summaryrefslogtreecommitdiff
path: root/PROTOCOL
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2009-02-14 18:00:52 +1100
committerDamien Miller <djm@mindrot.org>2009-02-14 18:00:52 +1100
commit6385e758dfbc72d461a68cd19819e5f9d41e555c (patch)
treeb35aea3f74f6af0577f59f13f1decadfcf69e938 /PROTOCOL
parent61433bec808fc90de066902e793147fd5015a2cc (diff)
- djm@cvs.openbsd.org 2009/02/14 06:35:49
[PROTOCOL] mention that eow and no-more-sessions extensions are sent only to OpenSSH peers
Diffstat (limited to 'PROTOCOL')
-rw-r--r--PROTOCOL13
1 files changed, 12 insertions, 1 deletions
diff --git a/PROTOCOL b/PROTOCOL
index 37fd536d9..5aada630d 100644
--- a/PROTOCOL
+++ b/PROTOCOL
@@ -64,6 +64,12 @@ remain open after a "eow@openssh.com" has been sent and more data may
64still be sent in the other direction. This message does not consume 64still be sent in the other direction. This message does not consume
65window space and may be sent even if no window space is available. 65window space and may be sent even if no window space is available.
66 66
67NB. due to certain broken SSH implementations aborting upon receipt
68of this message (in contravention of RFC4254 section 5.4), this
69message is only sent to OpenSSH peers (identified by banner).
70Other SSH implementations may be whitelisted to receive this message
71upon request.
72
674. connection: disallow additional sessions extension 734. connection: disallow additional sessions extension
68 "no-more-sessions@openssh.com" 74 "no-more-sessions@openssh.com"
69 75
@@ -87,6 +93,11 @@ connection.
87Note that this is not a general defence against compromised clients 93Note that this is not a general defence against compromised clients
88(that is impossible), but it thwarts a simple attack. 94(that is impossible), but it thwarts a simple attack.
89 95
96NB. due to certain broken SSH implementations aborting upon receipt
97of this message, the no-more-sessions request is only sent to OpenSSH
98servers (identified by banner). Other SSH implementations may be
99whitelisted to receive this message upon request.
100
905. connection: Tunnel forward extension "tun@openssh.com" 1015. connection: Tunnel forward extension "tun@openssh.com"
91 102
92OpenSSH supports layer 2 and layer 3 tunnelling via the "tun@openssh.com" 103OpenSSH supports layer 2 and layer 3 tunnelling via the "tun@openssh.com"
@@ -240,4 +251,4 @@ The values of the f_flag bitmask are as follows:
240Both the "statvfs@openssh.com" and "fstatvfs@openssh.com" extensions are 251Both the "statvfs@openssh.com" and "fstatvfs@openssh.com" extensions are
241advertised in the SSH_FXP_VERSION hello with version "2". 252advertised in the SSH_FXP_VERSION hello with version "2".
242 253
243$OpenBSD: PROTOCOL,v 1.11 2008/07/05 05:16:01 djm Exp $ 254$OpenBSD: PROTOCOL,v 1.12 2009/02/14 06:35:49 djm Exp $