summaryrefslogtreecommitdiff
path: root/monitor.h
diff options
context:
space:
mode:
authordjm@openbsd.org <djm@openbsd.org>2016-09-28 16:33:06 +0000
committerDamien Miller <djm@mindrot.org>2016-09-29 03:11:32 +1000
commit0082fba4efdd492f765ed4c53f0d0fbd3bdbdf7f (patch)
treeb0271896ec4d6c0e716821954212677438824a05 /monitor.h
parent27c3a9c2aede2184856b5de1e6eca414bb751c38 (diff)
upstream commit
Remove support for pre-authentication compression. Doing compression early in the protocol probably seemed reasonable in the 1990s, but today it's clearly a bad idea in terms of both cryptography (cf. multiple compression oracle attacks in TLS) and attack surface. Moreover, to support it across privilege-separation zlib needed the assistance of a complex shared-memory manager that made the required attack surface considerably larger. Prompted by Guido Vranken pointing out a compiler-elided security check in the shared memory manager found by Stack (http://css.csail.mit.edu/stack/); ok deraadt@ markus@ NB. pre-auth authentication has been disabled by default in sshd for >10 years. Upstream-ID: 32af9771788d45a0779693b41d06ec199d849caf
Diffstat (limited to 'monitor.h')
-rw-r--r--monitor.h6
1 files changed, 1 insertions, 5 deletions
diff --git a/monitor.h b/monitor.h
index 93b8b66d..d68f6745 100644
--- a/monitor.h
+++ b/monitor.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.h,v 1.19 2015/01/19 19:52:16 markus Exp $ */
+/* $OpenBSD: monitor.h,v 1.20 2016/09/28 16:33:07 djm Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
@@ -67,21 +67,17 @@ enum monitor_reqtype {
};
-struct mm_master;
struct monitor {
int m_recvfd;
int m_sendfd;
int m_log_recvfd;
int m_log_sendfd;
- struct mm_master *m_zback;
- struct mm_master *m_zlib;
struct kex **m_pkex;
pid_t m_pid;
};
struct monitor *monitor_init(void);
void monitor_reinit(struct monitor *);
-void monitor_sync(struct monitor *);
struct Authctxt;
void monitor_child_preauth(struct Authctxt *, struct monitor *);