server: No longer accept "sideband" and "aes_ctr128" features.

Both features are used unconditionally since commit d44413588dd7
(v0.6.3-27) from three years ago when the client stopped to request
the feature. We don't need to support clients older than that any more,
so fail the request if these features are still requested.

Clarify the comment about the sha256 feature while at it.

diff --git a/command.c b/command.c
index 94e9ed1cbfba5e24f8f46a6b2a8ee3ad8b3a2c54..60c2aeba4300124c51af13d03c522fe2c2bbb1f1 100644 (file)
--- a/command.c
+++ b/command.c
@@ -811,19 +811,11 @@ static int parse_auth_request(char *buf, int len, const struct user **u,
                *p = '\0';
                p++;
                create_argv(p, ",", &features);
-               /*
-                * Still accept sideband and AES feature requests (as a no-op)
-                * because some 0.6.x clients request them. The two checks
-                * below may be removed after 0.7.1.
-                */
                for (i = 0; features[i]; i++) {
-                       if (strcmp(features[i], "sideband") == 0)
-                               continue;
-                       if (strcmp(features[i], "aes_ctr128") == 0)
-                               continue;
                        /*
-                        * ->sha256_requested can go away after 0.7.0 but the
-                        * check has to stay until 0.9.0.
+                        * ->sha256_requested can go away after 0.7.0 so that
+                        * sha256 is used unconditionally, but we need to
+                        * accept the feature request until 0.9.0.
                         */
                        if (strcmp(features[i], "sha256") == 0)
                                cf->sha256_requested = true;