[openssh-commits] [openssh] 01/04: upstream: Use the operating system default DSCP marking for

git+noreply at mindrot.org git+noreply at mindrot.org
Thu Aug 7 09:47:21 AEST 2025 

This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 2a31009c36eb2da412c2784fe131fcb6ba800978
Author: job at openbsd.org <job at openbsd.org>
AuthorDate: Tue Aug 5 09:08:16 2025 +0000

    upstream: Use the operating system default DSCP marking for
    
    non-interactive traffic
    
    It seems the CS1 traffic class mark is considered ambiguous and therefore
    somewhat unhelpful (see RFC 8622 for more considerations). But, the new
    'LE' scavenger class (also proposed in RFC 8622) offers high probability
    of excessive delays & high packet loss, which would be inappropriate
    for use with, for example, X11 forwardings. In fact, it is not known to
    SSH what's appropriate because SSH is not aware of the content of what
    passing through session forwardings. Therefore, no marking is appropriate.
    Non-interactive traffic simply is best effort.
    
    OK djm@ deraadt@
    
    OpenBSD-Commit-ID: db1da1a432ecd53fc28feb84287aedb6bec80b01
---
 readconf.c    | 4 ++--
 servconf.c    | 4 ++--
 ssh_config.5  | 8 ++++----
 sshd_config.5 | 8 ++++----
 4 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/readconf.c b/readconf.c
index 02452edbf..781e5b004 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.403 2025/07/31 11:23:39 job Exp $ */
+/* $OpenBSD: readconf.c,v 1.404 2025/08/05 09:08:16 job Exp $ */
 /*
  * Author: Tatu Ylonen <ylo at cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -2961,7 +2961,7 @@ fill_default_options(Options * options)
 	if (options->ip_qos_interactive == -1)
 		options->ip_qos_interactive = IPTOS_DSCP_EF;
 	if (options->ip_qos_bulk == -1)
-		options->ip_qos_bulk = IPTOS_DSCP_CS1;
+		options->ip_qos_bulk = IPTOS_DSCP_CS0;
 	if (options->request_tty == -1)
 		options->request_tty = REQUEST_TTY_AUTO;
 	if (options->session_type == -1)
diff --git a/servconf.c b/servconf.c
index 2bd9d1191..92f924e60 100644
--- a/servconf.c
+++ b/servconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: servconf.c,v 1.429 2025/07/31 11:23:39 job Exp $ */
+/* $OpenBSD: servconf.c,v 1.430 2025/08/05 09:08:16 job Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -474,7 +474,7 @@ fill_default_server_options(ServerOptions *options)
 	if (options->ip_qos_interactive == -1)
 		options->ip_qos_interactive = IPTOS_DSCP_EF;
 	if (options->ip_qos_bulk == -1)
-		options->ip_qos_bulk = IPTOS_DSCP_CS1;
+		options->ip_qos_bulk = IPTOS_DSCP_CS0;
 	if (options->version_addendum == NULL)
 		options->version_addendum = xstrdup("");
 	if (options->fwd_opts.streamlocal_bind_mask == (mode_t)-1)
diff --git a/ssh_config.5 b/ssh_config.5
index 390bc44ab..f1673e014 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh_config.5,v 1.416 2025/07/31 11:23:39 job Exp $
-.Dd $Mdocdate: July 31 2025 $
+.\" $OpenBSD: ssh_config.5,v 1.417 2025/08/05 09:08:16 job Exp $
+.Dd $Mdocdate: August 5 2025 $
 .Dt SSH_CONFIG 5
 .Os
 .Sh NAME
@@ -1279,8 +1279,8 @@ The default is
 .Cm ef
 (Expedited Forwarding)
 for interactive sessions and
-.Cm cs1
-(Lower Effort)
+.Cm none
+(the operating system default)
 for non-interactive sessions.
 .It Cm KbdInteractiveAuthentication
 Specifies whether to use keyboard-interactive authentication.
diff --git a/sshd_config.5 b/sshd_config.5
index ee1b29341..4536286b7 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd_config.5,v 1.383 2025/07/31 11:23:39 job Exp $
-.Dd $Mdocdate: July 31 2025 $
+.\" $OpenBSD: sshd_config.5,v 1.384 2025/08/05 09:08:16 job Exp $
+.Dd $Mdocdate: August 5 2025 $
 .Dt SSHD_CONFIG 5
 .Os
 .Sh NAME
@@ -960,8 +960,8 @@ The default is
 .Cm ef
 (Expedited Forwarding)
 for interactive sessions and
-.Cm cs1
-(Lower Effort)
+.Cm none
+(the operating system default)
 for non-interactive sessions.
 .It Cm KbdInteractiveAuthentication
 Specifies whether to allow keyboard-interactive authentication.

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.

More information about the openssh-commits mailing list