CVSROOT: /cvs
Module name: src
Changes by: d...@cvs.openbsd.org 2016/09/28 10:33:07
Modified files:
usr.bin/ssh : monitor.c monitor.h monitor_wrap.h myproposal.h
opacket.h packet.c packet.h servconf.c
sshconnect2.c sshd.c
usr.bin/ssh/sshd: Makefile
Removed files:
usr.bin/ssh : monitor_mm.c monitor_mm.h
Log message:
Remove support for pre-authentication compression. Doing compression
early in the protocol probably seemed reasonable in the 1990s, but
today it's clearly a bad idea in terms of both cryptography (cf.
multiple compression oracle attacks in TLS) and attack surface.
Moreover, to support it across privilege-separation zlib needed
the assistance of a complex shared-memory manager that made the
required attack surface considerably larger.
Prompted by Guido Vranken pointing out a compiler-elided security
check in the shared memory manager found by Stack
(http://css.csail.mit.edu/stack/); ok deraadt@ markus@
NB. pre-auth authentication has been disabled by default in sshd
for >10 years.
