summaryrefslogtreecommitdiffstats
path: root/usr.bin/ssh/clientloop.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* better refuse ForwardX11Trusted=no connections attempted afterdjm2015-07-011-8/+21
| | | | ForwardX11Timeout expires; reported by Jann Horn
* Remove pattern length argument from match_pattern_list(),djm2015-05-041-3/+2
| | | | | | | | | | we only ever use it for strlen(pattern). Prompted by hanno AT hboeck.de pointing an out-of-bound read error caused by an incorrect pattern length found using AFL and his own tools. ok markus@
* fix small memory leak when UpdateHostkeys=nodjm2015-02-251-4/+4
|
* fix setting/clearing of TTY raw mode around UpdateHostKeys=askdjm2015-02-231-4/+9
| | | | confirmation question; reported by Herb Goldman
* UpdateHostKeys fixes:djm2015-02-201-10/+13
| | | | | | | | | | | | | | I accidentally changed the format of the hostkeys@openssh.com messages last week without changing the extension name, and this has been causing connection failures for people who are running -current. First reported by sthen@ s/hostkeys@openssh.com/hostkeys-00@openssh.com/ Change the name of the proof message too, and reorder it a little. Also, UpdateHostKeys=ask is incompatible with ControlPersist (no TTY available to read the response) so disable UpdateHostKeys if it is in ask mode and ControlPersist is active (and document this)
* Revise hostkeys@openssh.com hostkey learning extension.djm2015-02-161-41/+312
| | | | | | | | | | The client will not ask the server to prove ownership of the private halves of any hitherto-unseen hostkeys it offers to the client. Allow UpdateHostKeys option to take an 'ask' argument to let the user manually review keys offered. ok markus@
* Refactor hostkeys_foreach() and dependent codedjm2015-02-161-6/+16
| | | | | | Deal with IP addresses (i.e. CheckHostIP) Don't clobber known_hosts when nothing changed ok markus@ as part of larger commit
* Host key rotation support.djm2015-01-261-2/+92
| | | | | | | | | | | | | Add a hostkeys@openssh.com protocol extension (global request) for a server to inform a client of all its available host key after authentication has completed. The client may record the keys in known_hosts, allowing it to upgrade to better host key algorithms and a server to gracefully rotate its keys. The client side of this is controlled by a UpdateHostkeys config option (default on). ok markus@
* Reduce use of <sys/param.h> and transition to <limits.h> throughout.deraadt2015-01-201-6/+7
| | | | ok djm markus
* adapt kex to sshbuf and struct ssh; ok djm@markus2015-01-191-5/+6
|
* move dispatch to struct ssh; ok djm@markus2015-01-191-10/+18
|
* update packet.c & isolate, introduce struct sshmarkus2015-01-191-10/+6
| | | | | | | | a) switch packet.c to buffer api and isolate per-connection info into struct ssh b) (de)serialization of the state is moved from monitor to packet.c c) the old packet.c API is implemented in opacket.[ch] d) compress.c/h is removed and integrated into packet.c with and ok djm@
* move authfd.c and its tentacles to the new buffer/key API;djm2015-01-141-6/+14
| | | | ok markus@
* Add support for Unix domain socket forwarding. A remote TCP portmillert2014-07-151-34/+44
| | | | | | | | may be forwarded to a local Unix domain socket and vice versa or both ends may be a Unix domain socket. This is a reimplementation of the streamlocal patches by William Ahern from: http://www.25thandclement.com/~william/projects/streamlocal.html OK djm@ markus@
* fix remote fwding with same listen port but different listen addressmarkus2014-06-271-2/+2
| | | | with gerhard@, ok djm@
* bz#1818 - don't send channel success/failre replies on channels thatdjm2014-04-291-2/+2
| | | | | have sent a close already; analysis and patch from Simon Tatham; ok markus@
* convert memset of potentially-private data to explicit_bzero()djm2014-02-021-3/+3
|
* replace most bzero with explicit_bzero, except a few that cna be memsettedu2014-01-311-3/+3
| | | | ok djm dtucker
* unsigned casts for ctype macros where neccessaryderaadt2013-11-201-4/+4
| | | | ok guenther millert markus
* use calloc for all structure allocations; from markus@djm2013-11-081-4/+4
|
* fix connection crash when sending break (~B) on ControlPersist'd session;djm2013-09-121-2/+2
| | | | ok dtucker@
* Add an "ABANDONED" channel state and use for mux sessions that aredtucker2013-06-071-1/+4
| | | | | | | | | disconnected via the ~. escape sequence. Channels in this state will be able to close if the server responds, but do not count as active channels. This means that if you ~. all of the mux clients when using ControlPersist on a broken network, the backgrounded mux master will exit when the Control Persist time expires rather than hanging around indefinitely. bz#1917, also reported and tested by tedu@. ok djm@ markus@.
* No need for the mux cleanup callback to be visible so restore it to staticdtucker2013-06-021-3/+3
| | | | and call it through the detach_user function pointer. ok djm@
* Use clock_gettime(CLOCK_MONOTONIC ...) for ssh timers so that things likedtucker2013-06-011-7/+7
| | | | | keepalives and rekeying will work properly over clock steps. Suggested by markus@, "looks good" djm@.
* bye, bye xfree(); ok markus@djm2013-05-171-31/+24
|
* Add an optional second argument to RekeyLimit in the client to allowdtucker2013-05-161-6/+17
| | | | | rekeying based on elapsed time in addition to amount of traffic. with djm@ jmc@, ok djm
* channel_setup_local_fwd_listener() returns 0 on failure, not -vedjm2013-01-021-3/+3
| | | | bz#2055 reported by mathieu.lacage AT gmail.com
* when muxmaster is run with -N, make it shut down gracefully when a clientdtucker2012-09-071-4/+4
| | | | sends it "-O stop" rather than hanging around. ok djm@
* Merge escape help text for ~v and ~V; ok djm@dtucker2012-09-071-5/+4
|
* Print '^Z' instead of a raw ^Z when the sequence is not supported. ok djm@dtucker2012-09-071-3/+8
|
* Make the escape command help (~?) context sensitive so that only commandsdtucker2012-09-061-41/+62
| | | | that will work in the current session are shown. ok markus@
* Put help text for ~v and ~V around the correct waydtucker2012-09-061-3/+3
|
* Add ~v and ~V escape sequences to raise and lower the logging leveldtucker2012-09-061-1/+29
| | | | respectively. Man page help from jmc, ok deraadt jmc
* Force a clean shutdown of ControlMaster client sessions when the ~. escapedtucker2012-08-171-1/+3
| | | | | sequence is used. This means that ~. should now work in mux clients even if the server is no longer responding. Found by tedu, ok djm.
* initialise accept() backoff timer to avoid EINVAL from select(2) indjm2012-06-201-2/+2
| | | | rekeying
* don't spin in accept() when out of fds (ENFILE/ENFILE) - back off for adjm2012-04-111-2/+6
| | | | while; ok deraadt@ markus@
* Ensure that $DISPLAY contains only valid characters before using it todtucker2012-01-181-1/+21
| | | | | extract xauth data so that it can't be used to play local shell metacharacter games. Report from r00t_ati at ihteam.net, ok markus.
* support cancellation of local/dynamic forwardings from ~C commandline;markus2011-09-101-11/+23
| | | | ok & feedback djm@
* hook up a channel confirm callback to warn the user then requested X11djm2011-06-221-3/+2
| | | | forwarding was refused by the server; ok markus@
* setproctitle for a mux master that has been gracefully stopped;djm2011-06-171-2/+4
| | | | bz#1911 from Bert.Wesarg AT googlemail.com
* improve our behaviour when TTY allocation fails: if we are indjm2011-05-081-14/+39
| | | | | | | | | | | | RequestTTY=auto mode (the default), then do not treat at TTY allocation error as fatal but rather just restore the local TTY to cooked mode and continue. This is more graceful on devices that never allocate TTYs. If RequestTTY is set to "yes" or "force", then failure to allocate a TTY is fatal. ok markus@
* Add a RequestTTY ssh_config option to allow configuration-baseddjm2011-05-061-13/+11
| | | | control over tty allocation (like -t/-T); ok markus@
* allow graceful shutdown of multiplexing: request that a mux server removesdjm2011-04-171-9/+25
| | | | its listener socket and refuse future multiplexing requests; ok markus@
* a couple more tweaks to the post-close protocol 1 stderr/stdout flush:djm2011-01-161-11/+9
| | | | | now that we use atomicio(), convert them from while loops to if statements add test and cast to compile cleanly with -Wsigned
* Use atomicio when flushing protocol 1 std{out,err} buffers atdjm2011-01-161-7/+7
| | | | | session close. This was a latent bug exposed by setting a SIGCHLD handler and spotted by kevin.brott AT gmail.com; ok dtucker@
* some unsigned long long casts that make things a bit easier fordjm2011-01-111-2/+2
| | | | portable without resorting to dropping PRIu64 formats everywhere
* use host and not options.hostname, as the latter may have unescapeddjm2011-01-081-2/+2
| | | | substitution characters
* when exiting due to ServerAliveTimeout, mention the hostname that causeddjm2011-01-061-2/+2
| | | | it (useful with backgrounded controlmaster)
* avoid NULL deref on receiving a channel request on an unknown or invaliddjm2010-11-231-2/+2
| | | | channel; report bz#1842 from jchadima AT redhat.com; ok dtucker@
* honour $TMPDIR for client xauth and ssh-agent temporary directories;djm2010-11-211-2/+2
| | | | feedback and ok markus@
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.