Module Name: src
Committed By: christos
Date: Mon Oct 20 18:14:37 UTC 2014
Modified Files:
src/crypto/external/bsd/openssh/dist: myproposal.h sshconnect2.c
Log Message:
re-enable the none cipher, now that it has been tested.
To generate a diff of this commit:
cvs rdiff -u -r1.8 -r1.9 src/crypto/external/bsd/openssh/dist/myproposal.h
cvs rdiff -u -r1.17 -r1.18 src/crypto/external/bsd/openssh/dist/sshconnect2.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/crypto/external/bsd/openssh/dist/myproposal.h
diff -u src/crypto/external/bsd/openssh/dist/myproposal.h:1.8 src/crypto/external/bsd/openssh/dist/myproposal.h:1.9
--- src/crypto/external/bsd/openssh/dist/myproposal.h:1.8 Sun Oct 19 12:30:58 2014
+++ src/crypto/external/bsd/openssh/dist/myproposal.h Mon Oct 20 14:14:37 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: myproposal.h,v 1.8 2014/10/19 16:30:58 christos Exp $ */
+/* $NetBSD: myproposal.h,v 1.9 2014/10/20 18:14:37 christos Exp $ */
/* $OpenBSD: myproposal.h,v 1.41 2014/07/11 13:54:34 tedu Exp $ */
/*
@@ -64,8 +64,6 @@
"arcfour256,arcfour128," \
"aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc," \
"aes192-cbc,aes256-cbc,arcfour,[email protected]"
-#define KEX_CLIENT_ENCRYPT_INCLUDE_NONE KEX_CLIENT_ENCRYPT \
- ",none"
#define KEX_SERVER_MAC \
"[email protected]," \
@@ -118,14 +116,19 @@
#endif /* WITH_OPENSSL */
+#define KEX_CLIENT_ENCRYPT_INCLUDE_NONE KEX_CLIENT_ENCRYPT \
+ ",none"
+#define KEX_SERVER_ENCRYPT_INCLUDE_NONE KEX_SERVER_ENCRYPT \
+ ",none"
+
#define KEX_DEFAULT_COMP "none,[email protected],zlib"
#define KEX_DEFAULT_LANG ""
#define KEX_CLIENT \
KEX_CLIENT_KEX, \
KEX_DEFAULT_PK_ALG, \
- KEX_CLIENT_ENCRYPT, \
- KEX_CLIENT_ENCRYPT, \
+ KEX_CLIENT_ENCRYPT_INCLUDE_NONE, \
+ KEX_CLIENT_ENCRYPT_INCLUDE_NONE, \
KEX_CLIENT_MAC, \
KEX_CLIENT_MAC, \
KEX_DEFAULT_COMP, \
@@ -136,8 +139,8 @@
#define KEX_SERVER \
KEX_SERVER_KEX, \
KEX_DEFAULT_PK_ALG, \
- KEX_SERVER_ENCRYPT, \
- KEX_SERVER_ENCRYPT, \
+ KEX_SERVER_ENCRYPT_INCLUDE_NONE, \
+ KEX_SERVER_ENCRYPT_INCLUDE_NONE, \
KEX_SERVER_MAC, \
KEX_SERVER_MAC, \
KEX_DEFAULT_COMP, \
Index: src/crypto/external/bsd/openssh/dist/sshconnect2.c
diff -u src/crypto/external/bsd/openssh/dist/sshconnect2.c:1.17 src/crypto/external/bsd/openssh/dist/sshconnect2.c:1.18
--- src/crypto/external/bsd/openssh/dist/sshconnect2.c:1.17 Sun Oct 19 23:05:13 2014
+++ src/crypto/external/bsd/openssh/dist/sshconnect2.c Mon Oct 20 14:14:37 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: sshconnect2.c,v 1.17 2014/10/20 03:05:13 christos Exp $ */
+/* $NetBSD: sshconnect2.c,v 1.18 2014/10/20 18:14:37 christos Exp $ */
/* $OpenBSD: sshconnect2.c,v 1.210 2014/07/15 15:54:14 millert Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
@@ -26,7 +26,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: sshconnect2.c,v 1.17 2014/10/20 03:05:13 christos Exp $");
+__RCSID("$NetBSD: sshconnect2.c,v 1.18 2014/10/20 18:14:37 christos Exp $");
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/wait.h>
@@ -435,9 +435,9 @@ ssh_userauth2(const char *local_user, co
/* tty allocated */
if ((options.none_switch == 1) && (options.none_enabled == 1))
{
-#ifdef notyet
if (!tty_flag) /* no null on tty sessions */
{
+ const char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT };
debug("Requesting none rekeying...");
myproposal[PROPOSAL_ENC_ALGS_STOC] = "none";
myproposal[PROPOSAL_ENC_ALGS_CTOS] = "none";
@@ -451,7 +451,6 @@ ssh_userauth2(const char *local_user, co
debug("Cannot switch to NONE cipher with tty allocated");
fprintf(stderr, "NONE cipher switch disabled when a TTY is allocated\n");
}
-#endif
}
debug("Authentication succeeded (%s).", authctxt.method->name);
}
