Hi,
this is the complete fix from the OpenBSD cvs - applies with little offsets, compiles and works for us (netscreen OS 5.4.x) Flo --- src/usr.bin/ssh/compat.c 2006/12/12 03:58:42 1.77 +++ src/usr.bin/ssh/compat.c 2008/09/11 15:22:37 1.78 @@ -1,4 +1,4 @@ -/* $OpenBSD: compat.c,v 1.77 2006/12/12 03:58:42 djm Exp $ */ +/* $OpenBSD: compat.c,v 1.78 2008/09/11 14:22:37 markus Exp $ */ /* * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved. * @@ -89,7 +89,8 @@ compat_datafellows(const char *version) "OpenSSH_3.1*", SSH_BUG_EXTEOF|SSH_OLD_FORWARD_ADDR}, { "OpenSSH_3.*", SSH_OLD_FORWARD_ADDR }, { "Sun_SSH_1.0*", SSH_BUG_NOREKEY|SSH_BUG_EXTEOF}, - { "OpenSSH*", 0 }, + { "OpenSSH_4*", 0 }, + { "OpenSSH*", SSH_NEW_OPENSSH }, { "*MindTerm*", 0 }, { "2.1.0*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| SSH_OLD_SESSIONID|SSH_BUG_DEBUG| --- src/usr.bin/ssh/compat.h 2006/12/12 03:58:42 1.41 +++ src/usr.bin/ssh/compat.h 2008/09/11 15:22:37 1.42 @@ -1,4 +1,4 @@ -/* $OpenBSD: compat.h,v 1.41 2006/12/12 03:58:42 djm Exp $ */ +/* $OpenBSD: compat.h,v 1.42 2008/09/11 14:22:37 markus Exp $ */ /* * Copyright (c) 1999, 2000, 2001 Markus Friedl. All rights reserved. @@ -57,6 +57,7 @@ #define SSH_BUG_FIRSTKEX 0x00800000 #define SSH_OLD_FORWARD_ADDR 0x01000000 #define SSH_BUG_RFWD_ADDR 0x02000000 +#define SSH_NEW_OPENSSH 0x04000000 void enable_compat13(void); void enable_compat20(void); --- src/usr.bin/ssh/ssh.c 2008/07/02 14:47:39 1.318 +++ src/usr.bin/ssh/ssh.c 2008/09/11 15:22:37 1.319 @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.318 2008/07/02 13:47:39 djm Exp $ */ +/* $OpenBSD: ssh.c,v 1.319 2008/09/11 14:22:37 markus Exp $ */ /* * Author: Tatu Ylonen <[EMAIL PROTECTED]> * Copyright (c) 1995 Tatu Ylonen <[EMAIL PROTECTED]>, Espoo, Finland @@ -1181,7 +1181,8 @@ ssh_session2(void) id = ssh_session2_open(); /* If we don't expect to open a new session, then disallow it */ - if (options.control_master == SSHCTL_MASTER_NO) { + if (options.control_master == SSHCTL_MASTER_NO && + (datafellows & SSH_NEW_OPENSSH)) { debug("Requesting [EMAIL PROTECTED]"); packet_start(SSH2_MSG_GLOBAL_REQUEST); packet_put_cstring("[EMAIL PROTECTED]"); Flo -- Florian Lohoff [EMAIL PROTECTED] +49-171-2280134 Those who would give up a little freedom to get a little security shall soon have neither - Benjamin Franklin
signature.asc
Description: Digital signature