From owner-svn-src-all@FreeBSD.ORG Thu Apr 2 18:43:27 2015 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2319F234; Thu, 2 Apr 2015 18:43:27 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0D7D379; Thu, 2 Apr 2015 18:43:27 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id t32IhQsJ023835; Thu, 2 Apr 2015 18:43:26 GMT (envelope-from bdrewery@FreeBSD.org) Received: (from bdrewery@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id t32IhQEo023834; Thu, 2 Apr 2015 18:43:26 GMT (envelope-from bdrewery@FreeBSD.org) Message-Id: <201504021843.t32IhQEo023834@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: bdrewery set sender to bdrewery@FreeBSD.org using -f From: Bryan Drewery Date: Thu, 2 Apr 2015 18:43:26 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r280999 - head/crypto/openssh X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Apr 2015 18:43:27 -0000 Author: bdrewery Date: Thu Apr 2 18:43:25 2015 New Revision: 280999 URL: https://svnweb.freebsd.org/changeset/base/280999 Log: Use proper CHAN_TCP_PACKET_DEFAULT for agent forwarding when HPN disabled. The use of CHAN_TCP_WINDOW_DEFAULT here was fixed in upstream OpenSSH in CVS 1.4810, git 5baa170d771de9e95cf30b4c469ece684244cf3e: - dtucker@cvs.openbsd.org 2007/12/28 22:34:47 [clientloop.c] Use the correct packet maximum sizes for remote port and agent forwarding. Prevents the server from killing the connection if too much data is queued and an excessively large packet gets sent. bz #1360, ok djm@. The change was lost due to the the way the original upstream HPN patch modified this code. It was re-adding the original OpenSSH code and never was properly fixed to use the new value. MFC after: 2 weeks Modified: head/crypto/openssh/clientloop.c Modified: head/crypto/openssh/clientloop.c ============================================================================== --- head/crypto/openssh/clientloop.c Thu Apr 2 18:18:40 2015 (r280998) +++ head/crypto/openssh/clientloop.c Thu Apr 2 18:43:25 2015 (r280999) @@ -1923,7 +1923,7 @@ client_request_agent(const char *request if (options.hpn_disabled) c = channel_new("authentication agent connection", SSH_CHANNEL_OPEN, sock, sock, -1, - CHAN_X11_WINDOW_DEFAULT, CHAN_TCP_WINDOW_DEFAULT, 0, + CHAN_X11_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, 0, "authentication agent connection", 1); else c = channel_new("authentication agent connection",