summaryrefslogtreecommitdiffstats
path: root/usr.bin/ssh/channels.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Reduce use of <sys/param.h> and transition to <limits.h> throughout.deraadt2015-01-201-2/+3
| | | | ok djm markus
* move dispatch to struct ssh; ok djm@markus2015-01-191-26/+37
|
* explicitly include sys/param.h in files that use the howmany() macro;djm2014-12-111-1/+2
| | | | from portable
* fix a few -Wpointer-sign warnings from clangdjm2014-10-081-5/+5
|
* Add support for Unix domain socket forwarding. A remote TCP portmillert2014-07-151-117/+483
| | | | | | | | may be forwarded to a local Unix domain socket and vice versa or both ends may be a Unix domain socket. This is a reimplementation of the streamlocal patches by William Ahern from: http://www.25thandclement.com/~william/projects/streamlocal.html OK djm@ markus@
* fix remote-forward cancel regression; ok markus@djm2014-07-051-1/+4
|
* allow explicit ::1 and 127.0.0.1 forwarding bind addresses whendjm2014-07-031-3/+15
| | | | | GatewayPorts=no; allows client to choose address family; bz#2222 ok markus@
* fix remote fwding with same listen port but different listen addressmarkus2014-06-271-26/+70
| | | | with gerhard@, ok djm@
* buffer_get_string_ptr's return should be const to reminddjm2014-04-281-2/+2
| | | | | callers that futzing with it will futz with the actual buffer contents
* don't assume that the socks4 username is \0 terminated;djm2014-02-261-1/+4
| | | | spotted by Ben Hawkes; ok markus@
* avoid spurious "getsockname failed: Bad file descriptor" errors in ssh -W;djm2014-02-151-2/+2
| | | | bz#2200, debian#738692 via Colin Watson; ok dtucker@
* replace most bzero with explicit_bzero, except a few that cna be memsettedu2014-01-311-6/+4
| | | | ok djm dtucker
* bz#2147: fix multiple remote forwardings with dynamically assigneddjm2013-12-191-4/+7
| | | | | | | | | listen ports. In the s->c message to open the channel we were sending zero (the magic number to request a dynamic port) instead of the actual listen port. The client therefore had no way of discriminating between them. Diagnosis and fix by ronf AT timeheart.net
* use calloc for all structure allocations; from markus@djm2013-11-081-2/+2
|
* bz#1297 - tell the client (via packet_send_debug) when their preferreddjm2013-09-191-2/+14
| | | | | listen address has been overridden by the server's GatewayPorts; ok dtucker@
* avoid unaligned access in code that reused a buffer to send adjm2013-09-131-3/+2
| | | | | struct in_addr in a reply; simpler just use use buffer_put_int(); from portable; spotted by and ok dtucker@
* fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@djm2013-07-121-3/+4
|
* Add an "ABANDONED" channel state and use for mux sessions that aredtucker2013-06-071-2/+6
| | | | | | | | | disconnected via the ~. escape sequence. Channels in this state will be able to close if the server responds, but do not count as active channels. This means that if you ~. all of the mux clients when using ControlPersist on a broken network, the backgrounded mux master will exit when the Control Persist time expires rather than hanging around indefinitely. bz#1917, also reported and tested by tedu@. ok djm@ markus@.
* Use clock_gettime(CLOCK_MONOTONIC ...) for ssh timers so that things likedtucker2013-06-011-6/+6
| | | | | keepalives and rekeying will work properly over clock steps. Suggested by markus@, "looks good" djm@.
* bye, bye xfree(); ok markus@djm2013-05-171-58/+40
|
* handle ECONNABORTED for accept(); ok deraadt some time ago...markus2013-04-061-4/+10
|
* make AllowTcpForwarding accept "local" and "remote" in addition to itsdjm2012-12-021-7/+5
| | | | | current "yes"/"no" to allow the server to specify whether just local or remote TCP forwarding is enabled. ok markus@
* fix function proto/source mismatchdjm2012-04-231-2/+2
|
* don't spin in accept() when out of fds (ENFILE/ENFILE) - back off for adjm2012-04-111-8/+44
| | | | while; ok deraadt@ markus@
* Add PermitOpen none option based on patch from Loganaden Velvindrondtucker2012-03-291-2/+15
| | | | (bz #1949). ok djm@
* unbreak remote portforwarding with dynamic allocated listen ports:markus2011-09-231-8/+43
| | | | | | | | | 1) send the actual listen port in the open message (instead of 0). this allows multiple forwardings with a dynamic listen port 2) update the matching permit-open entry, so we can identify where to connect to report: den at skbkontur.ru and P. Szczygielski feedback and ok djm@
* Add wildcard support to PermitOpen, allowing things like "PermitOpendtucker2011-09-231-4/+29
| | | | localhost:*". bz #1857, ok djm markus.
* support cancellation of local/dynamic forwardings from ~C commandline;markus2011-09-101-3/+11
| | | | ok & feedback djm@
* support for cancelling local and remote port forwards via the multiplexdjm2011-09-091-55/+109
| | | | | socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@host" to request the cancellation of the specified forwardings; ok markus@
* hook up a channel confirm callback to warn the user then requested X11djm2011-06-221-3/+3
| | | | forwarding was refused by the server; ok markus@
* remove a debug() that pollutes stderr on client connecting to a serverdjm2010-11-241-4/+1
| | | | | in debug mode (channel_close_fds is called transitively from the session code post-fork); bz#1719, ok dtucker
* Fix a trio of bugs in the local/remote window calculation for datagramdjm2010-08-051-15/+26
| | | | | | | | | | | | | | | | | | | | data channels (i.e. TunnelForward): Calculate local_consumed correctly in channel_handle_wfd() by measuring the delta to buffer_len(c->output) from when we start to when we finish. The proximal problem here is that the output_filter we use in portable modified the length of the dequeued datagram (to futz with the headers for !OpenBSD). In channel_output_poll(), don't enqueue datagrams that won't fit in the peer's advertised packet size (highly unlikely to ever occur) or which won't fit in the peer's remaining window (more likely). In channel_input_data(), account for the 4-byte string header in datagram packets that we accept from the peer and enqueue in c->output. report, analysis and testing 2/3 cases from wierbows AT us.ibm.com; "looks good" markus@
* s/timing_safe_cmp/timingsafe_bcmp/gdjm2010-07-131-2/+2
|
* implement a timing_safe_cmp() function to compare memory without leakingdjm2010-07-131-2/+2
| | | | | | timing information by short-circuiting like memcmp() and use it for some of the more sensitive comparisons (though nothing high-value was readily attackable anyway); "looks ok" markus@
* bz#1750: fix requirement for /dev/null inside ChrootDirectory fordjm2010-06-251-5/+12
| | | | | | internal-sftp accidentally introduced in r1.253 by removing the code that opens and dup /dev/null to stderr and modifying the channels code to read stderr but discard it instead; ok markus@
* bz#1327: remove hardcoded limit of 100 permitopen clauses and portdjm2010-06-251-11/+18
| | | | forwards per direction; ok markus@ stevesk@
* Pause the mux channel while waiting for reply from aynch callbacks.djm2010-05-141-5/+11
| | | | | | | | | | | | Prevents misordering of replies if new requests arrive while waiting. Extend channel open confirm callback to allow signalling failure conditions as well as success. Use this to 1) fix a memory leak, 2) start using the above pause mechanism and 3) delay sending a success/ failure message on mux slave session open until we receive a reply from the server. motivated by and with feedback from markus@
* fake local addr:port when stdio fowarding as some servers (Tectia atdjm2010-01-301-1/+8
| | | | | | least) validate that they are well-formed; reported by imorgan AT nas.nasa.gov ok dtucker
* rewrite ssh(1) multiplexing code to a more sensible protocol.djm2010-01-261-48/+164
| | | | | | | | | | | | | | | | | | | | | | The new multiplexing code uses channels for the listener and accepted control sockets to make the mux master non-blocking, so no stalls when processing messages from a slave. avoid use of fatal() in mux master protocol parsing so an errant slave process cannot take down a running master. implement requesting of port-forwards over multiplexed sessions. Any port forwards requested by the slave are added to those the master has established. add support for stdio forwarding ("ssh -W host:port ...") in mux slaves. document master/slave mux protocol so that other tools can use it to control a running ssh(1). Note: there are no guarantees that this protocol won't be incompatibly changed (though it is versioned). feedback Salvador Fandino, dtucker@ channel changes ok markus@
* Add a 'netcat mode' (ssh -W). This connects stdio on the client to a singledtucker2010-01-111-1/+30
| | | | | | port forward on the server. This allows, for example, using ssh as a ProxyCommand to route connections via intermediate servers. bz #1618, man page help from jmc@, ok markus@
* Remove RoutingDomain from ssh since it's now not needed. It can be replaceddtucker2010-01-091-19/+7
| | | | | | | | | | | | | with "route exec" or "nc -V" as a proxycommand. "route exec" also ensures that trafic such as DNS lookups stays withing the specified routingdomain. For example (from reyk): # route -T 2 exec /usr/sbin/sshd or inherited from the parent process $ route -T 2 exec sh $ ssh 10.1.2.3 ok deraadt@ markus@ stevesk@ reyk@
* fix race condition in x11/agent channel allocation: don't read aftermarkus2009-11-111-15/+11
| | | | | | the end of the select read/write fdset and make sure a reused FD is not touched before the pre-handlers are called. with and ok djm@
* Set close-on-exec on various descriptors so they don't get leaked todtucker2009-11-101-2/+8
| | | | child processes. bz #1643, patch from jchadima at redhat, ok deraadt.
* Allow to set the rdomain in ssh/sftp/scp/sshd and ssh-keyscan.reyk2009-10-281-7/+19
| | | | ok markus@
* Put the globals in packet.c into a struct and don't access it directlyandreas2009-05-251-2/+2
| | | | | from other files. No functional changes. ok markus@ djm@
* support remote port forwarding with a zero listen port (-R0:...) todjm2009-02-121-8/+44
| | | | | dyamically allocate a listen port at runtime (this is actually specified in rfc4254); bz#1003 ok markus@
* oops! I committed the wrong version of the Channel->path diff,djm2009-01-221-3/+3
| | | | it was missing some tweaks suggested by stevesk@
* make Channel->path an allocated string, saving a few bytes here anddjm2009-01-221-13/+35
| | | | there and fixing bz#1380 in the process; ok markus@
* support SOCKS4A protocol, from dwmw2 AT infradead.org via bz#1482;djm2009-01-141-11/+39
| | | | "looks ok" markus@
* call channel destroy callbacks on receipt of open failure messages.djm2009-01-011-3/+3
| | | | | fixes client hangs when connecting to a server that has MaxSessions=0 set spotted by imorgan AT nas.nasa.gov; ok markus@
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.