tyler.durden/openssh-portable
1
0
Fork 0
mirror of https://github.com/PowerShell/openssh-portable.git synced 2025-07-25 23:05:21 +02:00
Code Issues Packages Projects Releases Wiki Activity

- djm@cvs.openbsd.org 2009/02/14 06:35:49

Browse Source 
[PROTOCOL]
     mention that eow and no-more-sessions extensions are sent only to
     OpenSSH peers
This commit is contained in:
Damien Miller 2009-02-14 18:00:52 +11:00
parent 61433bec80
commit 6385e758df
2 changed files with 17 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ChangeLog
View File

@ -33,6 +33,10 @@
- markus@cvs.openbsd.org 2009/02/13 11:50:21 - markus@cvs.openbsd.org 2009/02/13 11:50:21
[packet.c] [packet.c]
check for enc !=NULL in packet_start_discard check for enc !=NULL in packet_start_discard
- djm@cvs.openbsd.org 2009/02/14 06:35:49
[PROTOCOL]
mention that eow and no-more-sessions extensions are sent only to
OpenSSH peers
20090212 20090212
- (djm) [sshpty.c] bz#1419: OSX uses cloning ptys that automagically - (djm) [sshpty.c] bz#1419: OSX uses cloning ptys that automagically
@ -5159,5 +5163,5 @@
OpenServer 6 and add osr5bigcrypt support so when someone migrates OpenServer 6 and add osr5bigcrypt support so when someone migrates
passwords between UnixWare and OpenServer they will still work. OK dtucker@ passwords between UnixWare and OpenServer they will still work. OK dtucker@
$Id: ChangeLog,v 1.5194 2009/02/14 05:35:01 djm Exp $ $Id: ChangeLog,v 1.5195 2009/02/14 07:00:52 djm Exp $

13
PROTOCOL
View File

@ -64,6 +64,12 @@ remain open after a "eow@openssh.com" has been sent and more data may
still be sent in the other direction. This message does not consume still be sent in the other direction. This message does not consume
window space and may be sent even if no window space is available. window space and may be sent even if no window space is available.
NB. due to certain broken SSH implementations aborting upon receipt
of this message (in contravention of RFC4254 section 5.4), this
message is only sent to OpenSSH peers (identified by banner).
Other SSH implementations may be whitelisted to receive this message
upon request.
4. connection: disallow additional sessions extension 4. connection: disallow additional sessions extension
"no-more-sessions@openssh.com" "no-more-sessions@openssh.com"
@ -87,6 +93,11 @@ connection.
Note that this is not a general defence against compromised clients Note that this is not a general defence against compromised clients
(that is impossible), but it thwarts a simple attack. (that is impossible), but it thwarts a simple attack.
NB. due to certain broken SSH implementations aborting upon receipt
of this message, the no-more-sessions request is only sent to OpenSSH
servers (identified by banner). Other SSH implementations may be
whitelisted to receive this message upon request.
5. connection: Tunnel forward extension "tun@openssh.com" 5. connection: Tunnel forward extension "tun@openssh.com"
OpenSSH supports layer 2 and layer 3 tunnelling via the "tun@openssh.com" OpenSSH supports layer 2 and layer 3 tunnelling via the "tun@openssh.com"
@ -240,4 +251,4 @@ The values of the f_flag bitmask are as follows:
Both the "statvfs@openssh.com" and "fstatvfs@openssh.com" extensions are Both the "statvfs@openssh.com" and "fstatvfs@openssh.com" extensions are
advertised in the SSH_FXP_VERSION hello with version "2". advertised in the SSH_FXP_VERSION hello with version "2".
$OpenBSD: PROTOCOL,v 1.11 2008/07/05 05:16:01 djm Exp $ $OpenBSD: PROTOCOL,v 1.12 2009/02/14 06:35:49 djm Exp $