summaryrefslogtreecommitdiffstats
path: root/usr.bin/ssh/mux.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* highly polished whitespace, mostly fixing spaces-for-tab and baddjm2021-04-031-5/+5
| | | | indentation on continuation lines. Prompted by GHPR#185
* whitespace; no code changedjm2020-10-291-3/+3
|
* use the new variant log macros instead of prepending __func__ anddjm2020-10-181-286/+252
| | | | appending ssh_err(r) manually; ok markus@
* There are lots of place where we want to redirect stdin, stdoutdjm2020-10-031-19/+7
| | | | | | and/or stderr to /dev/null. Factor all these out to a single stdfd_devnull() function that allows selection of which of these to redirect. ok markus@
* some language improvements; ok markusdjm2020-07-051-7/+7
|
* bring back debug() removed in rev 1.74; noted by pradeep kumarmarkus2020-04-301-1/+2
|
* Replace all calls to signal(2) with a wrapper around sigaction(2).dtucker2020-01-231-11/+11
| | | | | | This wrapper blocks all other signals during the handler preventing races between handlers, and sets SA_RESTART which should reduce the potential for short read/write operations.
* When system calls indicate an error they return -1, not some arbitraryderaadt2019-06-281-4/+4
| | | | | | value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
* convert mux.c to new packet APIdjm2019-01-191-6/+13
| | | | with & ok markus@
* begin landing remaining refactoring of packet parsing API, starteddjm2019-01-191-1/+4
| | | | | | | | | | | almost exactly six years ago. This change stops including the old packet_* API by default and makes each file that requires the old API include it explicitly. We will commit file-by-file refactoring to remove the old API in consistent steps. with & ok markus@
* remove big ugly TODO comment from start of file. Some of the mentioneddjm2018-09-261-14/+1
| | | | | tasks are obsolete and, of the remainder, most are already captured in PROTOCOL.mux where they better belong
* s/process_mux_master/mux_master_process/ in mux master function names,djm2018-09-261-36/+38
| | | | | | | | | Gives better symmetry with the existing mux_client_*() names and makes it more obvious when a message comes from the master vs client (they are interleved in ControlMaster=auto mode). no functional change beyond prefixing a could of log messages with __func__ where they were previously lacking.
* fix some memory leaks spotted by Coverity via Jakub Jelen in bz#2366djm2018-07-311-1/+2
| | | | feedback and ok dtucker@
* remove legacy key emulation layer; ok djm@markus2018-07-111-2/+2
|
* client: switch mux to sshbuf API; with & ok djm@markus2018-07-091-414/+507
|
* client: switch to sshbuf API; ok djm@markus2018-07-091-3/+3
|
* add a SetEnv directive to ssh_config that allows setting environmentdjm2018-06-091-4/+6
| | | | | | | | variables for the remote session (subject to the server accepting them) refactor SendEnv to remove the arbitrary limit of variable names. ok markus@
* Add a PermitListen directive to control which server-side addressesdjm2018-06-061-3/+3
| | | | | | | | | may be listened on when the client requests remote forwarding (ssh -R). This is the converse of the existing PermitOpen directive and this includes some refactoring to share much of its implementation. feedback and ok markus@
* Use strsignal in debug message instead of casting for the benefit ofdtucker2017-09-201-2/+2
| | | | portable where sig_atomic_t might not be int. "much nicer" deraadt@
* Prevent type mismatch warning in debug on platforms where sig_atomic_tdtucker2017-09-181-2/+2
| | | | != int. ok djm@
* Make remote channel ID a u_intdjm2017-09-121-7/+11
| | | | | | | | | | | Previously we tracked the remote channel IDs in an int, but this is strictly incorrect: the wire protocol uses uint32 and there is nothing in-principle stopping a SSH implementation from sending, say, 0xffff0000. In practice everyone numbers their channels sequentially, so this has never been a problem. ok markus@
* refactor channels.cdjm2017-09-121-84/+109
| | | | | | | | | | | | | | | | | | Move static state to a "struct ssh_channels" that is allocated at runtime and tracked as a member of struct ssh. Explicitly pass "struct ssh" to all channels functions. Replace use of the legacy packet APIs in channels.c. Rework sshd_config PermitOpen handling: previously the configuration parser would call directly into the channels layer. After the refactor this is not possible, as the channels structures are allocated at connection time and aren't available when the configuration is parsed. The server config parser now tracks PermitOpen itself and explicitly configures the channels code later. ok markus@
* return failure rather than fatal() for more cases during muxdjm2017-06-091-10/+20
| | | | | negotiations. Causes the session to fall back to a non-mux connection if they occur. bz#2707 ok dtucker@
* The POSIX APIs that that sockaddrs all ignore the s*_len field in theguenther2017-01-211-4/+2
| | | | | | | incoming socket, so userspace doesn't need to set it unless it has its own reasons for tracking the size along with the sockaddr. ok phessler@ deraadt@ florian@
* When tearing down ControlMaster connecctions, don't pollute stderr whendtucker2016-10-191-3/+5
| | | | LogLevel=quiet. Patch from Tim Kuijsten via tech@.
* ssh proxy mux mode (-O proxy; idea from Simon Tatham):markus2016-09-301-7/+62
| | | | | | | | | - mux client speaks the ssh-packet protocol directly over unix-domain socket. - mux server acts as a proxy, translates channel IDs and relays to the server. - no filedescriptor passing necessary. - combined with unix-domain forwarding it's even possible to run mux client and server on different machines. feedback & ok djm@
* Improve error message for overlong ControlPath. ok markus@ djm@dtucker2016-08-081-2/+3
|
* Move the host and port used by ssh -W into the Options struct.dtucker2016-06-031-6/+4
| | | | This will make future changes a bit easier. ok djm@
* whitespace at EOLdjm2016-04-011-2/+2
|
* eliminate fallback from untrusted X11 forwarding to trusteddjm2016-01-131-10/+12
| | | | | forwarding when the X server disables the SECURITY extension; Reported by Thomas Hoger; ok deraadt@
* adjust pledge promises for ControlMaster: when using "ask" or "autoask", the process will use ssh-askpass for asking confirmation.semarie2015-12-261-7/+4
| | | | | | problem found by halex@ ok halex@
* pledges ssh client:semarie2015-12-031-1/+10
| | | | | | | | | - mux client: which is used when ControlMaster is in use. will end with "stdio proc tty" (proc is to permit sending SIGWINCH to mux master on window resize) - client loop: several levels of pledging depending of your used options ok deraadt@
* fix some signed/unsigned integer type mismatches in formatdjm2015-10-151-3/+3
| | | | strings; reported by Nicholas Lemonias
* fix free() of uninitialised pointer reported by Mateusz Kocielski;djm2015-08-191-1/+5
| | | | ok markus@
* remove failed remote forwards established by muliplexing from thedjm2015-05-011-2/+15
| | | | | list of active forwards; bz#2363, patch mostly by Yoann Ricordel; ok dtucker@
* reduce stderr spam when using ssh -S /path/mux -O forward -R 0:...djm2015-05-011-3/+3
| | | | ok dtucker@
* rename xrealloc() to xreallocarray() since it follows that form.deraadt2015-04-241-2/+2
| | | | ok djm
* Reduce use of <sys/param.h> and transition to <limits.h> throughout.deraadt2015-01-201-2/+1
| | | | ok djm markus
* fix passing of wildcard forward bind addresses when connectiondjm2014-12-221-2/+3
| | | | | multiplexing is in use; patch from Sami Hartikainen via bz#2324; ok dtucker@
* reflect stdio-forward ("ssh -W host:port ...") failures in exit status.djm2014-07-171-7/+59
| | | | | previously we were always returning 0. bz#2255 reported by Brendan Germain; ok dtucker
* preserve errno across syscalldjm2014-07-171-2/+4
|
* Add support for Unix domain socket forwarding. A remote TCP portmillert2014-07-151-85/+117
| | | | | | | | may be forwarded to a local Unix domain socket and vice versa or both ends may be a Unix domain socket. This is a reimplementation of the streamlocal patches by William Ahern from: http://www.25thandclement.com/~william/projects/streamlocal.html OK djm@ markus@
* buffer_get_string_ptr's return should be const to reminddjm2014-04-281-3/+3
| | | | | callers that futzing with it will futz with the actual buffer contents
* fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@djm2013-07-121-6/+13
|
* fix leaks in mux error paths, from Zhenbo Xu, found by Melton. bz#1967, ok djmdtucker2013-06-051-2/+6
|
* No need for the mux cleanup callback to be visible so restore it to staticdtucker2013-06-021-2/+2
| | | | and call it through the detach_user function pointer. ok djm@
* bye, bye xfree(); ok markus@djm2013-05-171-70/+52
|
* typo in debug output: evitval->exitvaldtucker2013-04-221-2/+2
|
* cleanup mux-created channels that are in SSH_CHANNEL_OPENING state toodjm2013-04-051-2/+3
| | | | (in addition to ones already in OPEN); bz#2079, ok dtucker@
* channel_setup_local_fwd_listener() returns 0 on failure, not -vedjm2013-01-021-3/+3
| | | | bz#2055 reported by mathieu.lacage AT gmail.com
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.