| Age | Commit message (Collapse) | Author |
|---|
|
exactly the flags that ssh started with and don't just clobber them with
zero, as this could also remove the append flag from the set;
bz3523; ok dtucker@
OpenBSD-Commit-ID: 1336b03e881db7564a4b66014eb24c5230e9a0c0
|
|
This adds a sshd_config ChannelTimeouts directive that allows channels that
have not seen traffic in a configurable interval to be automatically closed.
Different timeouts may be applied to session, X11, agent and TCP forwarding
channels.
Note: this only affects channels over an opened SSH connection and not
the connection itself. Most clients close the connection when their channels
go away, with a notable exception being ssh(1) in multiplexing mode.
ok markus dtucker
OpenBSD-Commit-ID: ae8bba3ed9d9f95ff2e2dc8dcadfa36b48e6c0b8
|
|
This sets an "extended" channel type after channel creation (e.g.
"session:subsystem:sftp") that will be used for setting channel inactivity
timeouts.
ok markus dtucker
OpenBSD-Commit-ID: 42564aa92345045b4a74300528f960416a15d4ca
|
|
These are now used by sshd_config:ChannelTimeouts to specify timeouts by
channel type, so force them all to use a similar format without whitespace.
ok dtucker markus
OpenBSD-Commit-ID: 66834765bb4ae14f96d2bb981ac98a7dae361b65
|
|
This will forcibly close an open channel by simulating read/write errors,
draining the IO buffers and calling the detach function.
Previously the detach function was only ever called during channel garbage
collection, but there was no way to signal the user of a channel (e.g.
session.c) that its channel was being closed deliberately (vs. by the
usual state-machine logic). So this adds an extra "force" argument to the
channel cleanup callback to indicate this condition.
ok markus dtucker
OpenBSD-Commit-ID: 23052707a42bdc62fda2508636e624afd466324b
|
|
feedback markus / ok markus dtucker
OpenBSD-Commit-ID: c5ec4f2d52684cdb788cd9cbc1bcf89464014be2
|
|
permission_set_add are leaked as they are also duplicated in the call. Found
by CodeChecker. ok djm
OpenBSD-Commit-ID: 4aef50fa9be7c0b138188814c8fe3dccc196f61e
|
|
|
|
OpenBSD-Commit-ID: d16a307a0711499c971807f324484ed3a6036640
|
|
comment accordingly. As remote_name is not modified, it can be const as
well. From Martin Vahlensieck
OpenBSD-Commit-ID: e4e10dc8dc9f40c166ea5a8e991942bedc75a76a
|
|
OpenBSD-Commit-ID: 64940fffbd1b882eda2d7c8c7a43c79368309c0d
|
|
OPEN during SSH transport rekeying. The most visible benefit is that it
should make ~-escapes work in the client (e.g. to exit) if the connection
happened to have stalled during a rekey event. Based work by and ok dtucker@
OpenBSD-Commit-ID: a66e8f254e92edd4ce09c9f750883ec8f1ea5f45
|
|
avoids plausible spin during rekeying if channel io_want flags are reused
across cycles. ok markus@ deraadt@
OpenBSD-Commit-ID: 91034f855b7c73cd2591657c49ac30f10322b967
|
|
data in the channel buffer. Introduce more exact packing of channel fds into
the pollfd array. fixes bz3405 and bz3411; ok deraadt@ markus@
OpenBSD-Commit-ID: 06740737849c9047785622ad5d472cb6a3907d10
|
|
OpenBSD-Commit-ID: 2275eb7bc4707d019b1a0194b9c92c0b78da848f
|
|
by dtucker's minix3 vm :) ok dtucker@
OpenBSD-Commit-ID: 2e2c895a3e82ef347aa6694394a76a438be91361
|
|
|
|
buffer rather than into a stack buffer that needs to be copied again;
Improves performance by about 1% on cipher-speed.sh feedback dtucker@ ok
markus@
OpenBSD-Commit-ID: bf5e6e3c821ac3546dc8241d8a94e70d47716572
|
|
This portable-specific hack fixes a hang on exit for ttyful sessions
on Linux and some SysVish Unix variants. It was accidentally disabled
in commit 5c79952dfe1a (a precursor to the mainloop poll(2) conversion).
Spotted by John in bz3383
|
|
feedback & ok deraadt@ and markus@ has been in snaps for a few months
OpenBSD-Commit-ID: a77e16a667d5b194dcdb3b76308b8bba7fa7239c
|
|
select() to poll() by moving FD_SET construction out of channel handlers into
separate functions. ok markus
OpenBSD-Commit-ID: 937fbf2a4de12b19fb9d5168424e206124807027
|
|
OpenBSD-Commit-ID: bfc7ba74c22c928de2e257328b3f1274a3dfdf19
|
|
|
|
OK mfriedl@
OpenBSD-Commit-ID: 1aba1da828956cacaadb81a637338734697d9798
|
|
There's an extra error() call on the listen error path, it looks like
its removal was missed during an upstream sync.
|
|
Reduces diff vs OpenBSD by a small amount.
|
|
ssh(1) needs to set file descriptors to non-blocking mode to operate
but it was not restoring the original state on exit. This could cause
problems with fds shared with other programs via the shell, e.g.
> $ cat > test.sh << _EOF
> #!/bin/sh
> {
> ssh -Fnone -oLogLevel=verbose ::1 hostname
> cat /usr/share/dict/words
> } | sleep 10
> _EOF
> $ ./test.sh
> Authenticated to ::1 ([::1]:22).
> Transferred: sent 2352, received 2928 bytes, in 0.1 seconds
> Bytes per second: sent 44338.9, received 55197.4
> cat: stdout: Resource temporarily unavailable
This restores the blocking status for fds 0,1,2 (stdio) before ssh(1)
abandons/closes them.
This was reported as bz3280 and GHPR246; ok dtucker@
OpenBSD-Commit-ID: 8cc67346f05aa85a598bddf2383fcfcc3aae61ce
|
|
|
|
and bad indentation on continuation lines. Prompted by GHPR#185
OpenBSD-Commit-ID: e5c81f0cbdcc6144df1ce468ec1bac366d8ad6e9
|
|
with SOCKS ok djm@, dtucker@
OpenBSD-Commit-ID: 64fe7b6360acc4ea56aa61b66498b5ecc0a96a7c
|
|
purpose-built ssh->compat variable instead; feedback/ok markus@
OpenBSD-Commit-ID: 7c4f200e112dae6bcf99f5bae1a5629288378a06
|
|
__func__ and appending ssh_err(r) manually; ok markus@
OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8
|
|
when peer advertises a large window but is slow to consume the data we send
(e.g. because of a slow network)
reported by Pierre-Yves David
fix with & ok markus@
OpenBSD-Commit-ID: 1452771f5e5e768876d3bfe2544e3866d6ade216
|
|
type SSH_CHANNEL_MUX_LISTENER; Specifically SSH_CHANNEL_MUX_PROXY channels
should not have this structure freed.
OpenBSD-Commit-ID: f3b213ae60405f77439e2b06262f054760c9d325
|
|
simply freeing it here causes other problems
OpenBSD-Commit-ID: c6fee8ca94e2485faa783839541962be2834c5ed
|
|
via bz3189 ok dtucker
OpenBSD-Commit-ID: db249bd4526fd42d0f4f43f72f7b8b7705253bde
|
|
that had slipped in. ok deraadt markus djm.
OpenBSD-Commit-ID: f5be055554ee93e6cc66b0053b590bef3728dbd6
|
|
OpenBSD-Commit-ID: 612778e6d87ee865d0ba97d0a335f141cee1aa37
|
|
While freezero() returns early if the pointer is NULL the tests for
NULL in callers are left to avoid warnings about passing an
uninitialised size argument across a function boundry.
ok deraadt@ djm@
OpenBSD-Commit-ID: 2660fa334fcc7cd05ec74dd99cb036f9ade6384a
|
|
still confusing people, so add another comment explaining the special
handling of "localhost"; bz#3258
OpenBSD-Commit-ID: e6bf0f0fbf1c7092bf0dbd9c6eab105970b5b53a
|
|
make the indenting a little more consistent too..
Fixes Solaris 2.6; reported by Tom G. Christensen
|
|
OpenBSD-Commit-ID: 824baf9c59afc66a4637017e397b9b74a41684e7
|
|
some arbitrary value < 0. errno is only updated in this case. Change all
(most?) callers of syscalls to follow this better, and let's see if this
strictness helps us in the future.
OpenBSD-Commit-ID: 48081f00db7518e3b712a49dca06efc2a5428075
|
|
Patch from knweiss at gmail.com via -portable.
OpenBSD-Commit-ID: 2577465442f761a39703762c4f87a8dfcb918b4b
|
|
be able to find out from where the request was comming.
Add the same logging for PermitListen violations which where not
logged at all.
Pointed out by Robert Kisteleki (robert AT ripe.net)
input markus
OK deraadt
OpenBSD-Commit-ID: 8a7d0f1b7175504c0d1dca8d9aca1588b66448c8
|
|
blueflash.cc, ok deraadt
OpenBSD-Commit-ID: dbe4db381603909482211ffdd2b48abd72169117
|
|
Avoids sending SIGPIPE to child processes after their parent exits
if they attempt to write to stderr.
Analysis and patch from JD Paul; patch reworked by Jakub Jelen and
myself. bz#2071; ok dtucker@
|
|
with & ok markus@
OpenBSD-Commit-ID: 0b8279b56113cbd4011fc91315c0796b63dc862c
|
|
API, started almost exactly six years ago.
This change stops including the old packet_* API by default and makes
each file that requires the old API include it explicitly. We will
commit file-by-file refactoring to remove the old API in consistent
steps.
with & ok markus@
OpenBSD-Commit-ID: 93c98a6b38f6911fd1ae025a1ec57807fb4d4ef4
|
|
channel_init_channels() as we do it anyway in channel_handler_init() that we
call at the end of the function. Fix from Markus Schmidt via bz#2938
OpenBSD-Commit-ID: 74893638af49e3734f1e33a54af1b7ea533373ed
|
