From 9cf8803acf5dc53b98088e0518fb7c9546067e2a Mon Sep 17 00:00:00 2001
From: dtucker <dtucker@openbsd.org>
Date: Fri, 17 Feb 2023 03:06:18 +0000
Subject: [PATCH] Remove now-unused compat bit SSH_BUG_BIGENDIANAES.  This was
 previously set for OpenSSH 2.3 (released in 2000) but this check was removed
 in OpenSSH 7.7 (2018).  ok djm@ deraadt@

---
 usr.bin/ssh/compat.c | 12 ++----------
 usr.bin/ssh/compat.h |  4 ++--
 2 files changed, 4 insertions(+), 12 deletions(-)

diff --git a/usr.bin/ssh/compat.c b/usr.bin/ssh/compat.c
index 4a580070beb..3e57abc9dda 100644
--- a/usr.bin/ssh/compat.c
+++ b/usr.bin/ssh/compat.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: compat.c,v 1.123 2023/02/16 10:10:00 dtucker Exp $ */
+/* $OpenBSD: compat.c,v 1.124 2023/02/17 03:06:18 dtucker Exp $ */
 /*
  * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl.  All rights reserved.
  *
@@ -140,15 +140,7 @@ compat_banner(struct ssh *ssh, const char *version)
 char *
 compat_cipher_proposal(struct ssh *ssh, char *cipher_prop)
 {
-	if (!(ssh->compat & SSH_BUG_BIGENDIANAES))
-		return xstrdup(cipher_prop);
-	debug2_f("original cipher proposal: %s", cipher_prop);
-	if ((cipher_prop = match_filter_denylist(cipher_prop, "aes*")) == NULL)
-		fatal("match_filter_denylist failed");
-	debug2_f("compat cipher proposal: %s", cipher_prop);
-	if (*cipher_prop == '\0')
-		fatal("No supported ciphers found");
-	return cipher_prop;
+	return xstrdup(cipher_prop);
 }
 
 /* Always returns pointer to allocated memory, caller must free. */
diff --git a/usr.bin/ssh/compat.h b/usr.bin/ssh/compat.h
index 9abe056dd5e..8d0ea2d688f 100644
--- a/usr.bin/ssh/compat.h
+++ b/usr.bin/ssh/compat.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: compat.h,v 1.59 2023/02/16 10:10:00 dtucker Exp $ */
+/* $OpenBSD: compat.h,v 1.60 2023/02/17 03:06:18 dtucker Exp $ */
 
 /*
  * Copyright (c) 1999, 2000, 2001 Markus Friedl.  All rights reserved.
@@ -39,7 +39,7 @@
 /* #define unused		0x00000200 */
 /* #define unused		0x00000400 */
 #define SSH_BUG_SCANNER		0x00000800
-#define SSH_BUG_BIGENDIANAES	0x00001000
+/* #define unused		0x00001000 */
 #define SSH_BUG_RSASIGMD5	0x00002000
 #define SSH_OLD_DHGEX		0x00004000
 #define SSH_BUG_NOREKEY		0x00008000
-- 
2.20.1