diff options
author | Colin Watson <cjwatson@debian.org> | 2019-04-08 10:46:29 +0100 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2019-06-21 16:14:04 +0100 |
commit | f08fbfbaad10ae0bd9f057de8e18071e588146a6 (patch) | |
tree | 088d074bb49a033efc958507d85ec56efe790a27 | |
parent | a20835ce2f9899305421bc478ba29d6524e89433 (diff) |
Revert "upstream: Update default IPQoS in ssh(1), sshd(8) to DSCP AF21 for"
This reverts commit 5ee8448ad7c306f05a9f56769f95336a8269f379.
The IPQoS default changes have some unfortunate interactions with
iptables (see https://bugs.debian.org/923880) and VMware, so I'm
temporarily reverting them until those have been fixed.
Bug-Debian: https://bugs.debian.org/923879
Bug-Debian: https://bugs.debian.org/926229
Bug-Ubuntu: https://bugs.launchpad.net/1822370
Last-Update: 2019-04-08
Patch-Name: revert-ipqos-defaults.patch
-rw-r--r-- | readconf.c | 4 | ||||
-rw-r--r-- | servconf.c | 4 | ||||
-rw-r--r-- | ssh_config.5 | 6 | ||||
-rw-r--r-- | sshd_config.5 | 6 |
4 files changed, 8 insertions, 12 deletions
diff --git a/readconf.c b/readconf.c index f35bde6e6..2ba312441 100644 --- a/readconf.c +++ b/readconf.c | |||
@@ -2165,9 +2165,9 @@ fill_default_options(Options * options) | |||
2165 | if (options->visual_host_key == -1) | 2165 | if (options->visual_host_key == -1) |
2166 | options->visual_host_key = 0; | 2166 | options->visual_host_key = 0; |
2167 | if (options->ip_qos_interactive == -1) | 2167 | if (options->ip_qos_interactive == -1) |
2168 | options->ip_qos_interactive = IPTOS_DSCP_AF21; | 2168 | options->ip_qos_interactive = IPTOS_LOWDELAY; |
2169 | if (options->ip_qos_bulk == -1) | 2169 | if (options->ip_qos_bulk == -1) |
2170 | options->ip_qos_bulk = IPTOS_DSCP_CS1; | 2170 | options->ip_qos_bulk = IPTOS_THROUGHPUT; |
2171 | if (options->request_tty == -1) | 2171 | if (options->request_tty == -1) |
2172 | options->request_tty = REQUEST_TTY_AUTO; | 2172 | options->request_tty = REQUEST_TTY_AUTO; |
2173 | if (options->proxy_use_fdpass == -1) | 2173 | if (options->proxy_use_fdpass == -1) |
diff --git a/servconf.c b/servconf.c index 8d2bced52..365e6ff1e 100644 --- a/servconf.c +++ b/servconf.c | |||
@@ -423,9 +423,9 @@ fill_default_server_options(ServerOptions *options) | |||
423 | if (options->permit_tun == -1) | 423 | if (options->permit_tun == -1) |
424 | options->permit_tun = SSH_TUNMODE_NO; | 424 | options->permit_tun = SSH_TUNMODE_NO; |
425 | if (options->ip_qos_interactive == -1) | 425 | if (options->ip_qos_interactive == -1) |
426 | options->ip_qos_interactive = IPTOS_DSCP_AF21; | 426 | options->ip_qos_interactive = IPTOS_LOWDELAY; |
427 | if (options->ip_qos_bulk == -1) | 427 | if (options->ip_qos_bulk == -1) |
428 | options->ip_qos_bulk = IPTOS_DSCP_CS1; | 428 | options->ip_qos_bulk = IPTOS_THROUGHPUT; |
429 | if (options->version_addendum == NULL) | 429 | if (options->version_addendum == NULL) |
430 | options->version_addendum = xstrdup(""); | 430 | options->version_addendum = xstrdup(""); |
431 | if (options->fwd_opts.streamlocal_bind_mask == (mode_t)-1) | 431 | if (options->fwd_opts.streamlocal_bind_mask == (mode_t)-1) |
diff --git a/ssh_config.5 b/ssh_config.5 index a27631ae9..a9f6d906f 100644 --- a/ssh_config.5 +++ b/ssh_config.5 | |||
@@ -1098,11 +1098,9 @@ If one argument is specified, it is used as the packet class unconditionally. | |||
1098 | If two values are specified, the first is automatically selected for | 1098 | If two values are specified, the first is automatically selected for |
1099 | interactive sessions and the second for non-interactive sessions. | 1099 | interactive sessions and the second for non-interactive sessions. |
1100 | The default is | 1100 | The default is |
1101 | .Cm af21 | 1101 | .Cm lowdelay |
1102 | (Low-Latency Data) | ||
1103 | for interactive sessions and | 1102 | for interactive sessions and |
1104 | .Cm cs1 | 1103 | .Cm throughput |
1105 | (Lower Effort) | ||
1106 | for non-interactive sessions. | 1104 | for non-interactive sessions. |
1107 | .It Cm KbdInteractiveAuthentication | 1105 | .It Cm KbdInteractiveAuthentication |
1108 | Specifies whether to use keyboard-interactive authentication. | 1106 | Specifies whether to use keyboard-interactive authentication. |
diff --git a/sshd_config.5 b/sshd_config.5 index c0c4ebd66..e5380f5dc 100644 --- a/sshd_config.5 +++ b/sshd_config.5 | |||
@@ -886,11 +886,9 @@ If one argument is specified, it is used as the packet class unconditionally. | |||
886 | If two values are specified, the first is automatically selected for | 886 | If two values are specified, the first is automatically selected for |
887 | interactive sessions and the second for non-interactive sessions. | 887 | interactive sessions and the second for non-interactive sessions. |
888 | The default is | 888 | The default is |
889 | .Cm af21 | 889 | .Cm lowdelay |
890 | (Low-Latency Data) | ||
891 | for interactive sessions and | 890 | for interactive sessions and |
892 | .Cm cs1 | 891 | .Cm throughput |
893 | (Lower Effort) | ||
894 | for non-interactive sessions. | 892 | for non-interactive sessions. |
895 | .It Cm KbdInteractiveAuthentication | 893 | .It Cm KbdInteractiveAuthentication |
896 | Specifies whether to allow keyboard-interactive authentication. | 894 | Specifies whether to allow keyboard-interactive authentication. |