summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ChangeLog6
-rw-r--r--PROTOCOL13
2 files changed, 17 insertions, 2 deletions
diff --git a/ChangeLog b/ChangeLog
index a2d2045a..d4b454fc 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -33,6 +33,10 @@
- markus@cvs.openbsd.org 2009/02/13 11:50:21
[packet.c]
check for enc !=NULL in packet_start_discard
+ - djm@cvs.openbsd.org 2009/02/14 06:35:49
+ [PROTOCOL]
+ mention that eow and no-more-sessions extensions are sent only to
+ OpenSSH peers
20090212
- (djm) [sshpty.c] bz#1419: OSX uses cloning ptys that automagically
@@ -5159,5 +5163,5 @@
OpenServer 6 and add osr5bigcrypt support so when someone migrates
passwords between UnixWare and OpenServer they will still work. OK dtucker@
-$Id: ChangeLog,v 1.5194 2009/02/14 05:35:01 djm Exp $
+$Id: ChangeLog,v 1.5195 2009/02/14 07:00:52 djm Exp $
diff --git a/PROTOCOL b/PROTOCOL
index 37fd536d..5aada630 100644
--- a/PROTOCOL
+++ b/PROTOCOL
@@ -64,6 +64,12 @@ remain open after a "eow@openssh.com" has been sent and more data may
still be sent in the other direction. This message does not consume
window space and may be sent even if no window space is available.
+NB. due to certain broken SSH implementations aborting upon receipt
+of this message (in contravention of RFC4254 section 5.4), this
+message is only sent to OpenSSH peers (identified by banner).
+Other SSH implementations may be whitelisted to receive this message
+upon request.
+
4. connection: disallow additional sessions extension
"no-more-sessions@openssh.com"
@@ -87,6 +93,11 @@ connection.
Note that this is not a general defence against compromised clients
(that is impossible), but it thwarts a simple attack.
+NB. due to certain broken SSH implementations aborting upon receipt
+of this message, the no-more-sessions request is only sent to OpenSSH
+servers (identified by banner). Other SSH implementations may be
+whitelisted to receive this message upon request.
+
5. connection: Tunnel forward extension "tun@openssh.com"
OpenSSH supports layer 2 and layer 3 tunnelling via the "tun@openssh.com"
@@ -240,4 +251,4 @@ The values of the f_flag bitmask are as follows:
Both the "statvfs@openssh.com" and "fstatvfs@openssh.com" extensions are
advertised in the SSH_FXP_VERSION hello with version "2".
-$OpenBSD: PROTOCOL,v 1.11 2008/07/05 05:16:01 djm Exp $
+$OpenBSD: PROTOCOL,v 1.12 2009/02/14 06:35:49 djm Exp $
View Lorry Controller Status