lgoldstein commented on code in PR #446: URL: https://github.com/apache/mina-sshd/pull/446#discussion_r1435260568
########## sshd-core/src/main/java/org/apache/sshd/common/session/helpers/AbstractSession.java: ########## @@ -1741,6 +1979,143 @@ protected byte[] sendKexInit(Map<KexProposalOption, String> proposal) throws Exc return data; } + protected String adjustOutgoingKexProposalOption( + KexProposalOption option, String value, boolean debugEnabled) { + if (GenericUtils.isBlank(value)) { + return value; // can happen for language (e.g.) + } + + if (option != KexProposalOption.ALGORITHMS) { + return value; + } + + if (!CoreModuleProperties.USE_STRICT_KEX.getRequired(this)) { + return value; + } + + /* + * According to https://github.com/openssh/openssh-portable/blob/master/PROTOCOL - section 1.9 + * + * These pseudo-algorithms are only valid in the initial SSH2_MSG_KEXINIT and + * MUST be ignored if they are present in subsequent SSH2_MSG_KEXINIT packets. + * + * Therefore, if this is not the 1st outgoing packet don't bother appending + */ + long outgoingCount = totalOutgingPacketsCount.get(); + if (outgoingCount > 0L) { + if (debugEnabled) { + log.debug("adjustKexOutgoingProposalOption({})[{}] not first outgoing packet ({}) for proposal={}", + this, option, outgoingCount, value); + } + return value; + } + + /* + * According to https://github.com/openssh/openssh-portable/blob/master/PROTOCOL - section 1.9 + * + * The client may append "kex-strict-c-...@openssh.com" to its kex_algorithms + * and the server may append "kex-strict-s-...@openssh.com" + * + */ + String proposal = isServerSession() + ? KexExtensions.STRICT_KEX_SERVER_EXTENSION + : KexExtensions.STRICT_KEX_CLIENT_EXTENSION; + String adjusted = value + "," + proposal; + if (debugEnabled) { + log.debug("adjustOutgoingKexProposalOption({})[{}] adjusted={}", this, option, adjusted); + } + + return adjusted; + } + + protected String preProcessIncomingKexProposalOption( + KexProposalOption option, String value, boolean debugEnabled) { + if (GenericUtils.isBlank(value)) { + return value; // can happen for language (e.g.) + } + + if (option != KexProposalOption.ALGORITHMS) { + return value; + } + + if (!CoreModuleProperties.USE_STRICT_KEX.getRequired(this)) { + return value; + } + + String peerValue = isServerSession() + ? KexExtensions.STRICT_KEX_CLIENT_EXTENSION + : KexExtensions.STRICT_KEX_SERVER_EXTENSION; + if (!value.contains(peerValue)) { + return value; + } + + // Just a bit of paranoia... Review Comment: I'll consider it, but I am inclined not to do it. The code is complex already - if we start second guessing our own piece of code then we will have code that checks its own validity to death. Why stop there ? Why not remove proposals that it knows it could not have possibly made ? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For additional commands, e-mail: dev-h...@mina.apache.org