[openssh-commits] CVS: fuyu.mindrot.org: openssh

Darren Tucker dtucker at fuyu.mindrot.org
Wed Jun 11 09:34:01 EST 2008


CVSROOT:        /var/cvs
Module name:    openssh
Changes by:     dtucker at fuyu.mindrot.org 08/06/11 09:34:01

Modified files:
    .               : ChangeLog PROTOCOL serverloop.c ssh.c

Log message:
   - djm at cvs.openbsd.org 2008/06/10 22:15:23
     [PROTOCOL ssh.c serverloop.c]
     Add a no-more-sessions at openssh.com global request extension that the
     client sends when it knows that it will never request another session
     (i.e. when session multiplexing is disabled). This allows a server to
     disallow further session requests and terminate the session.
     Why would a non-multiplexing client ever issue additional session
     requests? It could have been attacked with something like SSH'jack:
     http://www.storm.net.nz/projects/7
     feedback & ok markus

Diff commands:
cvs -nQq rdiff -u -r1.4961 -r1.4962 openssh/ChangeLog
cvs -nQq rdiff -u -r1.4 -r1.5 openssh/PROTOCOL
cvs -nQq rdiff -u -r1.157 -r1.158 openssh/serverloop.c
cvs -nQq rdiff -u -r1.305 -r1.306 openssh/ssh.c

CVSWeb:
http://cvsweb.mindrot.org/index.cgi/openssh/ChangeLog?r1=1.4961;r2=1.4962
http://cvsweb.mindrot.org/index.cgi/openssh/PROTOCOL?r1=1.4;r2=1.5
http://cvsweb.mindrot.org/index.cgi/openssh/serverloop.c?r1=1.157;r2=1.158
http://cvsweb.mindrot.org/index.cgi/openssh/ssh.c?r1=1.305;r2=1.306

Please note that there may be a delay before commits are available
on the public CVSWeb site.


More information about the openssh-commits mailing list