1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
|
Description: Fix SSHException when re-keying over a fast connection
Origin: https://github.com/dlitz/paramiko/commit/c51b3b208c228fe6482ef00b3572a19683e7bb98
Bug: https://github.com/paramiko/paramiko/issues/49
Bug-Debian: http://bugs.debian.org/659007
Forwarded: not-needed
Author: Salvatore Bonaccorso <carnil@debian.org>
Last-Update: 2012-07-07
--- a/paramiko/packet.py
+++ b/paramiko/packet.py
@@ -57,8 +57,11 @@
# READ the secsh RFC's before raising these values. if anything,
# they should probably be lower.
- REKEY_PACKETS = pow(2, 30)
- REKEY_BYTES = pow(2, 30)
+ REKEY_PACKETS = pow(2, 29)
+ REKEY_BYTES = pow(2, 29)
+
+ REKEY_PACKETS_OVERFLOW_MAX = pow(2,29) # Allow receiving this many packets after a re-key request before terminating
+ REKEY_BYTES_OVERFLOW_MAX = pow(2,29) # Allow receiving this many bytes after a re-key request before terminating
def __init__(self, socket):
self.__socket = socket
@@ -74,6 +77,7 @@
self.__sent_packets = 0
self.__received_bytes = 0
self.__received_packets = 0
+ self.__received_bytes_overflow = 0
self.__received_packets_overflow = 0
# current inbound/outbound ciphering:
@@ -134,6 +138,7 @@
self.__mac_key_in = mac_key
self.__received_bytes = 0
self.__received_packets = 0
+ self.__received_bytes_overflow = 0
self.__received_packets_overflow = 0
# wait until the reset happens in both directions before clearing rekey flag
self.__init_count |= 2
@@ -316,6 +321,7 @@
# only ask once for rekeying
self._log(DEBUG, 'Rekeying (hit %d packets, %d bytes sent)' %
(self.__sent_packets, self.__sent_bytes))
+ self.__received_bytes_overflow = 0
self.__received_packets_overflow = 0
self._trigger_rekey()
finally:
@@ -368,19 +374,23 @@
self.__sequence_number_in = (self.__sequence_number_in + 1) & 0xffffffffL
# check for rekey
- self.__received_bytes += packet_size + self.__mac_size_in + 4
+ raw_packet_size = packet_size + self.__mac_size_in + 4
+ self.__received_bytes += raw_packet_size
self.__received_packets += 1
if self.__need_rekey:
- # we've asked to rekey -- give them 20 packets to comply before
+ # we've asked to rekey -- give them some packets to comply before
# dropping the connection
+ self.__received_bytes_overflow += raw_packet_size
self.__received_packets_overflow += 1
- if self.__received_packets_overflow >= 20:
+ if (self.__received_packets_overflow >= self.REKEY_PACKETS_OVERFLOW_MAX) or \
+ (self.__received_bytes_overflow >= self.REKEY_BYTES_OVERFLOW_MAX):
raise SSHException('Remote transport is ignoring rekey requests')
elif (self.__received_packets >= self.REKEY_PACKETS) or \
(self.__received_bytes >= self.REKEY_BYTES):
# only ask once for rekeying
self._log(DEBUG, 'Rekeying (hit %d packets, %d bytes received)' %
(self.__received_packets, self.__received_bytes))
+ self.__received_bytes_overflow = 0
self.__received_packets_overflow = 0
self._trigger_rekey()
|