From 5e71fae6329a8cfa82ac5d5f9146e947fc92f542 Mon Sep 17 00:00:00 2001
From: Simon Cornish <simon@cali.local>
Date: Mon, 11 May 2015 15:47:06 -0700
Subject: Fix rekeying according to RFC 4253

When in the connected state, an received KEXINIT
message MUST be responded to with KEXINIT. After that,
the client may continue with KEXDH_INIT (or similar).
See the first paragraph on RFC 4253 sec. 9.
---
 lib/ssh/src/ssh_connection_handler.erl | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

(limited to 'lib/ssh/src/ssh_connection_handler.erl')

diff --git a/lib/ssh/src/ssh_connection_handler.erl b/lib/ssh/src/ssh_connection_handler.erl
index 2c7f132916..9b11cadab6 100644
--- a/lib/ssh/src/ssh_connection_handler.erl
+++ b/lib/ssh/src/ssh_connection_handler.erl
@@ -559,11 +559,13 @@ userauth(#ssh_msg_userauth_banner{message = Msg},
 -spec connected({#ssh_msg_kexinit{}, binary()}, %%| %% #ssh_msg_kexdh_init{},
 		 #state{}) -> gen_fsm_state_return().
 %%--------------------------------------------------------------------
-connected({#ssh_msg_kexinit{}, _Payload} = Event, State) ->
-    kexinit(Event, State#state{renegotiate = true}).
-%% ;
-%% connected(#ssh_msg_kexdh_init{} = Event, State) ->
-%%     key_exchange(Event, State#state{renegotiate = true}).
+connected({#ssh_msg_kexinit{}, _Payload} = Event, #state{ssh_params = Ssh0} = State0) ->
+    {KeyInitMsg, SshPacket, Ssh} = ssh_transport:key_exchange_init_msg(Ssh0),
+    State = State0#state{ssh_params = Ssh,
+			 key_exchange_init_msg = KeyInitMsg,
+			 renegotiate = true},
+    send_msg(SshPacket, State),
+    kexinit(Event, State).
 
 %%--------------------------------------------------------------------
 -spec handle_event(#ssh_msg_disconnect{} | #ssh_msg_ignore{} | #ssh_msg_debug{} |
-- 
cgit v1.2.3