diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2016-09-28 21:44:52 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2016-09-29 08:18:39 +1000 |
| commit | b7689155f3f5c4999846c07a852b1c7a43b09cec (patch) | |
| tree | 9fedbd666c59b54e9c68f16d79e1b70e993ba570 | |
| parent | 4577adead6a7d600c8e764619d99477a08192c8f (diff) | |
upstream commit
put back some pre-auth zlib bits that I shouldn't have
removed - they are still used by the client. Spotted by naddy@
Upstream-ID: 80919468056031037d56a1f5b261c164a6f90dc2
| -rw-r--r-- | kex.c | 4 | ||||
| -rw-r--r-- | kex.h | 5 | ||||
| -rw-r--r-- | packet.c | 7 |
3 files changed, 10 insertions, 6 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: kex.c,v 1.125 2016/09/28 20:32:42 djm Exp $ */ +/* $OpenBSD: kex.c,v 1.126 2016/09/28 21:44:52 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * @@ -684,6 +684,8 @@ choose_comp(struct sshcomp *comp, char *client, char *server) return SSH_ERR_NO_COMPRESS_ALG_MATCH; if (strcmp(name, "zlib@openssh.com") == 0) { comp->type = COMP_DELAYED; + } else if (strcmp(name, "zlib") == 0) { + comp->type = COMP_ZLIB; } else if (strcmp(name, "none") == 0) { comp->type = COMP_NONE; } else { @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.h,v 1.80 2016/09/28 20:32:42 djm Exp $ */ +/* $OpenBSD: kex.h,v 1.81 2016/09/28 21:44:52 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -64,7 +64,8 @@ #define KEX_CURVE25519_SHA256_OLD "curve25519-sha256@libssh.org" #define COMP_NONE 0 -#define COMP_DELAYED 1 +#define COMP_ZLIB 1 +#define COMP_DELAYED 2 #define CURVE25519_SIZE 32 @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.240 2016/09/28 20:32:42 djm Exp $ */ +/* $OpenBSD: packet.c,v 1.241 2016/09/28 21:44:52 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -965,8 +965,9 @@ ssh_set_newkeys(struct ssh *ssh, int mode) /* explicit_bzero(enc->iv, enc->block_size); explicit_bzero(enc->key, enc->key_len); explicit_bzero(mac->key, mac->key_len); */ - if (comp->type == COMP_DELAYED && state->after_authentication && - comp->enabled == 0) { + if ((comp->type == COMP_ZLIB || + (comp->type == COMP_DELAYED && + state->after_authentication)) && comp->enabled == 0) { if ((r = ssh_packet_init_compression(ssh)) < 0) return r; if (mode == MODE_OUT) { |