[openssh-commits] [openssh] 04/19: upstream: Revert previous two commits

git+noreply at mindrot.org git+noreply at mindrot.org
Tue Jul 10 19:46:44 AEST 2018


This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 168b46f405d6736960ba7930389eecb9b6710b7e
Author: sf at openbsd.org <sf at openbsd.org>
Date:   Mon Jul 9 13:37:10 2018 +0000

    upstream: Revert previous two commits
    
    It turns out we still support pre-auth compression on the client.
    Therefore revert the previous two commits:
    
    date: 2018/07/06 09:06:14;  author: sf;  commitid: yZVYKIRtUZWD9CmE;
     Rename COMP_DELAYED to COMP_ZLIB
    
     Only delayed compression is supported nowadays.
    
     ok markus@
    
    date: 2018/07/06 09:05:01;  author: sf;  commitid: rEGuT5UgI9f6kddP;
     Remove leftovers from pre-authentication compression
    
     Support for this has been removed in 2016.
     COMP_DELAYED will be renamed in a later commit.
    
     ok markus@
    
    OpenBSD-Commit-ID: cdfef526357e4e1483c86cf599491b2dafb77772
---
 kex.c          |  4 +++-
 kex.h          |  3 ++-
 monitor_wrap.c |  4 +++-
 packet.c       | 11 ++++++-----
 servconf.c     |  8 ++++----
 sshconnect2.c  |  4 ++--
 6 files changed, 20 insertions(+), 14 deletions(-)

diff --git a/kex.c b/kex.c
index b111c4a5..25f9f66f 100644
--- a/kex.c
+++ b/kex.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.c,v 1.140 2018/07/06 09:06:14 sf Exp $ */
+/* $OpenBSD: kex.c,v 1.141 2018/07/09 13:37:10 sf Exp $ */
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
  *
@@ -741,6 +741,8 @@ choose_comp(struct sshcomp *comp, char *client, char *server)
 	if (name == NULL)
 		return SSH_ERR_NO_COMPRESS_ALG_MATCH;
 	if (strcmp(name, "zlib at openssh.com") == 0) {
+		comp->type = COMP_DELAYED;
+	} else if (strcmp(name, "zlib") == 0) {
 		comp->type = COMP_ZLIB;
 	} else if (strcmp(name, "none") == 0) {
 		comp->type = COMP_NONE;
diff --git a/kex.h b/kex.h
index b57f985e..e3816047 100644
--- a/kex.h
+++ b/kex.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.h,v 1.87 2018/07/06 09:06:14 sf Exp $ */
+/* $OpenBSD: kex.h,v 1.88 2018/07/09 13:37:10 sf Exp $ */
 
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
@@ -65,6 +65,7 @@
 
 #define COMP_NONE	0
 #define COMP_ZLIB	1
+#define COMP_DELAYED	2
 
 #define CURVE25519_SIZE 32
 
diff --git a/monitor_wrap.c b/monitor_wrap.c
index e280fd2a..012ab01a 100644
--- a/monitor_wrap.c
+++ b/monitor_wrap.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor_wrap.c,v 1.100 2018/07/06 09:05:01 sf Exp $ */
+/* $OpenBSD: monitor_wrap.c,v 1.101 2018/07/09 13:37:10 sf Exp $ */
 /*
  * Copyright 2002 Niels Provos <provos at citi.umich.edu>
  * Copyright 2002 Markus Friedl <markus at openbsd.org>
@@ -84,6 +84,8 @@
 #include "ssherr.h"
 
 /* Imports */
+extern z_stream incoming_stream;
+extern z_stream outgoing_stream;
 extern struct monitor *pmonitor;
 extern Buffer loginmsg;
 extern ServerOptions options;
diff --git a/packet.c b/packet.c
index 2e87e520..4d91792e 100644
--- a/packet.c
+++ b/packet.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.c,v 1.274 2018/07/06 09:06:14 sf Exp $ */
+/* $OpenBSD: packet.c,v 1.275 2018/07/09 13:37:10 sf Exp $ */
 /*
  * Author: Tatu Ylonen <ylo at cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -879,8 +879,9 @@ ssh_set_newkeys(struct ssh *ssh, int mode)
 	/* explicit_bzero(enc->iv,  enc->block_size);
 	   explicit_bzero(enc->key, enc->key_len);
 	   explicit_bzero(mac->key, mac->key_len); */
-	if (comp->type == COMP_ZLIB && state->after_authentication
-	    && comp->enabled == 0) {
+	if ((comp->type == COMP_ZLIB ||
+	    (comp->type == COMP_DELAYED &&
+	     state->after_authentication)) && comp->enabled == 0) {
 		if ((r = ssh_packet_init_compression(ssh)) < 0)
 			return r;
 		if (mode == MODE_OUT) {
@@ -970,7 +971,7 @@ ssh_packet_enable_delayed_compress(struct ssh *ssh)
 
 	/*
 	 * Remember that we are past the authentication step, so rekeying
-	 * with COMP_ZLIB will turn on compression immediately.
+	 * with COMP_DELAYED will turn on compression immediately.
 	 */
 	state->after_authentication = 1;
 	for (mode = 0; mode < MODE_MAX; mode++) {
@@ -978,7 +979,7 @@ ssh_packet_enable_delayed_compress(struct ssh *ssh)
 		if (state->newkeys[mode] == NULL)
 			continue;
 		comp = &state->newkeys[mode]->comp;
-		if (comp && !comp->enabled && comp->type == COMP_ZLIB) {
+		if (comp && !comp->enabled && comp->type == COMP_DELAYED) {
 			if ((r = ssh_packet_init_compression(ssh)) != 0)
 				return r;
 			if (mode == MODE_OUT) {
diff --git a/servconf.c b/servconf.c
index f5272b0f..97c268e3 100644
--- a/servconf.c
+++ b/servconf.c
@@ -1,5 +1,5 @@
 
-/* $OpenBSD: servconf.c,v 1.336 2018/07/06 09:06:14 sf Exp $ */
+/* $OpenBSD: servconf.c,v 1.337 2018/07/09 13:37:10 sf Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -349,7 +349,7 @@ fill_default_server_options(ServerOptions *options)
 		options->permit_user_env_whitelist = NULL;
 	}
 	if (options->compression == -1)
-		options->compression = COMP_ZLIB;
+		options->compression = COMP_DELAYED;
 	if (options->rekey_limit == -1)
 		options->rekey_limit = 0;
 	if (options->rekey_interval == -1)
@@ -1170,8 +1170,8 @@ static const struct multistate multistate_permitrootlogin[] = {
 	{ NULL, -1 }
 };
 static const struct multistate multistate_compression[] = {
-	{ "yes",			COMP_ZLIB },
-	{ "delayed",			COMP_ZLIB },
+	{ "yes",			COMP_DELAYED },
+	{ "delayed",			COMP_DELAYED },
 	{ "no",				COMP_NONE },
 	{ NULL, -1 }
 };
diff --git a/sshconnect2.c b/sshconnect2.c
index 183484e0..4bc0a703 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect2.c,v 1.276 2018/07/06 09:05:01 sf Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.277 2018/07/09 13:37:10 sf Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  * Copyright (c) 2008 Damien Miller.  All rights reserved.
@@ -174,7 +174,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
 	    compat_cipher_proposal(options.ciphers);
 	myproposal[PROPOSAL_COMP_ALGS_CTOS] =
 	    myproposal[PROPOSAL_COMP_ALGS_STOC] = options.compression ?
-	    "zlib at openssh.com,none" : "none,zlib at openssh.com";
+	    "zlib at openssh.com,zlib,none" : "none,zlib at openssh.com,zlib";
 	myproposal[PROPOSAL_MAC_ALGS_CTOS] =
 	    myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs;
 	if (options.hostkeyalgorithms != NULL) {

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.


More information about the openssh-commits mailing list