[openssh-commits] [openssh] 04/19: upstream: Revert previous two commits
git+noreply at mindrot.org
git+noreply at mindrot.org
Tue Jul 10 19:46:44 AEST 2018
This is an automated email from the git hooks/post-receive script.
djm pushed a commit to branch master
in repository openssh.
commit 168b46f405d6736960ba7930389eecb9b6710b7e
Author: sf at openbsd.org <sf at openbsd.org>
Date: Mon Jul 9 13:37:10 2018 +0000
upstream: Revert previous two commits
It turns out we still support pre-auth compression on the client.
Therefore revert the previous two commits:
date: 2018/07/06 09:06:14; author: sf; commitid: yZVYKIRtUZWD9CmE;
Rename COMP_DELAYED to COMP_ZLIB
Only delayed compression is supported nowadays.
ok markus@
date: 2018/07/06 09:05:01; author: sf; commitid: rEGuT5UgI9f6kddP;
Remove leftovers from pre-authentication compression
Support for this has been removed in 2016.
COMP_DELAYED will be renamed in a later commit.
ok markus@
OpenBSD-Commit-ID: cdfef526357e4e1483c86cf599491b2dafb77772
---
kex.c | 4 +++-
kex.h | 3 ++-
monitor_wrap.c | 4 +++-
packet.c | 11 ++++++-----
servconf.c | 8 ++++----
sshconnect2.c | 4 ++--
6 files changed, 20 insertions(+), 14 deletions(-)
diff --git a/kex.c b/kex.c
index b111c4a5..25f9f66f 100644
--- a/kex.c
+++ b/kex.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.c,v 1.140 2018/07/06 09:06:14 sf Exp $ */
+/* $OpenBSD: kex.c,v 1.141 2018/07/09 13:37:10 sf Exp $ */
/*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
*
@@ -741,6 +741,8 @@ choose_comp(struct sshcomp *comp, char *client, char *server)
if (name == NULL)
return SSH_ERR_NO_COMPRESS_ALG_MATCH;
if (strcmp(name, "zlib at openssh.com") == 0) {
+ comp->type = COMP_DELAYED;
+ } else if (strcmp(name, "zlib") == 0) {
comp->type = COMP_ZLIB;
} else if (strcmp(name, "none") == 0) {
comp->type = COMP_NONE;
diff --git a/kex.h b/kex.h
index b57f985e..e3816047 100644
--- a/kex.h
+++ b/kex.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.h,v 1.87 2018/07/06 09:06:14 sf Exp $ */
+/* $OpenBSD: kex.h,v 1.88 2018/07/09 13:37:10 sf Exp $ */
/*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
@@ -65,6 +65,7 @@
#define COMP_NONE 0
#define COMP_ZLIB 1
+#define COMP_DELAYED 2
#define CURVE25519_SIZE 32
diff --git a/monitor_wrap.c b/monitor_wrap.c
index e280fd2a..012ab01a 100644
--- a/monitor_wrap.c
+++ b/monitor_wrap.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor_wrap.c,v 1.100 2018/07/06 09:05:01 sf Exp $ */
+/* $OpenBSD: monitor_wrap.c,v 1.101 2018/07/09 13:37:10 sf Exp $ */
/*
* Copyright 2002 Niels Provos <provos at citi.umich.edu>
* Copyright 2002 Markus Friedl <markus at openbsd.org>
@@ -84,6 +84,8 @@
#include "ssherr.h"
/* Imports */
+extern z_stream incoming_stream;
+extern z_stream outgoing_stream;
extern struct monitor *pmonitor;
extern Buffer loginmsg;
extern ServerOptions options;
diff --git a/packet.c b/packet.c
index 2e87e520..4d91792e 100644
--- a/packet.c
+++ b/packet.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.c,v 1.274 2018/07/06 09:06:14 sf Exp $ */
+/* $OpenBSD: packet.c,v 1.275 2018/07/09 13:37:10 sf Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -879,8 +879,9 @@ ssh_set_newkeys(struct ssh *ssh, int mode)
/* explicit_bzero(enc->iv, enc->block_size);
explicit_bzero(enc->key, enc->key_len);
explicit_bzero(mac->key, mac->key_len); */
- if (comp->type == COMP_ZLIB && state->after_authentication
- && comp->enabled == 0) {
+ if ((comp->type == COMP_ZLIB ||
+ (comp->type == COMP_DELAYED &&
+ state->after_authentication)) && comp->enabled == 0) {
if ((r = ssh_packet_init_compression(ssh)) < 0)
return r;
if (mode == MODE_OUT) {
@@ -970,7 +971,7 @@ ssh_packet_enable_delayed_compress(struct ssh *ssh)
/*
* Remember that we are past the authentication step, so rekeying
- * with COMP_ZLIB will turn on compression immediately.
+ * with COMP_DELAYED will turn on compression immediately.
*/
state->after_authentication = 1;
for (mode = 0; mode < MODE_MAX; mode++) {
@@ -978,7 +979,7 @@ ssh_packet_enable_delayed_compress(struct ssh *ssh)
if (state->newkeys[mode] == NULL)
continue;
comp = &state->newkeys[mode]->comp;
- if (comp && !comp->enabled && comp->type == COMP_ZLIB) {
+ if (comp && !comp->enabled && comp->type == COMP_DELAYED) {
if ((r = ssh_packet_init_compression(ssh)) != 0)
return r;
if (mode == MODE_OUT) {
diff --git a/servconf.c b/servconf.c
index f5272b0f..97c268e3 100644
--- a/servconf.c
+++ b/servconf.c
@@ -1,5 +1,5 @@
-/* $OpenBSD: servconf.c,v 1.336 2018/07/06 09:06:14 sf Exp $ */
+/* $OpenBSD: servconf.c,v 1.337 2018/07/09 13:37:10 sf Exp $ */
/*
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
* All rights reserved
@@ -349,7 +349,7 @@ fill_default_server_options(ServerOptions *options)
options->permit_user_env_whitelist = NULL;
}
if (options->compression == -1)
- options->compression = COMP_ZLIB;
+ options->compression = COMP_DELAYED;
if (options->rekey_limit == -1)
options->rekey_limit = 0;
if (options->rekey_interval == -1)
@@ -1170,8 +1170,8 @@ static const struct multistate multistate_permitrootlogin[] = {
{ NULL, -1 }
};
static const struct multistate multistate_compression[] = {
- { "yes", COMP_ZLIB },
- { "delayed", COMP_ZLIB },
+ { "yes", COMP_DELAYED },
+ { "delayed", COMP_DELAYED },
{ "no", COMP_NONE },
{ NULL, -1 }
};
diff --git a/sshconnect2.c b/sshconnect2.c
index 183484e0..4bc0a703 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect2.c,v 1.276 2018/07/06 09:05:01 sf Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.277 2018/07/09 13:37:10 sf Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
* Copyright (c) 2008 Damien Miller. All rights reserved.
@@ -174,7 +174,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
compat_cipher_proposal(options.ciphers);
myproposal[PROPOSAL_COMP_ALGS_CTOS] =
myproposal[PROPOSAL_COMP_ALGS_STOC] = options.compression ?
- "zlib at openssh.com,none" : "none,zlib at openssh.com";
+ "zlib at openssh.com,zlib,none" : "none,zlib at openssh.com,zlib";
myproposal[PROPOSAL_MAC_ALGS_CTOS] =
myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs;
if (options.hostkeyalgorithms != NULL) {
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list