summaryrefslogtreecommitdiffstats
path: root/usr.bin/ssh/misc.h (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Remove support for obsolete host/port syntax.dtucker2019-01-231-1/+2
| | | | | | | | | host/port was added in 2001 as an alternative to host:port syntax for the benefit of IPv6 users. These days there are establised standards for this like [::1]:22 and the slash syntax is easily mistaken for CIDR notation, which OpenSSH now supports for some things. Remove the slash notation from ListenAddress and PermitOpen. bz#2335, patch from jjelen at redhat.com, ok markus@
* move client/server SSH-* banners to buffers under ssh->kex and factordjm2018-12-271-1/+4
| | | | | | | | | | | out the banner exchange. This eliminates some common code from the client and server. Also be more strict about handling \r characters - these should only be accepted immediately before \n (pointed out by Jann Horn). Inspired by a patch from Markus Schmidt. (lots of) feedback and ok markus@
* Fix calculation of initial bandwidth limits.dtucker2018-12-071-2/+4
| | | | | | | | Account for written bytes before the initial timer check so that the first buffer written is accounted. Set the threshold after which the timer is checked such that the limit starts being computed as soon as possible, ie after the second buffer is written. This prevents an initial burst of traffic and provides a more accurate bandwidth limit. bz#2927, ok djm.
* use path_absolute() for pathname checks; from Manoj Ampalamdjm2018-11-161-1/+2
|
* Allow ssh_config IdentityAgent directive to accept environment variabledjm2018-10-031-1/+2
| | | | names as well as explicit paths. ok dtucker@
* Remove uid checks from low port binds. Now that ssh cannot bedtucker2018-07-271-2/+1
| | | | | | | setuid and sshd always has privsep on, we can remove the uid checks for low port binds and just let the system do the check. We leave a sanity check for the !privsep case so long as the code is stil there. with & ok djm@
* add a SetEnv directive to ssh_config that allows setting environmentdjm2018-06-091-1/+2
| | | | | | | | variables for the remote session (subject to the server accepting them) refactor SendEnv to remove the arbitrary limit of variable names. ok markus@
* switch config file parsing to getline(3) as this avoids static limitsmarkus2018-06-061-2/+1
| | | | noted by gerhard@; ok dtucker@, djm@
* add valid-before="[time]" authorized_keys option. A simple way ofdjm2018-03-121-1/+3
| | | | giving a key an expiry date. ok markus@
* move subprocess() so scp/sftp do not need uidswap.o; ok djm@markus2018-01-081-7/+1
|
* Replace atoi and strtol conversions for integer arguments to configdtucker2017-12-051-1/+2
| | | | | keywords with a checking wrapper around strtonum. This will prevent and flag invalid and negative arguments to these keywords. ok djm@
* Add monotime_ts and monotime_tv that return monotonic timespec anddtucker2017-11-251-1/+3
| | | | | | | timeval respectively. Replace calls to gettimeofday() in packet timing with monotime_tv so that the callers will work over a clock step. Should prevent integer overflow during clock steps reported by wangle6 at huawei.com. "I like" markus@
* add sshd_config RDomain keyword to place sshd and the subsequentdjm2017-10-251-1/+2
| | | | | | | user session (including the shell and any TCP/IP forwardings) into the specified rdomain(4) ok markus@
* Add optional rdomain qualifier to sshd_config's ListenAddress optiondjm2017-10-251-1/+3
| | | | | | to allow listening on a different rdomain(4), e.g. ListenAddress 0.0.0.0 rdomain 4
* Expose devices allocated for tun/tap forwarding.djm2017-10-231-2/+2
| | | | | | | | | | | At the client, the device may be obtained from a new %T expansion for LocalCommand. At the server, the allocated devices will be listed in a SSH_TUNNEL variable exposed to the environment of any user sessions started after the tunnel forwarding was established. ok markus
* Add URI support to ssh, sftp and scp. For example ssh://user@hostmillert2017-10-211-1/+4
| | | | | | | or sftp://user@host/path. The connection parameters described in draft-ietf-secsh-scp-sftp-ssh-uri-04 are not implemented since the ssh fingerprint format in the draft uses md5 with no way to specify the hash function type. OK djm@
* add a "quiet" flag to exited_cleanly() that supresses errors aboutdjm2017-08-181-2/+2
| | | | exit status (failure due to signal is still reported)
* Move several subprocess-related functions from various locations todjm2017-08-181-1/+21
| | | | | | | misc.c. Extend subprocess() to offer a little more control over stdio disposition. feedback & ok dtucker@
* On startup, check to see if sshd is already daemonized and if so,dtucker2016-11-301-1/+2
| | | | | | skip the call to daemon() and do not rewrite the PidFile. This means that when sshd re-execs itself on SIGHUP the process ID will no longer change. Should address bz#2641. ok djm@ markus@.
* Factor out "can bind to low ports" check into its own function. This will makedtucker2016-10-231-1/+2
| | | | | it easier for Portable to support platforms with permissions models other than uid==0 (eg bz#2625). ok djm@, "doesn't offend me too much" deraadt@.
* Add MAXIMUM(), MINIMUM(), and ROUNDUP() to misc.h, then use those definitionsderaadt2016-09-121-1/+5
| | | | | rather than pulling <sys/param.h> and unknown namespace pollution. ok djm markus dtucker
* Pull in <sys/time.h> for struct timevalguenther2016-08-271-1/+3
| | | | ok deraadt@
* Add a ProxyJump ssh_config(5) option and corresponding -J ssh(1)djm2016-07-151-1/+2
| | | | | | | | | | | | | | command-line flag to allow simplified indirection through a SSH bastion or "jump host". These options construct a proxy command that connects to the specified jump host(s) (more than one may be specified) and uses port-forwarding to establish a connection to the next destination. This codifies the safest way of indirecting connections through SSH servers and makes it easy to use. ok markus@
* don't record duplicate LocalForward and RemoteForward entries;djm2016-04-061-1/+3
| | | | | | fixes failure with ExitOnForwardFailure+hostname canonicalisation where the same forwards are added on the second pass through the configuration file. bz#2562; ok dtucker@
* Improve precision of progressmeter for sftp and scp by storing sub-seconddtucker2016-03-021-1/+2
| | | | timestamps. Pointed out by mmcc@, ok deraadt@ markus@
* Add support for Unix domain socket forwarding. A remote TCP portmillert2014-07-151-1/+24
| | | | | | | | may be forwarded to a local Unix domain socket and vice versa or both ends may be a Unix domain socket. This is a reimplementation of the streamlocal patches by William Ahern from: http://www.25thandclement.com/~william/projects/streamlocal.html OK djm@ markus@
* revert __bounded change; it causes way more problems for portable thandjm2014-05-021-9/+9
| | | | it solves; pointed out by dtucker@
* use get/put_u32 to load values rather than *((UINT32 *)p) that breaks ondjm2014-04-201-1/+7
| | | | strict-alignment architectures; reported by and ok stsp@
* use __bounded(...) attribute recently added to sys/cdefs.h instead ofdjm2014-03-261-7/+7
| | | | | | longform __attribute__(__bounded(...)); for brevity and a warning free compilation with llvm/clan
* refactor client config code a little:djm2013-10-141-1/+2
| | | | | | | | | | | | add multistate option partsing to readconf.c, similar to servconf.c's existing code. move checking of options that accept "none" as an argument to readconf.c add a lowercase() function and use it instead of explicit tolower() in loops part of a larger diff that was ok markus@
* Use clock_gettime(CLOCK_MONOTONIC ...) for ssh timers so that things likedtucker2013-06-011-1/+2
| | | | | keepalives and rekeying will work properly over clock steps. Suggested by markus@, "looks good" djm@.
* print ipqos friendly string for sshd -T; ok markusstevesk2011-03-291-1/+2
| | | | | # sshd -Tf sshd_config|grep ipqos ipqos lowdelay throughput
* honour $TMPDIR for client xauth and ssh-agent temporary directories;djm2010-11-211-1/+2
| | | | feedback and ok markus@
* allow ssh and sshd to set arbitrary TOS/DSCP/QoS values instead ofdjm2010-11-131-1/+2
| | | | | | hardcoding lowdelay/throughput. bz#1733 patch from philipp AT redfish-solutions.com; ok markus@ deraadt@
* Add timingsafe_bcmp(3) to libc, mention that it's already in thematthew2010-09-241-2/+1
| | | | | | kernel in kern(9), and remove it from OpenSSH. ok deraadt@, djm@
* add an option per-read/write callback to atomiciodjm2010-09-221-1/+10
| | | | | | | | | factor out bandwidth limiting code from scp(1) into a generic bandwidth limiter that can be attached using the atomicio callback mechanism add a bandwidth limit option to sftp(1) using the above "very nice" markus@
* s/timing_safe_cmp/timingsafe_bcmp/gdjm2010-07-131-2/+2
|
* implement a timing_safe_cmp() function to compare memory without leakingdjm2010-07-131-1/+2
| | | | | | timing information by short-circuiting like memcmp() and use it for some of the more sensitive comparisons (though nothing high-value was readily attackable anyway); "looks ok" markus@
* Remove RoutingDomain from ssh since it's now not needed. It can be replaceddtucker2010-01-091-4/+1
| | | | | | | | | | | | | with "route exec" or "nc -V" as a proxycommand. "route exec" also ensures that trafic such as DNS lookups stays withing the specified routingdomain. For example (from reyk): # route -T 2 exec /usr/sbin/sshd or inherited from the parent process $ route -T 2 exec sh $ ssh 10.1.2.3 ok deraadt@ markus@ stevesk@ reyk@
* validate routing domain is in range 0-RT_TABLEID_MAX.stevesk2009-12-251-1/+2
| | | | 'Looks right' deraadt@
* Allow to set the rdomain in ssh/sftp/scp/sshd and ssh-keyscan.reyk2009-10-281-1/+3
| | | | ok markus@
* Make keepalive timeouts apply while waiting for a packet, particularly duringdtucker2008-06-121-1/+3
| | | | key renegotiation (bz #1363). With djm and Matt Day, ok djm@
* Add a small helper function to consistently handle the EAI_SYSTEM errordtucker2007-12-271-1/+2
| | | | | code of getaddrinfo. Prompted by vgiffin at apple com via bz #1417. ok markus@ stevesk@
* reorder so prototypes are sorted by the files they refer to; nodjm2006-08-181-13/+13
| | | | binary change
* almost entirely get rid of the culture of ".h files that include .h files"deraadt2006-08-031-6/+1
| | | | | ok djm, sort of ok stevesk makes the pain stop in one easy step
* move #include <stdio.h> out of includes.hstevesk2006-08-011-1/+2
|
* Add port identifier to known_hosts for non-default ports, based originallydtucker2006-07-101-1/+2
| | | | | | | | | | on a patch from Devin Nate in bz#910. For any connection using the default port or using a HostKeyAlias the format is unchanged, otherwise the host name or address is enclosed within square brackets in the same format as sshd's ListenAddress. Tested by many, ok markus@.
* move #include <pwd.h> out of includes.h; ok markus@stevesk2006-07-061-1/+5
|
* replace {GET,PUT}_XXBIT macros with functionally similar functions,djm2006-03-301-2/+22
| | | | | | silencing a heap of lint warnings. also allows them to use __bounded__ checking which can't be applied to macros; requested by and feedback from deraadt@
* standardise spacing in $OpenBSD$ tags; requested by deraadt@djm2006-03-251-1/+1
|
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.