diff --git a/src/auth.c b/src/auth.c index f0443db0..3c98f7be 100644 --- a/src/auth.c +++ b/src/auth.c @@ -182,6 +182,14 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_success){ ssh_log(session,SSH_LOG_PROTOCOL,"Authentication successful"); session->auth_state=SSH_AUTH_STATE_SUCCESS; session->session_state=SSH_SESSION_STATE_AUTHENTICATED; + if(session->current_crypto && session->current_crypto->delayed_compress_out){ + ssh_log(session,SSH_LOG_PROTOCOL,"Enabling delayed compression OUT"); + session->current_crypto->do_compress_out=1; + } + if(session->current_crypto && session->current_crypto->delayed_compress_in){ + ssh_log(session,SSH_LOG_PROTOCOL,"Enabling delayed compression IN"); + session->current_crypto->do_compress_in=1; + } leave_function(); return SSH_PACKET_USED; } diff --git a/src/kex.c b/src/kex.c index d57273ec..2198652d 100644 --- a/src/kex.c +++ b/src/kex.c @@ -67,7 +67,7 @@ #endif #if defined(HAVE_LIBZ) && defined(WITH_LIBZ) -#define ZLIB "none,zlib,zlib@openssh.org" +#define ZLIB "none,zlib,zlib@openssh.com" #else #define ZLIB "none" #endif diff --git a/src/options.c b/src/options.c index 85375c54..e069ea03 100644 --- a/src/options.c +++ b/src/options.c @@ -763,10 +763,10 @@ int ssh_options_getopt(ssh_session session, int *argcptr, char **argv) { /* set a new option struct */ if (compress) { - if (ssh_options_set(session, SSH_OPTIONS_COMPRESSION_C_S, "zlib,none") < 0) { + if (ssh_options_set(session, SSH_OPTIONS_COMPRESSION_C_S, "zlib,zlib@openssh.com,none") < 0) { cont = 0; } - if (ssh_options_set(session, SSH_OPTIONS_COMPRESSION_S_C, "zlib,none") < 0) { + if (ssh_options_set(session, SSH_OPTIONS_COMPRESSION_S_C, "zlib,zlib@openssh.com,none") < 0) { cont = 0; } } diff --git a/src/server.c b/src/server.c index b6e082c4..c1f68718 100644 --- a/src/server.c +++ b/src/server.c @@ -1015,7 +1015,9 @@ int ssh_message_auth_set_methods(ssh_message msg, int methods) { } int ssh_message_auth_reply_success(ssh_message msg, int partial) { - if (msg == NULL) { + int r; + + if (msg == NULL) { return SSH_ERROR; } @@ -1027,7 +1029,16 @@ int ssh_message_auth_reply_success(ssh_message msg, int partial) { return SSH_ERROR; } - return packet_send(msg->session); + r = packet_send(msg->session); + if(msg->session->current_crypto && msg->session->current_crypto->delayed_compress_out){ + ssh_log(msg->session,SSH_LOG_PROTOCOL,"Enabling delayed compression OUT"); + msg->session->current_crypto->do_compress_out=1; + } + if(msg->session->current_crypto && msg->session->current_crypto->delayed_compress_in){ + ssh_log(msg->session,SSH_LOG_PROTOCOL,"Enabling delayed compression IN"); + msg->session->current_crypto->do_compress_in=1; + } + return r; } /* Answer OK to a pubkey auth request */ diff --git a/src/wrapper.c b/src/wrapper.c index a78a93d9..d4ad09cf 100644 --- a/src/wrapper.c +++ b/src/wrapper.c @@ -167,10 +167,10 @@ static int crypt_set_algorithms2(ssh_session session){ if (strcmp(session->client_kex.methods[SSH_COMP_S_C], "zlib") == 0) { session->next_crypto->do_compress_in = 1; } - if (strcmp(session->client_kex.methods[SSH_COMP_C_S], "zlib@openssh.org") == 0) { + if (strcmp(session->client_kex.methods[SSH_COMP_C_S], "zlib@openssh.com") == 0) { session->next_crypto->delayed_compress_out = 1; } - if (strcmp(session->client_kex.methods[SSH_COMP_S_C], "zlib@openssh.org") == 0) { + if (strcmp(session->client_kex.methods[SSH_COMP_S_C], "zlib@openssh.com") == 0) { session->next_crypto->delayed_compress_in = 1; } return SSH_OK; diff --git a/tests/client/torture_algorithms.c b/tests/client/torture_algorithms.c index 300fe054..6cd75949 100644 --- a/tests/client/torture_algorithms.c +++ b/tests/client/torture_algorithms.c @@ -119,6 +119,25 @@ START_TEST (torture_algorithms_zlib) } END_TEST +START_TEST (torture_algorithms_zlib_openssh) +{ + int rc; + ssh_options_set(session,SSH_OPTIONS_HOST,"localhost"); + rc=ssh_options_set(session,SSH_OPTIONS_COMPRESSION_C_S,"zlib@openssh.com"); + ck_assert_msg(rc==SSH_OK,ssh_get_error(session)); + rc=ssh_options_set(session,SSH_OPTIONS_COMPRESSION_S_C,"zlib@openssh.com"); + ck_assert_msg(rc==SSH_OK,ssh_get_error(session)); + rc=ssh_connect(session); + ck_assert_msg(rc==SSH_OK,ssh_get_error(session)); + rc=ssh_userauth_none(session,NULL); + if(rc != SSH_OK){ + rc=ssh_get_error_code(session); + ck_assert_msg(rc==SSH_REQUEST_DENIED,ssh_get_error(session)); + } + ssh_disconnect(session); +} +END_TEST + Suite *torture_make_suite(void) { Suite *s = suite_create("libssh_algorithms"); @@ -140,5 +159,7 @@ Suite *torture_make_suite(void) { torture_algorithms_blowfish_cbc, setup, teardown); torture_create_case_fixture(s, "torture_algorithms_zlib", torture_algorithms_zlib, setup, teardown); - return s; + torture_create_case_fixture(s, "torture_algorithms_zlib_openssh", + torture_algorithms_zlib_openssh, setup, teardown); + return s; }