git.ipfire.org Git - thirdparty/openssh-portable.git/commit

author	djm@openbsd.org <djm@openbsd.org>
	Wed, 28 Sep 2016 16:33:06 +0000 (16:33 +0000)
committer	Damien Miller <djm@mindrot.org>
	Wed, 28 Sep 2016 17:11:32 +0000 (03:11 +1000)
commit	0082fba4efdd492f765ed4c53f0d0fbd3bdbdf7f
tree	b0271896ec4d6c0e716821954212677438824a05	tree
parent	27c3a9c2aede2184856b5de1e6eca414bb751c38	commit \| diff

upstream commit

Remove support for pre-authentication compression. Doing
compression early in the protocol probably seemed reasonable in the 1990s,
but today it's clearly a bad idea in terms of both cryptography (cf. multiple
compression oracle attacks in TLS) and attack surface.

Moreover, to support it across privilege-separation zlib needed
the assistance of a complex shared-memory manager that made the
required attack surface considerably larger.

Prompted by Guido Vranken pointing out a compiler-elided security
check in the shared memory manager found by Stack
(http://css.csail.mit.edu/stack/); ok deraadt@ markus@

NB. pre-auth authentication has been disabled by default in sshd
for >10 years.

Upstream-ID: 32af9771788d45a0779693b41d06ec199d849caf

Makefile.in		diff \| blob \| blame \| history
monitor.c		diff \| blob \| blame \| history
monitor.h		diff \| blob \| blame \| history
monitor_mm.c	[deleted file]	blob \| blame \| history
monitor_mm.h	[deleted file]	blob \| blame \| history
monitor_wrap.h		diff \| blob \| blame \| history
myproposal.h		diff \| blob \| blame \| history
opacket.h		diff \| blob \| blame \| history
packet.c		diff \| blob \| blame \| history
packet.h		diff \| blob \| blame \| history
servconf.c		diff \| blob \| blame \| history
sshconnect2.c		diff \| blob \| blame \| history
sshd.c		diff \| blob \| blame \| history