Commit Graph

323 Commits

Author SHA1 Message Date
Damien Miller 57c30117c1 - djm@cvs.openbsd.org 2006/03/25 13:17:03
[atomicio.c auth-bsdauth.c auth-chall.c auth-options.c auth-passwd.c]
     [auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth-skey.c auth.c auth1.c]
     [auth2-chall.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
     [auth2-passwd.c auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c]
     [buffer.c canohost.c channels.c cipher-3des1.c cipher-bf1.c]
     [cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c compress.c]
     [deattack.c dh.c dispatch.c fatal.c groupaccess.c hostfile.c kex.c]
     [kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c]
     [mac.c match.c md-sha256.c misc.c monitor.c monitor_fdpass.c]
     [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c progressmeter.c]
     [readconf.c readpass.c rsa.c scard.c scp.c servconf.c serverloop.c]
     [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c]
     [sftp.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
     [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
     [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
     [uidswap.c uuencode.c xmalloc.c]
     Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that
     Theo nuked - our scripts to sync -portable need them in the files
2006-03-26 14:24:48 +11:00
Damien Miller 36812092ec - djm@cvs.openbsd.org 2006/03/25 01:13:23
[buffer.c channels.c deattack.c misc.c scp.c session.c sftp-client.c]
     [sftp-server.c ssh-agent.c ssh-rsa.c xmalloc.c xmalloc.h auth-pam.c]
     [uidswap.c]
     change OpenSSH's xrealloc() function from being xrealloc(p, new_size)
     to xrealloc(p, new_nmemb, new_itemsize).

     realloc is particularly prone to integer overflows because it is
     almost always allocating "n * size" bytes, so this is a far safer
     API; ok deraadt@
2006-03-26 14:22:47 +11:00
Damien Miller 07d86bec5e - djm@cvs.openbsd.org 2006/03/25 00:05:41
[auth-bsdauth.c auth-skey.c auth.c auth2-chall.c channels.c]
     [clientloop.c deattack.c gss-genr.c kex.c key.c misc.c moduli.c]
     [monitor.c monitor_wrap.c packet.c scard.c sftp-server.c ssh-agent.c]
     [ssh-keyscan.c ssh.c sshconnect.c sshconnect2.c sshd.c uuencode.c]
     [xmalloc.c xmalloc.h]
     introduce xcalloc() and xasprintf() failure-checked allocations
     functions and use them throughout openssh

     xcalloc is particularly important because malloc(nmemb * size) is a
     dangerous idiom (subject to integer overflow) and it is time for it
     to die

     feedback and ok deraadt@
2006-03-26 14:19:21 +11:00
Damien Miller 4f7becb44f - deraadt@cvs.openbsd.org 2006/03/20 18:48:34
[channels.c fatal.c kex.c packet.c serverloop.c]
     spacing
2006-03-26 14:10:14 +11:00
Damien Miller 4ae97f1885 - deraadt@cvs.openbsd.org 2006/03/20 18:35:12
[channels.c]
     x11_fake_data is only ever used as u_char *
2006-03-26 14:08:10 +11:00
Damien Miller 9096740f6c - deraadt@cvs.openbsd.org 2006/03/20 18:26:55
[channels.c monitor.c session.c session.h ssh-agent.c ssh-keygen.c]
     [ssh-rsa.c ssh.c sshlogin.c]
     annoying spacing fixes getting in the way of real diffs
2006-03-26 14:07:26 +11:00
Damien Miller 71a7367130 - deraadt@cvs.openbsd.org 2006/03/20 18:14:02
[channels.c clientloop.c monitor_wrap.c monitor_wrap.h serverloop.c]
     [ssh.c sshpty.c sshpty.h]
     sprinkle u_int throughout pty subsystem, ok markus
2006-03-26 14:04:36 +11:00
Damien Miller d62f2ca376 - deraadt@cvs.openbsd.org 2006/03/19 18:52:11
[auth1.c authfd.c channels.c]
     spacing
2006-03-26 13:57:41 +11:00
Damien Miller b0fb6872ed - deraadt@cvs.openbsd.org 2006/03/19 18:51:18
[atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c]
     [auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c]
     [auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c]
     [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c]
     [auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c]
     [canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c]
     [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
     [compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c]
     [groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c]
     [kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c]
     [loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c]
     [monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c]
     [nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c]
     [scard.c scp.c servconf.c serverloop.c session.c sftp-client.c]
     [sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c]
     [ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
     [ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
     [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
     [uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c]
     [openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c]
     [openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c]
     [openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c]
     [openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c]
     RCSID() can die
2006-03-26 00:03:21 +11:00
Damien Miller 574c41fdb3 - stevesk@cvs.openbsd.org 2006/02/20 16:36:15
[authfd.c channels.c includes.h session.c ssh-agent.c ssh.c]
     move #include <sys/un.h> out of includes.h; ok djm@
2006-03-15 11:40:10 +11:00
Damien Miller 17e91c0fb0 - stevesk@cvs.openbsd.org 2006/02/10 00:27:13
[channels.c clientloop.c includes.h misc.c progressmeter.c sftp.c]
     [ssh.c sshd.c sshpty.c]
     move #include <sys/ioctl.h> out of includes.h; ok markus@
2006-03-15 11:28:34 +11:00
Damien Miller 99bd21e3fe - stevesk@cvs.openbsd.org 2006/02/07 01:42:00
[channels.c clientloop.c clientloop.h includes.h packet.h]
     [serverloop.c sshpty.c sshpty.h sshtty.c ttymodes.c]
     move #include <termios.h> out of includes.h; ok markus@
2006-03-15 11:11:28 +11:00
Damien Miller e204f6aa0d - reyk@cvs.openbsd.org 2006/01/30 12:22:22
[channels.c]
     mark channel as write failed or dead instead of read failed on error
     of the channel output filter.
     ok markus@
2006-01-31 21:47:15 +11:00
Damien Miller a969437645 - (djm) [channels.c] clean up harmless merge error, from reyk@ 2006-01-04 07:27:50 +11:00
Damien Miller 077b23864f - reyk@cvs.openbsd.org 2005/12/30 15:56:37
[channels.c channels.h clientloop.c]
     add channel output filter interface.
     ok djm@, suggested by markus@
2005-12-31 16:22:32 +11:00
Damien Miller 5eb137c6d1 - (djm) OpenBSD CVS Sync
- stevesk@cvs.openbsd.org 2005/12/28 22:46:06
     [canohost.c channels.c clientloop.c]
     use 'break-in' for consistency; ok deraadt@ ok and input jmc@
2005-12-31 16:19:53 +11:00
Damien Miller d47c62a714 - markus@cvs.openbsd.org 2005/12/12 13:46:18
[channels.c channels.h session.c]
     make sure protocol messages for internal channels are ignored.
     allow adjust messages for non-open channels; with and ok djm@
2005-12-13 19:33:57 +11:00
Damien Miller d27b947178 - reyk@cvs.openbsd.org 2005/12/06 22:38:28
[auth-options.c auth-options.h channels.c channels.h clientloop.c]
     [misc.c misc.h readconf.c readconf.h scp.c servconf.c servconf.h]
     [serverloop.c sftp.c ssh.1 ssh.c ssh_config ssh_config.5 sshconnect.c]
     [sshconnect.h sshd.8 sshd_config sshd_config.5]
     Add support for tun(4) forwarding over OpenSSH, based on an idea and
     initial channel code bits by markus@. This is a simple and easy way to
     use OpenSSH for ad hoc virtual private network connections, e.g.
     administrative tunnels or secure wireless access. It's based on a new
     ssh channel and works similar to the existing TCP forwarding support,
     except that it depends on the tun(4) network interface on both ends of
     the connection for layer 2 or layer 3 tunneling. This diff also adds
     support for LocalCommand in the ssh(1) client.

     ok djm@, markus@, jmc@ (manpages), tested and discussed with others
2005-12-13 19:29:02 +11:00
Damien Miller 0a0176e9f3 - stevesk@cvs.openbsd.org 2005/10/14 02:29:37
[channels.c clientloop.c]
     free()->xfree(); ok djm@
2005-11-05 15:07:59 +11:00
Damien Miller 5e7fd076f5 - djm@cvs.openbsd.org 2005/10/11 23:37:37
[channels.c]
     bz #1076 set SO_REUSEADDR on X11 forwarding listner sockets, preventing
     bind() failure when a previous connection's listeners are in TIME_WAIT,
     reported by plattner AT inf.ethz.ch; ok dtucker@
2005-11-05 14:53:39 +11:00
Damien Miller 39eda6eb6a - djm@cvs.openbsd.org 2005/10/10 10:23:08
[channels.c channels.h clientloop.c serverloop.c session.c]
     fix regression I introduced in 4.2: X11 forwardings initiated after
     a session has exited (e.g. "(sleep 5; xterm) &") would not start.
     bz #1086 reported by t8m AT centrum.cz; ok markus@ dtucker@
2005-11-05 14:52:50 +11:00
Darren Tucker d3d0fa1558 - markus@cvs.openbsd.org 2005/09/07 08:53:53
[channels.c]
     enforce chanid != NULL; ok djm
2005-10-03 18:03:05 +10:00
Damien Miller 0dc1bef12d - djm@cvs.openbsd.org 2005/07/17 07:17:55
[auth-rh-rsa.c auth-rhosts.c auth2-chall.c auth2-gss.c channels.c]
     [cipher-ctr.c gss-genr.c gss-serv.c kex.c moduli.c readconf.c]
     [serverloop.c session.c sftp-client.c sftp.c ssh-add.c ssh-keygen.c]
     [sshconnect.c sshconnect2.c]
     knf says that a 2nd level indent is four (not three or five) spaces
2005-07-17 17:22:45 +10:00
Damien Miller 2b9b045d93 - (djm) [auth-pam.c sftp.c] spaces vs. tabs at start of line
- djm@cvs.openbsd.org 2005/07/17 06:49:04
     [channels.c channels.h session.c session.h]
     Fix a number of X11 forwarding channel leaks:
     1. Refuse multiple X11 forwarding requests on the same session
     2. Clean up all listeners after a single_connection X11 forward, not just
        the one that made the single connection
     3. Destroy X11 listeners when the session owning them goes away
     testing and ok dtucker@
2005-07-17 17:19:24 +10:00
Damien Miller 46d38de48b - djm@cvs.openbsd.org 2005/07/16 01:35:24
[auth1.c channels.c cipher.c clientloop.c kex.c session.c ssh.c]
     [sshconnect.c]
     spacing
2005-07-17 17:02:09 +10:00
Damien Miller f92c0794ec - markus@cvs.openbsd.org 2005/07/04 14:04:11
[channels.c]
     don't forget to set x11_saved_display
2005-07-06 09:45:26 +10:00
Damien Miller 1339002e8b - djm@cvs.openbsd.org 2005/07/04 00:58:43
[channels.c clientloop.c clientloop.h misc.c misc.h ssh.c ssh_config.5]
     implement support for X11 and agent forwarding over multiplex slave
     connections. Because of protocol limitations, the slave connections inherit
     the master's DISPLAY and SSH_AUTH_SOCK rather than distinctly forwarding
     their own.
     ok dtucker@ "put it in" deraadt@
2005-07-06 09:44:19 +10:00
Damien Miller a7270309fc - markus@cvs.openbsd.org 2005/07/01 13:19:47
[channels.c]
     don't free() if getaddrinfo() fails; report mpech@
2005-07-06 09:36:05 +10:00
Damien Miller eccb9de72a - djm@cvs.openbsd.org 2005/06/17 02:44:33
[auth-rsa.c auth.c auth1.c auth2-chall.c auth2-gss.c authfd.c authfile.c]
     [bufaux.c canohost.c channels.c cipher.c clientloop.c dns.c gss-serv.c]
     [kex.c kex.h key.c mac.c match.c misc.c packet.c packet.h scp.c]
     [servconf.c session.c session.h sftp-client.c sftp-server.c sftp.c]
     [ssh-keyscan.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c sshd.c]
     make this -Wsign-compare clean; ok avsm@ markus@
     NB. auth1.c changes not committed yet (conflicts with uncommitted sync)
     NB2. more work may be needed to make portable Wsign-compare clean
2005-06-17 12:59:34 +10:00
Damien Miller 677257fe07 - markus@cvs.openbsd.org 2005/06/16 08:00:00
[canohost.c channels.c sshd.c]
     don't exit if getpeername fails for forwarded ports; bugzilla #1054;
     ok djm
2005-06-17 12:55:03 +10:00
Damien Miller 17e7ed0e75 - (djm) OpenBSD CVS Sync
- djm@cvs.openbsd.org 2005/06/16 03:38:36
     [channels.c channels.h clientloop.c clientloop.h ssh.c]
     move x11_get_proto from ssh.c to clientloop.c, to make muliplexed xfwd
     easier later; ok deraadt@
2005-06-17 12:54:33 +10:00
Darren Tucker 11327cc5d7 - markus@cvs.openbsd.org 2005/03/14 11:46:56
[buffer.c buffer.h channels.c]
     limit input buffer size for channels; bugzilla #896; with and ok dtucker@
2005-03-14 23:22:25 +11:00
Darren Tucker 47eede77ed - deraadt@cvs.openbsd.org 2005/03/10 22:01:05
[misc.c ssh-keygen.c servconf.c clientloop.c auth-options.c ssh-add.c
     monitor.c sftp-client.c bufaux.h hostfile.c ssh.c sshconnect.c channels.c
     readconf.c bufaux.c sftp.c]
     spacing
2005-03-14 23:08:12 +11:00
Damien Miller f91ee4c3de - djm@cvs.openbsd.org 2005/03/01 10:09:52
[auth-options.c channels.c channels.h clientloop.c compat.c compat.h]
     [misc.c misc.h readconf.c readconf.h servconf.c ssh.1 ssh.c ssh_config.5]
     [sshd_config.5]
     bz#413: allow optional specification of bind address for port forwardings.
     Patch originally by Dan Astorian, but worked on by several people
     Adds GatewayPorts=clientspecified option on server to allow remote
     forwards to bind to client-specified ports.
2005-03-01 21:24:33 +11:00
Darren Tucker 5d78de6283 - djm@cvs.openbsd.org 2004/10/29 21:47:15
[channels.c channels.h clientloop.c]
     fix some window size change bugs for multiplexed connections: windows sizes
     were not being updated if they had changed after ~^Z suspends and SIGWINCH
     was not being processed unless the first connection had requested a tty;
     ok markus
2004-11-05 20:35:44 +11:00
Darren Tucker e6ed83976b - djm@cvs.openbsd.org 2004/08/23 11:48:47
[channels.c]
     typo, spotted by Martin.Kraemer AT Fujitsu-Siemens.com; ok markus
2004-08-29 16:29:44 +10:00
Darren Tucker c7a6fc41bf - avsm@cvs.openbsd.org 2004/08/11 21:43:05
[channels.c channels.h clientloop.c misc.c misc.h serverloop.c ssh-agent.c]
     some signed/unsigned int comparison cleanups; markus@ ok
2004-08-13 21:18:00 +10:00
Darren Tucker fc9597034b - deraadt@cvs.openbsd.org 2004/07/11 17:48:47
[channels.c cipher.c clientloop.c clientloop.h compat.h moduli.c
     readconf.c nchan.c pathnames.h progressmeter.c readconf.h servconf.c
     session.c sftp-client.c sftp.c ssh-agent.1 ssh-keygen.c ssh.c ssh1.h
     sshd.c ttymodes.h]
     spaces
2004-07-17 16:12:08 +10:00
Darren Tucker 3f9fdc7121 - avsm@cvs.openbsd.org 2004/06/21 17:36:31
[auth-rsa.c auth2-gss.c auth2-pubkey.c authfile.c canohost.c channels.c
     cipher.c dns.c kex.c monitor.c monitor_fdpass.c monitor_wrap.c
     monitor_wrap.h nchan.c packet.c progressmeter.c scp.c sftp-server.c sftp.c
     ssh-gss.h ssh-keygen.c ssh.c sshconnect.c sshconnect1.c sshlogin.c
     sshpty.c]
     make ssh -Wshadow clean, no functional changes
     markus@ ok

There are also some portable-specific -Wshadow warnings to be fixed in
monitor.c and montior_wrap.c.
2004-06-22 12:56:01 +10:00
Damien Miller 3bbd878c2e - djm@cvs.openbsd.org 2004/06/18 11:11:54
[channels.c clientloop.c]
     Don't explode in clientloop when we receive a bogus channel id, but
     also don't generate them to begin with; ok markus@
2004-06-18 22:23:22 +10:00
Damien Miller 232711f6db - djm@cvs.openbsd.org 2004/06/14 01:44:39
[channels.c clientloop.c misc.c misc.h packet.c ssh-agent.c ssh-keyscan.c]
     [sshd.c]
     set_nonblock() instead of fnctl(...,O_NONBLOCK); "looks sane" deraadt@
2004-06-15 10:35:30 +10:00
Damien Miller 0e220dbfbc - djm@cvs.openbsd.org 2004/06/13 15:03:02
[channels.c channels.h clientloop.c clientloop.h includes.h readconf.c]
     [readconf.h scp.1 sftp.1 ssh.1 ssh.c ssh_config.5]
     implement session multiplexing in the client (the server has supported
     this since 2.0); ok markus@
2004-06-15 10:34:08 +10:00
Damien Miller 3e4dffb140 - markus@cvs.openbsd.org 2004/05/26 23:02:39
[channels.c]
     missing freeaddrinfo; Andrey Matveev
2004-06-15 10:27:15 +10:00
Darren Tucker e7066dfde3 - djm@cvs.openbsd.org 2004/05/21 11:33:11
[channels.c channels.h clientloop.c serverloop.c ssh.1]
     bz #756: add support for the cancel-tcpip-forward request for the server and
     the client (through the ~C commandline). reported by z3p AT twistedmatrix.com;
     ok markus@
2004-05-24 10:18:05 +10:00
Darren Tucker 1f8311c836 - deraadt@cvs.openbsd.org 2004/05/11 19:01:43
[auth.c auth2-none.c authfile.c channels.c monitor.c monitor_mm.c
     packet.c packet.h progressmeter.c session.c openbsd-compat/xmmap.c]
     improve some code lint did not like; djm millert ok
2004-05-13 16:39:33 +10:00
Damien Miller a04ad496f6 - markus@cvs.openbsd.org 2004/01/19 09:24:21
[channels.c]
     fake consumption for half closed channels since the peer is waiting for
     window adjust messages; bugzilla #790 Matthew Dillon; test + ok dtucker@
     reproduce with sh -c 'ulimit -f 10; ssh host -n od /bsd | cat > foo'
2004-01-21 11:02:09 +11:00
Darren Tucker 3175eb9a5a - markus@cvs.openbsd.org 2003/12/02 17:01:15
[channels.c session.c ssh-agent.c ssh.h sshd.c]
     use SSH_LISTEN_BACKLOG (=128) in listen(2).
2003-12-09 19:15:11 +11:00
Darren Tucker 240fdfa909 - (dtucker) [channels.c] Make AIX write limit code clearer. Suggested by djm@ 2003-11-22 14:10:02 +11:00
Damien Miller 787b2ec18c more whitespace (tabs this time) 2003-11-21 23:56:47 +11:00
Damien Miller a8e06cef35 - djm@cvs.openbsd.org 2003/11/21 11:57:03
[everything]
     unexpand and delete whitespace at EOL; ok markus@
     (done locally and RCS IDs synced)
2003-11-21 23:48:55 +11:00
Darren Tucker 5dcdd219fb - markus@cvs.openbsd.org 2003/09/23 20:41:11
[channels.c channels.h clientloop.c]
     move client only agent code to clientloop.c
2003-10-02 16:17:00 +10:00
Darren Tucker 3dbff2a93b - markus@cvs.openbsd.org 2003/09/19 11:31:33
[channels.c]
     do not call channel_free_all on fatal; ok deraadt
2003-09-22 21:12:56 +10:00
Damien Miller 5efcecc265 - (djm) OpenBSD Sync
- markus@cvs.openbsd.org 2003/09/16 21:02:40
     [buffer.c channels.c version.h]
     more malloc/fatal fixes; ok millert/deraadt; ghudson at MIT.EDU
2003-09-17 07:31:14 +10:00
Damien Miller fbdeecef92 - markus@cvs.openbsd.org 2003/08/29 10:04:36
[channels.c nchan.c]
     be less chatty; debug -> debug2, cleanup; ok henning@
2003-09-02 22:52:31 +10:00
Darren Tucker 46471c9a81 - markus@cvs.openbsd.org 2003/07/02 14:51:16
[channels.c ssh.1 ssh_config.5]
     (re)add socks5 suppport to -D; ok djm@
     now ssh(1) can act both as a socks 4 and socks 5 server and
     dynamically forward ports.
2003-07-03 13:55:19 +10:00
Darren Tucker 9189ff89c3 - markus@cvs.openbsd.org 2003/07/02 12:56:34
[channels.c]
     deny dynamic forwarding with -R for v1, too; ok djm@
2003-07-03 13:52:04 +10:00
Darren Tucker 502d384b74 - markus@cvs.openbsd.org 2003/06/24 08:23:46
[auth2-hostbased.c auth2-pubkey.c auth2.c channels.c key.c key.h
      monitor.c packet.c packet.h serverloop.c sshconnect2.c sshd.c]
     int -> u_int; ok djm@, deraadt@, mouring@
2003-06-28 12:38:01 +10:00
Damien Miller b1ca8bb159 - markus@cvs.openbsd.org 2003/05/11 20:30:25
[channels.c clientloop.c serverloop.c session.c ssh.c]
     make channel_new() strdup the 'remote_name' (not the caller); ok theo
2003-05-14 13:45:42 +10:00
Damien Miller 2372ace572 - markus@cvs.openbsd.org 2003/04/14 14:17:50
[channels.c sshconnect.c sshd.c ssh-keyscan.c]
     avoid hardcoded SOCK_xx; with itojun@; should allow ssh over SCTP
2003-05-14 13:42:23 +10:00
Damien Miller d558092522 - (djm) RCSID sync w/ OpenBSD 2003-05-14 13:40:06 +10:00
Damien Miller 996acd2476 *** empty log message *** 2003-04-09 20:59:48 +10:00
Damien Miller 0011138d47 - (djm) OpenBSD CVS Sync
- markus@cvs.openbsd.org 2003/03/05 22:33:43
     [channels.c monitor.c scp.c session.c sftp-client.c sftp-int.c]
     [sftp-server.c ssh-add.c sshconnect2.c]
     fix memory leaks; from dlheine@suif.Stanford.EDU/CLOUSEAU; ok djm@
2003-03-10 11:21:17 +11:00
Damien Miller b46b9f322d - djm@cvs.openbsd.org 2003/01/10 10:32:54
[channels.c]
     hush socket() errors, except last. Fixes mindrot bug #408; ok markus@
2003-01-10 21:45:12 +11:00
Damien Miller 275295eb41 - (djm) OpenBSD CVS Sync
- markus@cvs.openbsd.org 2003/01/01 18:08:52
     [channels.c]
     move big output buffer messages to debug2
2003-01-08 14:04:09 +11:00
Ben Lindstrom 1d568f9fce - markus@cvs.openbsd.org 2002/12/13 10:03:15
[channels.c misc.c sshconnect2.c]
     cleanup debug messages, more useful information for the client user.
2002-12-23 02:44:36 +00:00
Damien Miller 9b037b837a - itojun@cvs.openbsd.org 2002/09/17 07:47:02
[channels.c]
     don't quit while creating X11 listening socket.
     http://mail-index.netbsd.org/current-users/2002/09/16/0005.html
     got from portable.  markus ok
2002-09-19 11:54:54 +10:00
Damien Miller e1383cee9d - stevesk@cvs.openbsd.org 2002/09/13 19:23:09
[channels.c sshconnect.c sshd.c]
     remove use of SO_LINGER, it should not be needed. error check
     SO_REUSEADDR. fixup comments. ok markus@
2002-09-19 11:49:37 +10:00
Damien Miller a10f56151b - markus@cvs.openbsd.org 2002/09/09 14:54:15
[channels.c kex.h key.c monitor.c monitor_wrap.c radix.c uuencode.c]
     signed vs unsigned from -pedantic; ok henning@
2002-09-12 09:49:15 +10:00
Ben Lindstrom beb5f3304b - (bal) AIX tty data limiting patch fix by leigh@solinno.co.uk 2002-07-22 15:28:53 +00:00
Ben Lindstrom 8b2eecdf9f - deraadt@cvs.openbsd.org 2002/07/04 08:12:15
[channels.c packet.c]
     blah blah minor nothing as i read and re-read and re-read...
2002-07-07 22:11:51 +00:00
Ben Lindstrom 92ea0eadbe - (bal) Limit data to TTY for AIX only (Newer versions can't handle the
faster data rate)  Bug #124
2002-07-04 18:11:09 +00:00
Damien Miller 9403aa2f79 - markus@cvs.openbsd.org 2002/06/26 08:55:02
[channels.c]
     limit # of channels to 10000
2002-06-26 19:14:43 +10:00
Ben Lindstrom 4fed2be856 - markus@cvs.openbsd.org 2002/06/24 14:33:27
[channels.c channels.h clientloop.c serverloop.c]
     move channel counter to u_int
2002-06-25 23:17:36 +00:00
Ben Lindstrom daa2179bd0 - markus@cvs.openbsd.org 2002/06/23 21:34:07
[channels.c]
     tcode is u_int
2002-06-25 23:15:30 +00:00
Ben Lindstrom a9d2c89fc5 - deraadt@cvs.openbsd.org 2002/06/23 21:06:41
[channels.c channels.h session.c session.h]
     display, screen, row, col, xpixel, ypixel are u_int; markus ok
  - (bal) Also fixed IPADDR_IN_DISPLAY case where display, screen, row, col,
    xpixel are u_int.
2002-06-23 21:48:28 +00:00
Ben Lindstrom 8bb6f36c8f - markus@cvs.openbsd.org 2002/06/10 22:28:41
[channels.c channels.h session.c]
     move creation of agent socket to session.c; no need for uidswapping
     in channel.c.
2002-06-11 15:59:02 +00:00
Ben Lindstrom 05efee1092 - (bal) RCSID tag updates on channels.c, clientloop.c, nchan.c,
sftp-client.c, ssh-agenet.c, ssh-keygen.c and connect.h (we did unexpand
   independant of them)
2002-06-09 20:20:58 +00:00
Ben Lindstrom 5a6abdae0f unexpand 2002-06-09 19:41:48 +00:00
Kevin Steves df75dd21f5 - (stevesk) [channels.c] bug #164 patch from YOSHIFUJI Hideaki (changed
setsockopt from debug to error for now).
2002-06-04 20:52:19 +00:00
Damien Miller 2797f7f03a - markus@cvs.openbsd.org 2002/04/22 21:04:52
[channels.c clientloop.c clientloop.h ssh.c]
     request reply (success/failure) for -R style fwd in protocol v2,
     depends on ordered replies.
     fixes http://bugzilla.mindrot.org/show_bug.cgi?id=215; ok provos@
2002-04-23 21:09:44 +10:00
Ben Lindstrom cf15944c23 - markus@cvs.openbsd.org 2002/03/25 21:13:51
[channels.c channels.h compat.c compat.h nchan.c]
     don't send stderr data after EOF, accept this from older known (broken)
     sshd servers only, fixes http://bugzilla.mindrot.org/show_bug.cgi?id=179
2002-03-26 03:26:24 +00:00
Ben Lindstrom 795488785e - markus@cvs.openbsd.org 2002/03/04 19:37:58
[channels.c]
     off by one; thanks to joost@pine.nl
2002-03-05 01:57:44 +00:00
Ben Lindstrom 733a2351f5 - stevesk@cvs.openbsd.org 2002/02/27 21:23:13
[canohost.c channels.c packet.c sshd.c]
     remove unneeded casts in [gs]etsockopt(); ok markus@
2002-03-05 01:31:28 +00:00
Ben Lindstrom 1ebd7a5342 - stevesk@cvs.openbsd.org 2002/02/24 19:59:42
[channels.c misc.c]
     disable Nagle in connect_to() and channel_post_port_listener() (port
     forwarding endpoints).  the intention is to preserve the on-the-wire
     appearance to applications at either end; the applications can then
     enable TCP_NODELAY according to their requirements. ok markus@
2002-02-26 18:12:51 +00:00
Damien Miller 2aa0c1995c - markus@cvs.openbsd.org 2002/02/14 23:27:59
[channels.c]
     increase the SSH v2 window size to 4 packets. comsumes a little
     bit more memory for slow receivers but increases througput.
2002-02-19 15:20:08 +11:00
Damien Miller 699d003e3a - markus@cvs.openbsd.org 2002/02/06 14:55:16
[channels.c clientloop.c serverloop.c ssh.c]
     channel_new never returns NULL, mouring@; ok djm@
2002-02-08 22:07:16 +11:00
Damien Miller a500cd608e - markus@cvs.openbsd.org 2002/02/05 14:32:55
[channels.c channels.h ssh.c]
     merge channel_request() into channel_request_start()
2002-02-08 22:04:26 +11:00
Damien Miller 67f0bc043c - markus@cvs.openbsd.org 2002/02/03 17:58:21
[channels.c channels.h ssh.c]
     generic callbacks are not really used, remove and
     add a callback for msg of type SSH2_MSG_CHANNEL_OPEN_CONFIRMATION
     ok djm@
2002-02-05 12:23:08 +11:00
Damien Miller 50e884d125 - markus@cvs.openbsd.org 2002/02/03 17:55:55
[channels.c channels.h]
     remove unused channel_input_channel_request
2002-02-05 12:22:08 +11:00
Damien Miller 95c249ff47 - stevesk@cvs.openbsd.org 2002/01/27 14:57:46
[channels.c servconf.c servconf.h session.c sshd.8 sshd_config]
     add X11UseLocalhost; ok markus@
2002-02-05 12:11:34 +11:00
Damien Miller 398e1cfa23 - (djm) OpenBSD CVS Sync
- stevesk@cvs.openbsd.org 2002/01/24 21:09:25
     [channels.c misc.c misc.h packet.c]
     add set_nodelay() to set TCP_NODELAY on a socket (prep for nagle tuning).
     no nagle changes just yet; ok djm@ markus@
2002-02-05 11:52:13 +11:00
Damien Miller 73f1074272 - markus@cvs.openbsd.org 2002/01/21 23:27:10
[channels.c nchan.c]
     cleanup channels faster if the are empty and we are in drain-state; ok deraadt@
2002-01-22 23:34:52 +11:00
Damien Miller b16461ce45 - markus@cvs.openbsd.org 2002/01/16 13:17:51
[channels.c channels.h serverloop.c ssh.c]
     wrapper for channel_setup_fwd_listener
2002-01-22 23:29:22 +11:00
Damien Miller 5144df9261 - markus@cvs.openbsd.org 2002/01/14 13:55:55
[channels.c channels.h nchan.c]
     remove function pointers for events, remove chan_init*; ok provos@
2002-01-22 23:28:45 +11:00
Damien Miller 76765c0b1a - markus@cvs.openbsd.org 2002/01/09 17:26:35
[channels.c nchan.c]
     replace buffer_consume(b, buffer_len(b)) with buffer_clear(b); ok provos@
2002-01-22 23:21:15 +11:00
Damien Miller de6987c2b9 - markus@cvs.openbsd.org 2002/01/09 17:16:00
[channels.c]
     merge channel_pre_open_15/channel_pre_open_20; ok provos@
2002-01-22 23:20:40 +11:00
Damien Miller a90fc08b88 - markus@cvs.openbsd.org 2002/01/05 10:43:40
[channels.c]
     fix hanging x11 channels for rejected cookies (e.g. XAUTHORITY=/dev/null xbiff)
     bug #36, based on patch from djast@cs.toronto.edu
2002-01-22 23:19:38 +11:00
Damien Miller 708d21c802 - stevesk@cvs.openbsd.org 2001/12/29 21:56:01
[authfile.c channels.c compress.c packet.c sftp-server.c ssh-agent.c ssh-keygen.c]
     remove unneeded casts and some char->u_char cleanup; ok markus@
2002-01-22 23:18:15 +11:00
Damien Miller 630d6f4479 - markus@cvs.openbsd.org 2001/12/28 15:06:00
[auth2.c auth2-chall.c channels.c channels.h clientloop.c dispatch.c dispatch.h kex.c kex.h serverloop.c ssh.c sshconnect2.c]
     remove plen from the dispatch fn. it's no longer used.
2002-01-22 23:17:30 +11:00
Damien Miller dff5099f13 - markus@cvs.openbsd.org 2001/12/28 14:50:54
[auth1.c auth-rsa.c channels.c dispatch.c kex.c kexdh.c kexgex.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshconnect2.c sshd.c]
     packet_read* no longer return the packet length, since it's not used.
2002-01-22 23:16:32 +11:00
Damien Miller 48b03fc546 - markus@cvs.openbsd.org 2001/12/27 20:39:58
[auth1.c auth-rsa.c channels.c clientloop.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshd.c ttymodes.c]
     get rid of packet_integrity_check, use packet_done() instead.
2002-01-22 23:11:40 +11:00
Damien Miller 66823cddbe - markus@cvs.openbsd.org 2001/12/27 20:39:58
[auth1.c auth-rsa.c channels.c clientloop.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshd.c ttymodes.c]
     get rid of packet_integrity_check, use packet_done() instead.
2002-01-22 23:11:38 +11:00
Damien Miller 278f907a2d - djm@cvs.openbsd.org 2001/12/20 22:50:24
[auth2.c auth2-chall.c channels.c channels.h clientloop.c dispatch.c]
     [dispatch.h kex.c kex.h packet.c packet.h serverloop.c ssh.c]
     [sshconnect2.c]
     Conformance fix: we should send failing packet sequence number when
     responding with a SSH_MSG_UNIMPLEMENTED message. Spotted by
     yakk@yakk.dot.net; ok markus@
2001-12-21 15:00:19 +11:00
Damien Miller e737856350 - markus@cvs.openbsd.org 2001/12/20 16:37:29
[channels.c channels.h session.c]
     setup x11 listen socket for just one connect if the client requests so.
     (v2 only, but the openssh client does not support this feature).
2001-12-21 14:58:35 +11:00
Damien Miller 9f0f5c64bc - deraadt@cvs.openbsd.org 2001/12/19 07:18:56
[auth1.c auth2.c auth2-chall.c auth-bsdauth.c auth.c authfile.c auth.h]
     [auth-krb4.c auth-rhosts.c auth-skey.c bufaux.c canohost.c channels.c]
     [cipher.c clientloop.c compat.c compress.c deattack.c key.c log.c mac.c]
     [match.c misc.c nchan.c packet.c readconf.c rijndael.c rijndael.h scard.c]
     [servconf.c servconf.h serverloop.c session.c sftp.c sftp-client.c]
     [sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c]
     [sshconnect1.c sshconnect2.c sshconnect.c sshd.8 sshd.c sshd_config]
     [ssh-keygen.c sshlogin.c sshpty.c sshtty.c ttymodes.c uidswap.c]
     basic KNF done while i was looking for something else
2001-12-21 14:45:46 +11:00
Damien Miller 3afe375fd2 - stevesk@cvs.openbsd.org 2001/12/08 17:49:28
[channels.c pathnames.h]
     use only one path to X11 UNIX domain socket vs. an array of paths
     to try.  report from djast@cs.toronto.edu.  ok markus@
2001-12-21 12:39:51 +11:00
Kevin Steves 366298c696 - (stevesk) OpenBSD CVS sync X11 localhost display
- stevesk@cvs.openbsd.org 2001/11/29 14:10:51
     [channels.h channels.c session.c]
     sshd X11 fake server will now listen on localhost by default:
     $ echo $DISPLAY
     localhost:12.0
     $ netstat -an|grep 6012
     tcp        0      0  127.0.0.1.6012         *.*                    LISTEN
     tcp6       0      0  ::1.6012               *.*                    LISTEN
     sshd_config gatewayports=yes can be used to revert back to the old
     behavior.  will control this with another option later.  ok markus@
   - stevesk@cvs.openbsd.org 2001/12/19 08:43:11
     [includes.h session.c]
     handle utsname.nodename case for FamilyLocal X authorization; ok markus@
2001-12-19 17:58:01 +00:00
Ben Lindstrom 73f57be500 - stevesk@cvs.openbsd.org 2001/12/06 18:20:32
[channels.c]
     disable nagle for X11 fake server and client TCPs.  from netbsd.
     ok markus@
2001-12-07 17:28:34 +00:00
Ben Lindstrom ccd8d07b3c - stevesk@cvs.openbsd.org 2001/12/06 18:09:23
[channels.c session.c]
     strncpy->strlcpy.  remaining strncpy's are necessary.  ok markus@
2001-12-07 17:26:48 +00:00
Ben Lindstrom e181a4d294 - stevesk@cvs.openbsd.org 2001/12/06 18:02:32
[channels.c sshconnect.c]
     shutdown(sock, SHUT_RDWR) not needed here; ok markus@
2001-12-07 17:24:49 +00:00
Ben Lindstrom 1c37c6a518 - deraadt@cvs.openbsd.org 2001/12/05 10:06:12
[authfd.c authfile.c bufaux.c channels.c compat.c kex.c kexgex.c
      key.c misc.c packet.c servconf.c ssh-agent.c sshconnect2.c
      sshconnect.c sshd.c ssh-dss.c ssh-keygen.c ssh-rsa.c]
     minor KNF
2001-12-06 18:00:18 +00:00
Ben Lindstrom 3c36bb29ca - itojun@cvs.openbsd.org 2001/12/05 03:56:39
[auth1.c auth2.c canohost.c channels.c deattack.c packet.c scp.c
      sshconnect2.c]
     make it compile with more strict prototype checking
2001-12-06 17:55:26 +00:00
Damien Miller 3ec2759ad4 - (djm) OpenBSD CVS Sync
- markus@cvs.openbsd.org 2001/10/10 22:18:47
     [channels.c channels.h clientloop.c nchan.c serverloop.c]
     [session.c session.h]
     try to keep channels open until an exit-status message is sent.
     don't kill the login shells if the shells stdin/out/err is closed.
     this should now work:
     ssh -2n localhost 'exec > /dev/null 2>&1; sleep 10; exit 5'; echo ?
2001-10-12 11:35:04 +10:00
Damien Miller 52b77beb65 - markus@cvs.openbsd.org 2001/10/09 21:59:41
[channels.c channels.h serverloop.c session.c session.h]
     simplify session close: no more delayed session_close, no more blocking wait() calls.
2001-10-10 15:14:37 +10:00
Damien Miller d3c04b90e4 - markus@cvs.openbsd.org 2001/10/08 11:48:57
[channels.c]
     better debug
2001-10-10 15:04:20 +10:00
Damien Miller 4623a75462 - markus@cvs.openbsd.org 2001/10/07 17:49:40
[channels.c channels.h]
     avoid possible FD_ISSET overflow for channels established
     during channnel_after_select() (used for dynamic channels).
2001-10-10 15:03:58 +10:00
Damien Miller af5f2e641c - markus@cvs.openbsd.org 2001/10/04 15:05:40
[channels.c serverloop.c]
     comment out bogus conditions for selecting on connection_in
2001-10-10 15:01:16 +10:00
Ben Lindstrom 908afed17f - markus@cvs.openbsd.org 2001/10/01 21:38:53
[channels.c channels.h ssh.c sshd.c]
     remove ugliness; vp@drexel.edu via angelos
2001-10-03 17:34:59 +00:00
Ben Lindstrom 6d218f404f - markus@cvs.openbsd.org 2001/09/17 21:04:02
[channels.c serverloop.c]
     don't send fake dummy packets on CR (\r)
     bugreport from yyua@cs.sfu.ca via solar@@openwall.com
2001-09-18 05:53:12 +00:00
Ben Lindstrom 944c4f0bda - markus@cvs.openbsd.org 2001/09/17 20:52:47
[channels.c channels.h clientloop.c]
     try to fix agent-forwarding-backconnection-bug, as seen on HPUX,
     for example; with Lutz.Jaenicke@aet.TU-Cottbus.DE,
2001-09-18 05:51:13 +00:00
Ben Lindstrom 16d29d57e8 - markus@cvs.openbsd.org 2001/07/17 21:04:58
[channels.c channels.h clientloop.c nchan.c serverloop.c]
     keep track of both maxfd and the size of the malloc'ed fdsets.
     update maxfd if maxfd gets closed.
2001-07-18 16:01:46 +00:00
Ben Lindstrom 809744e912 - markus@cvs.openbsd.org 2001/07/02 22:52:57
[channels.c channels.h serverloop.c]
     improve cleanup/exit logic in ssh2:
     stop listening to channels, detach channel users (e.g. sessions).
     wait for children (i.e. dying sessions), send exit messages,
     cleanup all channels.
2001-07-04 05:26:06 +00:00
Ben Lindstrom 173e646f7e - stevesk@cvs.openbsd.org 2001/06/30 18:08:40
[channels.c channels.h clientloop.c]
     adress -> address; ok markus@
2001-07-04 05:15:15 +00:00
Ben Lindstrom 1118095d33 - stevesk@cvs.openbsd.org 2001/06/29 18:40:28
[channels.c]
     use socklen_t for getsockopt arg #5; ok markus@
2001-07-04 05:13:35 +00:00
Ben Lindstrom 4469723325 - markus@cvs.openbsd.org 2001/06/25 08:25:41
[channels.c channels.h cipher.c clientloop.c compat.c compat.h
      hostfile.c kex.c kex.h key.c key.h nchan.c packet.c serverloop.c
      session.c session.h sftp-server.c ssh-add.c ssh-agent.c uuencode.h]
     update copyright for 2001
2001-07-04 03:32:30 +00:00
Ben Lindstrom bba81213b9 - itojun@cvs.openbsd.org 2001/06/23 15:12:20
[auth1.c auth2.c auth2-chall.c authfd.c authfile.c auth-rhosts.c
      canohost.c channels.c cipher.c clientloop.c deattack.c dh.c
      hostfile.c kex.c kexdh.c kexgex.c key.c nchan.c packet.c radix.c
      readpass.c scp.c servconf.c serverloop.c session.c sftp.c
      sftp-client.c sftp-glob.c sftp-int.c sftp-server.c ssh-add.c
      ssh-agent.c ssh.c sshconnect1.c sshconnect2.c sshconnect.c sshd.c
      ssh-keygen.c ssh-keyscan.c]
     more strict prototypes.  raise warning level in Makefile.inc.
     markus ok'ed
     TODO; cleanup headers
2001-06-25 05:01:22 +00:00
Ben Lindstrom 601e43638e - markus@cvs.openbsd.org 2001/06/20 13:56:39
[channels.c channels.h clientloop.c packet.c serverloop.c]
     move from channel_stop_listening to channel_free_all,
     call channel_free_all before calling waitpid() in serverloop.
     fixes the utmp handling; report from Lutz.Jaenicke@aet.TU-Cottbus.DE
2001-06-21 03:19:23 +00:00
Ben Lindstrom 664408d2a7 - markus@cvs.openbsd.org 2001/06/07 20:23:05
[authfd.c authfile.c channels.c kexdh.c kexgex.c packet.c ssh.c
      sshconnect.c sshconnect1.c]
     use xxx_put_cstring()
2001-06-09 01:42:01 +00:00
Ben Lindstrom df4981bc31 - markus@cvs.openbsd.org 2001/06/05 10:24:32
[channels.c]
     don't delete the auth socket in channel_stop_listening()
     auth_sock_cleanup_proc() will take care of this.
2001-06-09 01:32:29 +00:00
Ben Lindstrom 983c098311 - markus@cvs.openbsd.org 2001/06/04 21:59:43
[channels.c channels.h session.c]
     switch uid when cleaning up tmp files and sockets; reported by
     zen-parse@gmx.net on bugtraq
2001-06-09 01:20:06 +00:00
Ben Lindstrom 838394ca26 - markus@cvs.openbsd.org 2001/06/03 14:55:39
[channels.c channels.h session.c]
     use fatal_register_cleanup instead of atexit, sync with x11 authdir
     handling
2001-06-09 01:11:59 +00:00
Ben Lindstrom e9c999137a - (bal) Channels.c and Channels.h -- "Merge Functions, simplify" (draged
out of ssh Attic)
2001-06-09 00:41:05 +00:00
Ben Lindstrom 4c247550ae - markus@cvs.openbsd.org 2001/05/28 23:25:24
[channels.c]
     cleanup, typo
2001-06-05 20:56:47 +00:00
Ben Lindstrom c0dee1a148 - markus@cvs.openbsd.org 2001/05/28 23:14:49
[channels.c channels.h nchan.c]
     undo broken channel fix and try a different one. there
     should be still some select errors...
2001-06-05 20:52:50 +00:00
Ben Lindstrom e259544876 - stevesk@cvs.openbsd.org 2001/05/19 19:57:09
[channels.c]
     typo in error message
2001-06-05 20:01:39 +00:00
Ben Lindstrom b6147ab9e9 - markus@cvs.openbsd.org 2001/05/16 22:09:21
[channels.c nchan.c]
     more select() error fixes (don't set rfd/wfd to -1).
2001-05-17 03:21:27 +00:00
Ben Lindstrom 6d618466e8 - markus@cvs.openbsd.org 2001/05/09 22:51:57
[channels.c]
     fix -R for protocol 2, noticed by greg@nest.cx.
     bug was introduced with experimental dynamic forwarding.
2001-05-10 23:24:49 +00:00
Ben Lindstrom 6912866893 - markus@cvs.openbsd.org 2001/05/08 19:17:31
[channels.c serverloop.c]
     adds correct error reporting to async connect()s
     fixes the server-discards-data-before-connected-bug found by
     onoe@sm.sony.co.jp
2001-05-08 20:07:39 +00:00
Ben Lindstrom 99c73b377a - markus@cvs.openbsd.org 2001/05/04 23:47:34
[channels.c channels.h clientloop.c nchan.c nchan.h serverloop.c ssh.c]
     move to Channel **channels (instead of Channel *channels), fixes realloc
     problems.  channel_new now returns a Channel *, favour Channel * over
     channel id.  remove old channel_allocate interface.
2001-05-05 04:09:47 +00:00
Ben Lindstrom c8cb8c0405 - markus@cvs.openbsd.org 2001/05/04 14:34:34
[channels.c]
     channel_new() reallocs channels[], we cannot use Channel *c after calling
     channel_new(), XXX fix this in the future...
2001-05-04 22:40:28 +00:00
Ben Lindstrom 2b45180b2e - stevesk@cvs.openbsd.org 2001/05/03 15:07:39
[channels.c]
     typo in debug() string
2001-05-03 22:35:32 +00:00
Ben Lindstrom f343674d5e - markus@cvs.openbsd.org 2001/04/29 19:16:52
[channels.c clientloop.c compat.c compat.h serverloop.c]
     more ssh.com-2.0.x bug-compat; from per@appgate.com
2001-04-29 19:52:00 +00:00
Ben Lindstrom 2b261b9035 - markus@cvs.openbsd.org 2001/04/17 12:55:04
[channels.c ssh.c]
     undo socks5 and https support since they are not really used and
     only bloat ssh.  remove -D from usage(), since '-D' is experimental.
2001-04-17 18:14:34 +00:00
Ben Lindstrom d334b2768b - markus@cvs.openbsd.org 2001/04/14 16:17:14
[channels.c]
     remove some channels that are not appropriate for keepalive.
2001-04-14 23:08:36 +00:00
Ben Lindstrom 5744dc421d - beck@cvs.openbsd.org 2001/04/13 22:46:54
[channels.c channels.h servconf.c servconf.h serverloop.c sshd.8]
     Add options ClientAliveInterval and ClientAliveCountMax to sshd.
     This gives the ability to do a "keepalive" via the encrypted channel
     which can't be spoofed (unlike TCP keepalives). Useful for when you want
     to use ssh connections to authenticate people for something, and know
     relatively quickly when they are no longer authenticated. Disabled
     by default (of course). ok markus@
2001-04-13 23:28:01 +00:00
Ben Lindstrom 6fa9d10ed5 - markus@cvs.openbsd.org 2001/04/11 13:56:13
[channels.c ssh.c]
     https-connect and socks5 support. i feel so bad.
2001-04-11 23:08:17 +00:00
Ben Lindstrom c486d88bf8 - markus@cvs.openbsd.org 2001/04/10 12:15:23
[channels.c]
     debug cleanup
2001-04-11 16:08:34 +00:00
Ben Lindstrom b392151685 - markus@cvs.openbsd.org 2001/04/10 07:46:58
[channels.c]
     cleanup socks4 handling
2001-04-11 15:57:50 +00:00
Ben Lindstrom 3bb4f9da73 - markus@cvs.openbsd.org 2001/04/07 08:55:18
[buffer.c channels.c channels.h readconf.c ssh.c]
     allow the ssh client act as a SOCKS4 proxy (dynamic local
     portforwarding).  work by Dan Kaminsky <dankamin@cisco.com> and me.
     thanks to Dan for this great patch: use 'ssh -D 1080 host' and make
     netscape use localhost:1080 as a socks proxy.
2001-04-08 18:30:26 +00:00
Ben Lindstrom 3fcf1a22b5 - markus@cvs.openbsd.org 2001/04/06 21:00:17
[auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth2.c channels.c session.c
      ssh.c sshconnect.c sshconnect.h uidswap.c uidswap.h]
     do gid/groups-swap in addition to uid-swap, should help if /home/group
     is chmod 750 + chgrp grp /home/group/, work be deraadt and me, thanks
     to olar@openwall.com is comments.  we had many requests for this.
2001-04-08 18:26:59 +00:00