diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2016-09-28 16:33:06 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2016-09-29 03:11:32 +1000 |
| commit | 0082fba4efdd492f765ed4c53f0d0fbd3bdbdf7f (patch) | |
| tree | b0271896ec4d6c0e716821954212677438824a05 /opacket.h | |
| parent | 27c3a9c2aede2184856b5de1e6eca414bb751c38 (diff) | |
upstream commit
Remove support for pre-authentication compression. Doing
compression early in the protocol probably seemed reasonable in the 1990s,
but today it's clearly a bad idea in terms of both cryptography (cf. multiple
compression oracle attacks in TLS) and attack surface.
Moreover, to support it across privilege-separation zlib needed
the assistance of a complex shared-memory manager that made the
required attack surface considerably larger.
Prompted by Guido Vranken pointing out a compiler-elided security
check in the shared memory manager found by Stack
(http://css.csail.mit.edu/stack/); ok deraadt@ markus@
NB. pre-auth authentication has been disabled by default in sshd
for >10 years.
Upstream-ID: 32af9771788d45a0779693b41d06ec199d849caf
Diffstat (limited to 'opacket.h')
| -rw-r--r-- | opacket.h | 3 |
1 files changed, 0 insertions, 3 deletions
| @@ -133,9 +133,6 @@ void packet_disconnect(const char *, ...) | |||
| 133 | ssh_packet_get_input(active_state) | 133 | ssh_packet_get_input(active_state) |
| 134 | #define packet_get_output() \ | 134 | #define packet_get_output() \ |
| 135 | ssh_packet_get_output(active_state) | 135 | ssh_packet_get_output(active_state) |
| 136 | #define packet_set_compress_hooks(ctx, allocfunc, freefunc) \ | ||
| 137 | ssh_packet_set_compress_hooks(active_state, ctx, \ | ||
| 138 | allocfunc, freefunc); | ||
| 139 | #define packet_check_eom() \ | 136 | #define packet_check_eom() \ |
| 140 | ssh_packet_check_eom(active_state) | 137 | ssh_packet_check_eom(active_state) |
| 141 | #define set_newkeys(mode) \ | 138 | #define set_newkeys(mode) \ |