Commit Graph

103 Commits

Author SHA1 Message Date
Damien Miller f42f7684ec - djm@cvs.openbsd.org 2014/07/17 00:10:18
[mux.c]
     preserve errno across syscall
2014-07-18 15:03:27 +10:00
Damien Miller 7acefbbcbe - millert@cvs.openbsd.org 2014/07/15 15:54:14
[PROTOCOL auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
     [auth-rsa.c auth.c auth1.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
     [auth2-passwd.c auth2-pubkey.c auth2.c canohost.c channels.c channels.h]
     [clientloop.c misc.c misc.h monitor.c mux.c packet.c readconf.c]
     [readconf.h servconf.c servconf.h serverloop.c session.c ssh-agent.c]
     [ssh.c ssh_config.5 sshconnect.c sshconnect1.c sshconnect2.c sshd.c]
     [sshd_config.5 sshlogin.c]
     Add support for Unix domain socket forwarding.  A remote TCP port
     may be forwarded to a local Unix domain socket and vice versa or
     both ends may be a Unix domain socket.  This is a reimplementation
     of the streamlocal patches by William Ahern from:
         http://www.25thandclement.com/~william/projects/streamlocal.html
     OK djm@ markus@
2014-07-18 14:11:24 +10:00
Damien Miller 633de33b19 - djm@cvs.openbsd.org 2014/04/28 03:09:18
[authfile.c bufaux.c buffer.h channels.c krl.c mux.c packet.c packet.h]
     [ssh-keygen.c]
     buffer_get_string_ptr's return should be const to remind
     callers that futzing with it will futz with the actual buffer
     contents
2014-05-15 13:48:26 +10:00
Damien Miller ce98654674 - djm@cvs.openbsd.org 2013/07/12 00:19:59
[auth-options.c auth-rsa.c bufaux.c buffer.h channels.c hostfile.c]
     [hostfile.h mux.c packet.c packet.h roaming_common.c serverloop.c]
     fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@
2013-07-18 16:12:44 +10:00
Darren Tucker 746e9067bd - dtucker@cvs.openbsd.org 2013/06/05 02:07:29
[mux.c]
     fix leaks in mux error paths, from Zhenbo Xu, found by Melton. bz#1967,
     ok djm
2013-06-06 08:20:13 +10:00
Darren Tucker ea8342c248 - dtucker@cvs.openbsd.org 2013/06/02 23:36:29
[clientloop.h clientloop.c mux.c]
     No need for the mux cleanup callback to be visible so restore it to static
     and call it through the detach_user function pointer.  ok djm@
2013-06-06 08:11:40 +10:00
Darren Tucker a627d42e51 - djm@cvs.openbsd.org 2013/05/17 00:13:13
[xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c
     ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c
     gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c
     auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c
     servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c
     auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c
     sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c
     kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c
     kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c
     monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c
     ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c
     sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c
     ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c
     dns.c packet.c readpass.c authfd.c moduli.c]
     bye, bye xfree(); ok markus@
2013-06-02 07:31:17 +10:00
Damien Miller bc02f163f6 - dtucker@cvs.openbsd.org 2013/04/22 01:17:18
[mux.c]
     typo in debug output: evitval->exitval
2013-04-23 19:25:49 +10:00
Damien Miller 172859cff7 - djm@cvs.openbsd.org 2013/04/05 00:58:51
[mux.c]
     cleanup mux-created channels that are in SSH_CHANNEL_OPENING state too
     (in addition to ones already in OPEN); bz#2079, ok dtucker@
2013-04-23 15:19:27 +10:00
Damien Miller b87f6b70f8 - (djm) [configure.ac includes.h loginrec.c mux.c sftp.c] Prefer
bsd/libutil.h to libutil.h to avoid deprecation warnings on Ubuntu.
   ok tim
2013-02-23 09:12:23 +11:00
Damien Miller 73298f420e - djm@cvs.openbsd.org 2013/01/02 00:32:07
[clientloop.c mux.c]
     channel_setup_local_fwd_listener() returns 0 on failure, not -ve
     bz#2055 reported by mathieu.lacage AT gmail.com
2013-01-09 15:55:50 +11:00
Darren Tucker 66cb0e0733 - dtucker@cvs.openbsd.org 2012/08/17 00:45:45
[clientloop.c clientloop.h mux.c]
     Force a clean shutdown of ControlMaster client sessions when the ~. escape
     sequence is used.  This means that ~. should now work in mux clients even
     if the server is no longer responding.  Found by tedu, ok djm.
2012-09-06 21:19:05 +10:00
Damien Miller ab523b0246 - djm@cvs.openbsd.org 2012/07/06 01:37:21
[mux.c]
     fix memory leak of passed-in environment variables and connection
     context when new session message is malformed; bz#2003 from Bert.Wesarg
     AT googlemail.com
2012-07-06 13:44:43 +10:00
Damien Miller 2e7decfcc0 - djm@cvs.openbsd.org 2012/06/01 01:01:22
[mux.c]
     fix memory leak when mux socket creation fails; bz#2002 from bert.wesarg
     AT googlemail.com
2012-06-20 21:52:00 +10:00
Damien Miller ac58ce86e6 - djm@cvs.openbsd.org 2012/01/07 21:11:36
[mux.c]
     fix double-free in new session handler
     NB. Id sync only
2012-06-20 21:50:47 +10:00
Damien Miller 140df63e1f - djm@cvs.openbsd.org 2011/12/04 23:16:12
[mux.c]
     revert:

     > revision 1.32
     > date: 2011/12/02 00:41:56;  author: djm;  state: Exp;  lines: +4 -1
     > fix bz#1948: ssh -f doesn't fork for multiplexed connection.
     > ok dtucker@

     it interacts badly with ControlPersist
2012-06-20 21:46:57 +10:00
Damien Miller efc6fc995d - djm@cvs.openbsd.org 2011/12/02 00:41:56
[mux.c]
     fix bz#1948: ssh -f doesn't fork for multiplexed connection.
     ok dtucker@
2012-06-20 21:44:56 +10:00
Damien Miller 2ec0342ed4 - djm@cvs.openbsd.org 2012/01/07 21:11:36
[mux.c]
     fix double-free in new session handler
2012-02-11 08:16:28 +11:00
Damien Miller 913ddff40d - djm@cvs.openbsd.org 2011/12/04 23:16:12
[mux.c]
     revert:
     > revision 1.32
     > date: 2011/12/02 00:41:56;  author: djm;  state: Exp;  lines: +4 -1
     > fix bz#1948: ssh -f doesn't fork for multiplexed connection.
     > ok dtucker@
     it interacts badly with ControlPersist
2011-12-19 10:52:21 +11:00
Damien Miller 5360dff2a0 - djm@cvs.openbsd.org 2011/12/02 00:41:56
[mux.c]
     fix bz#1948: ssh -f doesn't fork for multiplexed connection.
     ok dtucker@
2011-12-19 10:51:11 +11:00
Darren Tucker 68afb8c5f2 - markus@cvs.openbsd.org 2011/09/23 07:45:05
[mux.c readconf.h channels.h compat.h compat.c ssh.c readconf.c channels.c     version.h]
     unbreak remote portforwarding with dynamic allocated listen ports:
     1) send the actual listen port in the open message (instead of 0).
        this allows multiple forwardings with a dynamic listen port
     2) update the matching permit-open entry, so we can identify where
        to connect to
     report: den at skbkontur.ru and P. Szczygielski
     feedback and ok djm@
2011-10-02 18:59:03 +11:00
Damien Miller f6dff7cd2f - djm@cvs.openbsd.org 2011/09/09 22:46:44
[channels.c channels.h clientloop.h mux.c ssh.c]
     support for cancelling local and remote port forwards via the multiplex
     socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@host" to request
     the cancellation of the specified forwardings; ok markus@
2011-09-22 21:38:52 +10:00
Damien Miller 6d7b4377dd - djm@cvs.openbsd.org 2011/06/22 22:08:42
[channels.c channels.h clientloop.c clientloop.h mux.c ssh.c]
     hook up a channel confirm callback to warn the user then requested X11
     forwarding was refused by the server; ok markus@
2011-06-23 08:31:57 +10:00
Damien Miller 555f3b856f - djm@cvs.openbsd.org 2011/05/08 12:52:01
[PROTOCOL.mux clientloop.c clientloop.h mux.c]
     improve our behaviour when TTY allocation fails: if we are in
     RequestTTY=auto mode (the default), then do not treat at TTY
     allocation error as fatal but rather just restore the local TTY
     to cooked mode and continue. This is more graceful on devices that
     never allocate TTYs.

     If RequestTTY is set to "yes" or "force", then failure to allocate
     a TTY is fatal.

     ok markus@
2011-05-15 08:48:05 +10:00
Damien Miller 21771e22d3 - djm@cvs.openbsd.org 2011/05/06 21:34:32
[clientloop.c mux.c readconf.c readconf.h ssh.c ssh_config.5]
     Add a RequestTTY ssh_config option to allow configuration-based
     control over tty allocation (like -t/-T); ok markus@
2011-05-15 08:45:50 +10:00
Damien Miller 60432d8cf2 - djm@cvs.openbsd.org 2011/05/05 05:12:08
[mux.c]
     gracefully fall back when ControlPath is too large for a
     sockaddr_un. ok markus@ as part of a larger diff
2011-05-15 08:34:46 +10:00
Damien Miller 6c3eec7ab2 - djm@cvs.openbsd.org 2011/04/17 22:42:42
[PROTOCOL.mux clientloop.c clientloop.h mux.c ssh.1 ssh.c]
     allow graceful shutdown of multiplexing: request that a mux server
     removes its listener socket and refuse future multiplexing requests;
     ok markus@
2011-05-05 14:16:22 +10:00
Damien Miller 445c9a507d - djm@cvs.openbsd.org 2011/01/13 21:54:53
[mux.c]
     correct error messages; patch from bert.wesarg AT googlemail.com
2011-01-14 12:01:29 +11:00
Damien Miller 68512c0341 - OpenBSD CVS Sync
- dtucker@cvs.openbsd.org 2010/10/12 02:22:24
     [mux.c]
     Typo in confirmation message.  bz#1827, patch from imorgan at nas nasa gov
2010-10-21 15:21:11 +11:00
Damien Miller 603134e077 - djm@cvs.openbsd.org 2010/09/20 07:19:27
[mux.c]
     "atomically" create the listening mux socket by binding it on a temorary
     name and then linking it into position after listen() has succeeded.
     this allows the mux clients to determine that the server socket is
     either ready or stale without races. stale server sockets are now
     automatically removed
     ok deraadt
2010-09-24 22:07:55 +10:00
Damien Miller 1ab6a51f9b - djm@cvs.openbsd.org 2010/06/25 23:10:30
[ssh.c]
     log the hostname and address that we connected to at LogLevel=verbose
     after authentication is successful to mitigate "phishing" attacks by
     servers with trusted keys that accept authentication silently and
     automatically before presenting fake password/passphrase prompts;
     "nice!" markus@
2010-06-26 10:02:24 +10:00
Damien Miller 232cfb1b1d - djm@cvs.openbsd.org 2010/06/25 07:14:46
[channels.c mux.c readconf.c readconf.h ssh.h]
     bz#1327: remove hardcoded limit of 100 permitopen clauses and port
     forwards per direction; ok markus@ stevesk@
2010-06-26 09:50:30 +10:00
Damien Miller c094d1e481 - djm@cvs.openbsd.org 2010/06/17 07:07:30
[mux.c]
     Correct sizing of object to be allocated by calloc(), replacing
     sizeof(state) with sizeof(*state). This worked by accident since
     the struct contained a single int at present, but could have broken
     in the future. patch from hyc AT symas.com
2010-06-26 09:36:34 +10:00
Damien Miller 388f6fc485 - markus@cvs.openbsd.org 2010/05/16 12:55:51
[PROTOCOL.mux clientloop.h mux.c readconf.c readconf.h ssh.1 ssh.c]
     mux support for remote forwarding with dynamic port allocation,
     use with
        LPORT=`ssh -S muxsocket -R0:localhost:25 -O forward somehost`
     feedback and ok djm@
2010-05-21 14:57:35 +10:00
Damien Miller d530f5f471 - djm@cvs.openbsd.org 2010/05/14 23:29:23
[channels.c channels.h mux.c ssh.c]
     Pause the mux channel while waiting for reply from aynch callbacks.
     Prevents misordering of replies if new requests arrive while waiting.

     Extend channel open confirm callback to allow signalling failure
     conditions as well as success. Use this to 1) fix a memory leak, 2)
     start using the above pause mechanism and 3) delay sending a success/
     failure message on mux slave session open until we receive a reply from
     the server.

     motivated by and with feedback from markus@
2010-05-21 14:57:10 +10:00
Damien Miller 85c50d7858 - djm@cvs.openbsd.org 2010/04/23 22:27:38
[mux.c]
     set "detach_close" flag when registering channel cleanup callbacks.
     This causes the channel to close normally when its fds close and
     hangs when terminating a mux slave using ~. bz#1758; ok markus@
2010-05-10 11:53:02 +10:00
Damien Miller 601a23c02c - djm@cvs.openbsd.org 2010/04/10 05:48:16
[mux.c]
     fix NULL dereference; from matthew.haub AT alumni.adelaide.edu.au
2010-04-16 15:54:01 +10:00
Damien Miller 0dac03febd - djm@cvs.openbsd.org 2010/01/29 20:16:17
[mux.c]
     kill correct channel (was killing already-dead mux channel, not
     its session channel)
2010-01-30 17:36:33 +11:00
Damien Miller 133d9d313e - djm@cvs.openbsd.org 2010/01/29 00:20:41
[sshd.c]
     set FD_CLOEXEC on sock_in/sock_out; bz#1706 from jchadima AT redhat.com
     ok dtucker@
2010-01-30 17:30:04 +11:00
Damien Miller a21cdfac2f - djm@cvs.openbsd.org 2010/01/27 13:26:17
[mux.c]
     fix bug introduced in mux rewrite:

     In a mux master, when a socket to a mux slave closes before its server
     session (as may occur when the slave has been signalled), gracefully
     close the server session rather than deleting its channel immediately.
     A server may have more messages on that channel to send (e.g. an exit
     message) that will fatal() the client if they are sent to a channel that
     has been prematurely deleted.

     spotted by imorgan AT nas.nasa.gov
2010-01-28 06:26:59 +11:00
Damien Miller 45a81a0e18 - djm@cvs.openbsd.org 2010/01/26 02:15:20
[mux.c]
     -Wuninitialized and remove a // comment; from portable
     (Id sync only)
2010-01-28 06:26:20 +11:00
Damien Miller e1537f951f - djm@cvs.openbsd.org 2010/01/26 01:28:35
[channels.c channels.h clientloop.c clientloop.h mux.c nchan.c ssh.c]
     rewrite ssh(1) multiplexing code to a more sensible protocol.

     The new multiplexing code uses channels for the listener and
     accepted control sockets to make the mux master non-blocking, so
     no stalls when processing messages from a slave.

     avoid use of fatal() in mux master protocol parsing so an errant slave
     process cannot take down a running master.

     implement requesting of port-forwards over multiplexed sessions. Any
     port forwards requested by the slave are added to those the master has
     established.

     add support for stdio forwarding ("ssh -W host:port ...") in mux slaves.

     document master/slave mux protocol so that other tools can use it to
     control a running ssh(1). Note: there are no guarantees that this
     protocol won't be incompatibly changed (though it is versioned).

     feedback Salvador Fandino, dtucker@
     channel changes ok markus@
2010-01-26 13:26:22 +11:00
Darren Tucker 37c1b3d6fc - djm@cvs.openbsd.org 2010/01/09 05:04:24
[mux.c sshpty.h clientloop.c sshtty.c]
     quell tc[gs]etattr warnings when forcing a tty (ssh -tt), since we
     usually don't actually have a tty to read/set; bz#1686 ok dtucker@
2010-01-09 22:26:23 +11:00
Darren Tucker 8ec4fd8e3c - dtucker@cvs.openbsd.org 2009/08/20 23:54:28
[mux.c]
     subsystem_flag is defined in ssh.c so it's extern; ok djm
2009-10-07 08:39:57 +11:00
Darren Tucker 47e713be94 - dtucker@cvs.openbsd.org 2008/06/13 17:21:20
[mux.c]
     Friendlier error messages for mux fallback.  ok djm@
2008-06-14 09:01:54 +10:00
Darren Tucker 1adfd368c4 - dtucker@cvs.openbsd.org 2008/06/13 00:47:53
[mux.c]
     upcast size_t to u_long to match format arg; ok djm@
2008-06-13 10:58:10 +10:00
Darren Tucker ca19bfe254 - djm@cvs.openbsd.org 2008/06/13 00:16:49
[mux.c]
     fall back to creating a new TCP connection on most multiplexing errors
     (socket connect fail, invalid version, refused permittion, corrupted
     messages, etc.); bz #1329 ok dtucker@
2008-06-13 10:24:03 +10:00
Darren Tucker 84c56f536c - djm@cvs.openbsd.org 2008/06/12 15:19:17
[clientloop.h channels.h clientloop.c channels.c mux.c]
     The multiplexing escape char handler commit last night introduced a
     small memory leak per session; plug it.
2008-06-13 04:55:46 +10:00
Darren Tucker ba69c7a987 - djm@cvs.openbsd.org 2008/06/12 05:32:30
[mux.c]
     some more TODO for me
2008-06-13 04:54:05 +10:00
Darren Tucker 2fb66caca2 - djm@cvs.openbsd.org 2008/06/12 03:40:52
[clientloop.h mux.c channels.c clientloop.c channels.h]
     Enable ~ escapes for multiplex slave sessions; give each channel
     its own escape state and hook the escape filters up to muxed
     channels. bz #1331
     Mux slaves do not currently support the ~^Z and ~& escapes.
     NB. this change cranks the mux protocol version, so a new ssh
     mux client will not be able to connect to a running old ssh
     mux master.
     ok dtucker@
2008-06-13 04:49:33 +10:00
Darren Tucker ce38d8234d - (dtucker) [mux.c] Include paths.h inside ifdef HAVE_PATHS_H. 2008-06-07 06:25:15 +10:00
Damien Miller a7058ec7c0 - (djm) [configure.ac mux.c sftp.c openbsd-compat/Makefile.in]
[openbsd-compat/fmt_scaled.c openbsd-compat/openbsd-compat.h]
   Fix compilation on Linux, including pulling in fmt_scaled(3)
   implementation from OpenBSD's libutil.
2008-05-20 08:57:06 +10:00
Damien Miller b1cbfa25f1 - djm@cvs.openbsd.org 2008/05/09 14:18:44
[clientloop.c clientloop.h ssh.c mux.c]
     tidy up session multiplexing code, moving it into its own file and
     making the function names more consistent - making ssh.c and
     clientloop.c a fair bit more readable.
     ok markus@
2008-05-19 16:00:08 +10:00