When emitting SSH_MSG_IGNORE to protect against known-IV attacks on CBC,

remember to put an empty string in it rather than sending a completely
empty packet.  This should help with those servers (notably RomSShell)
that actually check the contents of SSH_MSG_IGNORE.

git-svn-id: svn://svn.tartarus.org/sgt/putty@7236 cda61777-01e9-0310-a592-d414129be87e

diff --git a/ssh.c b/ssh.c
index 137e460..d4d3d06 100644 (file)
--- a/ssh.c
+++ b/ssh.c
@@ -1864,6 +1864,7 @@ static void ssh2_pkt_defer_noqueue(Ssh ssh, struct Packet *pkt, int noignore)
         * get encrypted with a known IV.
         */
        struct Packet *ipkt = ssh2_pkt_init(SSH2_MSG_IGNORE);
+       ssh2_pkt_addstring_start(ipkt);
        ssh2_pkt_defer_noqueue(ssh, ipkt, TRUE);
     }
     len = ssh2_pkt_construct(ssh, pkt);