diff options
Diffstat (limited to 'crypto/openssh/sshd.c')
| -rw-r--r-- | crypto/openssh/sshd.c | 19 |
1 files changed, 18 insertions, 1 deletions
diff --git a/crypto/openssh/sshd.c b/crypto/openssh/sshd.c index 18d2d8e8..a6c9943 100644 --- a/crypto/openssh/sshd.c +++ b/crypto/openssh/sshd.c @@ -1,4 +1,5 @@ /* $OpenBSD: sshd.c,v 1.381 2011/01/11 06:13:10 djm Exp $ */ +/* $FreeBSD$ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -429,7 +430,7 @@ sshd_exchange_identification(int sock_in, int sock_out) minor = PROTOCOL_MINOR_1; } snprintf(buf, sizeof buf, "SSH-%d.%d-%.100s%s", major, minor, - SSH_VERSION, newline); + SSH_RELEASE, newline); server_version_string = xstrdup(buf); /* Send our protocol version identification. */ @@ -1011,6 +1012,8 @@ server_listen(void) int ret, listen_sock, on = 1; struct addrinfo *ai; char ntop[NI_MAXHOST], strport[NI_MAXSERV]; + int socksize; + socklen_t len; for (ai = options.listen_addrs; ai; ai = ai->ai_next) { if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) @@ -1051,6 +1054,11 @@ server_listen(void) debug("Bind to port %s on %s.", strport, ntop); + len = sizeof(socksize); + getsockopt(listen_sock, SOL_SOCKET, SO_RCVBUF, &socksize, &len); + debug("Server TCP RWIN socket size: %d", socksize); + debug("HPN Buffer Size: %d", options.hpn_buffer_size); + /* Bind the socket to the desired port. */ if (bind(listen_sock, ai->ai_addr, ai->ai_addrlen) < 0) { error("Bind to port %s on %s failed: %.200s.", @@ -1960,6 +1968,9 @@ main(int ac, char **av) /* Log the connection. */ verbose("Connection from %.500s port %d", remote_ip, remote_port); + /* Set HPN options for the child. */ + channel_set_hpn(options.hpn_disabled, options.hpn_buffer_size); + /* * We don't want to listen forever unless the other side * successfully authenticates itself. So we set up an alarm which is @@ -2319,6 +2330,12 @@ do_ssh2_kex(void) if (options.ciphers != NULL) { myproposal[PROPOSAL_ENC_ALGS_CTOS] = myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers; +#ifdef NONE_CIPHER_ENABLED + } else if (options.none_enabled == 1) { + debug ("WARNING: None cipher enabled"); + myproposal[PROPOSAL_ENC_ALGS_CTOS] = + myproposal[PROPOSAL_ENC_ALGS_STOC] = KEX_ENCRYPT_INCLUDE_NONE; +#endif } myproposal[PROPOSAL_ENC_ALGS_CTOS] = compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_CTOS]); |
