6 files changed, 20 insertions, 14 deletions

diff --git a/kex.c b/kex.c
index b111c4a54..25f9f66f6 100644
--- a/kex.c
+++ b/kex.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.c,v 1.140 2018/07/06 09:06:14 sf Exp $ */
+/* $OpenBSD: kex.c,v 1.141 2018/07/09 13:37:10 sf Exp $ */
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
  *
@@ -741,6 +741,8 @@ choose_comp(struct sshcomp *comp, char *client, char *server)
         if (name == NULL)
                 return SSH_ERR_NO_COMPRESS_ALG_MATCH;
         if (strcmp(name, "zlib@openssh.com") == 0) {
+                comp->type = COMP_DELAYED;
+        } else if (strcmp(name, "zlib") == 0) {
                 comp->type = COMP_ZLIB;
         } else if (strcmp(name, "none") == 0) {
                 comp->type = COMP_NONE;
diff --git a/kex.h b/kex.h
index b57f985ef..e3816047a 100644
--- a/kex.h
+++ b/kex.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.h,v 1.87 2018/07/06 09:06:14 sf Exp $ */
+/* $OpenBSD: kex.h,v 1.88 2018/07/09 13:37:10 sf Exp $ */
 
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
@@ -65,6 +65,7 @@
 
 #define COMP_NONE       0
 #define COMP_ZLIB       1
+#define COMP_DELAYED    2
 
 #define CURVE25519_SIZE 32
 
diff --git a/monitor_wrap.c b/monitor_wrap.c
index e280fd2ad..012ab01a9 100644
--- a/monitor_wrap.c
+++ b/monitor_wrap.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor_wrap.c,v 1.100 2018/07/06 09:05:01 sf Exp $ */
+/* $OpenBSD: monitor_wrap.c,v 1.101 2018/07/09 13:37:10 sf Exp $ */
 /*
  * Copyright 2002 Niels Provos <provos@citi.umich.edu>
  * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -84,6 +84,8 @@
 #include "ssherr.h"
 
 /* Imports */
+extern z_stream incoming_stream;
+extern z_stream outgoing_stream;
 extern struct monitor *pmonitor;
 extern Buffer loginmsg;
 extern ServerOptions options;
diff --git a/packet.c b/packet.c
index 2e87e520f..4d91792e0 100644
--- a/packet.c
+++ b/packet.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.c,v 1.274 2018/07/06 09:06:14 sf Exp $ */
+/* $OpenBSD: packet.c,v 1.275 2018/07/09 13:37:10 sf Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -879,8 +879,9 @@ ssh_set_newkeys(struct ssh *ssh, int mode)
         /* explicit_bzero(enc->iv,  enc->block_size);
            explicit_bzero(enc->key, enc->key_len);
            explicit_bzero(mac->key, mac->key_len); */
-        if (comp->type == COMP_ZLIB && state->after_authentication
-            && comp->enabled == 0) {
+        if ((comp->type == COMP_ZLIB ||
+            (comp->type == COMP_DELAYED &&
+             state->after_authentication)) && comp->enabled == 0) {
                 if ((r = ssh_packet_init_compression(ssh)) < 0)
                         return r;
                 if (mode == MODE_OUT) {
@@ -970,7 +971,7 @@ ssh_packet_enable_delayed_compress(struct ssh *ssh)
 
         /*
          * Remember that we are past the authentication step, so rekeying
-         * with COMP_ZLIB will turn on compression immediately.
+         * with COMP_DELAYED will turn on compression immediately.
          */
         state->after_authentication = 1;
         for (mode = 0; mode < MODE_MAX; mode++) {
@@ -978,7 +979,7 @@ ssh_packet_enable_delayed_compress(struct ssh *ssh)
                 if (state->newkeys[mode] == NULL)
                         continue;
                 comp = &state->newkeys[mode]->comp;
-                if (comp && !comp->enabled && comp->type == COMP_ZLIB) {
+                if (comp && !comp->enabled && comp->type == COMP_DELAYED) {
                         if ((r = ssh_packet_init_compression(ssh)) != 0)
                                 return r;
                         if (mode == MODE_OUT) {
diff --git a/servconf.c b/servconf.c
index f5272b0f9..97c268e3c 100644
--- a/servconf.c
+++ b/servconf.c
@@ -1,5 +1,5 @@
 
-/* $OpenBSD: servconf.c,v 1.336 2018/07/06 09:06:14 sf Exp $ */
+/* $OpenBSD: servconf.c,v 1.337 2018/07/09 13:37:10 sf Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -349,7 +349,7 @@ fill_default_server_options(ServerOptions *options)
                 options->permit_user_env_whitelist = NULL;
         }
         if (options->compression == -1)
-                options->compression = COMP_ZLIB;
+                options->compression = COMP_DELAYED;
         if (options->rekey_limit == -1)
                 options->rekey_limit = 0;
         if (options->rekey_interval == -1)
@@ -1170,8 +1170,8 @@ static const struct multistate multistate_permitrootlogin[] = {
         { NULL, -1 }
 };
 static const struct multistate multistate_compression[] = {
-        { "yes",                        COMP_ZLIB },
-        { "delayed",                    COMP_ZLIB },
+        { "yes",                        COMP_DELAYED },
+        { "delayed",                    COMP_DELAYED },
         { "no",                         COMP_NONE },
         { NULL, -1 }
 };
diff --git a/sshconnect2.c b/sshconnect2.c
index 183484e08..4bc0a7034 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect2.c,v 1.276 2018/07/06 09:05:01 sf Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.277 2018/07/09 13:37:10 sf Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  * Copyright (c) 2008 Damien Miller.  All rights reserved.
@@ -174,7 +174,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
             compat_cipher_proposal(options.ciphers);
         myproposal[PROPOSAL_COMP_ALGS_CTOS] =
             myproposal[PROPOSAL_COMP_ALGS_STOC] = options.compression ?
-            "zlib@openssh.com,none" : "none,zlib@openssh.com";
+            "zlib@openssh.com,zlib,none" : "none,zlib@openssh.com,zlib";
         myproposal[PROPOSAL_MAC_ALGS_CTOS] =
             myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs;
         if (options.hostkeyalgorithms != NULL) {