Client newkeys was not always resetting the sequence counter

pmeunier

Jul 22, 2024, 7:02 PM

R5J3MB56IIS5WH5TLUFDNUR4CEGNQFDHCHXKOFXQP2UKZSAWTRGQC

Dependencies

• [2] 32GIIFWR Fixing strict mode
• [3] BRDS7STA Adding method `send_channel_msg` to client::Session, to make it easier to write handlers
• [4] FT67GGO4 Version bump (Pijul and Thrussh)
• [5] 2VTUKRLJ Version
• [6] E2SB74SV Version 0.30.3
• [7] 7Y2ROIVZ Version bump
• [8] 634OYCNM Tokio 0.3
• [9] 662ZS5JF Version 0.33.2
• [10] VYDCQWSF Version 0.30.6
• [11] PDTFLA4Y Version 0.30.7
• [12] CQSPFH4H Version 0.30.4
• [13] 2WEO7OZL Version updates: getting rid of anyhow + moving to Tokio 1.0
• [14] ORSEEVB5 Version bump
• [15] DJT33BQE Version bump
• [16] WXZWQLGL Correct negotiation without OpenSSL
• [17] OQZGSEWM Buffering non-kex packets received after issuing a KEXINIT
• [18] 7FRJYUI6 Reboot because of a bad change
• [19] G3FNNIIU Limiting the amount of messages that can be buffered while rekeying to two channel windows
• [20] 2Q3SZY2C Version bump
• [21] ASD7JVBE Do not read past the size of the buffer (after Tokio 0.3)
• [22] CWHVPLXN Version bump
• [23] D6H7OWTT Fixing the terrapin attack mitigation
• [24] EZTTZ6OW Fixing terrapin, again
• [25] TFYJ3P2A Version 0.30.8/0.19.4, and solving conflicts

Change contents

• edit in thrussh/src/client/mod.rs at line 1154
  [3.370813]

  [3.370813]
  + if session.common.write_buffer.strict {

  + session.common.write_buffer.seqn = std::num::Wrapping(0);

  + }
• replacement in thrussh/Cargo.toml at line 5
  [3.426214]→[2.1372:1391](∅→∅)
  − version = "0.35.4"
  [3.426214]

  [3.426233]
  + version = "0.35.5"