Re: Invalid channel numbers

[Markus Friedl <markus%openbsd.org@localhost>]

On Mon, Aug 02, 2004 at 03:44:18PM +0100, Simon Tatham wrote:
> Peter Gutmann <pgut001%cs.auckland.ac.nz@localhost> wrote:
> > Yeah, I guess that would do.  The reason why I'd prefer not to close the
> > connection outright is that there might he half a dozen data transfers
> > currently in progress, and I'd prefer not to abort them all just because of
> > one malformed packet on an unrelated channel.
> 
> The question is, though, why would you _get_ such a malformed
> packet? The SSH data channel is required to be free of corruption
> and data loss (and the MACs enforce this vigorously), so it's not as
> if half of an SSH message is going to routinely disappear en route.
> The only way it can happen is as a result of a pretty fundamental
> bug in the SSH implementation at the far end.
> 
> Therefore, it isn't unreasonable to assume that an SSH
> implementation which has sent you a packet that badly formed is in a
> state of total internal confusion, and to terminate the connection
> before it sends you any more plausible rubbish that you might
> accidentally trust!

i can only agree with you, and this is why i'd prefer
SSH_DISCONNECT_PROTOCOL_ERROR.