From 87f0df622813793b298605b5adefeca6cb1f8453 Mon Sep 17 00:00:00 2001 From: markus Date: Sat, 3 May 2014 17:20:34 +0000 Subject: [PATCH] unbreak compression, by re-init-ing the compression code in the post-auth child. the new buffer code is more strict, and requires buffer_init() while the old code was happy after a bzero(); originally from djm@ --- usr.bin/ssh/monitor.c | 4 +++- usr.bin/ssh/packet.c | 22 +++++++++++++++++++++- usr.bin/ssh/packet.h | 3 ++- 3 files changed, 26 insertions(+), 3 deletions(-) diff --git a/usr.bin/ssh/monitor.c b/usr.bin/ssh/monitor.c index 5fe12a6c0bd..8fda7d241c4 100644 --- a/usr.bin/ssh/monitor.c +++ b/usr.bin/ssh/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.132 2014/04/29 18:01:49 markus Exp $ */ +/* $OpenBSD: monitor.c,v 1.133 2014/05/03 17:20:34 markus Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -1480,6 +1480,8 @@ monitor_apply_keystate(struct monitor *pmonitor) if (options.compression) mm_init_compression(pmonitor->m_zlib); + packet_set_postauth(); + if (options.rekey_limit || options.rekey_interval) packet_set_rekey_limits((u_int32_t)options.rekey_limit, (time_t)options.rekey_interval); diff --git a/usr.bin/ssh/packet.c b/usr.bin/ssh/packet.c index fe2af2d5c21..052531f8977 100644 --- a/usr.bin/ssh/packet.c +++ b/usr.bin/ssh/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.195 2014/04/29 18:01:49 markus Exp $ */ +/* $OpenBSD: packet.c,v 1.196 2014/05/03 17:20:34 markus Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -2037,3 +2037,23 @@ packet_restore_state(void) add_recv_bytes(len); } } + +/* Reset after_authentication and reset compression in post-auth privsep */ +void +packet_set_postauth(void) +{ + Comp *comp; + int mode; + + debug("%s: called", __func__); + /* This was set in net child, but is not visible in user child */ + active_state->after_authentication = 1; + active_state->rekeying = 0; + for (mode = 0; mode < MODE_MAX; mode++) { + if (active_state->newkeys[mode] == NULL) + continue; + comp = &active_state->newkeys[mode]->comp; + if (comp && comp->enabled) + packet_init_compression(); + } +} diff --git a/usr.bin/ssh/packet.h b/usr.bin/ssh/packet.h index 5beb1677c8e..f295f0d7c66 100644 --- a/usr.bin/ssh/packet.h +++ b/usr.bin/ssh/packet.h @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.h,v 1.60 2014/04/28 03:09:18 djm Exp $ */ +/* $OpenBSD: packet.h,v 1.61 2014/05/03 17:20:34 markus Exp $ */ /* * Author: Tatu Ylonen @@ -114,6 +114,7 @@ time_t packet_get_rekey_timeout(void); void packet_backup_state(void); void packet_restore_state(void); +void packet_set_postauth(void); void *packet_get_input(void); void *packet_get_output(void); -- 2.20.1