Ethereal-dev: Re: [Ethereal-dev] one minor fix for SSH dissector

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Yaniv Kaul <ykaul@xxxxxxxxxxxxxx>
Date: Sat, 25 Jan 2003 02:14:59 +0200
Hi all,

I'm glad someone was finally less lazy than I and came with a dissector to SSH. ;-)

However, what I found confusing, is that it seems that some values could have differernt meanings. From http://www.ietf.org/internet-drafts/draft-ietf-secsh-transport-15.txt, page 22:

   /* Numbers 30-49 used for kex packets.
       Different kex methods may reuse message numbers in
       this range. */

    #define SSH_MSG_KEXDH_INIT             30
    #define SSH_MSG_KEXDH_REPLY            31


How did you solve this? Indeed, in some other drafts, those numbers are re-used! For example, from http://www.ietf.org/internet-drafts/draft-ietf-secsh-gsskeyex-05.txt, page 15:
. Summary of Message Numbers

  The following message numbers have been defined for use with
  GSSAPI-based key exchange methods:

         #define SSH_MSG_KEXGSS_INIT                       30
         #define SSH_MSG_KEXGSS_CONTINUE                   31
         #define SSH_MSG_KEXGSS_COMPLETE                   32
         #define SSH_MSG_KEXGSS_HOSTKEY                    33
         #define SSH_MSG_KEXGSS_ERROR                      34

  The numbers 30-49 are specific to key exchange and may be redefined
  by other kex methods.


Huagang XIE wrote:

Here it is, Now the SSHv2 and SSHv1 is a flag in the flow data structure now.

huagang