checkpoint - starting to remove debugs and tests

rapier1 · rapier1 · commit 01007a674b7d · 2023-04-06T17:03:34.000-04:00
diff --git a/packet.c b/packet.c
@@ -103,7 +103,12 @@
 #define DBG(x)
 #endif
 
-#define PACKET_MAX_SIZE (36 * 1024)
+/* SSH_IOBUFSZ + 1k of head room */
+/* OpenSSH usings 256KB packet size max but that consumes a
+ * lot of memory wiht the buffers we are using. This keeps it 
+ * in check. Doesn't seem to have an impact on performance or
+ * functionality cjr 04/06/2023 */
+#define PACKET_MAX_SIZE (SSH_IOBUFSZ + 1024)
 
 struct packet_state {
 	u_int32_t seqnr;
diff --git a/sshd.c b/sshd.c
@@ -2342,24 +2342,24 @@ main(int ac, char **av)
 	notify_hostkeys(ssh);
 
 #ifdef WITH_OPENSSL
-                /* if we are using aes-ctr there can be issues in either a fork or sandbox
-                 * so the initial aes-ctr is defined to point to the original single process
-                 * evp. After authentication we'll be past the fork and the sandboxed privsep
-                 * so we repoint the define to the multithreaded evp. To start the threads we
-                 * then force a rekey
-                 */
-                /* We now explicitly call the mt cipher in cipher.c so we don't need
-                 * the cipher_reset_multithreaded() anymore. We just need to
-                 * force a rekey -cjr 09/08/2022 */
-                const void *cc = ssh_packet_get_send_context(the_active_state);
-                
-                /* only rekey if necessary. If we don't do this gcm mode cipher breaks */
-                if (strstr(cipher_ctx_name(cc), "ctr")) {
-                        debug("Single to Multithreaded CTR cipher swap - server request");
-                        /* cipher_reset_multithreaded(); */
-			ssh_packet_set_authenticated(ssh);
-			packet_request_rekeying();
-                }
+	/* if we are using aes-ctr there can be issues in either a fork or sandbox
+	 * so the initial aes-ctr is defined to point to the original single process
+	 * evp. After authentication we'll be past the fork and the sandboxed privsep
+	 * so we repoint the define to the multithreaded evp. To start the threads we
+	 * then force a rekey
+	 */
+	/* We now explicitly call the mt cipher in cipher.c so we don't need
+	 * the cipher_reset_multithreaded() anymore. We just need to
+	 * force a rekey -cjr 09/08/2022 */
+	const void *cc = ssh_packet_get_send_context(the_active_state);
+        
+	/* only rekey if necessary. If we don't do this gcm mode cipher breaks */
+	if (strstr(cipher_ctx_name(cc), "ctr")) {
+		debug("Single to Multithreaded CTR cipher swap - server request");
+		/* cipher_reset_multithreaded(); */
+		ssh_packet_set_authenticated(ssh);
+		packet_request_rekeying();
+	}
 #endif
 	
 	/* Start session. */
