summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2014-05-15 14:37:39 +1000
committerDamien Miller <djm@mindrot.org>2014-05-15 14:37:39 +1000
commitc31a0cd5b31961f01c5b731f62a6cb9d4f767472 (patch)
treef0ef8c1ba5c43751f91c355243142ab71f611e98
parent686c7d9ee6f44b2be4128d7860b6b37adaeba733 (diff)
downloadopenssh-git-c31a0cd5b31961f01c5b731f62a6cb9d4f767472.tar.gz
- markus@cvs.openbsd.org 2014/05/03 17:20:34
[monitor.c packet.c packet.h] unbreak compression, by re-init-ing the compression code in the post-auth child. the new buffer code is more strict, and requires buffer_init() while the old code was happy after a bzero(); originally from djm@
-rw-r--r--ChangeLog6
-rw-r--r--monitor.c4
-rw-r--r--packet.c22
-rw-r--r--packet.h3
4 files changed, 32 insertions, 3 deletions
diff --git a/ChangeLog b/ChangeLog
index 486ed9c5..0969811c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -76,6 +76,12 @@
[misc.h poly1305.h ssh-pkcs11.c defines.h]
revert __bounded change; it causes way more problems for portable than
it solves; pointed out by dtucker@
+ - markus@cvs.openbsd.org 2014/05/03 17:20:34
+ [monitor.c packet.c packet.h]
+ unbreak compression, by re-init-ing the compression code in the
+ post-auth child. the new buffer code is more strict, and requires
+ buffer_init() while the old code was happy after a bzero();
+ originally from djm@
20140430
- (dtucker) [defines.h] Define __GNUC_PREREQ__ macro if we don't already
diff --git a/monitor.c b/monitor.c
index a38647d4..9391ae8d 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.132 2014/04/29 18:01:49 markus Exp $ */
+/* $OpenBSD: monitor.c,v 1.133 2014/05/03 17:20:34 markus Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -1811,6 +1811,8 @@ monitor_apply_keystate(struct monitor *pmonitor)
if (options.compression)
mm_init_compression(pmonitor->m_zlib);
+ packet_set_postauth();
+
if (options.rekey_limit || options.rekey_interval)
packet_set_rekey_limits((u_int32_t)options.rekey_limit,
(time_t)options.rekey_interval);
diff --git a/packet.c b/packet.c
index c7c18f30..3dd66d7d 100644
--- a/packet.c
+++ b/packet.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.c,v 1.195 2014/04/29 18:01:49 markus Exp $ */
+/* $OpenBSD: packet.c,v 1.196 2014/05/03 17:20:34 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -2059,3 +2059,23 @@ packet_restore_state(void)
add_recv_bytes(len);
}
}
+
+/* Reset after_authentication and reset compression in post-auth privsep */
+void
+packet_set_postauth(void)
+{
+ Comp *comp;
+ int mode;
+
+ debug("%s: called", __func__);
+ /* This was set in net child, but is not visible in user child */
+ active_state->after_authentication = 1;
+ active_state->rekeying = 0;
+ for (mode = 0; mode < MODE_MAX; mode++) {
+ if (active_state->newkeys[mode] == NULL)
+ continue;
+ comp = &active_state->newkeys[mode]->comp;
+ if (comp && comp->enabled)
+ packet_init_compression();
+ }
+}
diff --git a/packet.h b/packet.h
index 1d6082a8..e7b5fcba 100644
--- a/packet.h
+++ b/packet.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.h,v 1.60 2014/04/28 03:09:18 djm Exp $ */
+/* $OpenBSD: packet.h,v 1.61 2014/05/03 17:20:34 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -120,6 +120,7 @@ time_t packet_get_rekey_timeout(void);
void packet_backup_state(void);
void packet_restore_state(void);
+void packet_set_postauth(void);
void *packet_get_input(void);
void *packet_get_output(void);