OpenSSH sabotages protocol extension

[denis bider <ietf-ssh3%denisbider.com@localhost>]

Well, I'm slightly pissed.

Why does OpenSSL do stupid shit like this?


    type = packet_read();
    if (type != SSH2_MSG_SERVICE_ACCEPT)
        fatal("Server denied authentication request: %d", type);
    if (packet_remaining() > 0) {
        char *reply = packet_get_string(NULL);
        debug2("service_accept: %s", reply);
        free(reply);
    } else {
        debug2("buggy server: service_accept w/o service");
    }
    packet_check_eom();
    debug("SSH2_MSG_SERVICE_ACCEPT received");


Note the genius inclusion of packet_check_eom() after decoding SERVICE_ACCEPT. Guess what this line does?


    #define ssh_packet_check_eom(ssh) \
    do { \
        int _len = ssh_packet_remaining(ssh); \
        if (_len > 0) { \
            logit("Packet integrity error (%d bytes remaining) at %s:%d", \
                _len ,__FILE__, __LINE__); \
            ssh_packet_disconnect(ssh, \
                "Packet integrity error."); \
        } \
    } while (0)

    #define packet_check_eom() \
        ssh_packet_check_eom(active_state)


Yes. It disconnects if there's any extra data after the recognized field in SERVICE_ACCEPT.

What possible purpose does this serve?

What possible purpose at all, other than to sabotage future extension?

Thanks to this, we cannot add a field to SERVICE_ACCEPT so that the server could advertise what signature algorithms it accepts for user authentication.

Thank you, OpenSSH. /s

Again.