It turns out we still support pre-auth compression on the client.
Therefore revert the previous two commits:
date: 2018/07/06 09:06:14; author: sf; commitid: yZVYKIRtUZWD9CmE;
Rename COMP_DELAYED to COMP_ZLIB
Only delayed compression is supported nowadays.
ok markus@
date: 2018/07/06 09:05:01; author: sf; commitid: rEGuT5UgI9f6kddP;
Remove leftovers from pre-authentication compression
Support for this has been removed in 2016.
COMP_DELAYED will be renamed in a later commit.
ok markus@
-/* $OpenBSD: kex.c,v 1.140 2018/07/06 09:06:14 sf Exp $ */
+/* $OpenBSD: kex.c,v 1.141 2018/07/09 13:37:10 sf Exp $ */
/*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
*
if (name == NULL)
return SSH_ERR_NO_COMPRESS_ALG_MATCH;
if (strcmp(name, "zlib@openssh.com") == 0) {
+ comp->type = COMP_DELAYED;
+ } else if (strcmp(name, "zlib") == 0) {
comp->type = COMP_ZLIB;
} else if (strcmp(name, "none") == 0) {
comp->type = COMP_NONE;
-/* $OpenBSD: kex.h,v 1.87 2018/07/06 09:06:14 sf Exp $ */
+/* $OpenBSD: kex.h,v 1.88 2018/07/09 13:37:10 sf Exp $ */
/*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
#define COMP_NONE 0
#define COMP_ZLIB 1
+#define COMP_DELAYED 2
#define CURVE25519_SIZE 32
-/* $OpenBSD: monitor_wrap.c,v 1.100 2018/07/06 09:05:01 sf Exp $ */
+/* $OpenBSD: monitor_wrap.c,v 1.101 2018/07/09 13:37:10 sf Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* Copyright 2002 Markus Friedl <markus@openbsd.org>
#include "ssherr.h"
/* Imports */
+extern z_stream incoming_stream;
+extern z_stream outgoing_stream;
extern struct monitor *pmonitor;
extern Buffer loginmsg;
extern ServerOptions options;
-/* $OpenBSD: packet.c,v 1.274 2018/07/06 09:06:14 sf Exp $ */
+/* $OpenBSD: packet.c,v 1.275 2018/07/09 13:37:10 sf Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
/* explicit_bzero(enc->iv, enc->block_size);
explicit_bzero(enc->key, enc->key_len);
explicit_bzero(mac->key, mac->key_len); */
- if (comp->type == COMP_ZLIB && state->after_authentication
- && comp->enabled == 0) {
+ if ((comp->type == COMP_ZLIB ||
+ (comp->type == COMP_DELAYED &&
+ state->after_authentication)) && comp->enabled == 0) {
if ((r = ssh_packet_init_compression(ssh)) < 0)
return r;
if (mode == MODE_OUT) {
/*
* Remember that we are past the authentication step, so rekeying
- * with COMP_ZLIB will turn on compression immediately.
+ * with COMP_DELAYED will turn on compression immediately.
*/
state->after_authentication = 1;
for (mode = 0; mode < MODE_MAX; mode++) {
if (state->newkeys[mode] == NULL)
continue;
comp = &state->newkeys[mode]->comp;
- if (comp && !comp->enabled && comp->type == COMP_ZLIB) {
+ if (comp && !comp->enabled && comp->type == COMP_DELAYED) {
if ((r = ssh_packet_init_compression(ssh)) != 0)
return r;
if (mode == MODE_OUT) {
-/* $OpenBSD: servconf.c,v 1.336 2018/07/06 09:06:14 sf Exp $ */
+/* $OpenBSD: servconf.c,v 1.337 2018/07/09 13:37:10 sf Exp $ */
/*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
options->permit_user_env_whitelist = NULL;
}
if (options->compression == -1)
- options->compression = COMP_ZLIB;
+ options->compression = COMP_DELAYED;
if (options->rekey_limit == -1)
options->rekey_limit = 0;
if (options->rekey_interval == -1)
{ NULL, -1 }
};
static const struct multistate multistate_compression[] = {
- { "yes", COMP_ZLIB },
- { "delayed", COMP_ZLIB },
+ { "yes", COMP_DELAYED },
+ { "delayed", COMP_DELAYED },
{ "no", COMP_NONE },
{ NULL, -1 }
};
-/* $OpenBSD: sshconnect2.c,v 1.276 2018/07/06 09:05:01 sf Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.277 2018/07/09 13:37:10 sf Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
* Copyright (c) 2008 Damien Miller. All rights reserved.
compat_cipher_proposal(options.ciphers);
myproposal[PROPOSAL_COMP_ALGS_CTOS] =
myproposal[PROPOSAL_COMP_ALGS_STOC] = options.compression ?
- "zlib@openssh.com,none" : "none,zlib@openssh.com";
+ "zlib@openssh.com,zlib,none" : "none,zlib@openssh.com,zlib";
myproposal[PROPOSAL_MAC_ALGS_CTOS] =
myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs;
if (options.hostkeyalgorithms != NULL) {
projects / openbsd / commitdiff