shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-04 12:20:42 +09:00
Code Issues Packages Projects Releases Wiki Activity

Disabled preauth compression (zlib) by default

Browse Source 
Removed it from the wanted methods list in the ssh_options_set function. Now users have to set the compression value to 'zlib' explicitly to enable it.
Updated unit tests to reflect removing zlib compression algo from the defaults compression algorithms.

Signed-off-by: Khalid Mamdouh <khalidmamdou7@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit cb19677d2e)
This commit is contained in:
khalid
2023-03-15 01:39:47 +02:00
committed by Jakub Jelen
parent 9e20e180e6
commit e818700734
3 changed files with 12 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/options.c
View File

@@ -875,10 +875,10 @@ int ssh_options_set(ssh_session session, enum ssh_options_e type,
return -1;
} else {
if (strcasecmp(value,"yes")==0){
if(ssh_options_set_algo(session,SSH_COMP_C_S,"zlib@openssh.com,zlib,none") < 0)
if(ssh_options_set_algo(session,SSH_COMP_C_S,"zlib@openssh.com,none") < 0)
return -1;
} else if (strcasecmp(value,"no")==0){
if(ssh_options_set_algo(session,SSH_COMP_C_S,"none,zlib@openssh.com,zlib") < 0)
if(ssh_options_set_algo(session,SSH_COMP_C_S,"none,zlib@openssh.com") < 0)
return -1;
} else {
if (ssh_options_set_algo(session, SSH_COMP_C_S, v) < 0)
@@ -893,10 +893,10 @@ int ssh_options_set(ssh_session session, enum ssh_options_e type,
return -1;
} else {
if (strcasecmp(value,"yes")==0){
if(ssh_options_set_algo(session,SSH_COMP_S_C,"zlib@openssh.com,zlib,none") < 0)
if(ssh_options_set_algo(session,SSH_COMP_S_C,"zlib@openssh.com,none") < 0)
return -1;
} else if (strcasecmp(value,"no")==0){
if(ssh_options_set_algo(session,SSH_COMP_S_C,"none,zlib@openssh.com,zlib") < 0)
if(ssh_options_set_algo(session,SSH_COMP_S_C,"none,zlib@openssh.com") < 0)
return -1;
} else {
if (ssh_options_set_algo(session, SSH_COMP_S_C, v) < 0)

4
tests/unittests/torture_config.c
View File

@@ -541,9 +541,9 @@ static void torture_config_new(void ** state,
assert_string_equal(session->opts.bindaddr, BIND_ADDRESS);
#ifdef WITH_ZLIB
assert_string_equal(session->opts.wanted_methods[SSH_COMP_C_S],
"zlib@openssh.com,zlib,none");
"zlib@openssh.com,none");
assert_string_equal(session->opts.wanted_methods[SSH_COMP_S_C],
"zlib@openssh.com,zlib,none");
"zlib@openssh.com,none");
#else
assert_string_equal(session->opts.wanted_methods[SSH_COMP_C_S],
"none");

12
tests/unittests/torture_options.c
View File

@@ -987,9 +987,9 @@ static void torture_options_getopt(void **state)
assert_string_equal(session->opts.identity_non_exp->root->data, "id_rsa");
#ifdef WITH_ZLIB
assert_string_equal(session->opts.wanted_methods[SSH_COMP_C_S],
"zlib@openssh.com,zlib,none");
"zlib@openssh.com,none");
assert_string_equal(session->opts.wanted_methods[SSH_COMP_S_C],
"zlib@openssh.com,zlib,none");
"zlib@openssh.com,none");
#else
assert_string_equal(session->opts.wanted_methods[SSH_COMP_C_S],
"none");
@@ -1068,9 +1068,9 @@ static void torture_options_getopt(void **state)
assert_ssh_return_code(session, rc);
#ifdef WITH_ZLIB
assert_string_equal(session->opts.wanted_methods[SSH_COMP_C_S],
"none,zlib@openssh.com,zlib");
"none,zlib@openssh.com");
assert_string_equal(session->opts.wanted_methods[SSH_COMP_S_C],
"none,zlib@openssh.com,zlib");
"none,zlib@openssh.com");
#else
assert_string_equal(session->opts.wanted_methods[SSH_COMP_C_S],
"none");
@@ -1084,9 +1084,9 @@ static void torture_options_getopt(void **state)
assert_string_equal(argv[0], EXECUTABLE_NAME);
#ifdef WITH_ZLIB
assert_string_equal(session->opts.wanted_methods[SSH_COMP_C_S],
"zlib@openssh.com,zlib,none");
"zlib@openssh.com,none");
assert_string_equal(session->opts.wanted_methods[SSH_COMP_S_C],
"zlib@openssh.com,zlib,none");
"zlib@openssh.com,none");
#else
assert_string_equal(session->opts.wanted_methods[SSH_COMP_C_S],
"none");