Google Git
Sign in
go / crypto / d68c3ecb62c850b645dc072a8d78006286bf81ca
commitd68c3ecb62c850b645dc072a8d78006286bf81ca[log] [tgz]
authorHan-Wen Nienhuys <hanwen@google.com>Wed Apr 06 22:15:54 2016 +0200
committerAdam Langley <agl@golang.org>Tue Apr 12 17:14:56 2016 +0000
tree775dc6f6b97f1c121295d3bca221635866f838cb
parent3fbbcd23f1cb824e69491a5930cfeff09b12f4d2 [diff]
x/crypto/ssh: make sure the initial key exchange happens once.

This is done by running the key exchange and setting the session ID
under mutex. If the first exchange encounters an already set session
ID, then do nothing.

This fixes a race condition:

On setting up the connection, both sides sent a kexInit to initiate
the first (mandatory) key exchange.  If one side was faster, the
faster side might have completed the key exchange, before the slow
side had a chance to send a kexInit.  The slow side would send a
kexInit which would trigger a second key exchange. The resulting
confirmation message (msgNewKeys) would confuse the authentication
loop.

This fix removes sessionID from the transport struct.

This fix also deletes the unused interface rekeyingTransport.

Fixes #15066

Change-Id: I7f303bce5d3214c9bdd58f52d21178a185871d90
Reviewed-on: https://go-review.googlesource.com/21606
Reviewed-by: Adam Langley <agl@golang.org>
Reviewed-by: Han-Wen Nienhuys <hanwen@google.com>
6 files changed
tree: 775dc6f6b97f1c121295d3bca221635866f838cb
  1. bcrypt/
  2. blowfish/
  3. bn256/
  4. cast5/
  5. curve25519/
  6. hkdf/
  7. md4/
  8. nacl/
  9. ocsp/
  10. openpgp/
  11. otr/
  12. pbkdf2/
  13. pkcs12/
  14. poly1305/
  15. ripemd160/
  16. salsa20/
  17. scrypt/
  18. sha3/
  19. ssh/
  20. tea/
  21. twofish/
  22. xtea/
  23. xts/
  24. .gitattributes
  25. .gitignore
  26. AUTHORS
  27. codereview.cfg
  28. CONTRIBUTING.md
  29. CONTRIBUTORS
  30. LICENSE
  31. PATENTS
  32. README