ssh2: fix positive mpint value packing in kex #2338
Closed
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Packed positive mpint values must be preceded with zero byte when MSB of
the value is set as per rfc4251. Taking modulo 8 on the number of bytes
in the bignum value can not determine value of MSB. Fix the MSB check to
use modulo 8 on the number of significant bits instead.
On the server side, OpenSSH was unable to unpack these mpint values used
in key exchange as they ended up negative.
Callers of fetch_host_key() are not getting back any errors from these
failures. Consequently, host key scanning would intermittently return
only partial results.