From 27311cc77360e186bdfe9618193d531d0ea4e00d Mon Sep 17 00:00:00 2001
From: ben <ben@cda61777-01e9-0310-a592-d414129be87e>
Date: Tue, 6 Feb 2007 13:57:27 +0000
Subject: [PATCH] When emitting SSH_MSG_IGNORE to protect against known-IV
 attacks on CBC, remember to put an empty string in it rather than sending a
 completely empty packet.  This should help with those servers (notably
 RomSShell) that actually check the contents of SSH_MSG_IGNORE.

git-svn-id: svn://svn.tartarus.org/sgt/putty@7236 cda61777-01e9-0310-a592-d414129be87e
---
 ssh.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/ssh.c b/ssh.c
index 137e4607..d4d3d06a 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1864,6 +1864,7 @@ static void ssh2_pkt_defer_noqueue(Ssh ssh, struct Packet *pkt, int noignore)
 	 * get encrypted with a known IV.
 	 */
 	struct Packet *ipkt = ssh2_pkt_init(SSH2_MSG_IGNORE);
+	ssh2_pkt_addstring_start(ipkt);
 	ssh2_pkt_defer_noqueue(ssh, ipkt, TRUE);
     }
     len = ssh2_pkt_construct(ssh, pkt);
-- 
2.11.0