upstream commit

Drop compatibility hacks for some ancient SSH implementations, including ssh.com <=2.* and OpenSSH <= 3.*. These versions were all released in or before 2001 and predate the final SSH RFCs. The hacks in question aren't necessary for RFC- compliant SSH implementations. ok markus@ OpenBSD-Commit-ID: 4be81c67db57647f907f4e881fb9341448606138
author: djm@openbsd.org <djm@openbsd.org> 2018-01-23 05:27:21 +0000
committer: Damien Miller <djm@mindrot.org> 2018-01-23 16:40:29 +1100
commit: 14b5c635d1190633b23ac3372379517fb645b0c2 (patch)
tree: 8ef70b4660b04ba6add4c314d52f84375cb16788 /kex.c
parent: 7c77991f5de5d8475cbeb7cbb06d0c7d1611d7bb (diff)
1 files changed, 2 insertions, 6 deletions
diff --git a/kex.c b/kex.c
index d5d5a9da..83c6199f 100644
--- a/kex.c
+++ b/kex.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.c,v 1.134 2017/06/13 12:13:59 djm Exp $ */
+/* $OpenBSD: kex.c,v 1.135 2018/01/23 05:27:21 djm Exp $ */
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
  *
@@ -675,9 +675,6 @@ choose_mac(struct ssh *ssh, struct sshmac *mac, char *client, char *server)
 		free(name);
 		return SSH_ERR_INTERNAL_ERROR;
 	}
-	/* truncate the key */
-	if (ssh->compat & SSH_BUG_HMAC)
-		mac->key_len = 16;
 	mac->name = name;
 	mac->key = NULL;
 	mac->enabled = 0;
@@ -866,8 +863,7 @@ kex_choose_conf(struct ssh *ssh)
 	kex->dh_need = dh_need;
 
 	/* ignore the next message if the proposals do not match */
-	if (first_kex_follows && !proposals_match(my, peer) &&
-	    !(ssh->compat & SSH_BUG_FIRSTKEX))
+	if (first_kex_follows && !proposals_match(my, peer))
 		ssh->dispatch_skip_packets = 1;
 	r = 0;
  out:
author	djm@openbsd.org <djm@openbsd.org>	2018-01-23 05:27:21 +0000
committer	Damien Miller <djm@mindrot.org>	2018-01-23 16:40:29 +1100
commit	14b5c635d1190633b23ac3372379517fb645b0c2 (patch)
tree	8ef70b4660b04ba6add4c314d52f84375cb16788 /kex.c
parent	7c77991f5de5d8475cbeb7cbb06d0c7d1611d7bb (diff)