packet: Allow SSH2_MSG_EXT_INFO when authenticated

When the server requests rekey, it can send the SSH2_MSG_EXT_INFO.  This
message was being filtered out by the packet filtering.  This includes a
test to enforce the filtering rules for this packet type.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>

src/packet.c

@@ -264,13 +264,17 @@ static enum ssh_packet_filter_result_e ssh_packet_incoming_filter(ssh_session se
         /*
          * States required:
          * - session_state == SSH_SESSION_STATE_AUTHENTICATING
+         *   or session->session_state == SSH_SESSION_STATE_AUTHENTICATED
+         *   (re-exchange)
          * - dh_handshake_state == DH_STATE_FINISHED
          *
          * Transitions:
          * - None
          * */
 
-        if (session->session_state != SSH_SESSION_STATE_AUTHENTICATING) {
+        if ((session->session_state != SSH_SESSION_STATE_AUTHENTICATING) &&
+            (session->session_state != SSH_SESSION_STATE_AUTHENTICATED))
+        {
             rc = SSH_PACKET_DENIED;
             break;
         }