX_INIT