summaryrefslogtreecommitdiffstats
path: root/usr.bin/ssh/clientloop.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* unbreak hostkey rotation; attempting to sign with a desired signaturedjm2017-12-181-3/+12
| | | | | algorithm of kex->hostkey_alg is incorrect when the key type isn't capable of making those signatures. ok markus@
* pass negotiated signing algorithm though to sshkey_verify() anddjm2017-12-181-2/+3
| | | | | check that the negotiated algorithm matches the type in the signature (only matters for RSA SHA1/SHA2 sigs). ok markus@
* Remove get_current_time() and replace with calls to monotime_double()dtucker2017-11-251-16/+3
| | | | which uses CLOCK_MONOTONIC and works over clock steps. "I like" markus@
* Expose devices allocated for tun/tap forwarding.djm2017-10-231-5/+7
| | | | | | | | | | | At the client, the device may be obtained from a new %T expansion for LocalCommand. At the server, the allocated devices will be listed in a SSH_TUNNEL variable exposed to the environment of any user sessions started after the tunnel forwarding was established. ok markus
* fix use-after-free in ~^Z escape handler path, introduced in channels.cdjm2017-09-191-13/+4
| | | | refactor; spotted by millert@ "makes sense" deraadt@
* Make remote channel ID a u_intdjm2017-09-121-1/+5
| | | | | | | | | | | Previously we tracked the remote channel IDs in an int, but this is strictly incorrect: the wire protocol uses uint32 and there is nothing in-principle stopping a SSH implementation from sending, say, 0xffff0000. In practice everyone numbers their channels sequentially, so this has never been a problem. ok markus@
* refactor channels.cdjm2017-09-121-91/+100
| | | | | | | | | | | | | | | | | | Move static state to a "struct ssh_channels" that is allocated at runtime and tracked as a member of struct ssh. Explicitly pass "struct ssh" to all channels functions. Replace use of the legacy packet APIs in channels.c. Rework sshd_config PermitOpen handling: previously the configuration parser would call directly into the channels layer. After the refactor this is not possible, as the channels structures are allocated at connection time and aren't available when the configuration is parsed. The server config parser now tracks PermitOpen itself and explicitly configures the channels code later. ok markus@
* pass packet state down to some of the channels function (moredjm2017-08-301-4/+4
| | | | to come...); ok markus@
* Make ""Killed by signal 1" LogLevel verbose so it's not shown at the defaultdtucker2017-07-141-3/+5
| | | | | level. Prevents it from appearing during ssh -J and equivalent ProxyCommand configs. bz#1906, bz#2744, feedback&ok markus@
* When using the escape sequence &~ the code path is client_loop() ->mestre2017-06-231-2/+2
| | | | | | | | | client_simple_escape_filter() -> process_escapes() -> fork() and the pledge for this path lacks the proc promise and therefore aborts the process. The solution is to just add proc the promise to this specific pledge. Reported by Gregoire Jadi gjadi ! omecha.info Insight with tb@, OK jca@
* Switch to recallocarray() for a few operations. Both growth and shrinkagederaadt2017-05-311-5/+5
| | | | | | are handled safely, and there also is no need for preallocation dances. Future changes in this area will be less error prone. Review and one bug found by markus
* remove now obsolete ctx from ssh_dispatch_run; ok djm@markus2017-05-311-2/+2
|
* protocol handlers all get struct ssh passed; ok djm@markus2017-05-301-6/+6
|
* remove miscellaneous SSH1 leftovers; ok markus@naddy2017-05-031-2/+2
|
* obliterate ssh1.h and some dead code that used itdjm2017-04-301-2/+1
| | | | ok markus@
* remove SSHv1-related buffers from client codedjm2017-04-301-58/+25
|
* remove KEY_RSA1djm2017-04-301-3/+2
| | | | ok markus@
* remove compat20/compat13/compat15 variablesdjm2017-04-301-485/+54
| | | | ok markus@
* When updating hostkeys, accept RSA keys if HostkeyAlgorithms containsdjm2017-03-101-5/+22
| | | | | | | any RSA keytype. Previously, ssh could ignore RSA keys when any of the ssh-rsa-sha2-* methods was enabled in HostkeyAlgorithms nit ssh-rsa (SHA1 signatures) was not. bz#2650 reported by Luis Ressel; ok dtucker@
* Fix typo in ~C error message for bad port forward cancellation.dtucker2017-01-291-2/+2
| | | | bz#2672, from Brad Marshall via Colin Watson and Ubuntu's bugtracker.
* ssh proxy mux mode (-O proxy; idea from Simon Tatham):markus2016-09-301-6/+39
| | | | | | | | | - mux client speaks the ssh-packet protocol directly over unix-domain socket. - mux server acts as a proxy, translates channel IDs and relays to the server. - no filedescriptor passing necessary. - combined with unix-domain forwarding it's even possible to run mux client and server on different machines. feedback & ok djm@
* replace two arc4random loops with arc4random_buftedu2016-09-171-8/+7
| | | | ok deraadt natano
* Add MAXIMUM(), MINIMUM(), and ROUNDUP() to misc.h, then use those definitionsderaadt2016-09-121-9/+8
| | | | | rather than pulling <sys/param.h> and unknown namespace pollution. ok djm markus dtucker
* fix pledge violation with ssh -f; reported by Valentin Kozamernikdjm2016-07-231-3/+7
| | | | ok dtucker@
* Add missing "recvfd" pledge promise: Raf Czlonka reported ssh coredumpstb2016-07-111-2/+2
| | | | | | | when Control* keywords were set in ssh_config. This patch also fixes similar problems with scp and sftp. ok deraadt, looks good to millert
* refactor activation of rekeyingdjm2016-02-081-16/+12
| | | | | | | | | | | This makes automatic rekeying internal to the packet code (previously the server and client loops needed to assist). In doing to it makes application of rekey limits more accurate by accounting for packets about to be sent as well as packets queued during rekeying events themselves. Based on a patch from dtucker@ which was in turn based on a patch Aleksander Adamowski in bz#2521; ok markus@
* Avoid ugly "DISPLAY "(null)" invalid; disabling X11 forwarding"millert2016-02-011-3/+4
| | | | | message when DISPLAY is not set. This could also result in a crash on systems with a printf that doesn't handle NULL. OK djm@
* Remove leftover roaming dead code. ok djm markus.dtucker2016-01-291-11/+1
|
* Zero a stack buffer with explicit_bzero() instead of memset() whenjsg2016-01-231-2/+2
| | | | | | | returning from client_loop() for consistency with buffer_free()/sshbuf_free(). ok dtucker@ deraadt@ djm@
* remove roaming support; ok djm@markus2016-01-141-5/+4
|
* eliminate fallback from untrusted X11 forwarding to trusteddjm2016-01-131-44/+70
| | | | | forwarding when the X server disables the SECURITY extension; Reported by Thomas Hoger; ok deraadt@
* adjust pledge promises for ControlMaster: when using "ask" or "autoask", the process will use ssh-askpass for asking confirmation.semarie2015-12-261-9/+9
| | | | | | problem found by halex@ ok halex@
* pledges ssh client:semarie2015-12-031-1/+31
| | | | | | | | | - mux client: which is used when ControlMaster is in use. will end with "stdio proc tty" (proc is to permit sending SIGWINCH to mux master on window resize) - client loop: several levels of pledging depending of your used options ok deraadt@
* Replace a function-local allocation with stack memory.mmcc2015-10-201-7/+2
| | | | ok djm@
* Turn off DSA by default; add HostKeyAlgorithms to the server andmarkus2015-07-101-4/+6
| | | | | PubkeyAcceptedKeyTypes to the client side, so it still can be tested or turned back on; feedback and ok djm@
* better refuse ForwardX11Trusted=no connections attempted afterdjm2015-07-011-8/+21
| | | | ForwardX11Timeout expires; reported by Jann Horn
* Remove pattern length argument from match_pattern_list(),djm2015-05-041-3/+2
| | | | | | | | | | we only ever use it for strlen(pattern). Prompted by hanno AT hboeck.de pointing an out-of-bound read error caused by an incorrect pattern length found using AFL and his own tools. ok markus@
* fix small memory leak when UpdateHostkeys=nodjm2015-02-251-4/+4
|
* fix setting/clearing of TTY raw mode around UpdateHostKeys=askdjm2015-02-231-4/+9
| | | | confirmation question; reported by Herb Goldman
* UpdateHostKeys fixes:djm2015-02-201-10/+13
| | | | | | | | | | | | | | I accidentally changed the format of the hostkeys@openssh.com messages last week without changing the extension name, and this has been causing connection failures for people who are running -current. First reported by sthen@ s/hostkeys@openssh.com/hostkeys-00@openssh.com/ Change the name of the proof message too, and reorder it a little. Also, UpdateHostKeys=ask is incompatible with ControlPersist (no TTY available to read the response) so disable UpdateHostKeys if it is in ask mode and ControlPersist is active (and document this)
* Revise hostkeys@openssh.com hostkey learning extension.djm2015-02-161-41/+312
| | | | | | | | | | The client will not ask the server to prove ownership of the private halves of any hitherto-unseen hostkeys it offers to the client. Allow UpdateHostKeys option to take an 'ask' argument to let the user manually review keys offered. ok markus@
* Refactor hostkeys_foreach() and dependent codedjm2015-02-161-6/+16
| | | | | | Deal with IP addresses (i.e. CheckHostIP) Don't clobber known_hosts when nothing changed ok markus@ as part of larger commit
* Host key rotation support.djm2015-01-261-2/+92
| | | | | | | | | | | | | Add a hostkeys@openssh.com protocol extension (global request) for a server to inform a client of all its available host key after authentication has completed. The client may record the keys in known_hosts, allowing it to upgrade to better host key algorithms and a server to gracefully rotate its keys. The client side of this is controlled by a UpdateHostkeys config option (default on). ok markus@
* Reduce use of <sys/param.h> and transition to <limits.h> throughout.deraadt2015-01-201-6/+7
| | | | ok djm markus
* adapt kex to sshbuf and struct ssh; ok djm@markus2015-01-191-5/+6
|
* move dispatch to struct ssh; ok djm@markus2015-01-191-10/+18
|
* update packet.c & isolate, introduce struct sshmarkus2015-01-191-10/+6
| | | | | | | | a) switch packet.c to buffer api and isolate per-connection info into struct ssh b) (de)serialization of the state is moved from monitor to packet.c c) the old packet.c API is implemented in opacket.[ch] d) compress.c/h is removed and integrated into packet.c with and ok djm@
* move authfd.c and its tentacles to the new buffer/key API;djm2015-01-141-6/+14
| | | | ok markus@
* Add support for Unix domain socket forwarding. A remote TCP portmillert2014-07-151-34/+44
| | | | | | | | may be forwarded to a local Unix domain socket and vice versa or both ends may be a Unix domain socket. This is a reimplementation of the streamlocal patches by William Ahern from: http://www.25thandclement.com/~william/projects/streamlocal.html OK djm@ markus@
* fix remote fwding with same listen port but different listen addressmarkus2014-06-271-2/+2
| | | | with gerhard@, ok djm@
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.