import openssh-5.2p1-gsskex-all-20090726.patch

author: Colin Watson <cjwatson@debian.org> 2010-01-01 17:15:23 +0000
committer: Colin Watson <cjwatson@debian.org> 2010-01-01 17:15:23 +0000
commit: 99b402ea4c8457b0a3cafff37f5b3410a8dc6476 (patch)
tree: 1d24ce54c9981ea8cbb4c5a9309964a0e4c4b320 /PROTOCOL
parent: 87552344215a38d3a2b0d4d63dc151e05978bbe1 (diff)
parent: 54af7a4ae8d455791a631bdfaade4b64436ae16a (diff)
1 files changed, 12 insertions, 1 deletions
diff --git a/PROTOCOL b/PROTOCOL
index 37fd536d9..5aada630d 100644
--- a/PROTOCOL
+++ b/PROTOCOL
@@ -64,6 +64,12 @@ remain open after a "eow@openssh.com" has been sent and more data may
 still be sent in the other direction. This message does not consume
 window space and may be sent even if no window space is available.
+NB. due to certain broken SSH implementations aborting upon receipt
+of this message (in contravention of RFC4254 section 5.4), this
+message is only sent to OpenSSH peers (identified by banner).
+Other SSH implementations may be whitelisted to receive this message
+upon request.
 4. connection: disallow additional sessions extension
   "no-more-sessions@openssh.com"
@@ -87,6 +93,11 @@ connection.
 Note that this is not a general defence against compromised clients
 (that is impossible), but it thwarts a simple attack.
+NB. due to certain broken SSH implementations aborting upon receipt
+of this message, the no-more-sessions request is only sent to OpenSSH
+servers (identified by banner). Other SSH implementations may be
+whitelisted to receive this message upon request.
 5. connection: Tunnel forward extension "tun@openssh.com"
 OpenSSH supports layer 2 and layer 3 tunnelling via the "tun@openssh.com"
@@ -240,4 +251,4 @@ The values of the f_flag bitmask are as follows:
 Both the "statvfs@openssh.com" and "fstatvfs@openssh.com" extensions are
 advertised in the SSH_FXP_VERSION hello with version "2".
-$OpenBSD: PROTOCOL,v 1.11 2008/07/05 05:16:01 djm Exp $
+$OpenBSD: PROTOCOL,v 1.12 2009/02/14 06:35:49 djm Exp $
author	Colin Watson <cjwatson@debian.org>	2010-01-01 17:15:23 +0000
committer	Colin Watson <cjwatson@debian.org>	2010-01-01 17:15:23 +0000
commit	99b402ea4c8457b0a3cafff37f5b3410a8dc6476 (patch)
tree	1d24ce54c9981ea8cbb4c5a9309964a0e4c4b320 /PROTOCOL
parent	87552344215a38d3a2b0d4d63dc151e05978bbe1 (diff)
parent	54af7a4ae8d455791a631bdfaade4b64436ae16a (diff)

diff --git a/PROTOCOL b/PROTOCOL index 37fd536d9..5aada630d 100644 --- a/PROTOCOL +++ b/PROTOCOL
@@ -64,6 +64,12 @@ remain open after a "eow@openssh.com" has been sent and more data may
64	still be sent in the other direction. This message does not consume	64	still be sent in the other direction. This message does not consume
65	window space and may be sent even if no window space is available.	65	window space and may be sent even if no window space is available.
66		66
		67	NB. due to certain broken SSH implementations aborting upon receipt
		68	of this message (in contravention of RFC4254 section 5.4), this
		69	message is only sent to OpenSSH peers (identified by banner).
		70	Other SSH implementations may be whitelisted to receive this message
		71	upon request.
		72
67	4. connection: disallow additional sessions extension	73	4. connection: disallow additional sessions extension
68	"no-more-sessions@openssh.com"	74	"no-more-sessions@openssh.com"
69		75
@@ -87,6 +93,11 @@ connection.
87	Note that this is not a general defence against compromised clients	93	Note that this is not a general defence against compromised clients
88	(that is impossible), but it thwarts a simple attack.	94	(that is impossible), but it thwarts a simple attack.
89		95
		96	NB. due to certain broken SSH implementations aborting upon receipt
		97	of this message, the no-more-sessions request is only sent to OpenSSH
		98	servers (identified by banner). Other SSH implementations may be
		99	whitelisted to receive this message upon request.
		100
90	5. connection: Tunnel forward extension "tun@openssh.com"	101	5. connection: Tunnel forward extension "tun@openssh.com"
91		102
92	OpenSSH supports layer 2 and layer 3 tunnelling via the "tun@openssh.com"	103	OpenSSH supports layer 2 and layer 3 tunnelling via the "tun@openssh.com"
@@ -240,4 +251,4 @@ The values of the f_flag bitmask are as follows:
240	Both the "statvfs@openssh.com" and "fstatvfs@openssh.com" extensions are	251	Both the "statvfs@openssh.com" and "fstatvfs@openssh.com" extensions are
241	advertised in the SSH_FXP_VERSION hello with version "2".	252	advertised in the SSH_FXP_VERSION hello with version "2".
242		253
243	$OpenBSD: PROTOCOL,v 1.11 2008/07/05 05:16:01 djm Exp $	254	$OpenBSD: PROTOCOL,v 1.12 2009/02/14 06:35:49 djm Exp $