| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | |
|
| |
|
|
|
| |
dyamically allocate a listen port at runtime (this is actually
specified in rfc4254); bz#1003 ok markus@
|
| |
|
|
|
|
|
|
|
|
|
| |
rather than 0, which it will now treat as valid (needed for future work)
adjust current consumers of a2port() to check its return value is <= 0,
which in turn required some things to be converted from u_short => int
make use of int vs. u_short consistent in some other places too
feedback & ok markus@
|
| | |
|
| | |
|
| |
|
|
|
| |
Useful for daemonised ssh connection (ssh -f). Patch originally from
and ok'd by markus@
|
| |
|
|
| |
fixes interop problems with broken ssh v2 implementations; ok djm@
|
| |
|
|
|
|
| |
enabled, delay the fork until after replies for any -R forwards have
been seen. Allows for robust detection of -R forward failure when
using -f (similar to bz#92); ok dtucker@
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
| |
expect replies to, similar to the per-channel confirmation queue.
Use this queue to verify success or failure for remote forward
establishment in a race free way.
ok dtucker@
|
| |
|
|
|
|
|
|
|
|
|
|
| |
client sends when it knows that it will never request another session
(i.e. when session multiplexing is disabled). This allows a server to
disallow further session requests and terminate the session.
Why would a non-multiplexing client ever issue additional session
requests? It could have been attacked with something like SSH'jack:
http://www.storm.net.nz/projects/7
feedback & ok markus
|
| | |
|
| |
|
|
|
|
|
| |
making the function names more consistent - making ssh.c and
clientloop.c a fair bit more readable.
ok markus@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
with "important" channel requests that fail, in particular command exec,
shell and subsystem requests. Previously we would optimistically assume
that the requests would always succeed, which could cause hangs if they
did not (e.g. when the server runs out of fds) or were unimplemented by
the server (bz #1384)
Also, properly report failing multiplex channel requests via the mux
client stderr (subject to LogLevel in the mux master) - better than
silently failing.
most bits ok markus@ (as part of a larger diff)
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
mechanism. Each channel maintains a queue of callbacks, which will
be drained in order (RFC4253 guarantees confirm messages are not
reordered within an channel).
Also includes a abandonment callback to clean up if a channel is
closed without sending confirmation messages. This probably
shouldn't happen in compliant implementations, but it could be
abused to leak memory.
ok markus@ (as part of a larger diff)
|
| |
|
|
|
| |
server runs out of fds on us midway. Report and patch from
gregory_shively AT fanniemae.com
|
| | |
|
| | |
|
| |
|
|
|
| |
inside tilde_expand_filename(); save the data we need carefully
ok djm
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
SSH banner exchange (previously it just covered the TCP connection).
This allows callers of ssh(1) to better detect and deal with stuck servers
that accept a TCP connection but don't progress the protocol, and also makes
ConnectTimeout useful for connections via a ProxyCommand;
feedback and "looks ok" markus@
|
| |
|
|
|
| |
when it encounters problems, and use this to make session multiplexing
masters survive slaves failing to pass all stdio FDs; ok markus@
|
| |
|
|
|
|
| |
tunnel device is opened. Also, make failures to open a tunnel device
fatal when ExitOnForwardFailure is active.
Reported by h.goebel AT goebel-consult.de; ok dtucker markus reyk deraadt
|
| |
|
|
|
| |
writes an entire int of data *and* closes the client_fd; fixes mux
regression spotted by dtucker, ok dtucker@
|
| | |
|
| |
|
|
| |
reported by alexandre.nunes AT gmail.com; ok dtucker@
|
| |
|
|
|
|
| |
GSSAPIDelegateCredentials=yes. This is symmetric with -k (disable GSSAPI)
and is useful for hosts with /home on Kerberised NFS; bz #1312
patch from Markus.Kuhn AT cl.cam.ac.uk; ok dtucker@ markus@
|
| |
|
|
|
| |
full exit status by ensuring that the slave reads a full int. bz#1261
reported by frekko AT gmail.com; ok markus@ dtucker@
|
| | |
|
| | |
|
| |
|
|
|
| |
ok djm, sort of ok stevesk
makes the pain stop in one easy step
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
ok markus@
|
| |
|
|
|
| |
cannot set up all requested dynamic, local, and remote port
forwardings. ok djm, dtucker, stevesk, jmc
|
| |
|
|
|
| |
ssh bailing when SendEnv is used and an environment variable with a really
long value exists. ok djm@
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
jmc@
|
| |
|
|
|
| |
once or prompting for their passphrases (which it subsequently ignores
anyway), similar to a previous change in ssh-add. bz #1186, ok djm@
|
markus
djm
stevesk
jmc
dtucker
deraadt