diff options
-rw-r--r-- | debian/patches/Fix-SSHException-when-re-keying-over-a-fast-connection.patch | 75 | ||||
-rw-r--r-- | debian/patches/series | 1 |
2 files changed, 0 insertions, 76 deletions
diff --git a/debian/patches/Fix-SSHException-when-re-keying-over-a-fast-connection.patch b/debian/patches/Fix-SSHException-when-re-keying-over-a-fast-connection.patch deleted file mode 100644 index 62f0a07..0000000 --- a/debian/patches/Fix-SSHException-when-re-keying-over-a-fast-connection.patch +++ /dev/null @@ -1,75 +0,0 @@ -Description: Fix SSHException when re-keying over a fast connection -Origin: https://github.com/dlitz/paramiko/commit/c51b3b208c228fe6482ef00b3572a19683e7bb98 -Bug: https://github.com/paramiko/paramiko/issues/49 -Bug-Debian: http://bugs.debian.org/659007 -Forwarded: not-needed -Author: Salvatore Bonaccorso <carnil@debian.org> -Last-Update: 2012-07-07 - ---- a/paramiko/packet.py -+++ b/paramiko/packet.py -@@ -57,8 +57,11 @@ - - # READ the secsh RFC's before raising these values. if anything, - # they should probably be lower. -- REKEY_PACKETS = pow(2, 30) -- REKEY_BYTES = pow(2, 30) -+ REKEY_PACKETS = pow(2, 29) -+ REKEY_BYTES = pow(2, 29) -+ -+ REKEY_PACKETS_OVERFLOW_MAX = pow(2,29) # Allow receiving this many packets after a re-key request before terminating -+ REKEY_BYTES_OVERFLOW_MAX = pow(2,29) # Allow receiving this many bytes after a re-key request before terminating - - def __init__(self, socket): - self.__socket = socket -@@ -74,6 +77,7 @@ - self.__sent_packets = 0 - self.__received_bytes = 0 - self.__received_packets = 0 -+ self.__received_bytes_overflow = 0 - self.__received_packets_overflow = 0 - - # current inbound/outbound ciphering: -@@ -134,6 +138,7 @@ - self.__mac_key_in = mac_key - self.__received_bytes = 0 - self.__received_packets = 0 -+ self.__received_bytes_overflow = 0 - self.__received_packets_overflow = 0 - # wait until the reset happens in both directions before clearing rekey flag - self.__init_count |= 2 -@@ -316,6 +321,7 @@ - # only ask once for rekeying - self._log(DEBUG, 'Rekeying (hit %d packets, %d bytes sent)' % - (self.__sent_packets, self.__sent_bytes)) -+ self.__received_bytes_overflow = 0 - self.__received_packets_overflow = 0 - self._trigger_rekey() - finally: -@@ -368,19 +374,23 @@ - self.__sequence_number_in = (self.__sequence_number_in + 1) & 0xffffffffL - - # check for rekey -- self.__received_bytes += packet_size + self.__mac_size_in + 4 -+ raw_packet_size = packet_size + self.__mac_size_in + 4 -+ self.__received_bytes += raw_packet_size - self.__received_packets += 1 - if self.__need_rekey: -- # we've asked to rekey -- give them 20 packets to comply before -+ # we've asked to rekey -- give them some packets to comply before - # dropping the connection -+ self.__received_bytes_overflow += raw_packet_size - self.__received_packets_overflow += 1 -- if self.__received_packets_overflow >= 20: -+ if (self.__received_packets_overflow >= self.REKEY_PACKETS_OVERFLOW_MAX) or \ -+ (self.__received_bytes_overflow >= self.REKEY_BYTES_OVERFLOW_MAX): - raise SSHException('Remote transport is ignoring rekey requests') - elif (self.__received_packets >= self.REKEY_PACKETS) or \ - (self.__received_bytes >= self.REKEY_BYTES): - # only ask once for rekeying - self._log(DEBUG, 'Rekeying (hit %d packets, %d bytes received)' % - (self.__received_packets, self.__received_bytes)) -+ self.__received_bytes_overflow = 0 - self.__received_packets_overflow = 0 - self._trigger_rekey() - diff --git a/debian/patches/series b/debian/patches/series index d6dadb3..3ad788b 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,2 +1 @@ hostkey.patch -Fix-SSHException-when-re-keying-over-a-fast-connection.patch |