upstream commit

put back some pre-auth zlib bits that I shouldn't have
removed - they are still used by the client. Spotted by naddy@

Upstream-ID: 80919468056031037d56a1f5b261c164a6f90dc2

kex.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.c,v 1.125 2016/09/28 20:32:42 djm Exp $ */
+/* $OpenBSD: kex.c,v 1.126 2016/09/28 21:44:52 djm Exp $ */
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
  *
@@ -684,6 +684,8 @@ choose_comp(struct sshcomp *comp, char *client, char *server)
 		return SSH_ERR_NO_COMPRESS_ALG_MATCH;
 	if (strcmp(name, "zlib@openssh.com") == 0) {
 		comp->type = COMP_DELAYED;
+	} else if (strcmp(name, "zlib") == 0) {
+		comp->type = COMP_ZLIB;
 	} else if (strcmp(name, "none") == 0) {
 		comp->type = COMP_NONE;
 	} else {

kex.h

@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.h,v 1.80 2016/09/28 20:32:42 djm Exp $ */
+/* $OpenBSD: kex.h,v 1.81 2016/09/28 21:44:52 djm Exp $ */
 
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
@@ -64,7 +64,8 @@
 #define	KEX_CURVE25519_SHA256_OLD	"curve25519-sha256@libssh.org"
 
 #define COMP_NONE	0
-#define COMP_DELAYED	1
+#define COMP_ZLIB	1
+#define COMP_DELAYED	2
 
 #define CURVE25519_SIZE 32
 

packet.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.c,v 1.240 2016/09/28 20:32:42 djm Exp $ */
+/* $OpenBSD: packet.c,v 1.241 2016/09/28 21:44:52 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -965,8 +965,9 @@ ssh_set_newkeys(struct ssh *ssh, int mode)
 	/* explicit_bzero(enc->iv,  enc->block_size);
 	   explicit_bzero(enc->key, enc->key_len);
 	   explicit_bzero(mac->key, mac->key_len); */
-	if (comp->type == COMP_DELAYED && state->after_authentication &&
-	    comp->enabled == 0) {
+	if ((comp->type == COMP_ZLIB ||
+	    (comp->type == COMP_DELAYED &&
+	     state->after_authentication)) && comp->enabled == 0) {
 		if ((r = ssh_packet_init_compression(ssh)) < 0)
 			return r;
 		if (mode == MODE_OUT) {