зеркало из https://github.com/Azure/sonic-openssh.git
- djm@cvs.openbsd.org 2009/02/14 06:35:49
[PROTOCOL]
mention that eow and no-more-sessions extensions are sent only to
OpenSSH peers
This commit is contained in:
Damien Miller
Родитель
61433bec80
Коммит
6385e758df
|
|
@ -33,6 +33,10 @@
|
|||
- markus@cvs.openbsd.org 2009/02/13 11:50:21
|
||||
[packet.c]
|
||||
check for enc !=NULL in packet_start_discard
|
||||
- djm@cvs.openbsd.org 2009/02/14 06:35:49
|
||||
[PROTOCOL]
|
||||
mention that eow and no-more-sessions extensions are sent only to
|
||||
OpenSSH peers
|
||||
|
||||
20090212
|
||||
- (djm) [sshpty.c] bz#1419: OSX uses cloning ptys that automagically
|
||||
|
|
@ -5159,5 +5163,5 @@
|
|||
OpenServer 6 and add osr5bigcrypt support so when someone migrates
|
||||
passwords between UnixWare and OpenServer they will still work. OK dtucker@
|
||||
|
||||
$Id: ChangeLog,v 1.5194 2009/02/14 05:35:01 djm Exp $
|
||||
$Id: ChangeLog,v 1.5195 2009/02/14 07:00:52 djm Exp $
|
||||
|
||||
|
|
|
|||
13
PROTOCOL
13
PROTOCOL
|
|
@ -64,6 +64,12 @@ remain open after a "eow@openssh.com" has been sent and more data may
|
|||
still be sent in the other direction. This message does not consume
|
||||
window space and may be sent even if no window space is available.
|
||||
|
||||
NB. due to certain broken SSH implementations aborting upon receipt
|
||||
of this message (in contravention of RFC4254 section 5.4), this
|
||||
message is only sent to OpenSSH peers (identified by banner).
|
||||
Other SSH implementations may be whitelisted to receive this message
|
||||
upon request.
|
||||
|
||||
4. connection: disallow additional sessions extension
|
||||
"no-more-sessions@openssh.com"
|
||||
|
||||
|
|
@ -87,6 +93,11 @@ connection.
|
|||
Note that this is not a general defence against compromised clients
|
||||
(that is impossible), but it thwarts a simple attack.
|
||||
|
||||
NB. due to certain broken SSH implementations aborting upon receipt
|
||||
of this message, the no-more-sessions request is only sent to OpenSSH
|
||||
servers (identified by banner). Other SSH implementations may be
|
||||
whitelisted to receive this message upon request.
|
||||
|
||||
5. connection: Tunnel forward extension "tun@openssh.com"
|
||||
|
||||
OpenSSH supports layer 2 and layer 3 tunnelling via the "tun@openssh.com"
|
||||
|
|
@ -240,4 +251,4 @@ The values of the f_flag bitmask are as follows:
|
|||
Both the "statvfs@openssh.com" and "fstatvfs@openssh.com" extensions are
|
||||
advertised in the SSH_FXP_VERSION hello with version "2".
|
||||
|
||||
$OpenBSD: PROTOCOL,v 1.11 2008/07/05 05:16:01 djm Exp $
|
||||
$OpenBSD: PROTOCOL,v 1.12 2009/02/14 06:35:49 djm Exp $
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче