summaryrefslogtreecommitdiffstats
path: root/usr.bin/ssh/mux.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Reduce use of <sys/param.h> and transition to <limits.h> throughout.deraadt2015-01-201-2/+1
| | | | ok djm markus
* fix passing of wildcard forward bind addresses when connectiondjm2014-12-221-2/+3
| | | | | multiplexing is in use; patch from Sami Hartikainen via bz#2324; ok dtucker@
* reflect stdio-forward ("ssh -W host:port ...") failures in exit status.djm2014-07-171-7/+59
| | | | | previously we were always returning 0. bz#2255 reported by Brendan Germain; ok dtucker
* preserve errno across syscalldjm2014-07-171-2/+4
|
* Add support for Unix domain socket forwarding. A remote TCP portmillert2014-07-151-85/+117
| | | | | | | | may be forwarded to a local Unix domain socket and vice versa or both ends may be a Unix domain socket. This is a reimplementation of the streamlocal patches by William Ahern from: http://www.25thandclement.com/~william/projects/streamlocal.html OK djm@ markus@
* buffer_get_string_ptr's return should be const to reminddjm2014-04-281-3/+3
| | | | | callers that futzing with it will futz with the actual buffer contents
* fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@djm2013-07-121-6/+13
|
* fix leaks in mux error paths, from Zhenbo Xu, found by Melton. bz#1967, ok djmdtucker2013-06-051-2/+6
|
* No need for the mux cleanup callback to be visible so restore it to staticdtucker2013-06-021-2/+2
| | | | and call it through the detach_user function pointer. ok djm@
* bye, bye xfree(); ok markus@djm2013-05-171-70/+52
|
* typo in debug output: evitval->exitvaldtucker2013-04-221-2/+2
|
* cleanup mux-created channels that are in SSH_CHANNEL_OPENING state toodjm2013-04-051-2/+3
| | | | (in addition to ones already in OPEN); bz#2079, ok dtucker@
* channel_setup_local_fwd_listener() returns 0 on failure, not -vedjm2013-01-021-3/+3
| | | | bz#2055 reported by mathieu.lacage AT gmail.com
* Force a clean shutdown of ControlMaster client sessions when the ~. escapedtucker2012-08-171-2/+2
| | | | | sequence is used. This means that ~. should now work in mux clients even if the server is no longer responding. Found by tedu, ok djm.
* fix memory leak of passed-in environment variables and connectiondjm2012-07-061-3/+9
| | | | | context when new session message is malformed; bz#2003 from Bert.Wesarg AT googlemail.com
* fix memory leak when mux socket creation fails; bz#2002 from bert.wesargdjm2012-06-011-2/+2
| | | | AT googlemail.com
* fix double-free in new session handlerdjm2012-01-071-4/+2
|
* revert:djm2011-12-041-4/+1
| | | | | | | | | > revision 1.32 > date: 2011/12/02 00:41:56; author: djm; state: Exp; lines: +4 -1 > fix bz#1948: ssh -f doesn't fork for multiplexed connection. > ok dtucker@ it interacts badly with ControlPersist
* fix bz#1948: ssh -f doesn't fork for multiplexed connection.djm2011-12-021-1/+4
| | | | ok dtucker@
* unbreak remote portforwarding with dynamic allocated listen ports:markus2011-09-231-5/+14
| | | | | | | | | 1) send the actual listen port in the open message (instead of 0). this allows multiple forwardings with a dynamic listen port 2) update the matching permit-open entry, so we can identify where to connect to report: den at skbkontur.ru and P. Szczygielski feedback and ok djm@
* support for cancelling local and remote port forwards via the multiplexdjm2011-09-091-21/+83
| | | | | socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@host" to request the cancellation of the specified forwardings; ok markus@
* hook up a channel confirm callback to warn the user then requested X11djm2011-06-221-3/+5
| | | | forwarding was refused by the server; ok markus@
* improve our behaviour when TTY allocation fails: if we are indjm2011-05-081-12/+48
| | | | | | | | | | | | RequestTTY=auto mode (the default), then do not treat at TTY allocation error as fatal but rather just restore the local TTY to cooked mode and continue. This is more graceful on devices that never allocate TTYs. If RequestTTY is set to "yes" or "force", then failure to allocate a TTY is fatal. ok markus@
* Add a RequestTTY ssh_config option to allow configuration-baseddjm2011-05-061-4/+3
| | | | control over tty allocation (like -t/-T); ok markus@
* gracefully fall back when ControlPath is too large for adjm2011-05-051-6/+10
| | | | sockaddr_un. ok markus@ as part of a larger diff
* allow graceful shutdown of multiplexing: request that a mux server removesdjm2011-04-171-1/+85
| | | | its listener socket and refuse future multiplexing requests; ok markus@
* correct error messages; patch from bert.wesarg AT googlemail.comdjm2011-01-131-5/+5
|
* Typo in confirmation message. bz#1827, patch from imorgan at nas nasa govdtucker2010-10-121-2/+2
|
* "atomically" create the listening mux socket by binding it on a temorarydjm2010-09-201-4/+46
| | | | | | | | | | name and then linking it into position after listen() has succeeded. this allows the mux clients to determine that the server socket is either ready or stale without races. stale server sockets are now automatically removed ok deraadt
* Add X11ForwardTimeout option to specify timeout for untrusted X11djm2010-06-251-3/+6
| | | | | | | | | | | authentication cookies to avoid fallback in X11 code to fully-trusted implicit authentication using SO_PEERCRED described at: http://lists.x.org/archives/xorg-devel/2010-May/008636.html After the X11ForwardTimeout has expired the client will now refuse incoming X11 channel opens. based on patch from Tavis Ormandy; "nice" markus@
* bz#1327: remove hardcoded limit of 100 permitopen clauses and portdjm2010-06-251-8/+4
| | | | forwards per direction; ok markus@ stevesk@
* Correct sizing of object to be allocated by calloc(), replacingdjm2010-06-171-2/+2
| | | | | | sizeof(state) with sizeof(*state). This worked by accident since the struct contained a single int at present, but could have broken in the future. patch from hyc AT symas.com
* mux support for remote forwarding with dynamic port allocation,markus2010-05-161-8/+105
| | | | | | use with LPORT=`ssh -S muxsocket -R0:localhost:25 -O forward somehost` feedback and ok djm@
* Pause the mux channel while waiting for reply from aynch callbacks.djm2010-05-141-10/+37
| | | | | | | | | | | | Prevents misordering of replies if new requests arrive while waiting. Extend channel open confirm callback to allow signalling failure conditions as well as success. Use this to 1) fix a memory leak, 2) start using the above pause mechanism and 3) delay sending a success/ failure message on mux slave session open until we receive a reply from the server. motivated by and with feedback from markus@
* set "detach_close" flag when registering channel cleanup callbacks.djm2010-04-231-3/+3
| | | | | This causes the channel to close normally when its fds close and hangs when terminating a mux slave using ~. bz#1758; ok markus@
* fix NULL dereference; from matthew.haub AT alumni.adelaide.edu.audjm2010-04-101-2/+2
|
* don't mark channel as read failed if it is already closing; suppressesdjm2010-01-301-3/+5
| | | | | harmless error messages when connecting to SSH.COM Tectia server report by imorgan AT nas.nasa.gov
* kill correct channel (was killing already-dead mux channel, notdjm2010-01-291-2/+2
| | | | its session channel)
* fix bug introduced in mux rewrite:djm2010-01-271-2/+8
| | | | | | | | | | | In a mux master, when a socket to a mux slave closes before its server session (as may occur when the slave has been signalled), gracefully close the server session rather than deleting its channel immediately. A server may have more messages on that channel to send (e.g. an exit message) that will fatal() the client if they are sent to a channel that has been prematurely deleted. spotted by imorgan AT nas.nasa.gov
* -Wuninitialized and remove a // comment; from portabledjm2010-01-261-4/+11
|
* rewrite ssh(1) multiplexing code to a more sensible protocol.djm2010-01-261-408/+1398
| | | | | | | | | | | | | | | | | | | | | | The new multiplexing code uses channels for the listener and accepted control sockets to make the mux master non-blocking, so no stalls when processing messages from a slave. avoid use of fatal() in mux master protocol parsing so an errant slave process cannot take down a running master. implement requesting of port-forwards over multiplexed sessions. Any port forwards requested by the slave are added to those the master has established. add support for stdio forwarding ("ssh -W host:port ...") in mux slaves. document master/slave mux protocol so that other tools can use it to control a running ssh(1). Note: there are no guarantees that this protocol won't be incompatibly changed (though it is versioned). feedback Salvador Fandino, dtucker@ channel changes ok markus@
* quell tc[gs]etattr warnings when forcing a tty (ssh -tt), since wedjm2010-01-091-3/+4
| | | | usually don't actually have a tty to read/set; bz#1686 ok dtucker@
* subsystem_flag is defined in ssh.c so it's extern; ok djmdtucker2009-08-201-2/+2
|
* Friendlier error messages for mux fallback. ok djm@dtucker2008-06-131-3/+3
|
* upcast size_t to u_long to match format arg; ok djm@dtucker2008-06-131-2/+2
|
* fall back to creating a new TCP connection on most multiplexing errorsdjm2008-06-131-18/+54
| | | | | (socket connect fail, invalid version, refused permittion, corrupted messages, etc.); bz #1329 ok dtucker@
* The multiplexing escape char handler commit last night introduced adjm2008-06-121-1/+2
| | | | small memory leak per session; plug it.
* some more TODO for medjm2008-06-121-2/+5
|
* Enable ~ escapes for multiplex slave sessions; give each channeldjm2008-06-121-31/+62
| | | | | | | | | | | | | its own escape state and hook the escape filters up to muxed channels. bz #1331 Mux slaves do not currently support the ~^Z and ~& escapes. NB. this change cranks the mux protocol version, so a new ssh mux client will not be able to connect to a running old ssh mux master. ok dtucker@
* tidy up session multiplexing code, moving it into its own file anddjm2008-05-091-0/+645
making the function names more consistent - making ssh.c and clientloop.c a fair bit more readable. ok markus@
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.