diff options
author | Colin Watson <cjwatson@debian.org> | 2019-04-08 10:46:29 +0100 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2020-06-07 10:25:35 +0100 |
commit | 39b8d128ef980a410bb1ea0ee80e95ac9fff59c3 (patch) | |
tree | 8f4b2d0795835960f2591d0555a507e007c843ec | |
parent | f2697f0c5ff23bc13dce1c90fb4c1c934c02070b (diff) |
Revert "upstream: Update default IPQoS in ssh(1), sshd(8) to DSCP AF21 for"
This reverts commit 5ee8448ad7c306f05a9f56769f95336a8269f379.
The IPQoS default changes have some unfortunate interactions with
iptables (see https://bugs.debian.org/923880) and VMware, so I'm
temporarily reverting them until those have been fixed.
Bug-Debian: https://bugs.debian.org/923879
Bug-Debian: https://bugs.debian.org/926229
Bug-Ubuntu: https://bugs.launchpad.net/bugs/1822370
Last-Update: 2019-04-08
Patch-Name: revert-ipqos-defaults.patch
-rw-r--r-- | readconf.c | 4 | ||||
-rw-r--r-- | servconf.c | 4 | ||||
-rw-r--r-- | ssh_config.5 | 6 | ||||
-rw-r--r-- | sshd_config.5 | 6 |
4 files changed, 8 insertions, 12 deletions
diff --git a/readconf.c b/readconf.c index 87b0dc62a..9a646dcaa 100644 --- a/readconf.c +++ b/readconf.c | |||
@@ -2254,9 +2254,9 @@ fill_default_options(Options * options) | |||
2254 | if (options->visual_host_key == -1) | 2254 | if (options->visual_host_key == -1) |
2255 | options->visual_host_key = 0; | 2255 | options->visual_host_key = 0; |
2256 | if (options->ip_qos_interactive == -1) | 2256 | if (options->ip_qos_interactive == -1) |
2257 | options->ip_qos_interactive = IPTOS_DSCP_AF21; | 2257 | options->ip_qos_interactive = IPTOS_LOWDELAY; |
2258 | if (options->ip_qos_bulk == -1) | 2258 | if (options->ip_qos_bulk == -1) |
2259 | options->ip_qos_bulk = IPTOS_DSCP_CS1; | 2259 | options->ip_qos_bulk = IPTOS_THROUGHPUT; |
2260 | if (options->request_tty == -1) | 2260 | if (options->request_tty == -1) |
2261 | options->request_tty = REQUEST_TTY_AUTO; | 2261 | options->request_tty = REQUEST_TTY_AUTO; |
2262 | if (options->proxy_use_fdpass == -1) | 2262 | if (options->proxy_use_fdpass == -1) |
diff --git a/servconf.c b/servconf.c index cf4e52f3b..c290e9786 100644 --- a/servconf.c +++ b/servconf.c | |||
@@ -452,9 +452,9 @@ fill_default_server_options(ServerOptions *options) | |||
452 | if (options->permit_tun == -1) | 452 | if (options->permit_tun == -1) |
453 | options->permit_tun = SSH_TUNMODE_NO; | 453 | options->permit_tun = SSH_TUNMODE_NO; |
454 | if (options->ip_qos_interactive == -1) | 454 | if (options->ip_qos_interactive == -1) |
455 | options->ip_qos_interactive = IPTOS_DSCP_AF21; | 455 | options->ip_qos_interactive = IPTOS_LOWDELAY; |
456 | if (options->ip_qos_bulk == -1) | 456 | if (options->ip_qos_bulk == -1) |
457 | options->ip_qos_bulk = IPTOS_DSCP_CS1; | 457 | options->ip_qos_bulk = IPTOS_THROUGHPUT; |
458 | if (options->version_addendum == NULL) | 458 | if (options->version_addendum == NULL) |
459 | options->version_addendum = xstrdup(""); | 459 | options->version_addendum = xstrdup(""); |
460 | if (options->fwd_opts.streamlocal_bind_mask == (mode_t)-1) | 460 | if (options->fwd_opts.streamlocal_bind_mask == (mode_t)-1) |
diff --git a/ssh_config.5 b/ssh_config.5 index aac3fabb7..2574b1004 100644 --- a/ssh_config.5 +++ b/ssh_config.5 | |||
@@ -1140,11 +1140,9 @@ If one argument is specified, it is used as the packet class unconditionally. | |||
1140 | If two values are specified, the first is automatically selected for | 1140 | If two values are specified, the first is automatically selected for |
1141 | interactive sessions and the second for non-interactive sessions. | 1141 | interactive sessions and the second for non-interactive sessions. |
1142 | The default is | 1142 | The default is |
1143 | .Cm af21 | 1143 | .Cm lowdelay |
1144 | (Low-Latency Data) | ||
1145 | for interactive sessions and | 1144 | for interactive sessions and |
1146 | .Cm cs1 | 1145 | .Cm throughput |
1147 | (Lower Effort) | ||
1148 | for non-interactive sessions. | 1146 | for non-interactive sessions. |
1149 | .It Cm KbdInteractiveAuthentication | 1147 | .It Cm KbdInteractiveAuthentication |
1150 | Specifies whether to use keyboard-interactive authentication. | 1148 | Specifies whether to use keyboard-interactive authentication. |
diff --git a/sshd_config.5 b/sshd_config.5 index b38025dbf..88db4db07 100644 --- a/sshd_config.5 +++ b/sshd_config.5 | |||
@@ -925,11 +925,9 @@ If one argument is specified, it is used as the packet class unconditionally. | |||
925 | If two values are specified, the first is automatically selected for | 925 | If two values are specified, the first is automatically selected for |
926 | interactive sessions and the second for non-interactive sessions. | 926 | interactive sessions and the second for non-interactive sessions. |
927 | The default is | 927 | The default is |
928 | .Cm af21 | 928 | .Cm lowdelay |
929 | (Low-Latency Data) | ||
930 | for interactive sessions and | 929 | for interactive sessions and |
931 | .Cm cs1 | 930 | .Cm throughput |
932 | (Lower Effort) | ||
933 | for non-interactive sessions. | 931 | for non-interactive sessions. |
934 | .It Cm KbdInteractiveAuthentication | 932 | .It Cm KbdInteractiveAuthentication |
935 | Specifies whether to allow keyboard-interactive authentication. | 933 | Specifies whether to allow keyboard-interactive authentication. |