Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/crypto/external/bsd/openssh/dist re-enable the none cipher, ...
details: https://anonhg.NetBSD.org/src/rev/7639d47fa957
branches: trunk
changeset: 803286:7639d47fa957
user: christos <christos%NetBSD.org@localhost>
date: Mon Oct 20 18:14:37 2014 +0000
description:
re-enable the none cipher, now that it has been tested.
diffstat:
crypto/external/bsd/openssh/dist/myproposal.h | 17 ++++++++++-------
crypto/external/bsd/openssh/dist/sshconnect2.c | 7 +++----
2 files changed, 13 insertions(+), 11 deletions(-)
diffs (88 lines):
diff -r 863470d18546 -r 7639d47fa957 crypto/external/bsd/openssh/dist/myproposal.h
--- a/crypto/external/bsd/openssh/dist/myproposal.h Mon Oct 20 17:46:33 2014 +0000
+++ b/crypto/external/bsd/openssh/dist/myproposal.h Mon Oct 20 18:14:37 2014 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: myproposal.h,v 1.8 2014/10/19 16:30:58 christos Exp $ */
+/* $NetBSD: myproposal.h,v 1.9 2014/10/20 18:14:37 christos Exp $ */
/* $OpenBSD: myproposal.h,v 1.41 2014/07/11 13:54:34 tedu Exp $ */
/*
@@ -64,8 +64,6 @@
"arcfour256,arcfour128," \
"aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc," \
"aes192-cbc,aes256-cbc,arcfour,rijndael-cbc%lysator.liu.se@localhost"
-#define KEX_CLIENT_ENCRYPT_INCLUDE_NONE KEX_CLIENT_ENCRYPT \
- ",none"
#define KEX_SERVER_MAC \
"umac-64-etm%openssh.com@localhost," \
@@ -118,14 +116,19 @@
#endif /* WITH_OPENSSL */
+#define KEX_CLIENT_ENCRYPT_INCLUDE_NONE KEX_CLIENT_ENCRYPT \
+ ",none"
+#define KEX_SERVER_ENCRYPT_INCLUDE_NONE KEX_SERVER_ENCRYPT \
+ ",none"
+
#define KEX_DEFAULT_COMP "none,zlib%openssh.com@localhost,zlib"
#define KEX_DEFAULT_LANG ""
#define KEX_CLIENT \
KEX_CLIENT_KEX, \
KEX_DEFAULT_PK_ALG, \
- KEX_CLIENT_ENCRYPT, \
- KEX_CLIENT_ENCRYPT, \
+ KEX_CLIENT_ENCRYPT_INCLUDE_NONE, \
+ KEX_CLIENT_ENCRYPT_INCLUDE_NONE, \
KEX_CLIENT_MAC, \
KEX_CLIENT_MAC, \
KEX_DEFAULT_COMP, \
@@ -136,8 +139,8 @@
#define KEX_SERVER \
KEX_SERVER_KEX, \
KEX_DEFAULT_PK_ALG, \
- KEX_SERVER_ENCRYPT, \
- KEX_SERVER_ENCRYPT, \
+ KEX_SERVER_ENCRYPT_INCLUDE_NONE, \
+ KEX_SERVER_ENCRYPT_INCLUDE_NONE, \
KEX_SERVER_MAC, \
KEX_SERVER_MAC, \
KEX_DEFAULT_COMP, \
diff -r 863470d18546 -r 7639d47fa957 crypto/external/bsd/openssh/dist/sshconnect2.c
--- a/crypto/external/bsd/openssh/dist/sshconnect2.c Mon Oct 20 17:46:33 2014 +0000
+++ b/crypto/external/bsd/openssh/dist/sshconnect2.c Mon Oct 20 18:14:37 2014 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: sshconnect2.c,v 1.17 2014/10/20 03:05:13 christos Exp $ */
+/* $NetBSD: sshconnect2.c,v 1.18 2014/10/20 18:14:37 christos Exp $ */
/* $OpenBSD: sshconnect2.c,v 1.210 2014/07/15 15:54:14 millert Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
@@ -26,7 +26,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: sshconnect2.c,v 1.17 2014/10/20 03:05:13 christos Exp $");
+__RCSID("$NetBSD: sshconnect2.c,v 1.18 2014/10/20 18:14:37 christos Exp $");
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/wait.h>
@@ -435,9 +435,9 @@
/* tty allocated */
if ((options.none_switch == 1) && (options.none_enabled == 1))
{
-#ifdef notyet
if (!tty_flag) /* no null on tty sessions */
{
+ const char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT };
debug("Requesting none rekeying...");
myproposal[PROPOSAL_ENC_ALGS_STOC] = "none";
myproposal[PROPOSAL_ENC_ALGS_CTOS] = "none";
@@ -451,7 +451,6 @@
debug("Cannot switch to NONE cipher with tty allocated");
fprintf(stderr, "NONE cipher switch disabled when a TTY is allocated\n");
}
-#endif
}
debug("Authentication succeeded (%s).", authctxt.method->name);
}
Home |
Main Index |
Thread Index |
Old Index