diff options
Diffstat (limited to 'debian/patches/revert-ipqos-defaults.patch')
-rw-r--r-- | debian/patches/revert-ipqos-defaults.patch | 93 |
1 files changed, 93 insertions, 0 deletions
diff --git a/debian/patches/revert-ipqos-defaults.patch b/debian/patches/revert-ipqos-defaults.patch new file mode 100644 index 000000000..7fdfe246c --- /dev/null +++ b/debian/patches/revert-ipqos-defaults.patch | |||
@@ -0,0 +1,93 @@ | |||
1 | From cfa01c635debb10e05f5ac34d269809c77c582dc Mon Sep 17 00:00:00 2001 | ||
2 | From: Colin Watson <cjwatson@debian.org> | ||
3 | Date: Mon, 8 Apr 2019 10:46:29 +0100 | ||
4 | Subject: Revert "upstream: Update default IPQoS in ssh(1), sshd(8) to DSCP | ||
5 | AF21 for" | ||
6 | |||
7 | This reverts commit 5ee8448ad7c306f05a9f56769f95336a8269f379. | ||
8 | |||
9 | The IPQoS default changes have some unfortunate interactions with | ||
10 | iptables (see https://bugs.debian.org/923880) and VMware, so I'm | ||
11 | temporarily reverting them until those have been fixed. | ||
12 | |||
13 | Bug-Debian: https://bugs.debian.org/923879 | ||
14 | Bug-Debian: https://bugs.debian.org/926229 | ||
15 | Bug-Ubuntu: https://bugs.launchpad.net/bugs/1822370 | ||
16 | Last-Update: 2019-04-08 | ||
17 | |||
18 | Patch-Name: revert-ipqos-defaults.patch | ||
19 | --- | ||
20 | readconf.c | 4 ++-- | ||
21 | servconf.c | 4 ++-- | ||
22 | ssh_config.5 | 6 ++---- | ||
23 | sshd_config.5 | 6 ++---- | ||
24 | 4 files changed, 8 insertions(+), 12 deletions(-) | ||
25 | |||
26 | diff --git a/readconf.c b/readconf.c | ||
27 | index 253574ce0..9812b8d98 100644 | ||
28 | --- a/readconf.c | ||
29 | +++ b/readconf.c | ||
30 | @@ -2174,9 +2174,9 @@ fill_default_options(Options * options) | ||
31 | if (options->visual_host_key == -1) | ||
32 | options->visual_host_key = 0; | ||
33 | if (options->ip_qos_interactive == -1) | ||
34 | - options->ip_qos_interactive = IPTOS_DSCP_AF21; | ||
35 | + options->ip_qos_interactive = IPTOS_LOWDELAY; | ||
36 | if (options->ip_qos_bulk == -1) | ||
37 | - options->ip_qos_bulk = IPTOS_DSCP_CS1; | ||
38 | + options->ip_qos_bulk = IPTOS_THROUGHPUT; | ||
39 | if (options->request_tty == -1) | ||
40 | options->request_tty = REQUEST_TTY_AUTO; | ||
41 | if (options->proxy_use_fdpass == -1) | ||
42 | diff --git a/servconf.c b/servconf.c | ||
43 | index 5576098a5..4464d51a5 100644 | ||
44 | --- a/servconf.c | ||
45 | +++ b/servconf.c | ||
46 | @@ -423,9 +423,9 @@ fill_default_server_options(ServerOptions *options) | ||
47 | if (options->permit_tun == -1) | ||
48 | options->permit_tun = SSH_TUNMODE_NO; | ||
49 | if (options->ip_qos_interactive == -1) | ||
50 | - options->ip_qos_interactive = IPTOS_DSCP_AF21; | ||
51 | + options->ip_qos_interactive = IPTOS_LOWDELAY; | ||
52 | if (options->ip_qos_bulk == -1) | ||
53 | - options->ip_qos_bulk = IPTOS_DSCP_CS1; | ||
54 | + options->ip_qos_bulk = IPTOS_THROUGHPUT; | ||
55 | if (options->version_addendum == NULL) | ||
56 | options->version_addendum = xstrdup(""); | ||
57 | if (options->fwd_opts.streamlocal_bind_mask == (mode_t)-1) | ||
58 | diff --git a/ssh_config.5 b/ssh_config.5 | ||
59 | index d27655e15..b71d5ede9 100644 | ||
60 | --- a/ssh_config.5 | ||
61 | +++ b/ssh_config.5 | ||
62 | @@ -1110,11 +1110,9 @@ If one argument is specified, it is used as the packet class unconditionally. | ||
63 | If two values are specified, the first is automatically selected for | ||
64 | interactive sessions and the second for non-interactive sessions. | ||
65 | The default is | ||
66 | -.Cm af21 | ||
67 | -(Low-Latency Data) | ||
68 | +.Cm lowdelay | ||
69 | for interactive sessions and | ||
70 | -.Cm cs1 | ||
71 | -(Lower Effort) | ||
72 | +.Cm throughput | ||
73 | for non-interactive sessions. | ||
74 | .It Cm KbdInteractiveAuthentication | ||
75 | Specifies whether to use keyboard-interactive authentication. | ||
76 | diff --git a/sshd_config.5 b/sshd_config.5 | ||
77 | index 02e29cb6f..ba533af9e 100644 | ||
78 | --- a/sshd_config.5 | ||
79 | +++ b/sshd_config.5 | ||
80 | @@ -892,11 +892,9 @@ If one argument is specified, it is used as the packet class unconditionally. | ||
81 | If two values are specified, the first is automatically selected for | ||
82 | interactive sessions and the second for non-interactive sessions. | ||
83 | The default is | ||
84 | -.Cm af21 | ||
85 | -(Low-Latency Data) | ||
86 | +.Cm lowdelay | ||
87 | for interactive sessions and | ||
88 | -.Cm cs1 | ||
89 | -(Lower Effort) | ||
90 | +.Cm throughput | ||
91 | for non-interactive sessions. | ||
92 | .It Cm KbdInteractiveAuthentication | ||
93 | Specifies whether to allow keyboard-interactive authentication. | ||