Commit 6385e758 authored by Damien Miller's avatar Damien Miller

- djm@cvs.openbsd.org 2009/02/14 06:35:49

     [PROTOCOL]
     mention that eow and no-more-sessions extensions are sent only to
     OpenSSH peers
parent 61433bec
......@@ -33,6 +33,10 @@
- markus@cvs.openbsd.org 2009/02/13 11:50:21
[packet.c]
check for enc !=NULL in packet_start_discard
- djm@cvs.openbsd.org 2009/02/14 06:35:49
[PROTOCOL]
mention that eow and no-more-sessions extensions are sent only to
OpenSSH peers
20090212
- (djm) [sshpty.c] bz#1419: OSX uses cloning ptys that automagically
......@@ -5159,5 +5163,5 @@
OpenServer 6 and add osr5bigcrypt support so when someone migrates
passwords between UnixWare and OpenServer they will still work. OK dtucker@
$Id: ChangeLog,v 1.5194 2009/02/14 05:35:01 djm Exp $
$Id: ChangeLog,v 1.5195 2009/02/14 07:00:52 djm Exp $
......@@ -64,6 +64,12 @@ remain open after a "eow@openssh.com" has been sent and more data may
still be sent in the other direction. This message does not consume
window space and may be sent even if no window space is available.
NB. due to certain broken SSH implementations aborting upon receipt
of this message (in contravention of RFC4254 section 5.4), this
message is only sent to OpenSSH peers (identified by banner).
Other SSH implementations may be whitelisted to receive this message
upon request.
4. connection: disallow additional sessions extension
"no-more-sessions@openssh.com"
......@@ -87,6 +93,11 @@ connection.
Note that this is not a general defence against compromised clients
(that is impossible), but it thwarts a simple attack.
NB. due to certain broken SSH implementations aborting upon receipt
of this message, the no-more-sessions request is only sent to OpenSSH
servers (identified by banner). Other SSH implementations may be
whitelisted to receive this message upon request.
5. connection: Tunnel forward extension "tun@openssh.com"
OpenSSH supports layer 2 and layer 3 tunnelling via the "tun@openssh.com"
......@@ -240,4 +251,4 @@ The values of the f_flag bitmask are as follows:
Both the "statvfs@openssh.com" and "fstatvfs@openssh.com" extensions are
advertised in the SSH_FXP_VERSION hello with version "2".
$OpenBSD: PROTOCOL,v 1.11 2008/07/05 05:16:01 djm Exp $
$OpenBSD: PROTOCOL,v 1.12 2009/02/14 06:35:49 djm Exp $
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment