From e3bd730f60c5b78f287f0a43651474f331f44190 Mon Sep 17 00:00:00 2001 From: Bryan Drewery Date: Thu, 2 Apr 2015 18:43:25 +0000 Subject: [PATCH] Use proper CHAN_TCP_PACKET_DEFAULT for agent forwarding when HPN disabled. The use of CHAN_TCP_WINDOW_DEFAULT here was fixed in upstream OpenSSH in CVS 1.4810, git 5baa170d771de9e95cf30b4c469ece684244cf3e: - dtucker@cvs.openbsd.org 2007/12/28 22:34:47 [clientloop.c] Use the correct packet maximum sizes for remote port and agent forwarding. Prevents the server from killing the connection if too much data is queued and an excessively large packet gets sent. bz #1360, ok djm@. The change was lost due to the the way the original upstream HPN patch modified this code. It was re-adding the original OpenSSH code and never was properly fixed to use the new value. MFC after: 2 weeks --- crypto/openssh/clientloop.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/openssh/clientloop.c b/crypto/openssh/clientloop.c index 0532f1e849d4..01bed9ffc1fb 100644 --- a/crypto/openssh/clientloop.c +++ b/crypto/openssh/clientloop.c @@ -1923,7 +1923,7 @@ client_request_agent(const char *request_type, int rchan) if (options.hpn_disabled) c = channel_new("authentication agent connection", SSH_CHANNEL_OPEN, sock, sock, -1, - CHAN_X11_WINDOW_DEFAULT, CHAN_TCP_WINDOW_DEFAULT, 0, + CHAN_X11_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, 0, "authentication agent connection", 1); else c = channel_new("authentication agent connection",