Skip to content

Commit 6119528

Browse files
hanwenhanwen
committed
ssh: set rekeying thresholds on construction
The normal handshake kicks off with a waitSession(), which guarantees that we never attempt to send data before the first kex is completed, but ensuring readPacketsLeft > 0 and writePacketsLeft > 0 helps understand that thresholds can never cause spurious rekeying at the start of a connection. Change-Id: If5bcafcda0c7d16fd21f22c664101ac5f5b487d7 Reviewed-on: https://go-review.googlesource.com/38696 Reviewed-by: Adam Langley <[email protected]> Run-TryBot: Adam Langley <[email protected]> TryBot-Result: Gobot Gobot <[email protected]>
1 parent cd11541 commit 6119528

File tree

1 file changed

+23
-12
lines changed

1 file changed

+23
-12
lines changed

ssh/handshake.go

Lines changed: 23 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -107,6 +107,8 @@ func newHandshakeTransport(conn keyingTransport, config *Config, clientVersion,
107107

108108
config: config,
109109
}
110+
t.resetReadThresholds()
111+
t.resetWriteThresholds()
110112

111113
// We always start with a mandatory key exchange.
112114
t.requestKex <- struct{}{}
@@ -237,6 +239,15 @@ func (t *handshakeTransport) requestKeyExchange() {
237239
}
238240
}
239241

242+
func (t *handshakeTransport) resetWriteThresholds() {
243+
t.writePacketsLeft = packetRekeyThreshold
244+
if t.config.RekeyThreshold > 0 {
245+
t.writeBytesLeft = int64(t.config.RekeyThreshold)
246+
} else if t.algorithms != nil {
247+
t.writeBytesLeft = t.algorithms.w.rekeyBytes()
248+
}
249+
}
250+
240251
func (t *handshakeTransport) kexLoop() {
241252

242253
write:
@@ -285,12 +296,8 @@ write:
285296
t.writeError = err
286297
t.sentInitPacket = nil
287298
t.sentInitMsg = nil
288-
t.writePacketsLeft = packetRekeyThreshold
289-
if t.config.RekeyThreshold > 0 {
290-
t.writeBytesLeft = int64(t.config.RekeyThreshold)
291-
} else if t.algorithms != nil {
292-
t.writeBytesLeft = t.algorithms.w.rekeyBytes()
293-
}
299+
300+
t.resetWriteThresholds()
294301

295302
// we have completed the key exchange. Since the
296303
// reader is still blocked, it is safe to clear out
@@ -344,6 +351,15 @@ write:
344351
// key exchange itself.
345352
const packetRekeyThreshold = (1 << 31)
346353

354+
func (t *handshakeTransport) resetReadThresholds() {
355+
t.readPacketsLeft = packetRekeyThreshold
356+
if t.config.RekeyThreshold > 0 {
357+
t.readBytesLeft = int64(t.config.RekeyThreshold)
358+
} else {
359+
t.readBytesLeft = t.algorithms.r.rekeyBytes()
360+
}
361+
}
362+
347363
func (t *handshakeTransport) readOnePacket(first bool) ([]byte, error) {
348364
p, err := t.conn.readPacket()
349365
if err != nil {
@@ -391,12 +407,7 @@ func (t *handshakeTransport) readOnePacket(first bool) ([]byte, error) {
391407
return nil, err
392408
}
393409

394-
t.readPacketsLeft = packetRekeyThreshold
395-
if t.config.RekeyThreshold > 0 {
396-
t.readBytesLeft = int64(t.config.RekeyThreshold)
397-
} else {
398-
t.readBytesLeft = t.algorithms.r.rekeyBytes()
399-
}
410+
t.resetReadThresholds()
400411

401412
// By default, a key exchange is hidden from higher layers by
402413
// translating it into msgIgnore.

0 commit comments

Comments
 (0)