IETF-SSH archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: OpenSSH sabotages protocol extension
denis bider <ietf-ssh3%denisbider.com@localhost> writes:
> Yes. It disconnects if there's any extra data after the recognized field in SERVICE_ACCEPT.
>
> What possible purpose does this serve?
>
> What possible purpose at all, other than to sabotage future extension?
FYI, my implementation does the same. To me, the spec is pretty clear
that a SSH_MSG_SERVICE_ACCEPT can't include any extra data (unlike,
e.g., SSH_MSG_REQUEST_SUCCESS, SSH_MSG_CHANNEL_OPEN, and
SSH_MSG_CHANNEL_OPEN_CONFIRMATION).
There's the liberal tradition in protocol implementation to allow random
garbage at the end of messages. This has it's merit in some cases, but
in security protocols I tend to require that the protcol is adhered to
to the last bit.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.
Home |
Main Index |
Thread Index |
Old Index