upstream commit

Drop compatibility hacks for some ancient SSH implementations, including ssh.com <=2.* and OpenSSH <= 3.*. These versions were all released in or before 2001 and predate the final SSH RFCs. The hacks in question aren't necessary for RFC- compliant SSH implementations. ok markus@ OpenBSD-Commit-ID: 4be81c67db57647f907f4e881fb9341448606138
author: djm@openbsd.org <djm@openbsd.org> 2018-01-23 05:27:21 +0000
committer: Damien Miller <djm@mindrot.org> 2018-01-23 16:40:29 +1100
commit: 14b5c635d1190633b23ac3372379517fb645b0c2 (patch)
tree: 8ef70b4660b04ba6add4c314d52f84375cb16788 /sshd.c
parent: 7c77991f5de5d8475cbeb7cbb06d0c7d1611d7bb (diff)
1 files changed, 1 insertions, 5 deletions
diff --git a/sshd.c b/sshd.c
index 6133135db..e7e3c99b4 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshd.c,v 1.501 2018/01/23 05:12:12 djm Exp $ */
+/* $OpenBSD: sshd.c,v 1.502 2018/01/23 05:27:21 djm Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -446,10 +446,6 @@ sshd_exchange_identification(struct ssh *ssh, int sock_in, int sock_out)
                logit("Client version \"%.100s\" uses unsafe RSA signature "
                    "scheme; disabling use of RSA keys", remote_version);
        }
-        if ((ssh->compat & SSH_BUG_DERIVEKEY) != 0) {
-                fatal("Client version \"%.100s\" uses unsafe key agreement; "
-                    "refusing connection", remote_version);
-        }
        chop(server_version_string);
        debug("Local version string %.200s", server_version_string);
author	djm@openbsd.org <djm@openbsd.org>	2018-01-23 05:27:21 +0000
committer	Damien Miller <djm@mindrot.org>	2018-01-23 16:40:29 +1100
commit	14b5c635d1190633b23ac3372379517fb645b0c2 (patch)
tree	8ef70b4660b04ba6add4c314d52f84375cb16788 /sshd.c
parent	7c77991f5de5d8475cbeb7cbb06d0c7d1611d7bb (diff)