| Age | Commit message (Collapse) | Author |
|---|
|
From jjelen at redhat.com via bz#2687, ok djm@
OpenBSD-Commit-ID: 9f9e4ba3cac003e6f81da3bcebd1b9ec43e7f353
|
|
We've previously removed a lot of the really old compatibility code,
and with it went the need to include compat.h in most of the files that
have it.
OpenBSD-Commit-ID: 5af8baa194be00a3092d17598e88a5b29f7ea2b4
|
|
This sets an "extended" channel type after channel creation (e.g.
"session:subsystem:sftp") that will be used for setting channel inactivity
timeouts.
ok markus dtucker
OpenBSD-Commit-ID: 42564aa92345045b4a74300528f960416a15d4ca
|
|
These are now used by sshd_config:ChannelTimeouts to specify timeouts by
channel type, so force them all to use a similar format without whitespace.
ok dtucker markus
OpenBSD-Commit-ID: 66834765bb4ae14f96d2bb981ac98a7dae361b65
|
|
This will forcibly close an open channel by simulating read/write errors,
draining the IO buffers and calling the detach function.
Previously the detach function was only ever called during channel garbage
collection, but there was no way to signal the user of a channel (e.g.
session.c) that its channel was being closed deliberately (vs. by the
usual state-machine logic). So this adds an extra "force" argument to the
channel cleanup callback to indicate this condition.
ok markus dtucker
OpenBSD-Commit-ID: 23052707a42bdc62fda2508636e624afd466324b
|
|
Historicallly, hpdelim accepted ":" or "/" as a port delimiter between
hosts (or addresses) and ports. These days most of the uses for "/"
are no longer accepted, so there are several places where it checks the
delimiter to disallow it. Make hpdelim accept only ":" and use hpdelim2
in the other cases. ok djm@
OpenBSD-Commit-ID: 7e6420bd1be87590b6840973f5ad5305804e3102
|
|
|
|
debuggings past. prompted by Michael Forney, ok dtucker@
OpenBSD-Commit-ID: 4853a0d6c9cecaba9ecfcc19066e52d3a8dcb2ac
|
|
and bad indentation on continuation lines. Prompted by GHPR#185
OpenBSD-Commit-ID: e5c81f0cbdcc6144df1ce468ec1bac366d8ad6e9
|
|
OpenBSD and NetBSD require the caller to free strings returned
bu the login_* functions, but FreeBSD requires that callers don't.
Fortunately in this case, we can harmlessly leak as the process is
about to exec the shell/command.
From https://reviews.freebsd.org/D28617 via Ed Maste; ok dtucker@
|
|
OpenBSD-Commit-ID: 5c1048468813107baa872f5ee33ba51623630e01
|
|
searched-for characters; from zhongjubin@huawei.com
OpenBSD-Commit-ID: e6f57de1d4a4d25f8db2d44e8d58d847e247a4fe
|
|
Follow upstream (6d755706a0059eb9e2d63517f288b75cbc3b4701) language
improvements in this portable-specific code.
|
|
__func__ and appending ssh_err(r) manually; ok markus@
OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8
|
|
|
|
OpenBSD-Commit-ID: 964d9a88f7de1d0eedd3f8070b43fb6e426351f1
|
|
OpenBSD-Commit-ID: 939d787d571b4d5da50b3b721fd0b2ac236acaa8
|
|
sshd is in chroot mode, the likely absence of a password database will cause
tilde_expand_filename() to fatal; ok dtucker@
OpenBSD-Commit-ID: e20aee6159e8b79190d18dba1513fc1b7c8b7ee1
|
|
redirection after the session child process is forked(); ok dtucker@
OpenBSD-Commit-ID: 6df86dd653c91f5bc8ac1916e7680d9d24690865
|
|
being relative to the current directory, so that it'll still be found if the
shell startup changes its directory. Since the path is potentially longer,
make the cmd buffer that uses it dynamically sized. bz#3185, with & ok djm@
OpenBSD-Commit-ID: 36e33ff01497af3dc8226d0c4c1526fc3a1e46bf
|
|
OpenBSD-Commit-ID: 166ea64f6d84f7bac5636dbd38968592cb5eb924
|
|
sigaction(2). This wrapper blocks all other signals during the handler
preventing races between handlers, and sets SA_RESTART which should reduce
the potential for short read/write operations.
OpenBSD-Commit-ID: 5e047663fd77a40d7b07bdabe68529df51fd2519
|
|
It's only needed for USE_PAM or HAVE_CYGWIN cases and will cause compiler
warnings otherwise.
|
|
This function is only used in this file, and only on Cygwin, so make
it static and hide it behind HAVE_CYGWIN. Prevents missing prototype
warning.
|
|
OpenBSD-Commit-ID: b5b15674cde1b54d6dbbae8faf30d47e6e5d6513
|
|
some arbitrary value < 0. errno is only updated in this case. Change all
(most?) callers of syscalls to follow this better, and let's see if this
strictness helps us in the future.
OpenBSD-Commit-ID: 48081f00db7518e3b712a49dca06efc2a5428075
|
|
from Jakub Jelen
|
|
setup error path with user's privileged. This is a no-op as this code always
runs with user privilege now that we no longer support running sshd with
privilege separation disabled, but as long as the privsep skeleton is there
we should follow the rules.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
bz#2969 with patch from Erik Sjölund
OpenBSD-Commit-ID: 2b708401a5a8d6133c865d7698d9852210dca846
|
|
command when ForceCommand=internal-sftp is in effect; bz2960; ok dtucker@
OpenBSD-Commit-ID: 8c87fa66d7fc6c0fffa3a3c28e8ab5e8dde234b8
|
|
PAM typically specifies the user environment if it's enabled, so don't
second guess. bz#2937; ok dtucker@
|
|
API. This code is not normally reachable since USE_PIPES is always defined.
bz#2961, patch from adrian.fita at gmail com.
OpenBSD-Commit-ID: 8d8428d678d1d5eb4bb21921df34e8173e6d238a
|
|
|
|
with & ok markus@
OpenBSD-Commit-ID: fae817207e23099ddd248960c984f7b7f26ea68e
|
|
with & ok markus@
OpenBSD-Commit-ID: 7e10359f614ff522b52a3f05eec576257794e8e4
|
|
API, started almost exactly six years ago.
This change stops including the old packet_* API by default and makes
each file that requires the old API include it explicitly. We will
commit file-by-file refactoring to remove the old API in consistent
steps.
with & ok markus@
OpenBSD-Commit-ID: 93c98a6b38f6911fd1ae025a1ec57807fb4d4ef4
|
|
=?UTF-8?q?e=20extern;=20from=20Hanno=20B=C3=B6ck?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
OpenBSD-Commit-ID: d53dede6e521161bf04d39d09947db6253a38271
|
|
This makes the connection 4-tuple available to PAM modules that
wish to use it in decision-making. bz#2741
|
|
OpenBSD-Commit-ID: 482ce71a5ea5c5f3bc4d00fd719481a6a584d925
|
|
disposition of channel's extended (stderr) fd; makes debugging some things a
bit easier. No behaviour change.
OpenBSD-Commit-ID: 483eb6467dc7d5dbca8eb109c453e7a43075f7ce
|
|
|
|
channel/ session protocol. Signalling is only supported to sesssions that are
not subsystems and were not started with a forced command.
Long requested in bz#1424
Based on a patch from markus@ and reworked by dtucker@;
ok markus@ dtucker@
OpenBSD-Commit-ID: 4bea826f575862eaac569c4bedd1056a268be1c3
|
|
OpenBSD-Commit-ID: b5149a6d92b264d35f879d24608087b254857a83
|
|
OpenBSD-Commit-ID: 2b1f9619259e222bbd4fe9a8d3a0973eafb9dd8d
|
|
|
|
OpenBSD-Commit-ID: f3cb4e54bff15c593602d95cc43e32ee1a4bac42
|
|
OpenBSD-Commit-ID: 5df340c5965e822c9da21e19579d08dea3cbe429
|
|
read_environment_file recently gained an extra argument Some platform
specific code also calls it so add the argument to those too. Fixes
build on Solaris and AIX.
|
|
pattern-list of whitelisted environment variable names in addition to yes|no.
bz#1800, feedback and ok markus@
OpenBSD-Commit-ID: 77dc2b468e0bf04b53f333434ba257008a1fdf24
|
|
administrator to explicitly specify environment variables set in sessions
started by sshd. These override the default environment and any variables set
by user configuration (PermitUserEnvironment, etc), but not the SSH_*
variables set by sshd itself.
ok markus@
OpenBSD-Commit-ID: b6a96c0001ccd7dd211df6cae9e961c20fd718c0
|
|
read from ~/.ssh/environment (if enabled) do not override SSH_* variables set
by the server.
OpenBSD-Commit-ID: 59f9d4c213cdcef2ef21f4b4ae006594dcf2aa7a
|
