summaryrefslogtreecommitdiffstats
path: root/usr.bin/ssh/channels.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Remove channel_input_port_forward_request(); the only caller was thedtucker2016-10-181-38/+1
| | | | recently-removed SSH1 server code so it's now dead code. ok markus@
* fix some -Wpointer-sign warnings in the new mux proxy; ok markus@djm2016-09-301-3/+9
|
* ssh proxy mux mode (-O proxy; idea from Simon Tatham):markus2016-09-301-12/+380
| | | | | | | | | - mux client speaks the ssh-packet protocol directly over unix-domain socket. - mux server acts as a proxy, translates channel IDs and relays to the server. - no filedescriptor passing necessary. - combined with unix-domain forwarding it's even possible to run mux client and server on different machines. feedback & ok djm@
* Replace two more arc4random() loops with arc4random_buf().natano2016-09-191-11/+7
| | | | | tweaks and ok dtucker ok deraadt
* Add MAXIMUM(), MINIMUM(), and ROUNDUP() to misc.h, then use those definitionsderaadt2016-09-121-11/+10
| | | | | rather than pulling <sys/param.h> and unknown namespace pollution. ok djm markus dtucker
* Allow wildcard for PermitOpen hosts as well as ports. bz#2582, patch fromdtucker2016-07-191-2/+6
| | | | openssh at mzpqnxow.com and jjelen at redhat.com. ok markus@
* refactor canohost.c: move functions that cache results closer to thedjm2016-03-071-3/+3
| | | | | | | places that use them (authn and session code). After this, no state is cached in canohost.c feedback and ok markus@
* Only check errno if read() has returned an error. EOF is not an error.naddy2016-02-051-7/+7
| | | | | | This fixes a problem where the mux master would sporadically fail to notice that the client had exited. ok mikeb@ djm@
* fix some signed/unsigned integer type mismatches in formatdjm2015-10-151-2/+2
| | | | strings; reported by Nicholas Lemonias
* better refuse ForwardX11Trusted=no connections attempted afterdjm2015-07-011-1/+17
| | | | ForwardX11Timeout expires; reported by Jann Horn
* fatal() when a remote window update causes the window value todjm2015-06-301-3/+6
| | | | overflow. Reported by Georg Wicherski, ok markus@
* Fix math error in remote window calculations that causes eventual stallsdjm2015-06-301-2/+2
| | | | for datagram channels. Reported by Georg Wicherski, ok markus@
* For "ssh -L 12345:/tmp/sock" don't fail with "No forward host name."millert2015-06-051-10/+14
| | | | | (we have a path, not a host name). Based on a diff from Jared Yanovich. OK djm@
* Use xcalloc for permitted_adm_opens instead of xmalloc to ensure it's zeroed.dtucker2015-05-081-2/+2
| | | | Fixes post-auth crash with permitopen=none. bz#2355, ok djm@
* rename xrealloc() to xreallocarray() since it follows that form.deraadt2015-04-241-7/+7
| | | | ok djm
* SIZE_MAX is standard, we should be using it in preference to themillert2015-02-061-3/+3
| | | | obsolete SIZE_T_MAX. OK miod@ beck@
* Reduce use of <sys/param.h> and transition to <limits.h> throughout.deraadt2015-01-201-2/+3
| | | | ok djm markus
* move dispatch to struct ssh; ok djm@markus2015-01-191-26/+37
|
* explicitly include sys/param.h in files that use the howmany() macro;djm2014-12-111-1/+2
| | | | from portable
* fix a few -Wpointer-sign warnings from clangdjm2014-10-081-5/+5
|
* Add support for Unix domain socket forwarding. A remote TCP portmillert2014-07-151-117/+483
| | | | | | | | may be forwarded to a local Unix domain socket and vice versa or both ends may be a Unix domain socket. This is a reimplementation of the streamlocal patches by William Ahern from: http://www.25thandclement.com/~william/projects/streamlocal.html OK djm@ markus@
* fix remote-forward cancel regression; ok markus@djm2014-07-051-1/+4
|
* allow explicit ::1 and 127.0.0.1 forwarding bind addresses whendjm2014-07-031-3/+15
| | | | | GatewayPorts=no; allows client to choose address family; bz#2222 ok markus@
* fix remote fwding with same listen port but different listen addressmarkus2014-06-271-26/+70
| | | | with gerhard@, ok djm@
* buffer_get_string_ptr's return should be const to reminddjm2014-04-281-2/+2
| | | | | callers that futzing with it will futz with the actual buffer contents
* don't assume that the socks4 username is \0 terminated;djm2014-02-261-1/+4
| | | | spotted by Ben Hawkes; ok markus@
* avoid spurious "getsockname failed: Bad file descriptor" errors in ssh -W;djm2014-02-151-2/+2
| | | | bz#2200, debian#738692 via Colin Watson; ok dtucker@
* replace most bzero with explicit_bzero, except a few that cna be memsettedu2014-01-311-6/+4
| | | | ok djm dtucker
* bz#2147: fix multiple remote forwardings with dynamically assigneddjm2013-12-191-4/+7
| | | | | | | | | listen ports. In the s->c message to open the channel we were sending zero (the magic number to request a dynamic port) instead of the actual listen port. The client therefore had no way of discriminating between them. Diagnosis and fix by ronf AT timeheart.net
* use calloc for all structure allocations; from markus@djm2013-11-081-2/+2
|
* bz#1297 - tell the client (via packet_send_debug) when their preferreddjm2013-09-191-2/+14
| | | | | listen address has been overridden by the server's GatewayPorts; ok dtucker@
* avoid unaligned access in code that reused a buffer to send adjm2013-09-131-3/+2
| | | | | struct in_addr in a reply; simpler just use use buffer_put_int(); from portable; spotted by and ok dtucker@
* fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@djm2013-07-121-3/+4
|
* Add an "ABANDONED" channel state and use for mux sessions that aredtucker2013-06-071-2/+6
| | | | | | | | | disconnected via the ~. escape sequence. Channels in this state will be able to close if the server responds, but do not count as active channels. This means that if you ~. all of the mux clients when using ControlPersist on a broken network, the backgrounded mux master will exit when the Control Persist time expires rather than hanging around indefinitely. bz#1917, also reported and tested by tedu@. ok djm@ markus@.
* Use clock_gettime(CLOCK_MONOTONIC ...) for ssh timers so that things likedtucker2013-06-011-6/+6
| | | | | keepalives and rekeying will work properly over clock steps. Suggested by markus@, "looks good" djm@.
* bye, bye xfree(); ok markus@djm2013-05-171-58/+40
|
* handle ECONNABORTED for accept(); ok deraadt some time ago...markus2013-04-061-4/+10
|
* make AllowTcpForwarding accept "local" and "remote" in addition to itsdjm2012-12-021-7/+5
| | | | | current "yes"/"no" to allow the server to specify whether just local or remote TCP forwarding is enabled. ok markus@
* fix function proto/source mismatchdjm2012-04-231-2/+2
|
* don't spin in accept() when out of fds (ENFILE/ENFILE) - back off for adjm2012-04-111-8/+44
| | | | while; ok deraadt@ markus@
* Add PermitOpen none option based on patch from Loganaden Velvindrondtucker2012-03-291-2/+15
| | | | (bz #1949). ok djm@
* unbreak remote portforwarding with dynamic allocated listen ports:markus2011-09-231-8/+43
| | | | | | | | | 1) send the actual listen port in the open message (instead of 0). this allows multiple forwardings with a dynamic listen port 2) update the matching permit-open entry, so we can identify where to connect to report: den at skbkontur.ru and P. Szczygielski feedback and ok djm@
* Add wildcard support to PermitOpen, allowing things like "PermitOpendtucker2011-09-231-4/+29
| | | | localhost:*". bz #1857, ok djm markus.
* support cancellation of local/dynamic forwardings from ~C commandline;markus2011-09-101-3/+11
| | | | ok & feedback djm@
* support for cancelling local and remote port forwards via the multiplexdjm2011-09-091-55/+109
| | | | | socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@host" to request the cancellation of the specified forwardings; ok markus@
* hook up a channel confirm callback to warn the user then requested X11djm2011-06-221-3/+3
| | | | forwarding was refused by the server; ok markus@
* remove a debug() that pollutes stderr on client connecting to a serverdjm2010-11-241-4/+1
| | | | | in debug mode (channel_close_fds is called transitively from the session code post-fork); bz#1719, ok dtucker
* Fix a trio of bugs in the local/remote window calculation for datagramdjm2010-08-051-15/+26
| | | | | | | | | | | | | | | | | | | | data channels (i.e. TunnelForward): Calculate local_consumed correctly in channel_handle_wfd() by measuring the delta to buffer_len(c->output) from when we start to when we finish. The proximal problem here is that the output_filter we use in portable modified the length of the dequeued datagram (to futz with the headers for !OpenBSD). In channel_output_poll(), don't enqueue datagrams that won't fit in the peer's advertised packet size (highly unlikely to ever occur) or which won't fit in the peer's remaining window (more likely). In channel_input_data(), account for the 4-byte string header in datagram packets that we accept from the peer and enqueue in c->output. report, analysis and testing 2/3 cases from wierbows AT us.ibm.com; "looks good" markus@
* s/timing_safe_cmp/timingsafe_bcmp/gdjm2010-07-131-2/+2
|
* implement a timing_safe_cmp() function to compare memory without leakingdjm2010-07-131-2/+2
| | | | | | timing information by short-circuiting like memcmp() and use it for some of the more sensitive comparisons (though nothing high-value was readily attackable anyway); "looks ok" markus@
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.