upstream: As defined in the RFC, the SSH protocol has negotiable

compression support (which is requested as the name "zlib"). Compression starts very early in the session. Relative early in OpenSSH lifetime, privsep was added to sshd, and this required a shared-memory hack so the two processes could see what was going on in the dataflow. This shared-memory hack was soon recognized as a tremendous complexity risk, because it put libz (which very much trusts it's memory) in a dangerous place, and a new option ("zlib@openssh.com") was added begins compression after authentication (aka delayed-compression). That change also permitted removal of the shared-memory hack. Despite removal from the server, the old "zlib" support remained in the client, to allow negotiation with non-OpenSSH daemons which lack the delayed-compression option. This commit deletes support for the older "zlib" option in the client. It reduces our featureset in a small way, and encourages other servers to move to a better design. The SSH protocol is different enough that compressed-key-material attacks like BEAST are unlikely, but who wants to take the chance? We encourage other ssh servers who care about optional compression support to add delayed-zlib support. (Some already do "zlib@openssh.com") ok djm markus OpenBSD-Commit-ID: 6df986f38e4ab389f795a6e39e7c6857a763ba72
openssh · Aug 26, 2024 · 10ccf61 · 10ccf61
1 parent aee5487
commit 10ccf61
Show file tree

Hide file tree

Showing 5 changed files with 10 additions and 15 deletions.
diff --git a/cipher.c b/cipher.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cipher.c,v 1.122 2024/08/14 15:42:18 tobias Exp $ */
+/* $OpenBSD: cipher.c,v 1.123 2024/08/23 04:51:00 deraadt Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -143,8 +143,8 @@ const char *
 compression_alg_list(int compression)
 {
 #ifdef WITH_ZLIB
-	return compression ? "zlib@openssh.com,zlib,none" :
-	    "none,zlib@openssh.com,zlib";
+	return compression ? "zlib@openssh.com,none" :
+	    "none,zlib@openssh.com";
 #else
 	return "none";
 #endif

diff --git a/kex.c b/kex.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.c,v 1.186 2024/05/17 00:30:23 djm Exp $ */
+/* $OpenBSD: kex.c,v 1.187 2024/08/23 04:51:00 deraadt Exp $ */
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
  *
@@ -842,8 +842,6 @@ choose_comp(struct sshcomp *comp, char *client, char *server)
 #ifdef WITH_ZLIB
 	if (strcmp(name, "zlib@openssh.com") == 0) {
 		comp->type = COMP_DELAYED;
-	} else if (strcmp(name, "zlib") == 0) {
-		comp->type = COMP_ZLIB;
 	} else
 #endif	/* WITH_ZLIB */
 	if (strcmp(name, "none") == 0) {

diff --git a/kex.h b/kex.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.h,v 1.124 2024/08/22 23:11:30 djm Exp $ */
+/* $OpenBSD: kex.h,v 1.125 2024/08/23 04:51:00 deraadt Exp $ */
 
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
@@ -66,8 +66,6 @@
 #define	KEX_SNTRUP761X25519_SHA512_OLD	"sntrup761x25519-sha512@openssh.com"
 
 #define COMP_NONE	0
-/* pre-auth compression (COMP_ZLIB) is only supported in the client */
-#define COMP_ZLIB	1
 #define COMP_DELAYED	2
 
 #define CURVE25519_SIZE 32

diff --git a/packet.c b/packet.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.c,v 1.316 2024/08/15 00:51:51 djm Exp $ */
+/* $OpenBSD: packet.c,v 1.317 2024/08/23 04:51:00 deraadt Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1015,9 +1015,8 @@ ssh_set_newkeys(struct ssh *ssh, int mode)
 	/* explicit_bzero(enc->iv,  enc->block_size);
 	   explicit_bzero(enc->key, enc->key_len);
 	   explicit_bzero(mac->key, mac->key_len); */
-	if ((comp->type == COMP_ZLIB ||
-	    (comp->type == COMP_DELAYED &&
-	    state->after_authentication)) && comp->enabled == 0) {
+	if (((comp->type == COMP_DELAYED && state->after_authentication)) &&
+	    comp->enabled == 0) {
 		if ((r = ssh_packet_init_compression(ssh)) < 0)
 			return r;
 		if (mode == MODE_OUT) {

diff --git a/readconf.c b/readconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.387 2024/05/17 02:39:11 jsg Exp $ */
+/* $OpenBSD: readconf.c,v 1.388 2024/08/23 04:51:00 deraadt Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1002,7 +1002,7 @@ static const struct multistate multistate_pubkey_auth[] = {
 };
 static const struct multistate multistate_compression[] = {
 #ifdef WITH_ZLIB
-	{ "yes",			COMP_ZLIB },
+	{ "yes",			COMP_DELAYED },
 #endif
 	{ "no",				COMP_NONE },
 	{ NULL, -1 }