diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2016-09-28 16:33:06 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2016-09-29 03:11:32 +1000 |
| commit | 0082fba4efdd492f765ed4c53f0d0fbd3bdbdf7f (patch) | |
| tree | b0271896ec4d6c0e716821954212677438824a05 /sshd.c | |
| parent | 27c3a9c2aede2184856b5de1e6eca414bb751c38 (diff) | |
upstream commit
Remove support for pre-authentication compression. Doing
compression early in the protocol probably seemed reasonable in the 1990s,
but today it's clearly a bad idea in terms of both cryptography (cf. multiple
compression oracle attacks in TLS) and attack surface.
Moreover, to support it across privilege-separation zlib needed
the assistance of a complex shared-memory manager that made the
required attack surface considerably larger.
Prompted by Guido Vranken pointing out a compiler-elided security
check in the shared memory manager found by Stack
(http://css.csail.mit.edu/stack/); ok deraadt@ markus@
NB. pre-auth authentication has been disabled by default in sshd
for >10 years.
Upstream-ID: 32af9771788d45a0779693b41d06ec199d849caf
Diffstat (limited to 'sshd.c')
| -rw-r--r-- | sshd.c | 10 |
1 files changed, 1 insertions, 9 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: sshd.c,v 1.475 2016/08/28 22:28:12 djm Exp $ */ | 1 | /* $OpenBSD: sshd.c,v 1.476 2016/09/28 16:33:07 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -114,7 +114,6 @@ | |||
| 114 | #include "dispatch.h" | 114 | #include "dispatch.h" |
| 115 | #include "channels.h" | 115 | #include "channels.h" |
| 116 | #include "session.h" | 116 | #include "session.h" |
| 117 | #include "monitor_mm.h" | ||
| 118 | #include "monitor.h" | 117 | #include "monitor.h" |
| 119 | #ifdef GSSAPI | 118 | #ifdef GSSAPI |
| 120 | #include "ssh-gss.h" | 119 | #include "ssh-gss.h" |
| @@ -582,9 +581,6 @@ privsep_preauth(Authctxt *authctxt) | |||
| 582 | ssh_sandbox_parent_preauth(box, pid); | 581 | ssh_sandbox_parent_preauth(box, pid); |
| 583 | monitor_child_preauth(authctxt, pmonitor); | 582 | monitor_child_preauth(authctxt, pmonitor); |
| 584 | 583 | ||
| 585 | /* Sync memory */ | ||
| 586 | monitor_sync(pmonitor); | ||
| 587 | |||
| 588 | /* Wait for the child's exit status */ | 584 | /* Wait for the child's exit status */ |
| 589 | while (waitpid(pid, &status, 0) < 0) { | 585 | while (waitpid(pid, &status, 0) < 0) { |
| 590 | if (errno == EINTR) | 586 | if (errno == EINTR) |
| @@ -2152,10 +2148,6 @@ do_ssh2_kex(void) | |||
| 2152 | if (options.compression == COMP_NONE) { | 2148 | if (options.compression == COMP_NONE) { |
| 2153 | myproposal[PROPOSAL_COMP_ALGS_CTOS] = | 2149 | myproposal[PROPOSAL_COMP_ALGS_CTOS] = |
| 2154 | myproposal[PROPOSAL_COMP_ALGS_STOC] = "none"; | 2150 | myproposal[PROPOSAL_COMP_ALGS_STOC] = "none"; |
| 2155 | } else if (options.compression == COMP_DELAYED) { | ||
| 2156 | myproposal[PROPOSAL_COMP_ALGS_CTOS] = | ||
| 2157 | myproposal[PROPOSAL_COMP_ALGS_STOC] = | ||
| 2158 | "none,zlib@openssh.com"; | ||
| 2159 | } | 2151 | } |
| 2160 | 2152 | ||
| 2161 | if (options.rekey_limit || options.rekey_interval) | 2153 | if (options.rekey_limit || options.rekey_interval) |