58226f6068
- dtucker@cvs.openbsd.org 2008/02/22 20:44:02
...
[clientloop.c packet.c packet.h serverloop.c]
Allow all SSH2 packet types, including UNIMPLEMENTED to reset the
keepalive timer (bz #1307 ). ok markus@
2008-03-07 18:33:30 +11:00
5ed3d575f9
- dtucker@cvs.openbsd.org 2008/01/23 01:56:54
...
[clientloop.c packet.c serverloop.c]
Revert the change for bz #1307 as it causes connection aborts if an IGNORE
packet arrives while we're waiting in packet_read_expect (and possibly
elsewhere).
2008-02-10 22:27:47 +11:00
b82f5dd17d
- djm@cvs.openbsd.org 2008/01/19 20:48:53
...
[clientloop.c]
fd leak on session multiplexing error path. Report and patch from
gregory_shively AT fanniemae.com
2008-02-10 22:22:53 +11:00
5baa170d77
- dtucker@cvs.openbsd.org 2007/12/28 22:34:47
...
[clientloop.c]
Use the correct packet maximum sizes for remote port and agent forwarding.
Prevents the server from killing the connection if too much data is queued
and an excessively large packet gets sent. bz #1360 , ok djm@.
2007-12-29 09:37:10 +11:00
d6725f04e2
- dtucker@cvs.openbsd.org 2007/12/28 15:32:24
...
[clientloop.c serverloop.c packet.c]
Make SSH2_MSG_UNIMPLEMENTED and SSH2_MSG_IGNORE messages reset the
ServerAlive and ClientAlive timers. Prevents dropping a connection
when these are enabled but the peer does not support our keepalives.
bz #1307 , ok djm@.
2007-12-29 02:45:07 +11:00
23ae8ca948
- djm@cvs.openbsd.org 2007/11/03 00:36:14
...
[clientloop.c]
fix memory leak in process_cmdline(), patch from Jan.Pechanec AT Sun.COM;
ok dtucker@
2007-12-02 23:12:30 +11:00
54fd7cf2db
- djm@cvs.openbsd.org 2007/09/04 03:21:03
...
[clientloop.c monitor.c monitor_fdpass.c monitor_fdpass.h]
[monitor_wrap.c ssh.c]
make file descriptor passing code return an error rather than call fatal()
when it encounters problems, and use this to make session multiplexing
masters survive slaves failing to pass all stdio FDs; ok markus@
2007-09-17 12:04:08 +10:00
513d13accd
- markus@cvs.openbsd.org 2007/08/15 08:14:46
...
[clientloop.c]
do NOT fall back to the trused x11 cookie if generation of an untrusted
cookie fails; from security-alert at sun.com; ok dtucker
2007-08-15 19:13:41 +10:00
b3ce9fec30
- djm@cvs.openbsd.org 2007/08/07 07:32:53
...
[clientloop.c clientloop.h ssh.c]
bz#1232: ensure that any specified LocalCommand is executed after the
tunnel device is opened. Also, make failures to open a tunnel device
fatal when ExitOnForwardFailure is active.
Reported by h.goebel AT goebel-consult.de; ok dtucker markus reyk deraadt
2007-08-08 14:32:41 +10:00
03b1cdbb44
- tedu@cvs.openbsd.org 2007/03/20 03:56:12
...
[readconf.c clientloop.c]
remove some bogus *p tests from charles longeau
ok deraadt millert
2007-03-21 20:46:03 +11:00
d04188e70e
- djm@cvs.openbsd.org 2007/02/20 10:25:14
...
[clientloop.c]
set maximum packet and window sizes the same for multiplexed clients
as normal connections; ok markus@
2007-02-25 20:36:49 +11:00
82a3d2bc6f
- stevesk@cvs.openbsd.org 2007/01/21 01:41:54
...
[auth-skey.c kex.c ssh-keygen.c session.c clientloop.c]
spaces
2007-02-19 22:10:25 +11:00
985a4485f5
- markus@cvs.openbsd.org 2006/10/11 12:38:03
...
[clientloop.c serverloop.c]
exit instead of doing a blocking tcp send if we detect a client/server
timeout, since the tcp sendqueue might be already full (of alive
requests); ok dtucker, report mpf
2006-10-24 03:02:41 +10:00
ded319cca2
- (djm) [audit-bsm.c audit.c auth-bsdauth.c auth-chall.c auth-pam.c]
...
[auth-rsa.c auth-shadow.c auth-sia.c auth1.c auth2-chall.c]
[auth2-gss.c auth2-kbdint.c auth2-none.c authfd.c authfile.c]
[cipher-3des1.c cipher-aes.c cipher-bf1.c cipher-ctr.c clientloop.c]
[dh.c dns.c entropy.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
[kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c loginrec.c mac.c]
[md5crypt.c monitor.c monitor_wrap.c readconf.c rsa.c]
[scard-opensc.c scard.c session.c ssh-add.c ssh-agent.c ssh-dss.c]
[ssh-keygen.c ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c]
[sshconnect1.c sshconnect2.c sshd.c rc4.diff]
[openbsd-compat/bsd-cray.c openbsd-compat/port-aix.c]
[openbsd-compat/port-linux.c openbsd-compat/port-solaris.c]
[openbsd-compat/port-uw.c]
Lots of headers for SCO OSR6, mainly adding stdarg.h for log.h;
compile problems reported by rac AT tenzing.org
2006-09-01 15:38:36 +10:00
d783435315
- deraadt@cvs.openbsd.org 2006/08/03 03:34:42
...
[OVERVIEW atomicio.c atomicio.h auth-bsdauth.c auth-chall.c auth-krb5.c]
[auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
[auth-rsa.c auth-skey.c auth.c auth.h auth1.c auth2-chall.c auth2-gss.c]
[auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c ]
[auth2-pubkey.c auth2.c authfd.c authfd.h authfile.c bufaux.c bufbn.c]
[buffer.c buffer.h canohost.c channels.c channels.h cipher-3des1.c]
[cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
[compress.c deattack.c dh.c dispatch.c dns.c dns.h fatal.c groupaccess.c]
[groupaccess.h gss-genr.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
[kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c]
[key.h log.c log.h mac.c match.c md-sha256.c misc.c misc.h moduli.c]
[monitor.c monitor_fdpass.c monitor_mm.c monitor_mm.h monitor_wrap.c]
[monitor_wrap.h msg.c nchan.c packet.c progressmeter.c readconf.c]
[readconf.h readpass.c rsa.c scard.c scard.h scp.c servconf.c servconf.h]
[serverloop.c session.c session.h sftp-client.c sftp-common.c]
[sftp-common.h sftp-glob.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
[ssh-dss.c ssh-gss.h ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rsa.c]
[ssh.c ssh.h sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c]
[sshd.c sshlogin.c sshlogin.h sshpty.c sshpty.h sshtty.c ttymodes.c]
[uidswap.c uidswap.h uuencode.c uuencode.h xmalloc.c xmalloc.h]
[loginrec.c loginrec.h openbsd-compat/port-aix.c openbsd-compat/port-tun.h]
almost entirely get rid of the culture of ".h files that include .h files"
ok djm, sort of ok stevesk
makes the pain stop in one easy step
NB. portable commit contains everything *except* removing includes.h, as
that will take a fair bit more work as we move headers that are required
for portability workarounds to defines.h. (also, this step wasn't "easy")
2006-08-05 12:39:39 +10:00
a7a73ee35d
- stevesk@cvs.openbsd.org 2006/08/01 23:22:48
...
[auth-passwd.c auth-rhosts.c auth-rsa.c auth.c auth.h auth1.c]
[auth2-chall.c auth2-pubkey.c authfile.c buffer.c canohost.c]
[channels.c clientloop.c dh.c dns.c dns.h hostfile.c kex.c kexdhc.c]
[kexgexc.c kexgexs.c key.c key.h log.c misc.c misc.h moduli.c]
[monitor_wrap.c packet.c progressmeter.c readconf.c readpass.c scp.c]
[servconf.c session.c sftp-client.c sftp-common.c sftp-server.c sftp.c]
[ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh.c sshconnect.c]
[sshconnect1.c sshconnect2.c sshd.c sshlogin.c sshtty.c uuencode.c]
[uuencode.h xmalloc.c]
move #include <stdio.h> out of includes.h
2006-08-05 11:37:59 +10:00
e7a1e5cf63
- stevesk@cvs.openbsd.org 2006/07/26 13:57:17
...
[authfd.c authfile.c dh.c canohost.c channels.c clientloop.c compat.c]
[hostfile.c kex.c log.c misc.c moduli.c monitor.c packet.c readpass.c]
[scp.c servconf.c session.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
[ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh.c sshconnect.c]
[sshconnect1.c sshd.c xmalloc.c]
move #include <stdlib.h> out of includes.h
2006-08-05 11:34:19 +10:00
8dbffe7904
- stevesk@cvs.openbsd.org 2006/07/26 02:35:17
...
[atomicio.c auth.c dh.c authfile.c buffer.c clientloop.c kex.c]
[groupaccess.c gss-genr.c kexgexs.c misc.c monitor.c monitor_mm.c]
[packet.c scp.c serverloop.c session.c sftp-client.c sftp-common.c]
[sftp-server.c sftp.c ssh-add.c ssh-agent.c ssh-keygen.c sshlogin.c]
[uidswap.c xmalloc.c]
move #include <sys/param.h> out of includes.h
2006-08-05 11:02:17 +10:00
9aec91948d
- stevesk@cvs.openbsd.org 2006/07/25 02:59:21
...
[channels.c clientloop.c packet.c scp.c serverloop.c sftp-client.c]
[sftp-server.c ssh-agent.c ssh-keyscan.c sshconnect.c sshd.c]
move #include <sys/time.h> out of includes.h
2006-08-05 10:57:45 +10:00
e3476ed03b
- stevesk@cvs.openbsd.org 2006/07/22 20:48:23
...
[atomicio.c auth-options.c auth-passwd.c auth-rhosts.c auth-rsa.c]
[auth.c auth1.c auth2-chall.c auth2-hostbased.c auth2-passwd.c auth2.c]
[authfd.c authfile.c bufaux.c bufbn.c buffer.c canohost.c channels.c]
[cipher-3des1.c cipher-bf1.c cipher-ctr.c cipher.c clientloop.c]
[compat.c deattack.c dh.c dns.c gss-genr.c gss-serv.c hostfile.c]
[includes.h kex.c kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c log.c]
[mac.c match.c md-sha256.c misc.c moduli.c monitor.c monitor_fdpass.c]
[monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c rsa.c]
[progressmeter.c readconf.c readpass.c scp.c servconf.c serverloop.c]
[session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c sftp.c]
[ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
[ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c sshconnect2.c]
[sshd.c sshlogin.c sshpty.c ttymodes.c uidswap.c xmalloc.c]
move #include <string.h> out of includes.h
2006-07-24 14:13:33 +10:00
e6b3b610ec
- stevesk@cvs.openbsd.org 2006/07/17 01:31:10
...
[authfd.c authfile.c channels.c cleanup.c clientloop.c groupaccess.c]
[includes.h log.c misc.c msg.c packet.c progressmeter.c readconf.c]
[readpass.c scp.c servconf.c sftp-client.c sftp-server.c sftp.c]
[ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh.c]
[sshconnect.c sshlogin.c sshpty.c uidswap.c]
move #include <unistd.h> out of includes.h
2006-07-24 14:01:23 +10:00
3997249346
- stevesk@cvs.openbsd.org 2006/07/11 20:07:25
...
[scp.c auth.c monitor.c serverloop.c sftp-server.c sshpty.c readpass.c
sshd.c monitor_wrap.c monitor_fdpass.c ssh-agent.c ttymodes.c atomicio.c
includes.h session.c sshlogin.c monitor_mm.c packet.c sshconnect2.c
sftp-client.c nchan.c clientloop.c sftp.c misc.c canohost.c channels.c
ssh-keygen.c progressmeter.c uidswap.c msg.c readconf.c sshconnect.c]
move #include <errno.h> out of includes.h; ok markus@
2006-07-12 22:22:46 +10:00
e7d4b19f75
- markus@cvs.openbsd.org 2006/07/11 18:50:48
...
[clientloop.c ssh.1 ssh.c channels.c ssh_config.5 readconf.h session.c
channels.h readconf.c]
add ExitOnForwardFailure: terminate the connection if ssh(1)
cannot set up all requested dynamic, local, and remote port
forwardings. ok djm, dtucker, stevesk, jmc
2006-07-12 22:17:10 +10:00
e3b60b524e
- stevesk@cvs.openbsd.org 2006/07/08 21:47:12
...
[authfd.c canohost.c clientloop.c dns.c dns.h includes.h]
[monitor_fdpass.c nchan.c packet.c servconf.c sftp.c ssh-agent.c]
[ssh-keyscan.c ssh.c sshconnect.h sshd.c sshlogin.h]
move #include <sys/socket.h> out of includes.h
2006-07-10 21:08:03 +10:00
57e8ad3f5e
- stevesk@cvs.openbsd.org 2006/07/02 23:01:55
...
[clientloop.c ssh.1]
use -KR[bind_address:]port here; ok djm@
2006-07-10 20:20:52 +10:00
43020951ad
- djm@cvs.openbsd.org 2006/06/26 10:36:15
...
[clientloop.c]
mention optional bind_address in runtime port forwarding setup
command-line help. patch from santhi.amirta AT gmail.com
2006-07-10 20:16:12 +10:00
24fd8ddd61
- markus@cvs.openbsd.org 2006/05/16 09:00:00
...
[clientloop.c]
missing free; from Kylene Hall
2006-06-13 13:00:09 +10:00
97c91f688f
- djm@cvs.openbsd.org 2006/04/20 09:27:09
...
[auth.h clientloop.c dispatch.c dispatch.h kex.h]
replace the last non-sig_atomic_t flag used in a signal handler with a
sig_atomic_t, unfortunately with some knock-on effects in other (non-
signal) contexts in which it is used; ok markus@
2006-04-23 12:08:37 +10:00
90fdfaf69c
- deraadt@cvs.openbsd.org 2006/03/25 18:30:55
...
[clientloop.c serverloop.c]
spacing
2006-03-26 14:25:37 +11:00
57c30117c1
- djm@cvs.openbsd.org 2006/03/25 13:17:03
...
[atomicio.c auth-bsdauth.c auth-chall.c auth-options.c auth-passwd.c]
[auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth-skey.c auth.c auth1.c]
[auth2-chall.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
[auth2-passwd.c auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c]
[buffer.c canohost.c channels.c cipher-3des1.c cipher-bf1.c]
[cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c compress.c]
[deattack.c dh.c dispatch.c fatal.c groupaccess.c hostfile.c kex.c]
[kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c]
[mac.c match.c md-sha256.c misc.c monitor.c monitor_fdpass.c]
[monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c progressmeter.c]
[readconf.c readpass.c rsa.c scard.c scp.c servconf.c serverloop.c]
[session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c]
[sftp.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
[ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
[sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
[uidswap.c uuencode.c xmalloc.c]
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that
Theo nuked - our scripts to sync -portable need them in the files
2006-03-26 14:24:48 +11:00
07d86bec5e
- djm@cvs.openbsd.org 2006/03/25 00:05:41
...
[auth-bsdauth.c auth-skey.c auth.c auth2-chall.c channels.c]
[clientloop.c deattack.c gss-genr.c kex.c key.c misc.c moduli.c]
[monitor.c monitor_wrap.c packet.c scard.c sftp-server.c ssh-agent.c]
[ssh-keyscan.c ssh.c sshconnect.c sshconnect2.c sshd.c uuencode.c]
[xmalloc.c xmalloc.h]
introduce xcalloc() and xasprintf() failure-checked allocations
functions and use them throughout openssh
xcalloc is particularly important because malloc(nmemb * size) is a
dangerous idiom (subject to integer overflow) and it is time for it
to die
feedback and ok deraadt@
2006-03-26 14:19:21 +11:00
71a7367130
- deraadt@cvs.openbsd.org 2006/03/20 18:14:02
...
[channels.c clientloop.c monitor_wrap.c monitor_wrap.h serverloop.c]
[ssh.c sshpty.c sshpty.h]
sprinkle u_int throughout pty subsystem, ok markus
2006-03-26 14:04:36 +11:00
f0b15dfc52
- deraadt@cvs.openbsd.org 2006/03/19 18:56:41
...
[clientloop.c progressmeter.c serverloop.c sshd.c]
ARGSUSED for signal handlers
2006-03-26 13:59:20 +11:00
b0fb6872ed
- deraadt@cvs.openbsd.org 2006/03/19 18:51:18
...
[atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c]
[auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c]
[auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c]
[auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c]
[auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c]
[canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c]
[cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
[compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c]
[groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c]
[kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c]
[loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c]
[monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c]
[nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c]
[scard.c scp.c servconf.c serverloop.c session.c sftp-client.c]
[sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c]
[ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
[ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
[sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
[uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c]
[openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c]
[openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c]
[openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c]
[openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c]
RCSID() can die
2006-03-26 00:03:21 +11:00
6645e7a70d
- (djm) [auth-pam.c clientloop.c includes.h monitor.c session.c]
...
[sftp-client.c ssh-keysign.c ssh.c sshconnect.c sshconnect2.c]
[sshd.c openbsd-compat/bsd-misc.c openbsd-compat/bsd-openpty.c]
[openbsd-compat/glob.c openbsd-compat/mktemp.c]
[openbsd-compat/readpassphrase.c] Lots of include fixes for
OpenSolaris
2006-03-15 14:42:54 +11:00
c7b06369a8
- stevesk@cvs.openbsd.org 2006/02/22 00:04:45
...
[canohost.c clientloop.c includes.h match.c readconf.c scp.c ssh.c]
[sshconnect.c]
move #include <ctype.h> out of includes.h; ok djm@
2006-03-15 11:53:45 +11:00
6ff3caddb6
oops, this commit is really:
...
- stevesk@cvs.openbsd.org 2006/02/20 17:02:44
[clientloop.c includes.h monitor.c progressmeter.c scp.c]
[serverloop.c session.c sftp.c ssh-agent.c ssh.c sshd.c]
move #include <signal.h> out of includes.h; ok markus@
the previous was:
- stevesk@cvs.openbsd.org 2006/02/20 17:19:54
[auth-rhosts.c auth-rsa.c auth.c auth2-none.c auth2-pubkey.c]
[authfile.c clientloop.c includes.h readconf.c scp.c session.c]
[sftp-client.c sftp-common.c sftp-common.h sftp-glob.c]
[sftp-server.c sftp.c ssh-add.c ssh-keygen.c ssh.c sshconnect.c]
[sshconnect2.c sshd.c sshpty.c]
move #include <sys/stat.h> out of includes.h; ok markus@
2006-03-15 11:52:09 +11:00
f17883e6a0
- stevesk@cvs.openbsd.org 2006/02/20 17:02:44
...
[clientloop.c includes.h monitor.c progressmeter.c scp.c]
[serverloop.c session.c sftp.c ssh-agent.c ssh.c sshd.c]
move #include <signal.h> out of includes.h; ok markus@
2006-03-15 11:45:54 +11:00
17e91c0fb0
- stevesk@cvs.openbsd.org 2006/02/10 00:27:13
...
[channels.c clientloop.c includes.h misc.c progressmeter.c sftp.c]
[ssh.c sshd.c sshpty.c]
move #include <sys/ioctl.h> out of includes.h; ok markus@
2006-03-15 11:28:34 +11:00
03e2003a23
- stevesk@cvs.openbsd.org 2006/02/08 12:15:27
...
[auth.c clientloop.c includes.h misc.c monitor.c readpass.c]
[session.c sftp.c ssh-agent.c ssh-keysign.c ssh.c sshconnect.c]
[sshd.c sshpty.c]
move #include <paths.h> out of includes.h; ok markus@
2006-03-15 11:16:59 +11:00
99bd21e3fe
- stevesk@cvs.openbsd.org 2006/02/07 01:42:00
...
[channels.c clientloop.c clientloop.h includes.h packet.h]
[serverloop.c sshpty.c sshpty.h sshtty.c ttymodes.c]
move #include <termios.h> out of includes.h; ok markus@
2006-03-15 11:11:28 +11:00
077b23864f
- reyk@cvs.openbsd.org 2005/12/30 15:56:37
...
[channels.c channels.h clientloop.c]
add channel output filter interface.
ok djm@, suggested by markus@
2005-12-31 16:22:32 +11:00
5eb137c6d1
- (djm) OpenBSD CVS Sync
...
- stevesk@cvs.openbsd.org 2005/12/28 22:46:06
[canohost.c channels.c clientloop.c]
use 'break-in' for consistency; ok deraadt@ ok and input jmc@
2005-12-31 16:19:53 +11:00
aeb31d6120
- djm@cvs.openbsd.org 2005/12/07 03:52:22
...
[clientloop.c]
reyk forgot to compile with -Werror (missing header)
2005-12-13 19:29:36 +11:00
d27b947178
- reyk@cvs.openbsd.org 2005/12/06 22:38:28
...
[auth-options.c auth-options.h channels.c channels.h clientloop.c]
[misc.c misc.h readconf.c readconf.h scp.c servconf.c servconf.h]
[serverloop.c sftp.c ssh.1 ssh.c ssh_config ssh_config.5 sshconnect.c]
[sshconnect.h sshd.8 sshd_config sshd_config.5]
Add support for tun(4) forwarding over OpenSSH, based on an idea and
initial channel code bits by markus@. This is a simple and easy way to
use OpenSSH for ad hoc virtual private network connections, e.g.
administrative tunnels or secure wireless access. It's based on a new
ssh channel and works similar to the existing TCP forwarding support,
except that it depends on the tun(4) network interface on both ends of
the connection for layer 2 or layer 3 tunneling. This diff also adds
support for LocalCommand in the ssh(1) client.
ok djm@, markus@, jmc@ (manpages), tested and discussed with others
2005-12-13 19:29:02 +11:00
788f212aed
- djm@cvs.openbsd.org 2005/10/30 08:52:18
...
[clientloop.c packet.c serverloop.c session.c ssh-agent.c ssh-keygen.c]
[ssh.c sshconnect.c sshconnect1.c sshd.c]
no need to escape single quotes in comments, no binary change
2005-11-05 15:14:59 +11:00
0a0176e9f3
- stevesk@cvs.openbsd.org 2005/10/14 02:29:37
...
[channels.c clientloop.c]
free()->xfree(); ok djm@
2005-11-05 15:07:59 +11:00
39eda6eb6a
- djm@cvs.openbsd.org 2005/10/10 10:23:08
...
[channels.c channels.h clientloop.c serverloop.c session.c]
fix regression I introduced in 4.2: X11 forwardings initiated after
a session has exited (e.g. "(sleep 5; xterm) &") would not start.
bz #1086 reported by t8m AT centrum.cz; ok markus@ dtucker@
2005-11-05 14:52:50 +11:00
d89dbf29ff
- markus@cvs.openbsd.org 2005/09/09 19:18:05
...
[clientloop.c]
typo; from mark at mcs.vuw.ac.nz, bug #1082
2005-10-03 18:05:26 +10:00
46d38de48b
- djm@cvs.openbsd.org 2005/07/16 01:35:24
...
[auth1.c channels.c cipher.c clientloop.c kex.c session.c ssh.c]
[sshconnect.c]
spacing
2005-07-17 17:02:09 +10:00
1339002e8b
- djm@cvs.openbsd.org 2005/07/04 00:58:43
...
[channels.c clientloop.c clientloop.h misc.c misc.h ssh.c ssh_config.5]
implement support for X11 and agent forwarding over multiplex slave
connections. Because of protocol limitations, the slave connections inherit
the master's DISPLAY and SSH_AUTH_SOCK rather than distinctly forwarding
their own.
ok dtucker@ "put it in" deraadt@
2005-07-06 09:44:19 +10:00
eccb9de72a
- djm@cvs.openbsd.org 2005/06/17 02:44:33
...
[auth-rsa.c auth.c auth1.c auth2-chall.c auth2-gss.c authfd.c authfile.c]
[bufaux.c canohost.c channels.c cipher.c clientloop.c dns.c gss-serv.c]
[kex.c kex.h key.c mac.c match.c misc.c packet.c packet.h scp.c]
[servconf.c session.c session.h sftp-client.c sftp-server.c sftp.c]
[ssh-keyscan.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c sshd.c]
make this -Wsign-compare clean; ok avsm@ markus@
NB. auth1.c changes not committed yet (conflicts with uncommitted sync)
NB2. more work may be needed to make portable Wsign-compare clean
2005-06-17 12:59:34 +10:00
17e7ed0e75
- (djm) OpenBSD CVS Sync
...
- djm@cvs.openbsd.org 2005/06/16 03:38:36
[channels.c channels.h clientloop.c clientloop.h ssh.c]
move x11_get_proto from ssh.c to clientloop.c, to make muliplexed xfwd
easier later; ok deraadt@
2005-06-17 12:54:33 +10:00
d14b1e731c
- djm@cvs.openbsd.org 2005/06/08 11:25:09
...
[clientloop.c readconf.c readconf.h ssh.c ssh_config.5]
add ControlMaster=auto/autoask options to support opportunistic
multiplexing; tested avsm@ and jakob@, ok markus@
2005-06-16 13:19:41 +10:00
47eede77ed
- deraadt@cvs.openbsd.org 2005/03/10 22:01:05
...
[misc.c ssh-keygen.c servconf.c clientloop.c auth-options.c ssh-add.c
monitor.c sftp-client.c bufaux.h hostfile.c ssh.c sshconnect.c channels.c
readconf.c bufaux.c sftp.c]
spacing
2005-03-14 23:08:12 +11:00
f91ee4c3de
- djm@cvs.openbsd.org 2005/03/01 10:09:52
...
[auth-options.c channels.c channels.h clientloop.c compat.c compat.h]
[misc.c misc.h readconf.c readconf.h servconf.c ssh.1 ssh.c ssh_config.5]
[sshd_config.5]
bz#413: allow optional specification of bind address for port forwardings.
Patch originally by Dan Astorian, but worked on by several people
Adds GatewayPorts=clientspecified option on server to allow remote
forwards to bind to client-specified ports.
2005-03-01 21:24:33 +11:00
7ebfc10884
- djm@cvs.openbsd.org 2004/11/07 00:01:46
...
[clientloop.c clientloop.h ssh.1 ssh.c]
add basic control of a running multiplex master connection; including the
ability to check its status and request it to exit; ok markus@
2004-11-07 20:06:19 +11:00
ce327b62ac
- djm@cvs.openbsd.org 2004/10/29 22:53:56
...
[clientloop.c misc.h readpass.c ssh-agent.c]
factor out common permission-asking code to separate function; ok markus@
2004-11-05 20:38:03 +11:00
5d78de6283
- djm@cvs.openbsd.org 2004/10/29 21:47:15
...
[channels.c channels.h clientloop.c]
fix some window size change bugs for multiplexed connections: windows sizes
were not being updated if they had changed after ~^Z suspends and SIGWINCH
was not being processed unless the first connection had requested a tty;
ok markus
2004-11-05 20:35:44 +11:00
07336dae94
- djm@cvs.openbsd.org 2004/09/07 23:41:30
...
[clientloop.c ssh.c]
cleanup multiplex control socket on SIGHUP too, spotted by sturm@
ok markus@ deraadt@
2004-11-05 20:02:16 +11:00
c7a6fc41bf
- avsm@cvs.openbsd.org 2004/08/11 21:43:05
...
[channels.c channels.h clientloop.c misc.c misc.h serverloop.c ssh-agent.c]
some signed/unsigned int comparison cleanups; markus@ ok
2004-08-13 21:18:00 +10:00
fc9597034b
- deraadt@cvs.openbsd.org 2004/07/11 17:48:47
...
[channels.c cipher.c clientloop.c clientloop.h compat.h moduli.c
readconf.c nchan.c pathnames.h progressmeter.c readconf.h servconf.c
session.c sftp-client.c sftp.c ssh-agent.1 ssh-keygen.c ssh.c ssh1.h
sshd.c ttymodes.h]
spaces
2004-07-17 16:12:08 +10:00
3bbd878c2e
- djm@cvs.openbsd.org 2004/06/18 11:11:54
...
[channels.c clientloop.c]
Don't explode in clientloop when we receive a bogus channel id, but
also don't generate them to begin with; ok markus@
2004-06-18 22:23:22 +10:00
23f0770a1b
- djm@cvs.openbsd.org 2004/06/17 15:10:14
...
[clientloop.c misc.h readconf.c readpass.c ssh.c ssh_config.5]
Add option for confirmation (ControlMaster=ask) via ssh-askpass before
opening shared connections; ok markus@
2004-06-18 01:19:03 +10:00
3756dcee24
- (djm) OpenBSD CVS Sync
...
- djm@cvs.openbsd.org 2004/06/17 14:52:48
[clientloop.c clientloop.h ssh.c]
support environment passing over shared connections; ok markus@
2004-06-18 01:17:29 +10:00
03e66f650c
- djm@cvs.openbsd.org 2004/06/15 05:45:04
...
[clientloop.c]
missed one unset_nonblock; spotted by Tim Rice
2004-06-15 15:47:51 +10:00
232711f6db
- djm@cvs.openbsd.org 2004/06/14 01:44:39
...
[channels.c clientloop.c misc.c misc.h packet.c ssh-agent.c ssh-keyscan.c]
[sshd.c]
set_nonblock() instead of fnctl(...,O_NONBLOCK); "looks sane" deraadt@
2004-06-15 10:35:30 +10:00
0e220dbfbc
- djm@cvs.openbsd.org 2004/06/13 15:03:02
...
[channels.c channels.h clientloop.c clientloop.h includes.h readconf.c]
[readconf.h scp.1 sftp.1 ssh.1 ssh.c ssh_config.5]
implement session multiplexing in the client (the server has supported
this since 2.0); ok markus@
2004-06-15 10:34:08 +10:00
1973c88898
- djm@cvs.openbsd.org 2004/05/22 06:32:12
...
[clientloop.c ssh.1]
use '-h' for help in ~C commandline instead of '-?'; inspired by jmc@
2004-05-24 10:34:36 +10:00
e7066dfde3
- djm@cvs.openbsd.org 2004/05/21 11:33:11
...
[channels.c channels.h clientloop.c serverloop.c ssh.1]
bz #756 : add support for the cancel-tcpip-forward request for the server and
the client (through the ~C commandline). reported by z3p AT twistedmatrix.com;
ok markus@
2004-05-24 10:18:05 +10:00
e167582947
- dtucker@cvs.openbsd.org 2004/05/20 10:58:05
...
[clientloop.c]
Trivial type fix 0 -> '\0'; ok markus@
2004-05-24 10:13:07 +10:00
e608ca2965
- djm@cvs.openbsd.org 2004/05/08 00:21:31
...
[clientloop.c misc.h readpass.c scard.c ssh-add.c ssh-agent.c ssh-keygen.c
sshconnect.c sshconnect1.c sshconnect2.c] removed: readpass.h
kill a tiny header; ok deraadt@
2004-05-13 16:15:47 +10:00
06f2bd8bde
- deraadt@cvs.openbsd.org 2004/05/08 00:01:37
...
[auth.c clientloop.c misc.h servconf.c ssh.c sshpty.h sshtty.c
tildexpand.c], removed: sshtty.h tildexpand.h
make two tiny header files go away; djm ok
2004-05-13 16:06:46 +10:00
509b0107f0
- markus@cvs.openbsd.org 2003/12/16 15:49:51
...
[clientloop.c clientloop.h readconf.c readconf.h scp.1 sftp.1 ssh.1]
[ssh.c ssh_config.5]
application layer keep alive (ServerAliveInterval ServerAliveCountMax)
for ssh(1), similar to the sshd(8) option; ok beck@; with help from
jmc and dtucker@
2003-12-17 16:33:10 +11:00
d696551443
- dtucker@cvs.openbsd.org 2003/12/09 23:45:32
...
[clientloop.c]
Clear exit code when ssh -N is terminated with a SIGTERM. ok markus@
2003-12-17 16:31:53 +11:00
5dcdd219fb
- markus@cvs.openbsd.org 2003/09/23 20:41:11
...
[channels.c channels.h clientloop.c]
move client only agent code to clientloop.c
2003-10-02 16:17:00 +10:00
3e33cecf71
- markus@cvs.openbsd.org 2003/09/23 20:17:11
...
[Makefile.in auth1.c auth2.c auth.c auth.h auth-krb5.c canohost.c
cleanup.c clientloop.c fatal.c gss-serv.c log.c log.h monitor.c monitor.h
monitor_wrap.c monitor_wrap.h packet.c serverloop.c session.c session.h
ssh-agent.c sshd.c]
replace fatal_cleanup() and linked list of fatal callbacks with static
cleanup_exit() function. re-refine cleanup_exit() where appropriate,
allocate sshd's authctxt eary to allow simpler cleanup in sshd.
tested by many, ok deraadt@
2003-10-02 16:12:36 +10:00
9a2c4cddad
- markus@cvs.openbsd.org 2003/09/19 17:43:35
...
[clientloop.c sshtty.c sshtty.h]
remove fatal callbacks from client code; ok deraadt
2003-09-22 21:16:05 +10:00
9f63f22aa0
- deraadt@cvs.openbsd.org 2003/06/28 16:23:06
...
[atomicio.c atomicio.h authfd.c clientloop.c monitor_wrap.c msg.c
progressmeter.c scp.c sftp-client.c ssh-keyscan.c ssh.h sshconnect.c
sshd.c]
deal with typing of write vs read in atomicio
2003-07-03 13:46:56 +10:00
54c459866e
- markus@cvs.openbsd.org 2003/05/14 22:24:42
...
[clientloop.c session.c ssh.1]
allow to send a BREAK to the remote system; ok various
2003-05-15 10:20:13 +10:00
b1ca8bb159
- markus@cvs.openbsd.org 2003/05/11 20:30:25
...
[channels.c clientloop.c serverloop.c session.c ssh.c]
make channel_new() strdup the 'remote_name' (not the caller); ok theo
2003-05-14 13:45:42 +10:00
d558092522
- (djm) RCSID sync w/ OpenBSD
2003-05-14 13:40:06 +10:00
996acd2476
*** empty log message ***
2003-04-09 20:59:48 +10:00
a5539d2698
- (djm) OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2003/04/02 09:48:07
[clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c]
[readconf.h serverloop.c sshconnect2.c]
reapply rekeying chage, tested by henning@, ok djm@
2003-04-09 20:50:06 +10:00
2dc074ef4b
- markus@cvs.openbsd.org 2003/04/01 10:10:23
...
[clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c]
[readconf.h serverloop.c sshconnect2.c]
rekeying bugfixes and automatic rekeying:
* both client and server rekey _automatically_
(a) after 2^31 packets, because after 2^32 packets
the sequence number for packets wraps
(b) after 2^(blocksize_in_bits/4) blocks
(see: draft-ietf-secsh-newmodes-00.txt)
(a) and (b) are _enabled_ by default, and only disabled for known
openssh versions, that don't support rekeying properly.
* client option 'RekeyLimit'
* do not reply to requests during rekeying
- markus@cvs.openbsd.org 2003/04/01 10:22:21
[clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c]
[readconf.h serverloop.c sshconnect2.c]
backout rekeying changes (for 3.6.1)
2003-04-01 21:43:39 +10:00
f49dbff61d
- markus@cvs.openbsd.org 2002/11/18 16:43:44
...
[clientloop.c]
don't overwrite SIG{INT,QUIT,TERM} handler if set to SIG_IGN;
e.g. if ssh is used for backup; report Joerg Schilling; ok millert@
2002-12-23 02:01:55 +00:00
066928648b
- stevesk@cvs.openbsd.org 2002/08/22 19:38:42
...
[clientloop.c]
format with current EscapeChar; bugzilla #388 from wknox@mitre.org .
ok markus@
2002-09-04 16:32:10 +10:00
a962c2fb35
- deraadt@cvs.openbsd.org 2002/06/30 21:59:45
...
[auth-bsdauth.c auth-skey.c auth2-chall.c clientloop.c key.c
monitor_wrap.c monitor_wrap.h scard.h session.h sftp-glob.c ssh.c
sshconnect2.c sshd.c]
minor KNF
2002-07-04 00:14:17 +00:00
4fed2be856
- markus@cvs.openbsd.org 2002/06/24 14:33:27
...
[channels.c channels.h clientloop.c serverloop.c]
move channel counter to u_int
2002-06-25 23:17:36 +00:00
05efee1092
- (bal) RCSID tag updates on channels.c, clientloop.c, nchan.c,
...
sftp-client.c, ssh-agenet.c, ssh-keygen.c and connect.h (we did unexpand
independant of them)
2002-06-09 20:20:58 +00:00
5a6abdae0f
unexpand
2002-06-09 19:41:48 +00:00
2797f7f03a
- markus@cvs.openbsd.org 2002/04/22 21:04:52
...
[channels.c clientloop.c clientloop.h ssh.c]
request reply (success/failure) for -R style fwd in protocol v2,
depends on ordered replies.
fixes http://bugzilla.mindrot.org/show_bug.cgi?id=215 ; ok provos@
2002-04-23 21:09:44 +10:00
681d932634
- markus@cvs.openbsd.org 2002/03/21 23:07:37
...
[clientloop.c]
remove unused, sync w/ cmdline patch in my tree.
2002-03-22 03:53:00 +00:00
eda98a728d
- markus@cvs.openbsd.org 2002/03/21 16:58:13
...
[clientloop.c]
remove unused
2002-03-22 03:35:48 +00:00
5589f4b55f
- jakob@cvs.openbsd.org 2002/03/21 15:17:26
...
[clientloop.c ssh.1]
add built-in command line for adding new port forwardings on the fly.
based on a patch from brian wellington. ok markus@.
2002-03-22 03:24:32 +00:00
699d003e3a
- markus@cvs.openbsd.org 2002/02/06 14:55:16
...
[channels.c clientloop.c serverloop.c ssh.c]
channel_new never returns NULL, mouring@; ok djm@
2002-02-08 22:07:16 +11:00
c3fa407073
- markus@cvs.openbsd.org 2002/01/10 11:24:04
...
[clientloop.c]
handle SSH2_MSG_GLOBAL_REQUEST (just reply with failure); ok djm@
2002-01-22 23:21:58 +11:00
630d6f4479
- markus@cvs.openbsd.org 2001/12/28 15:06:00
...
[auth2.c auth2-chall.c channels.c channels.h clientloop.c dispatch.c dispatch.h kex.c kex.h serverloop.c ssh.c sshconnect2.c]
remove plen from the dispatch fn. it's no longer used.
2002-01-22 23:17:30 +11:00
48b03fc546
- markus@cvs.openbsd.org 2001/12/27 20:39:58
...
[auth1.c auth-rsa.c channels.c clientloop.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshd.c ttymodes.c]
get rid of packet_integrity_check, use packet_done() instead.
2002-01-22 23:11:40 +11:00
66823cddbe
- markus@cvs.openbsd.org 2001/12/27 20:39:58
...
[auth1.c auth-rsa.c channels.c clientloop.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshd.c ttymodes.c]
get rid of packet_integrity_check, use packet_done() instead.
2002-01-22 23:11:38 +11:00
278f907a2d
- djm@cvs.openbsd.org 2001/12/20 22:50:24
...
[auth2.c auth2-chall.c channels.c channels.h clientloop.c dispatch.c]
[dispatch.h kex.c kex.h packet.c packet.h serverloop.c ssh.c]
[sshconnect2.c]
Conformance fix: we should send failing packet sequence number when
responding with a SSH_MSG_UNIMPLEMENTED message. Spotted by
yakk@yakk.dot.net ; ok markus@
2001-12-21 15:00:19 +11:00
9f0f5c64bc
- deraadt@cvs.openbsd.org 2001/12/19 07:18:56
...
[auth1.c auth2.c auth2-chall.c auth-bsdauth.c auth.c authfile.c auth.h]
[auth-krb4.c auth-rhosts.c auth-skey.c bufaux.c canohost.c channels.c]
[cipher.c clientloop.c compat.c compress.c deattack.c key.c log.c mac.c]
[match.c misc.c nchan.c packet.c readconf.c rijndael.c rijndael.h scard.c]
[servconf.c servconf.h serverloop.c session.c sftp.c sftp-client.c]
[sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c]
[sshconnect1.c sshconnect2.c sshconnect.c sshd.8 sshd.c sshd_config]
[ssh-keygen.c sshlogin.c sshpty.c sshtty.c ttymodes.c uidswap.c]
basic KNF done while i was looking for something else
2001-12-21 14:45:46 +11:00
f8f065bc75
- itojun@cvs.openbsd.org 2001/12/05 03:50:01
...
[clientloop.c serverloop.c sshd.c]
deal with LP64 printf issue with sig_atomic_t. from thorpej
2001-12-06 17:52:16 +00:00
5e71c54b8c
- markus@cvs.openbsd.org 2001/11/22 12:34:22
...
[clientloop.c serverloop.c sshd.c]
volatile sig_atomic_t
2001-12-06 16:48:14 +00:00
79faeff2c1
- markus@cvs.openbsd.org 2001/11/09 18:59:23
...
[clientloop.c serverloop.c]
don't memset too much memory, ok millert@
original patch from jlk@kamens.brookline.ma.us via nalin@redhat.com
2001-11-12 11:06:32 +11:00
96507ef535
- markus@cvs.openbsd.org 2001/10/24 19:57:40
...
[clientloop.c]
make ~& (backgrounding) work again for proto v1; add support ~& for v2, too
2001-11-12 10:52:25 +11:00
07cd5897f9
- markus@cvs.openbsd.org 2001/10/24 08:51:35
...
[clientloop.c ssh.c]
ignore SIGPIPE early, makes ssh work if agent dies, netbsd-pr via itojun@
2001-11-12 10:52:03 +11:00
164a7f42f9
- markus@cvs.openbsd.org 2001/10/11 15:24:00
...
[clientloop.c]
clear select masks if we return before calling select().
2001-10-12 11:36:09 +10:00
3ec2759ad4
- (djm) OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2001/10/10 22:18:47
[channels.c channels.h clientloop.c nchan.c serverloop.c]
[session.c session.h]
try to keep channels open until an exit-status message is sent.
don't kill the login shells if the shells stdin/out/err is closed.
this should now work:
ssh -2n localhost 'exec > /dev/null 2>&1; sleep 10; exit 5'; echo ?
2001-10-12 11:35:04 +10:00
944c4f0bda
- markus@cvs.openbsd.org 2001/09/17 20:52:47
...
[channels.c channels.h clientloop.c]
try to fix agent-forwarding-backconnection-bug, as seen on HPUX,
for example; with Lutz.Jaenicke@aet.TU-Cottbus.DE ,
2001-09-18 05:51:13 +00:00
16d29d57e8
- markus@cvs.openbsd.org 2001/07/17 21:04:58
...
[channels.c channels.h clientloop.c nchan.c serverloop.c]
keep track of both maxfd and the size of the malloc'ed fdsets.
update maxfd if maxfd gets closed.
2001-07-18 16:01:46 +00:00
173e646f7e
- stevesk@cvs.openbsd.org 2001/06/30 18:08:40
...
[channels.c channels.h clientloop.c]
adress -> address; ok markus@
2001-07-04 05:15:15 +00:00
db47f383e6
- stevesk@cvs.openbsd.org 2001/06/29 18:38:44
...
[clientloop.c]
sync function definition with declaration; ok markus@
2001-07-04 05:10:27 +00:00
4469723325
- markus@cvs.openbsd.org 2001/06/25 08:25:41
...
[channels.c channels.h cipher.c clientloop.c compat.c compat.h
hostfile.c kex.c kex.h key.c key.h nchan.c packet.c serverloop.c
session.c session.h sftp-server.c ssh-add.c ssh-agent.c uuencode.h]
update copyright for 2001
2001-07-04 03:32:30 +00:00
bba81213b9
- itojun@cvs.openbsd.org 2001/06/23 15:12:20
...
[auth1.c auth2.c auth2-chall.c authfd.c authfile.c auth-rhosts.c
canohost.c channels.c cipher.c clientloop.c deattack.c dh.c
hostfile.c kex.c kexdh.c kexgex.c key.c nchan.c packet.c radix.c
readpass.c scp.c servconf.c serverloop.c session.c sftp.c
sftp-client.c sftp-glob.c sftp-int.c sftp-server.c ssh-add.c
ssh-agent.c ssh.c sshconnect1.c sshconnect2.c sshconnect.c sshd.c
ssh-keygen.c ssh-keyscan.c]
more strict prototypes. raise warning level in Makefile.inc.
markus ok'ed
TODO; cleanup headers
2001-06-25 05:01:22 +00:00
601e43638e
- markus@cvs.openbsd.org 2001/06/20 13:56:39
...
[channels.c channels.h clientloop.c packet.c serverloop.c]
move from channel_stop_listening to channel_free_all,
call channel_free_all before calling waitpid() in serverloop.
fixes the utmp handling; report from Lutz.Jaenicke@aet.TU-Cottbus.DE
2001-06-21 03:19:23 +00:00
ec46e0b5fd
- markus@cvs.openbsd.org 2001/06/04 23:07:21
...
[clientloop.c serverloop.c sshd.c]
set flags in the signal handlers, do real work in the main loop,
ok provos@
2001-06-09 01:27:31 +00:00
c763767f18
[NOTE: Next patch will sync nchan.c, channels.c and channels.h and all this
...
pain will be over.]
- markus@cvs.openbsd.org 2001/05/31 10:30:17
[auth-options.c auth2.c channels.c channels.h clientloop.c nchan.c
packet.c serverloop.c session.c ssh.c]
undo the .c file split, just merge the header and keep the cvs
history
2001-06-09 00:36:26 +00:00
e6455aee8f
[NOTE: File split is was not done in Portabl Tree]
...
- markus@cvs.openbsd.org 2001/05/30 12:55:13
[auth-options.c auth2.c channels.c channels.h clientloop.c nchan.c
packet.c serverloop.c session.c ssh.c ssh1.h]
channel layer cleanup: merge header files and split .c files
2001-06-09 00:17:10 +00:00
2b1f71baee
- stevesk@cvs.openbsd.org 2001/05/24 18:57:53
...
[clientloop.c readconf.c ssh.c ssh.h]
don't perform escape processing when ``EscapeChar none''; ok markus@
2001-06-05 20:32:21 +00:00
c8b3f47676
- markus@cvs.openbsd.org 2001/05/16 21:53:53
...
[clientloop.c]
check for open sessions before we call select(); fixes the x11 client
bug reported by bowman@math.ualberta.ca
2001-05-17 03:19:40 +00:00
c93e84c2ce
- markus@cvs.openbsd.org 2001/05/11 14:59:56
...
[clientloop.c misc.c misc.h]
add unset_nonblock for stdout/err flushing in client_loop().
2001-05-12 00:08:37 +00:00
a69d89bb45
I have no clue how this file was mised.. <frown>
...
- markus@cvs.openbsd.org 2001/05/08 19:17:31
[channels.c serverloop.c clientloop.c]
adds correct error reporting to async connect()s
fixes the server-discards-data-before-connected-bug found by
onoe@sm.sony.co.jp
2001-05-09 00:01:18 +00:00
23fedf5e49
- markus@cvs.openbsd.org 2001/05/06 21:45:14
...
[clientloop.c]
use atomicio for flushing stdout/stderr bufs. thanks to
jbw@izanami.cee.hw.ac.uk
2001-05-08 23:58:37 +00:00
99c73b377a
- markus@cvs.openbsd.org 2001/05/04 23:47:34
...
[channels.c channels.h clientloop.c nchan.c nchan.h serverloop.c ssh.c]
move to Channel **channels (instead of Channel *channels), fixes realloc
problems. channel_new now returns a Channel *, favour Channel * over
channel id. remove old channel_allocate interface.
2001-05-05 04:09:47 +00:00
f343674d5e
- markus@cvs.openbsd.org 2001/04/29 19:16:52
...
[channels.c clientloop.c compat.c compat.h serverloop.c]
more ssh.com-2.0.x bug-compat; from per@appgate.com
2001-04-29 19:52:00 +00:00
9ffdcb5478
- djm@cvs.openbsd.org 2001/04/20 07:17:51
...
[clientloop.c ssh.1]
Split out and improve escape character documentation, mention ~R in
~? help text; ok markus@
2001-04-20 12:50:51 +00:00
4c8cff14dd
- markus@cvs.openbsd.org 2001/04/17 09:52:48
...
[clientloop.c]
handle EINTR/EAGAIN on read; ok deraadt@
2001-04-17 18:09:42 +00:00
302ea6f2f9
- markus@cvs.openbsd.org 2001/04/15 17:16:00
...
[clientloop.c]
set stdin/out/err to nonblocking in SSH proto 1, too. suggested by ho@
should fix some of the blocking problems for rsync over SSH-1
2001-04-16 02:01:25 +00:00
ae8e2d30db
- stevesk@cvs.openbsd.org 2001/04/14 16:33:20
...
[clientloop.c packet.h session.c ssh.c ttymodes.c ttymodes.h]
protocol 2 tty modes support; ok markus@
2001-04-14 23:13:02 +00:00
d344763643
- markus@cvs.openbsd.org 2001/04/08 11:27:33
...
[clientloop.c]
leave_raw_mode if ssh2 "session" is closed
2001-04-08 18:07:22 +00:00
4c3f77dd3b
- markus@cvs.openbsd.org 2001/04/05 21:05:24
...
[clientloop.c ssh.c]
don't request a session for 'ssh -N', pointed out slade@shore.net
2001-04-05 23:37:36 +00:00
11bd89936d
- markus@cvs.openbsd.org 2001/04/05 20:01:10
...
[clientloop.c]
for ~R print message if server does not support rekeying. (and fix ~R).
2001-04-05 23:34:29 +00:00
a8baf36d41
- markus@cvs.openbsd.org 2001/04/05 11:09:17
...
[clientloop.c compat.c compat.h]
add SSH_BUG_NOREKEY and detect broken (=all old) openssh versions.
2001-04-05 23:28:36 +00:00
a3700050ec
- markus@cvs.openbsd.org 2001/04/05 10:42:57
...
[auth-chall.c authfd.c channels.c clientloop.c kex.c kexgex.c key.c
mac.c packet.c serverloop.c sftp-client.c sftp-client.h sftp-glob.c
sftp-glob.h sftp-int.c sftp-server.c sftp.c ssh-keygen.c sshconnect.c
sshconnect2.c sshd.c]
fix whitespace: unexpand + trailing spaces.
2001-04-05 23:26:32 +00:00
be2cc43c3a
- markus@cvs.openbsd.org 2001/04/04 20:25:38
...
[channels.c channels.h clientloop.c kex.c kex.h serverloop.c
sshconnect2.c sshd.c]
more robust rekeying
don't send channel data after rekeying is started.
2001-04-04 23:46:07 +00:00
8ac9106c3d
- markus@cvs.openbsd.org 2001/04/04 14:34:58
...
[clientloop.c kex.c kex.h serverloop.c sshconnect2.c sshd.c]
enable server side rekeying + some rekey related clientup.
todo: we should not send any non-KEX messages after we send KEXINIT
2001-04-04 17:57:54 +00:00
f28f634a3a
- markus@cvs.openbsd.org 2001/04/04 00:06:54
...
[clientloop.c sshconnect2.c]
enable client rekeying
(1) force rekeying with ~R, or
(2) if the server requests rekeying.
works against ssh-2.0.12/2.0.13/2.1.0/2.2.0/2.3.0/2.3.1/2.4.0
2001-04-04 02:03:04 +00:00
ebc882757b
- millert@cvs.openbsd.org 2001/03/06 01:08:27
...
[clientloop.c]
If read() fails with EINTR deal with it the same way we treat EAGAIN
2001-03-06 03:34:40 +00:00
e9613cf16d
- markus@cvs.openbsd.org 2001/02/28 08:45:39
...
[clientloop.c]
fix byte counts for ssh protocol v1
2001-03-05 06:14:02 +00:00
f9452513fc
- deraadt@cvs.openbsd.org 2001/02/12 22:56:09
...
[clientloop.c packet.c ssh-keyscan.c]
deal with EAGAIN/EINTR selects which were skipped
2001-02-15 03:12:08 +00:00
31ca54aa86
- itojun@cvs.openbsd.org 2001/02/08 19:30:52
...
sync with netbsd tree changes.
- more strict prototypes, include necessary headers
- use paths.h/pathnames.h decls
- size_t typecase to int -> u_long
2001-02-09 02:11:24 +00:00
5b82832222
- markus@cvs.openbsd.org 2001/02/06 22:43:02
...
[clientloop.c]
remove confusing callback code
2001-02-09 01:34:36 +00:00
d83ff35d66
- (djm) OpenBSD CVS Sync:
...
- markus@cvs.openbsd.org 2001/01/29 12:42:35
[canohost.c canohost.h channels.c clientloop.c]
add get_peer_ipaddr(socket), x11-fwd in ssh2 requires ipaddr, not DNS
2001-01-30 09:19:34 +11:00
5e953217f1
- (djm) OpenBSD CVS Sync:
...
- markus@cvs.openbsd.org 2001/01/29 09:55:37
[channels.c channels.h clientloop.c serverloop.c]
fix select overflow; ok deraadt@ and stevesk@
2001-01-30 09:14:00 +11:00
226cfa0378
Hopefully things did not get mixed around too much. It compiles under
...
Linux and works. So that is at least a good sign. =)
20010122
- (bal) OpenBSD Resync
- markus@cvs.openbsd.org 2001/01/19 12:45:26 GMT 2001 by markus
[servconf.c ssh.h sshd.c]
only auth-chall.c needs #ifdef SKEY
- markus@cvs.openbsd.org 2001/01/19 15:55:10 GMT 2001 by markus
[auth-krb4.c auth-options.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c
auth1.c auth2.c channels.c clientloop.c dh.c dispatch.c nchan.c
packet.c pathname.h readconf.c scp.c servconf.c serverloop.c
session.c ssh-add.c ssh-keygen.c ssh-keyscan.c ssh.c ssh.h
ssh1.h sshconnect1.c sshd.c ttymodes.c]
move ssh1 definitions to ssh1.h, pathnames to pathnames.h
- markus@cvs.openbsd.org 2001/01/19 16:48:14
[sshd.8]
fix typo; from stevesk@
- markus@cvs.openbsd.org 2001/01/19 16:50:58
[ssh-dss.c]
clear and free digest, make consistent with other code (use dlen); from
stevesk@
- markus@cvs.openbsd.org 2001/01/20 15:55:20 GMT 2001 by markus
[auth-options.c auth-options.h auth-rsa.c auth2.c]
pass the filename to auth_parse_options()
- markus@cvs.openbsd.org 2001/01/20 17:59:40 GMT 2001
[readconf.c]
fix SIGSEGV from -o ""; problem noted by jehsom@togetherweb.com
- stevesk@cvs.openbsd.org 2001/01/20 18:20:29
[sshconnect2.c]
dh_new_group() does not return NULL. ok markus@
- markus@cvs.openbsd.org 2001/01/20 21:33:42
[ssh-add.c]
do not loop forever if askpass does not exist; from
andrew@pimlott.ne.mediaone.net
- djm@cvs.openbsd.org 2001/01/20 23:00:56
[servconf.c]
Check for NULL return from strdelim; ok markus
- djm@cvs.openbsd.org 2001/01/20 23:02:07
[readconf.c]
KNF; ok markus
- jakob@cvs.openbsd.org 2001/01/21 9:00:33
[ssh-keygen.1]
remove -R flag; ok markus@
- markus@cvs.openbsd.org 2001/01/21 19:05:40
[atomicio.c automicio.h auth-chall.c auth-krb4.c auth-options.c
auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c
auth.c auth.h auth1.c auth2-chall.c auth2.c authfd.c authfile.c
bufaux.c bufaux.h buffer.c canahost.c canahost.h channels.c
cipher.c cli.c clientloop.c clientloop.h compat.c compress.c
deattack.c dh.c dispatch.c groupaccess.c hmac.c hostfile.c kex.c
key.c key.h log-client.c log-server.c log.c log.h login.c login.h
match.c misc.c misc.h nchan.c packet.c pty.c radix.h readconf.c
readpass.c readpass.h rsa.c scp.c servconf.c serverloop.c serverloop.h
session.c sftp-server.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c
ssh-keyscan.c ssh-rsa.c ssh.c ssh.h sshconnect.c sshconnect.h
sshconnect1.c sshconnect2.c sshd.c tildexpand.c tildexpand.h
ttysmodes.c uidswap.c xmalloc.c]
split ssh.h and try to cleanup the #include mess. remove unnecessary
#includes. rename util.[ch] -> misc.[ch]
- (bal) renamed 'PIDDIR' to '_PATH_SSH_PIDDIR' to match OpenBSD tree
- (bal) Moved #ifdef KRB4 in auth-krb4.c above the #include to resolve
conflict when compiling for non-kerb install
- (bal) removed the #ifdef SKEY in auth1.c to match Markus' changes
on 1/19.
2001-01-22 05:34:40 +00:00
bf555ba621
NOTE: This update changes the RSA key generation. *NEW RSA KEYS
...
NEED TO BE GENERATED* =) Refer to to entry "2001/01/16 19:20:06"
for more details.
20010118
- (bal) Super Sized OpenBSD Resync
- markus@cvs.openbsd.org 2001/01/11 22:14:20 GMT 2001 by markus
[sshd.c]
maxfd+1
- markus@cvs.openbsd.org 2001/01/13 17:59:18
[ssh-keygen.1]
small ssh-keygen manpage cleanup; stevesk@pobox.com
- markus@cvs.openbsd.org 2001/01/13 18:03:07
[scp.c ssh-keygen.c sshd.c]
getopt() returns -1 not EOF; stevesk@pobox.com
- markus@cvs.openbsd.org 2001/01/13 18:06:54
[ssh-keyscan.c]
use SSH_DEFAULT_PORT; from stevesk@pobox.com
- markus@cvs.openbsd.org 2001/01/13 18:12:47
[ssh-keyscan.c]
free() -> xfree(); fix memory leak; from stevesk@pobox.com
- markus@cvs.openbsd.org 2001/01/13 18:14:13
[ssh-add.c]
typo, from stevesk@sweden.hp.com
- markus@cvs.openbsd.org 2001/01/13 18:32:50
[packet.c session.c ssh.c sshconnect.c sshd.c]
split out keepalive from packet_interactive (from dale@accentre.com )
set IPTOS_LOWDELAY TCP_NODELAY IPTOS_THROUGHPUT for ssh2, too.
- markus@cvs.openbsd.org 2001/01/13 18:36:45
[packet.c packet.h]
reorder, typo
- markus@cvs.openbsd.org 2001/01/13 18:38:00
[auth-options.c]
fix comment
- markus@cvs.openbsd.org 2001/01/13 18:43:31
[session.c]
Wall
- markus@cvs.openbsd.org 2001/01/13 19:14:08
[clientloop.h clientloop.c ssh.c]
move callback to headerfile
- markus@cvs.openbsd.org 2001/01/15 21:40:10
[ssh.c]
use log() instead of stderr
- markus@cvs.openbsd.org 2001/01/15 21:43:51
[dh.c]
use error() not stderr!
- markus@cvs.openbsd.org 2001/01/15 21:45:29
[sftp-server.c]
rename must fail if newpath exists, debug off by default
- markus@cvs.openbsd.org 2001/01/15 21:46:38
[sftp-server.c]
readable long listing for sftp-server, ok deraadt@
- markus@cvs.openbsd.org 2001/01/16 19:20:06
[key.c ssh-rsa.c]
make "ssh-rsa" key format for ssh2 confirm to the ietf-drafts; from
galb@vandyke.com . note that you have to delete older ssh2-rsa keys,
since they are in the wrong format, too. they must be removed from
.ssh/authorized_keys2 and .ssh/known_hosts2, etc.
(cd; grep -v ssh-rsa .ssh/authorized_keys2 > TMP && mv TMP
.ssh/authorized_keys2) additionally, we now check that
BN_num_bits(rsa->n) >= 768.
- markus@cvs.openbsd.org 2001/01/16 20:54:27
[sftp-server.c]
remove some statics. simpler handles; idea from nisse@lysator.liu.se
- deraadt@cvs.openbsd.org 2001/01/16 23:58:08
[bufaux.c radix.c sshconnect.h sshconnect1.c]
indent
- (bal) Added bsd-strmode.[ch] since some non-OpenBSD platforms may
be missing such feature.
2001-01-18 02:04:35 +00:00
46c162204b
One way to massive patch. <sigh> It compiles and works under Linux..
...
And I think I have all the bits right from the OpenBSD tree.
20001222
- Updated RCSID for pty.c
- (bal) OpenBSD CVS Updates:
- markus@cvs.openbsd.org 2000/12/21 15:10:16
[auth-rh-rsa.c hostfile.c hostfile.h sshconnect.c]
print keyfile:line for changed hostkeys, for deraadt@, ok deraadt@
- markus@cvs.openbsd.org 2000/12/20 19:26:56
[authfile.c]
allow ssh -i userkey for root
- markus@cvs.openbsd.org 2000/12/20 19:37:21
[authfd.c authfd.h kex.c sshconnect2.c sshd.c uidswap.c uidswap.h]
fix prototypes; from stevesk@pobox.com
- markus@cvs.openbsd.org 2000/12/20 19:32:08
[sshd.c]
init pointer to NULL; report from Jan.Ivan@cern.ch
- markus@cvs.openbsd.org 2000/12/19 23:17:54
[auth-krb4.c auth-options.c auth-options.h auth-rhosts.c auth-rsa.c
auth1.c auth2-skey.c auth2.c authfd.c authfd.h authfile.c bufaux.c
bufaux.h buffer.c canohost.c channels.c clientloop.c compress.c
crc32.c deattack.c getput.h hmac.c hmac.h hostfile.c kex.c kex.h
key.c key.h log.c login.c match.c match.h mpaux.c mpaux.h packet.c
packet.h radix.c readconf.c rsa.c scp.c servconf.c servconf.h
serverloop.c session.c sftp-server.c ssh-agent.c ssh-dss.c ssh-dss.h
ssh-keygen.c ssh-keyscan.c ssh-rsa.c ssh-rsa.h ssh.c ssh.h uuencode.c
uuencode.h sshconnect1.c sshconnect2.c sshd.c tildexpand.c]
replace 'unsigned bla' with 'u_bla' everywhere. also replace 'char
unsigned' with u_char.
2000-12-22 01:43:59 +00:00
7ad9710334
20001206
...
- (bal) OpenSSH CVS updates:
- markus@cvs.openbsd.org 2000/12/05 20:34:09
[channels.c channels.h clientloop.c serverloop.c]
async connects for -R/-L; ok deraadt@
- todd@cvs.openssh.org 2000/12/05 16:47:28
[sshd.c]
tweak comment to reflect real location of pid file; ok provos@
2000-12-06 01:42:49 +00:00
0bc1bd814e
- (djm) Merge OpenBSD changes:
...
- markus@cvs.openbsd.org 2000/11/06 16:04:56
[channels.c channels.h clientloop.c nchan.c serverloop.c]
[session.c ssh.c]
agent forwarding and -R for ssh2, based on work from
jhuuskon@messi.uku.fi
- markus@cvs.openbsd.org 2000/11/06 16:13:27
[ssh.c sshconnect.c sshd.c]
do not disabled rhosts(rsa) if server port > 1024; from
pekkas@netcore.fi
- markus@cvs.openbsd.org 2000/11/06 16:16:35
[sshconnect.c]
downgrade client to 1.3 if server is 1.4; help from mdb@juniper.net
- markus@cvs.openbsd.org 2000/11/09 18:04:40
[auth1.c]
typo; from mouring@pconline.com
- markus@cvs.openbsd.org 2000/11/12 12:03:28
[ssh-agent.c]
off-by-one when removing a key from the agent
- markus@cvs.openbsd.org 2000/11/12 12:50:39
[auth-rh-rsa.c auth2.c authfd.c authfd.h]
[authfile.c hostfile.c kex.c kex.h key.c key.h myproposal.h]
[readconf.c readconf.h rsa.c rsa.h servconf.c servconf.h ssh-add.c]
[ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh.1 ssh.c ssh_config]
[sshconnect1.c sshconnect2.c sshd.8 sshd.c sshd_config ssh-dss.c]
[ssh-dss.h ssh-rsa.c ssh-rsa.h dsa.c dsa.h]
add support for RSA to SSH2. please test.
there are now 3 types of keys: RSA1 is used by ssh-1 only,
RSA and DSA are used by SSH2.
you can use 'ssh-keygen -t rsa -f ssh2_rsa_file' to generate RSA
keys for SSH2 and use the RSA keys for hostkeys or for user keys.
SSH2 RSA or DSA keys are added to .ssh/authorised_keys2 as before.
- (djm) Fix up Makefile and Redhat init script to create RSA host keys
- (djm) Change to interim version
2000-11-13 22:57:25 +11:00
Damien Miller
Darren Tucker
Ben Lindstrom