Commit Graph

296 Commits

Author SHA1 Message Date
Damien Miller 1d2c456426 - tedu@cvs.openbsd.org 2014/01/31 16:39:19
[auth2-chall.c authfd.c authfile.c bufaux.c bufec.c canohost.c]
     [channels.c cipher-chachapoly.c clientloop.c configure.ac hostfile.c]
     [kexc25519.c krl.c monitor.c sandbox-systrace.c session.c]
     [sftp-client.c ssh-keygen.c ssh.c sshconnect2.c sshd.c sshlogin.c]
     [openbsd-compat/explicit_bzero.c openbsd-compat/openbsd-compat.h]
     replace most bzero with explicit_bzero, except a few that cna be memset
     ok djm dtucker
2014-02-04 11:18:20 +11:00
Damien Miller fdb2306acd - deraadt@cvs.openbsd.org 2013/11/20 20:54:10
[canohost.c clientloop.c match.c readconf.c sftp.c]
     unsigned casts for ctype macros where neccessary
     ok guenther millert markus
2013-11-21 13:57:15 +11:00
Damien Miller 6c81fee693 - djm@cvs.openbsd.org 2013/11/08 00:39:15
[auth-options.c auth2-chall.c authfd.c channels.c cipher-3des1.c]
     [clientloop.c gss-genr.c monitor_mm.c packet.c schnorr.c umac.c]
     [sftp-client.c sftp-glob.c]
     use calloc for all structure allocations; from markus@
2013-11-08 12:19:55 +11:00
Damien Miller 70182522a4 - djm@cvs.openbsd.org 2013/09/12 01:41:12
[clientloop.c]
     fix connection crash when sending break (~B) on ControlPersist'd session;
     ok dtucker@
2013-09-14 09:49:19 +10:00
Damien Miller 36187093ea - dtucker@cvs.openbsd.org 2013/06/07 15:37:52
[channels.c channels.h clientloop.c]
     Add an "ABANDONED" channel state and use for mux sessions that are
     disconnected via the ~. escape sequence.  Channels in this state will
     be able to close if the server responds, but do not count as active channels.
     This means that if you ~. all of the mux clients when using ControlPersist
     on a broken network, the backgrounded mux master will exit when the
     Control Persist time expires rather than hanging around indefinitely.
     bz#1917, also reported and tested by tedu@.  ok djm@ markus@.
2013-06-10 13:07:11 +10:00
Darren Tucker ea8342c248 - dtucker@cvs.openbsd.org 2013/06/02 23:36:29
[clientloop.h clientloop.c mux.c]
     No need for the mux cleanup callback to be visible so restore it to static
     and call it through the detach_user function pointer.  ok djm@
2013-06-06 08:11:40 +10:00
Darren Tucker b759c9c2ef - dtucker@cvs.openbsd.org 2013/06/01 13:15:52
[ssh-agent.c clientloop.c misc.h packet.c progressmeter.c misc.c
     channels.c sandbox-systrace.c]
     Use clock_gettime(CLOCK_MONOTONIC ...) for ssh timers so that things like
     keepalives and rekeying will work properly over clock steps.  Suggested by
     markus@, "looks good" djm@.
2013-06-02 07:46:16 +10:00
Darren Tucker a627d42e51 - djm@cvs.openbsd.org 2013/05/17 00:13:13
[xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c
     ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c
     gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c
     auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c
     servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c
     auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c
     sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c
     kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c
     kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c
     monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c
     ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c
     sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c
     ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c
     dns.c packet.c readpass.c authfd.c moduli.c]
     bye, bye xfree(); ok markus@
2013-06-02 07:31:17 +10:00
Darren Tucker c53c2af173 - dtucker@cvs.openbsd.org 2013/05/16 02:00:34
[ssh_config sshconnect2.c packet.c readconf.h readconf.c clientloop.c
     ssh_config.5 packet.h]
     Add an optional second argument to RekeyLimit in the client to allow
     rekeying based on elapsed time in addition to amount of traffic.
     with djm@ jmc@, ok djm
2013-05-16 20:28:16 +10:00
Damien Miller 73298f420e - djm@cvs.openbsd.org 2013/01/02 00:32:07
[clientloop.c mux.c]
     channel_setup_local_fwd_listener() returns 0 on failure, not -ve
     bz#2055 reported by mathieu.lacage AT gmail.com
2013-01-09 15:55:50 +11:00
Darren Tucker 48bf4b0ca3 - dtucker@cvs.openbsd.org 2012/09/07 06:34:21
[clientloop.c]
     when muxmaster is run with -N, make it shut down gracefully when a client
     sends it "-O stop" rather than hanging around (bz#1985).  ok djm@
2012-09-07 16:38:53 +10:00
Darren Tucker ca0d0fd806 - dtucker@cvs.openbsd.org 2012/09/07 01:10:21
[clientloop.c]
     Merge escape help text for ~v and ~V; ok djm@
2012-09-07 11:22:24 +10:00
Darren Tucker f111d40604 - dtucker@cvs.openbsd.org 2012/09/07 00:30:19
[clientloop.c]
     Print '^Z' instead of a raw ^Z when the sequence is not supported.  ok djm@
2012-09-07 11:21:42 +10:00
Darren Tucker 92a39cfa09 - dtucker@cvs.openbsd.org 2012/09/06 09:50:13
[clientloop.c]
     Make the escape command help (~?) context sensitive so that only commands
     that will work in the current session are shown.  ok markus@

(note: previous commit with this description was a mistake on my part while
pulling changes from OpenBSD)
2012-09-07 11:20:20 +10:00
Darren Tucker 29bf4040b4 - dtucker@cvs.openbsd.org 2012/09/06 09:50:13
[clientloop.c]
     Make the escape command help (~?) context sensitive so that only commands
     that will work in the current session are shown.  ok markus@
2012-09-06 21:26:34 +10:00
Darren Tucker 50a48d025f - dtucker@cvs.openbsd.org 2012/09/06 04:37:39
[clientloop.c log.c ssh.1 log.h]
     Add ~v and ~V escape sequences to raise and lower the logging level
     respectively. Man page help from jmc, ok deraadt jmc
2012-09-06 21:25:37 +10:00
Darren Tucker 66cb0e0733 - dtucker@cvs.openbsd.org 2012/08/17 00:45:45
[clientloop.c clientloop.h mux.c]
     Force a clean shutdown of ControlMaster client sessions when the ~. escape
     sequence is used.  This means that ~. should now work in mux clients even
     if the server is no longer responding.  Found by tedu, ok djm.
2012-09-06 21:19:05 +10:00
Damien Miller 6c6da33d31 - djm@cvs.openbsd.org 2012/06/20 04:42:58
[clientloop.c serverloop.c]
     initialise accept() backoff timer to avoid EINVAL from select(2) in
     rekeying
2012-06-20 22:31:26 +10:00
Damien Miller a6508753db - djm@cvs.openbsd.org 2012/04/11 13:16:19
[channels.c channels.h clientloop.c serverloop.c]
     don't spin in accept() when out of fds (ENFILE/ENFILE) - back off for a
     while; ok deraadt@ markus@
2012-04-22 11:21:10 +10:00
Damien Miller 8d60be5487 - dtucker@cvs.openbsd.org 2012/01/18 21:46:43
[clientloop.c]
     Ensure that $DISPLAY contains only valid characters before using it to
     extract xauth data so that it can't be used to play local shell
     metacharacter games.  Report from r00t_ati at ihteam.net, ok markus.
2012-02-11 08:18:17 +11:00
Damien Miller ff773644e6 - markus@cvs.openbsd.org 2011/09/10 22:26:34
[channels.c channels.h clientloop.c ssh.1]
     support cancellation of local/dynamic forwardings from ~C commandline;
     ok & feedback djm@
2011-09-22 21:39:48 +10:00
Damien Miller 6d7b4377dd - djm@cvs.openbsd.org 2011/06/22 22:08:42
[channels.c channels.h clientloop.c clientloop.h mux.c ssh.c]
     hook up a channel confirm callback to warn the user then requested X11
     forwarding was refused by the server; ok markus@
2011-06-23 08:31:57 +10:00
Damien Miller 4ac99c366c - djm@cvs.openbsd.org 2011/06/17 21:57:25
[clientloop.c]
     setproctitle for a mux master that has been gracefully stopped;
     bz#1911 from Bert.Wesarg AT googlemail.com
2011-06-20 14:43:31 +10:00
Damien Miller 555f3b856f - djm@cvs.openbsd.org 2011/05/08 12:52:01
[PROTOCOL.mux clientloop.c clientloop.h mux.c]
     improve our behaviour when TTY allocation fails: if we are in
     RequestTTY=auto mode (the default), then do not treat at TTY
     allocation error as fatal but rather just restore the local TTY
     to cooked mode and continue. This is more graceful on devices that
     never allocate TTYs.

     If RequestTTY is set to "yes" or "force", then failure to allocate
     a TTY is fatal.

     ok markus@
2011-05-15 08:48:05 +10:00
Damien Miller 21771e22d3 - djm@cvs.openbsd.org 2011/05/06 21:34:32
[clientloop.c mux.c readconf.c readconf.h ssh.c ssh_config.5]
     Add a RequestTTY ssh_config option to allow configuration-based
     control over tty allocation (like -t/-T); ok markus@
2011-05-15 08:45:50 +10:00
Damien Miller 6c3eec7ab2 - djm@cvs.openbsd.org 2011/04/17 22:42:42
[PROTOCOL.mux clientloop.c clientloop.h mux.c ssh.1 ssh.c]
     allow graceful shutdown of multiplexing: request that a mux server
     removes its listener socket and refuse future multiplexing requests;
     ok markus@
2011-05-05 14:16:22 +10:00
Damien Miller cfd6e4f57f - djm@cvs.openbsd.org 2011/01/16 12:05:59
[clientloop.c]
     a couple more tweaks to the post-close protocol 1 stderr/stdout flush:
     now that we use atomicio(), convert them from while loops to if statements
     add test and cast to compile cleanly with -Wsigned
2011-01-16 23:18:33 +11:00
Damien Miller 4791f9dcec - djm@cvs.openbsd.org 2011/01/16 11:50:05
[clientloop.c]
     Use atomicio when flushing protocol 1 std{out,err} buffers at
     session close. This was a latent bug exposed by setting a SIGCHLD
     handler and spotted by kevin.brott AT gmail.com; ok dtucker@
2011-01-16 23:16:53 +11:00
Damien Miller 821de0ad2e - djm@cvs.openbsd.org 2011/01/11 06:13:10
[clientloop.c ssh-keygen.c sshd.c]
     some unsigned long long casts that make things a bit easier for
     portable without resorting to dropping PRIu64 formats everywhere
2011-01-11 17:20:29 +11:00
Damien Miller b73b6fd916 - djm@cvs.openbsd.org 2011/01/08 10:51:51
[clientloop.c]
     use host and not options.hostname, as the latter may have unescaped
     substitution characters
2011-01-11 17:18:56 +11:00
Damien Miller 64abf31425 - djm@cvs.openbsd.org 2011/01/06 22:23:02
[clientloop.c]
     when exiting due to ServerAliveTimeout, mention the hostname that caused
     it (useful with backgrounded controlmaster)
2011-01-07 09:51:52 +11:00
Damien Miller d0fdd6818c - djm@cvs.openbsd.org 2010/11/23 23:57:24
[clientloop.c]
     avoid NULL deref on receiving a channel request on an unknown or invalid
     channel; report bz#1842 from jchadima AT redhat.com; ok dtucker@
2010-12-01 12:02:14 +11:00
Damien Miller 2cd629349d - djm@cvs.openbsd.org 2010/11/21 01:01:13
[clientloop.c misc.c misc.h ssh-agent.1 ssh-agent.c]
     honour $TMPDIR for client xauth and ssh-agent temporary directories;
     feedback and ok markus@
2010-12-01 11:50:35 +11:00
Damien Miller 0dac6fb6b2 - djm@cvs.openbsd.org 2010/11/13 23:27:51
[clientloop.c misc.c misc.h packet.c packet.h readconf.c readconf.h]
     [servconf.c servconf.h session.c ssh.c ssh_config.5 sshd_config.5]
     allow ssh and sshd to set arbitrary TOS/DSCP/QoS values instead of
     hardcoding lowdelay/throughput.

     bz#1733 patch from philipp AT redfish-solutions.com; ok markus@ deraadt@
2010-11-20 15:19:38 +11:00
Damien Miller a41ccca643 - djm@cvs.openbsd.org 2010/10/06 06:39:28
[clientloop.c ssh.c sshconnect.c sshconnect.h]
     kill proxy command on fatal() (we already kill it on clean exit);
     ok markus@
2010-10-07 22:07:32 +11:00
Damien Miller e11e1ea5d4 - djm@cvs.openbsd.org 2010/07/19 09:15:12
[clientloop.c readconf.c readconf.h ssh.c ssh_config.5]
     add a "ControlPersist" option that automatically starts a background
     ssh(1) multiplex master when connecting. This connection can stay alive
     indefinitely, or can be set to automatically close after a user-specified
     duration of inactivity. bz#1330 - patch by dwmw2 AT infradead.org, but
     further hacked on by wmertens AT cisco.com, apb AT cequrux.com,
     martin-mindrot-bugzilla AT earth.li and myself; "looks ok" markus@
2010-08-03 16:04:46 +10:00
Damien Miller 1ab6a51f9b - djm@cvs.openbsd.org 2010/06/25 23:10:30
[ssh.c]
     log the hostname and address that we connected to at LogLevel=verbose
     after authentication is successful to mitigate "phishing" attacks by
     servers with trusted keys that accept authentication silently and
     automatically before presenting fake password/passphrase prompts;
     "nice!" markus@
2010-06-26 10:02:24 +10:00
Damien Miller 22c97f1539 - djm@cvs.openbsd.org 2010/04/10 02:08:44
[clientloop.c]
     bz#1698: kill channel when pty allocation requests fail. Fixed
     stuck client if the server refuses pty allocation.
     ok dtucker@ "think so" markus@
2010-04-16 15:53:23 +10:00
Damien Miller 8ddc71c13d - djm@cvs.openbsd.org 2010/03/13 21:10:38
[clientloop.c]
     protocol conformance fix: send language tag when disconnecting normally;
     spotted by 1.41421 AT gmail.com, ok markus@ deraadt@
2010-03-22 05:54:02 +11:00
Damien Miller 36f57ebf3b - djm@cvs.openbsd.org 2010/01/28 00:21:18
[clientloop.c]
     downgrade an error() to a debug() - this particular case can be hit in
     normal operation for certain sequences of mux slave vs session closure
     and is harmless
2010-01-30 17:28:34 +11:00
Damien Miller e1537f951f - djm@cvs.openbsd.org 2010/01/26 01:28:35
[channels.c channels.h clientloop.c clientloop.h mux.c nchan.c ssh.c]
     rewrite ssh(1) multiplexing code to a more sensible protocol.

     The new multiplexing code uses channels for the listener and
     accepted control sockets to make the mux master non-blocking, so
     no stalls when processing messages from a slave.

     avoid use of fatal() in mux master protocol parsing so an errant slave
     process cannot take down a running master.

     implement requesting of port-forwards over multiplexed sessions. Any
     port forwards requested by the slave are added to those the master has
     established.

     add support for stdio forwarding ("ssh -W host:port ...") in mux slaves.

     document master/slave mux protocol so that other tools can use it to
     control a running ssh(1). Note: there are no guarantees that this
     protocol won't be incompatibly changed (though it is versioned).

     feedback Salvador Fandino, dtucker@
     channel changes ok markus@
2010-01-26 13:26:22 +11:00
Darren Tucker 37c1b3d6fc - djm@cvs.openbsd.org 2010/01/09 05:04:24
[mux.c sshpty.h clientloop.c sshtty.c]
     quell tc[gs]etattr warnings when forcing a tty (ssh -tt), since we
     usually don't actually have a tty to read/set; bz#1686 ok dtucker@
2010-01-09 22:26:23 +11:00
Darren Tucker 2944082b3f - djm@cvs.openbsd.org 2009/11/17 05:31:44
[clientloop.c]
     fix incorrect exit status when multiplexing and channel ID 0 is recycled
     bz#1570 reported by peter.oliver AT eon-is.co.uk; ok dtucker
2010-01-08 17:08:35 +11:00
Darren Tucker e32cf43106 - andreas@cvs.openbsd.org 2009/10/24 11:15:29
[clientloop.c]
     client_loop() must detect if the session has been suspended and resumed,
     and take appropriate action in that case.
     From Martin Forssen, maf at appgate dot com
     ok markus@
2010-01-08 16:51:40 +11:00
Darren Tucker 86e30a0166 - (dtucker) [clientloop.c configure.ac defines.h] Make the client's IO buffer
size a compile-time option and set it to 64k on Cygwin, since Corinna
   reports that it makes a significant difference to performance.  ok djm@
2009-08-28 11:21:06 +10:00
Darren Tucker de0c025e3c - stevesk@cvs.openbsd.org 2009/07/05 19:28:33
[clientloop.c]
     only send SSH2_MSG_DISCONNECT if we're in compat20; from dtucker@
     ok deraadt@ markus@
2009-07-06 07:17:35 +10:00
Darren Tucker c5564e1c4c - andreas@cvs.openbsd.org 2009/05/28 16:50:16
[sshd.c packet.c serverloop.c monitor_wrap.c clientloop.c sshconnect.c
     monitor.c Added roaming.h roaming_common.c roaming_dummy.c]
     Keep track of number of bytes read and written. Needed for upcoming
     changes. Most code from Martin Forssen, maf at appgate dot com.
     ok markus@
     Also, applied appropriate changes to Makefile.in
2009-06-21 18:53:53 +10:00
Darren Tucker 12b4a6504b - andreas@cvs.openbsd.org 2009/05/27 06:34:36
[kex.c kex.h]
     Move the KEX_COOKIE_LEN define to kex.h
     ok markus@
2009-06-21 18:14:48 +10:00
Darren Tucker f7288d77e4 - andreas@cvs.openbsd.org 2009/05/27 06:31:25
[canohost.h canohost.c]
     Add clear_cached_addr(), needed for upcoming changes allowing the peer
     address to change.
     ok markus@
2009-06-21 18:12:20 +10:00
Damien Miller 4bf648f776 - djm@cvs.openbsd.org 2009/02/12 03:00:56
[canohost.c canohost.h channels.c channels.h clientloop.c readconf.c]
     [readconf.h serverloop.c ssh.c]
     support remote port forwarding with a zero listen port (-R0:...) to
     dyamically allocate a listen port at runtime (this is actually
     specified in rfc4254); bz#1003 ok markus@
2009-02-14 16:28:21 +11:00
Damien Miller 3dc71ad865 - djm@cvs.openbsd.org 2009/01/22 10:02:34
[clientloop.c misc.c readconf.c readconf.h servconf.c servconf.h]
     [serverloop.c ssh-keyscan.c ssh.c sshd.c]
     make a2port() return -1 when it encounters an invalid port number
     rather than 0, which it will now treat as valid (needed for future work)
     adjust current consumers of a2port() to check its return value is <= 0,
     which in turn required some things to be converted from u_short => int
     make use of int vs. u_short consistent in some other places too
     feedback & ok markus@
2009-01-28 16:31:22 +11:00
Damien Miller b3f2c9fcaf - stevesk@cvs.openbsd.org 2008/12/09 22:37:33
[clientloop.c]
     fix typo in error message
2009-01-28 16:15:30 +11:00
Damien Miller 586b00532f - djm@cvs.openbsd.org 2008/12/09 02:38:18
[clientloop.c]
     The ~C escape handler does not work correctly for multiplexed sessions -
     it opens a commandline on the master session, instead of on the slave
     that requested it. Disable it on slave sessions until such time as it
     is fixed; bz#1543 report from Adrian Bridgett via Colin Watson
     ok markus@
2008-12-09 14:11:32 +11:00
Damien Miller 8533c7801d - markus@cvs.openbsd.org 2008/12/02 19:01:07
[clientloop.c]
     we have to use the recipient's channel number (RFC 4254) for
     SSH2_MSG_CHANNEL_SUCCESS/SSH2_MSG_CHANNEL_FAILURE messages,
     otherwise we trigger 'Non-public channel' error messages on sshd
     systems with clientkeepalive enabled; noticed by sturm; ok djm;
2008-12-08 09:54:40 +11:00
Damien Miller 0164cb8a87 - stevesk@cvs.openbsd.org 2008/11/05 03:23:09
[clientloop.c ssh.1]
     add dynamic forward escape command line; ok djm@
2008-11-05 16:30:31 +11:00
Damien Miller a699d952e5 - stevesk@cvs.openbsd.org 2008/11/01 17:40:33
[clientloop.c readconf.c readconf.h ssh.c]
     merge dynamic forward parsing into parse_forward(); 'i think this is OK' djm@
2008-11-03 19:27:34 +11:00
Damien Miller e7261c7e36 - stevesk@cvs.openbsd.org 2008/10/30 19:31:16
[clientloop.c sshd.c]
     don't need to #include "monitor_fdpass.h"
2008-11-03 19:25:40 +11:00
Damien Miller b9d3bee003 - djm@cvs.openbsd.org 2008/07/16 11:51:14
[clientloop.c]
     rename variable first_gc -> last_gc (since it is actually the last
     in the list).
2008-07-16 22:40:52 +10:00
Damien Miller b61f3fc31f - markus@cvs.openbsd.org 2008/07/10 18:08:11
[clientloop.c monitor.c monitor_wrap.c packet.c packet.h sshd.c]
     sync v1 and v2 traffic accounting; add it to sshd, too;
     ok djm@, dtucker@
2008-07-11 17:36:48 +10:00
Damien Miller d8968adb5f - (djm) [atomicio.c channels.c clientloop.c defines.h includes.h]
[packet.c scp.c serverloop.c sftp-client.c ssh-agent.c ssh-keyscan.c]
   [sshd.c] Explicitly handle EWOULDBLOCK wherever we handle EAGAIN, on
   some platforms (HP nonstop) it is a distinct errno;
   bz#1467 reported by sconeu AT yahoo.com; ok dtucker@
2008-07-04 23:10:49 +10:00
Darren Tucker babc1d5f73 - djm@cvs.openbsd.org 2008/06/12 21:06:25
[clientloop.c]
     I was coalescing expected global request confirmation replies at
     the wrong end of the queue - fix; prompted by markus@
2008-06-13 08:56:01 +10:00
Darren Tucker 1cf65ae61d - (dtucker) [clientloop.c serverloop.c] channel_register_filter now
takes 2 more args.  with djm@
2008-06-13 05:09:18 +10:00
Darren Tucker 84c56f536c - djm@cvs.openbsd.org 2008/06/12 15:19:17
[clientloop.h channels.h clientloop.c channels.c mux.c]
     The multiplexing escape char handler commit last night introduced a
     small memory leak per session; plug it.
2008-06-13 04:55:46 +10:00
Darren Tucker 4d5cd33a5f - djm@cvs.openbsd.org 2008/06/12 04:17:47
[clientloop.c]
     thall shalt not code past the eightieth column
2008-06-13 04:51:14 +10:00
Darren Tucker 9f407c4422 - djm@cvs.openbsd.org 2008/06/12 04:06:00
[clientloop.h ssh.c clientloop.c]
     maintain an ordered queue of outstanding global requests that we
     expect replies to, similar to the per-channel confirmation queue.
     Use this queue to verify success or failure for remote forward
     establishment in a race free way.
     ok dtucker@
2008-06-13 04:50:27 +10:00
Darren Tucker 2fb66caca2 - djm@cvs.openbsd.org 2008/06/12 03:40:52
[clientloop.h mux.c channels.c clientloop.c channels.h]
     Enable ~ escapes for multiplex slave sessions; give each channel
     its own escape state and hook the escape filters up to muxed
     channels. bz #1331
     Mux slaves do not currently support the ~^Z and ~& escapes.
     NB. this change cranks the mux protocol version, so a new ssh
     mux client will not be able to connect to a running old ssh
     mux master.
     ok dtucker@
2008-06-13 04:49:33 +10:00
Darren Tucker df189fb279 - djm@cvs.openbsd.org 2008/05/19 20:53:52
[clientloop.c]
     unbreak tree by committing this bit that I missed from:
     Fix sending tty modes when stdin is not a tty (bz#1199). Previously
     we would send the modes corresponding to a zeroed struct termios,
     whereas we should have been sending an empty list of modes.
     Based on patch from daniel.ritz AT alcatel.ch; ok dtucker@ markus@
2008-06-08 12:55:32 +10:00
Damien Miller bab9bd4c20 - markus@cvs.openbsd.org 2008/05/09 16:21:13
[channels.h clientloop.c nchan.c serverloop.c]
     unbreak
        ssh -2 localhost od /bin/ls | true
     ignoring SIGPIPE by adding a new channel message (EOW) that signals
     the peer that we're not interested in any data it might send.
     fixes bz #85; discussion, debugging and ok djm@
2008-05-19 16:06:47 +10:00
Damien Miller b1cbfa25f1 - djm@cvs.openbsd.org 2008/05/09 14:18:44
[clientloop.c clientloop.h ssh.c mux.c]
     tidy up session multiplexing code, moving it into its own file and
     making the function names more consistent - making ssh.c and
     clientloop.c a fair bit more readable.
     ok markus@
2008-05-19 16:00:08 +10:00
Damien Miller bd74025c7b - djm@cvs.openbsd.org 2008/05/09 04:55:56
[channels.c channels.h clientloop.c serverloop.c]
     Try additional addresses when connecting to a port forward destination
     whose DNS name resolves to more than one address. The previous behaviour
     was to try the first address and give up.

     Reported by stig AT venaas.com in bz#343

     great feedback and ok markus@
2008-05-19 15:37:09 +10:00
Damien Miller 5771ed7d1b - djm@cvs.openbsd.org 2008/05/08 13:06:11
[clientloop.c clientloop.h ssh.c]
     Use new channel status confirmation callback system to properly deal
     with "important" channel requests that fail, in particular command exec,
     shell and subsystem requests. Previously we would optimistically assume
     that the requests would always succeed, which could cause hangs if they
     did not (e.g. when the server runs out of fds) or were unimplemented by
     the server (bz #1384)
     Also, properly report failing multiplex channel requests via the mux
     client stderr (subject to LogLevel in the mux master) - better than
     silently failing.
     most bits ok markus@ (as part of a larger diff)
2008-05-19 15:35:33 +10:00
Damien Miller b84886ba3e - djm@cvs.openbsd.org 2008/05/08 12:02:23
[auth-options.c auth1.c channels.c channels.h clientloop.c gss-serv.c]
     [monitor.c monitor_wrap.c nchan.c servconf.c serverloop.c session.c]
     [ssh.c sshd.c]
     Implement a channel success/failure status confirmation callback
     mechanism. Each channel maintains a queue of callbacks, which will
     be drained in order (RFC4253 guarantees confirm messages are not
     reordered within an channel).
     Also includes a abandonment callback to clean up if a channel is
     closed without sending confirmation messages. This probably
     shouldn't happen in compliant implementations, but it could be
     abused to leak memory.
     ok markus@ (as part of a larger diff)
2008-05-19 15:05:07 +10:00
Damien Miller 58226f6068 - dtucker@cvs.openbsd.org 2008/02/22 20:44:02
[clientloop.c packet.c packet.h serverloop.c]
     Allow all SSH2 packet types, including UNIMPLEMENTED to reset the
     keepalive timer (bz #1307).  ok markus@
2008-03-07 18:33:30 +11:00
Damien Miller 5ed3d575f9 - dtucker@cvs.openbsd.org 2008/01/23 01:56:54
[clientloop.c packet.c serverloop.c]
     Revert the change for bz #1307 as it causes connection aborts if an IGNORE
     packet arrives while we're waiting in packet_read_expect (and possibly
     elsewhere).
2008-02-10 22:27:47 +11:00
Damien Miller b82f5dd17d - djm@cvs.openbsd.org 2008/01/19 20:48:53
[clientloop.c]
     fd leak on session multiplexing error path. Report and patch from
     gregory_shively AT fanniemae.com
2008-02-10 22:22:53 +11:00
Darren Tucker 5baa170d77 - dtucker@cvs.openbsd.org 2007/12/28 22:34:47
[clientloop.c]
     Use the correct packet maximum sizes for remote port and agent forwarding.
     Prevents the server from killing the connection if too much data is queued
     and an excessively large packet gets sent.  bz #1360, ok djm@.
2007-12-29 09:37:10 +11:00
Darren Tucker d6725f04e2 - dtucker@cvs.openbsd.org 2007/12/28 15:32:24
[clientloop.c serverloop.c packet.c]
     Make SSH2_MSG_UNIMPLEMENTED and SSH2_MSG_IGNORE messages reset the
     ServerAlive and ClientAlive timers.  Prevents dropping a connection
     when these are enabled but the peer does not support our keepalives.
     bz #1307, ok djm@.
2007-12-29 02:45:07 +11:00
Darren Tucker 23ae8ca948 - djm@cvs.openbsd.org 2007/11/03 00:36:14
[clientloop.c]
     fix memory leak in process_cmdline(), patch from Jan.Pechanec AT Sun.COM;
     ok dtucker@
2007-12-02 23:12:30 +11:00
Damien Miller 54fd7cf2db - djm@cvs.openbsd.org 2007/09/04 03:21:03
[clientloop.c monitor.c monitor_fdpass.c monitor_fdpass.h]
     [monitor_wrap.c ssh.c]
     make file descriptor passing code return an error rather than call fatal()
     when it encounters problems, and use this to make session multiplexing
     masters survive slaves failing to pass all stdio FDs; ok markus@
2007-09-17 12:04:08 +10:00
Darren Tucker 513d13accd - markus@cvs.openbsd.org 2007/08/15 08:14:46
[clientloop.c]
     do NOT fall back to the trused x11 cookie if generation of an untrusted
     cookie fails; from security-alert at sun.com; ok dtucker
2007-08-15 19:13:41 +10:00
Damien Miller b3ce9fec30 - djm@cvs.openbsd.org 2007/08/07 07:32:53
[clientloop.c clientloop.h ssh.c]
     bz#1232: ensure that any specified LocalCommand is executed after the
     tunnel device is opened. Also, make failures to open a tunnel device
     fatal when ExitOnForwardFailure is active.
     Reported by h.goebel AT goebel-consult.de; ok dtucker markus reyk deraadt
2007-08-08 14:32:41 +10:00
Darren Tucker 03b1cdbb44 - tedu@cvs.openbsd.org 2007/03/20 03:56:12
[readconf.c clientloop.c]
     remove some bogus *p tests from charles longeau
     ok deraadt millert
2007-03-21 20:46:03 +11:00
Darren Tucker d04188e70e - djm@cvs.openbsd.org 2007/02/20 10:25:14
[clientloop.c]
     set maximum packet and window sizes the same for multiplexed clients
     as normal connections; ok markus@
2007-02-25 20:36:49 +11:00
Darren Tucker 82a3d2bc6f - stevesk@cvs.openbsd.org 2007/01/21 01:41:54
[auth-skey.c kex.c ssh-keygen.c session.c clientloop.c]
     spaces
2007-02-19 22:10:25 +11:00
Damien Miller 985a4485f5 - markus@cvs.openbsd.org 2006/10/11 12:38:03
[clientloop.c serverloop.c]
     exit instead of doing a blocking tcp send if we detect a client/server
     timeout, since the tcp sendqueue might be already full (of alive
     requests); ok dtucker, report mpf
2006-10-24 03:02:41 +10:00
Damien Miller ded319cca2 - (djm) [audit-bsm.c audit.c auth-bsdauth.c auth-chall.c auth-pam.c]
[auth-rsa.c auth-shadow.c auth-sia.c auth1.c auth2-chall.c]
   [auth2-gss.c auth2-kbdint.c auth2-none.c authfd.c authfile.c]
   [cipher-3des1.c cipher-aes.c cipher-bf1.c cipher-ctr.c clientloop.c]
   [dh.c dns.c entropy.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
   [kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c loginrec.c mac.c]
   [md5crypt.c monitor.c monitor_wrap.c readconf.c rsa.c]
   [scard-opensc.c scard.c session.c ssh-add.c ssh-agent.c ssh-dss.c]
   [ssh-keygen.c ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c]
   [sshconnect1.c sshconnect2.c sshd.c rc4.diff]
   [openbsd-compat/bsd-cray.c openbsd-compat/port-aix.c]
   [openbsd-compat/port-linux.c openbsd-compat/port-solaris.c]
   [openbsd-compat/port-uw.c]
   Lots of headers for SCO OSR6, mainly adding stdarg.h for log.h;
   compile problems reported by rac AT tenzing.org
2006-09-01 15:38:36 +10:00
Damien Miller d783435315 - deraadt@cvs.openbsd.org 2006/08/03 03:34:42
[OVERVIEW atomicio.c atomicio.h auth-bsdauth.c auth-chall.c auth-krb5.c]
     [auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
     [auth-rsa.c auth-skey.c auth.c auth.h auth1.c auth2-chall.c auth2-gss.c]
     [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c ]
     [auth2-pubkey.c auth2.c authfd.c authfd.h authfile.c bufaux.c bufbn.c]
     [buffer.c buffer.h canohost.c channels.c channels.h cipher-3des1.c]
     [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
     [compress.c deattack.c dh.c dispatch.c dns.c dns.h fatal.c groupaccess.c]
     [groupaccess.h gss-genr.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
     [kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c]
     [key.h log.c log.h mac.c match.c md-sha256.c misc.c misc.h moduli.c]
     [monitor.c monitor_fdpass.c monitor_mm.c monitor_mm.h monitor_wrap.c]
     [monitor_wrap.h msg.c nchan.c packet.c progressmeter.c readconf.c]
     [readconf.h readpass.c rsa.c scard.c scard.h scp.c servconf.c servconf.h]
     [serverloop.c session.c session.h sftp-client.c sftp-common.c]
     [sftp-common.h sftp-glob.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
     [ssh-dss.c ssh-gss.h ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rsa.c]
     [ssh.c ssh.h sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c]
     [sshd.c sshlogin.c sshlogin.h sshpty.c sshpty.h sshtty.c ttymodes.c]
     [uidswap.c uidswap.h uuencode.c uuencode.h xmalloc.c xmalloc.h]
     [loginrec.c loginrec.h openbsd-compat/port-aix.c openbsd-compat/port-tun.h]
     almost entirely get rid of the culture of ".h files that include .h files"
     ok djm, sort of ok stevesk
     makes the pain stop in one easy step
     NB. portable commit contains everything *except* removing includes.h, as
     that will take a fair bit more work as we move headers that are required
     for portability workarounds to defines.h. (also, this step wasn't "easy")
2006-08-05 12:39:39 +10:00
Damien Miller a7a73ee35d - stevesk@cvs.openbsd.org 2006/08/01 23:22:48
[auth-passwd.c auth-rhosts.c auth-rsa.c auth.c auth.h auth1.c]
     [auth2-chall.c auth2-pubkey.c authfile.c buffer.c canohost.c]
     [channels.c clientloop.c dh.c dns.c dns.h hostfile.c kex.c kexdhc.c]
     [kexgexc.c kexgexs.c key.c key.h log.c misc.c misc.h moduli.c]
     [monitor_wrap.c packet.c progressmeter.c readconf.c readpass.c scp.c]
     [servconf.c session.c sftp-client.c sftp-common.c sftp-server.c sftp.c]
     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh.c sshconnect.c]
     [sshconnect1.c sshconnect2.c sshd.c sshlogin.c sshtty.c uuencode.c]
     [uuencode.h xmalloc.c]
     move #include <stdio.h> out of includes.h
2006-08-05 11:37:59 +10:00
Damien Miller e7a1e5cf63 - stevesk@cvs.openbsd.org 2006/07/26 13:57:17
[authfd.c authfile.c dh.c canohost.c channels.c clientloop.c compat.c]
     [hostfile.c kex.c log.c misc.c moduli.c monitor.c packet.c readpass.c]
     [scp.c servconf.c session.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
     [ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh.c sshconnect.c]
     [sshconnect1.c sshd.c xmalloc.c]
     move #include <stdlib.h> out of includes.h
2006-08-05 11:34:19 +10:00
Damien Miller 8dbffe7904 - stevesk@cvs.openbsd.org 2006/07/26 02:35:17
[atomicio.c auth.c dh.c authfile.c buffer.c clientloop.c kex.c]
     [groupaccess.c gss-genr.c kexgexs.c misc.c monitor.c monitor_mm.c]
     [packet.c scp.c serverloop.c session.c sftp-client.c sftp-common.c]
     [sftp-server.c sftp.c ssh-add.c ssh-agent.c ssh-keygen.c sshlogin.c]
     [uidswap.c xmalloc.c]
     move #include <sys/param.h> out of includes.h
2006-08-05 11:02:17 +10:00
Damien Miller 9aec91948d - stevesk@cvs.openbsd.org 2006/07/25 02:59:21
[channels.c clientloop.c packet.c scp.c serverloop.c sftp-client.c]
     [sftp-server.c ssh-agent.c ssh-keyscan.c sshconnect.c sshd.c]
     move #include <sys/time.h> out of includes.h
2006-08-05 10:57:45 +10:00
Damien Miller e3476ed03b - stevesk@cvs.openbsd.org 2006/07/22 20:48:23
[atomicio.c auth-options.c auth-passwd.c auth-rhosts.c auth-rsa.c]
     [auth.c auth1.c auth2-chall.c auth2-hostbased.c auth2-passwd.c auth2.c]
     [authfd.c authfile.c bufaux.c bufbn.c buffer.c canohost.c channels.c]
     [cipher-3des1.c cipher-bf1.c cipher-ctr.c cipher.c clientloop.c]
     [compat.c deattack.c dh.c dns.c gss-genr.c gss-serv.c hostfile.c]
     [includes.h kex.c kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c log.c]
     [mac.c match.c md-sha256.c misc.c moduli.c monitor.c monitor_fdpass.c]
     [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c rsa.c]
     [progressmeter.c readconf.c readpass.c scp.c servconf.c serverloop.c]
     [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c sftp.c]
     [ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
     [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c sshconnect2.c]
     [sshd.c sshlogin.c sshpty.c ttymodes.c uidswap.c xmalloc.c]
     move #include <string.h> out of includes.h
2006-07-24 14:13:33 +10:00
Damien Miller e6b3b610ec - stevesk@cvs.openbsd.org 2006/07/17 01:31:10
[authfd.c authfile.c channels.c cleanup.c clientloop.c groupaccess.c]
     [includes.h log.c misc.c msg.c packet.c progressmeter.c readconf.c]
     [readpass.c scp.c servconf.c sftp-client.c sftp-server.c sftp.c]
     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh.c]
     [sshconnect.c sshlogin.c sshpty.c uidswap.c]
     move #include <unistd.h> out of includes.h
2006-07-24 14:01:23 +10:00
Darren Tucker 3997249346 - stevesk@cvs.openbsd.org 2006/07/11 20:07:25
[scp.c auth.c monitor.c serverloop.c sftp-server.c sshpty.c readpass.c
     sshd.c monitor_wrap.c monitor_fdpass.c ssh-agent.c ttymodes.c atomicio.c
     includes.h session.c sshlogin.c monitor_mm.c packet.c sshconnect2.c
     sftp-client.c nchan.c clientloop.c sftp.c misc.c canohost.c channels.c
     ssh-keygen.c progressmeter.c uidswap.c msg.c readconf.c sshconnect.c]
     move #include <errno.h> out of includes.h; ok markus@
2006-07-12 22:22:46 +10:00
Darren Tucker e7d4b19f75 - markus@cvs.openbsd.org 2006/07/11 18:50:48
[clientloop.c ssh.1 ssh.c channels.c ssh_config.5 readconf.h session.c
     channels.h readconf.c]
     add ExitOnForwardFailure: terminate the connection if ssh(1)
     cannot set up all requested dynamic, local, and remote port
     forwardings. ok djm, dtucker, stevesk, jmc
2006-07-12 22:17:10 +10:00
Damien Miller e3b60b524e - stevesk@cvs.openbsd.org 2006/07/08 21:47:12
[authfd.c canohost.c clientloop.c dns.c dns.h includes.h]
     [monitor_fdpass.c nchan.c packet.c servconf.c sftp.c ssh-agent.c]
     [ssh-keyscan.c ssh.c sshconnect.h sshd.c sshlogin.h]
     move #include <sys/socket.h> out of includes.h
2006-07-10 21:08:03 +10:00
Damien Miller 57e8ad3f5e - stevesk@cvs.openbsd.org 2006/07/02 23:01:55
[clientloop.c ssh.1]
     use -KR[bind_address:]port here; ok djm@
2006-07-10 20:20:52 +10:00
Damien Miller 43020951ad - djm@cvs.openbsd.org 2006/06/26 10:36:15
[clientloop.c]
     mention optional bind_address in runtime port forwarding setup
     command-line help. patch from santhi.amirta AT gmail.com
2006-07-10 20:16:12 +10:00
Damien Miller 24fd8ddd61 - markus@cvs.openbsd.org 2006/05/16 09:00:00
[clientloop.c]
     missing free; from Kylene Hall
2006-06-13 13:00:09 +10:00
Damien Miller 97c91f688f - djm@cvs.openbsd.org 2006/04/20 09:27:09
[auth.h clientloop.c dispatch.c dispatch.h kex.h]
     replace the last non-sig_atomic_t flag used in a signal handler with a
     sig_atomic_t, unfortunately with some knock-on effects in other (non-
     signal) contexts in which it is used; ok markus@
2006-04-23 12:08:37 +10:00