#
1.75 |
|
01-Feb-2024 |
djm |
whitespace
|
Revision tags: OPENBSD_7_1_BASE OPENBSD_7_2_BASE OPENBSD_7_3_BASE OPENBSD_7_4_BASE
|
#
1.74 |
|
01-Feb-2022 |
djm |
mark const string array contents const too, i.e. static const char *array => static const char * const array from Mike Frysinger
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.73 |
|
19-May-2021 |
djm |
restore blocking status on stdio fds before close
ssh(1) needs to set file descriptors to non-blocking mode to operate but it was not restoring the original state on exit. This could cause problems with fds shared with other programs via the shell, e.g.
> $ cat > test.sh << _EOF > #!/bin/sh > { > ssh -Fnone -oLogLevel=verbose ::1 hostname > cat /usr/share/dict/words > } | sleep 10 > _EOF > $ ./test.sh > Authenticated to ::1 ([::1]:22). > Transferred: sent 2352, received 2928 bytes, in 0.1 seconds > Bytes per second: sent 44338.9, received 55197.4 > cat: stdout: Resource temporarily unavailable
This restores the blocking status for fds 0,1,2 (stdio) before ssh(1) abandons/closes them.
This was reported as bz3280 and GHPR246; ok dtucker@
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.72 |
|
27-Jan-2021 |
djm |
remove global variable used to stash compat flags and use the purpose-built ssh->compat variable instead; feedback/ok markus@
|
#
1.71 |
|
18-Oct-2020 |
djm |
use the new variant log macros instead of prepending __func__ and appending ssh_err(r) manually; ok markus@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE
|
#
1.70 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_4_BASE OPENBSD_6_5_BASE
|
#
1.69 |
|
04-Oct-2018 |
djm |
when the peer sends a channel-close message, make sure we close the local extended read fd (stderr) along with the regular read fd (stdout). Avoids weird stuck processed in multiplexing mode.
Report and analysis by Nelson Elhage and Geoffrey Thomas in bz#2863
ok dtucker@ markus@
|
#
1.68 |
|
04-Oct-2018 |
djm |
include a little more information about the status and disposition of channel's extended (stderr) fd; makes debugging some things a bit easier. No behaviour change.
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.67 |
|
12-Sep-2017 |
djm |
Make remote channel ID a u_int
Previously we tracked the remote channel IDs in an int, but this is strictly incorrect: the wire protocol uses uint32 and there is nothing in-principle stopping a SSH implementation from sending, say, 0xffff0000.
In practice everyone numbers their channels sequentially, so this has never been a problem.
ok markus@
|
#
1.66 |
|
12-Sep-2017 |
djm |
refactor channels.c
Move static state to a "struct ssh_channels" that is allocated at runtime and tracked as a member of struct ssh.
Explicitly pass "struct ssh" to all channels functions.
Replace use of the legacy packet APIs in channels.c.
Rework sshd_config PermitOpen handling: previously the configuration parser would call directly into the channels layer. After the refactor this is not possible, as the channels structures are allocated at connection time and aren't available when the configuration is parsed. The server config parser now tracks PermitOpen itself and explicitly configures the channels code later.
ok markus@
|
#
1.65 |
|
30-Apr-2017 |
djm |
obliterate ssh1.h and some dead code that used it
ok markus@
|
#
1.64 |
|
30-Apr-2017 |
djm |
remove compat20/compat13/compat15 variables
ok markus@
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.63 |
|
26-Jan-2010 |
djm |
rewrite ssh(1) multiplexing code to a more sensible protocol.
The new multiplexing code uses channels for the listener and accepted control sockets to make the mux master non-blocking, so no stalls when processing messages from a slave.
avoid use of fatal() in mux master protocol parsing so an errant slave process cannot take down a running master.
implement requesting of port-forwards over multiplexed sessions. Any port forwards requested by the slave are added to those the master has established.
add support for stdio forwarding ("ssh -W host:port ...") in mux slaves.
document master/slave mux protocol so that other tools can use it to control a running ssh(1). Note: there are no guarantees that this protocol won't be incompatibly changed (though it is versioned).
feedback Salvador Fandino, dtucker@ channel changes ok markus@
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.62 |
|
07-Nov-2008 |
stevesk |
add space to some log/debug messages for readability; ok djm@ markus@
|
#
1.61 |
|
11-Sep-2008 |
markus |
only send eow and no-more-sessions requests to openssh 5 and newer; fixes interop problems with broken ssh v2 implementations; ok djm@
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.60 |
|
30-Jun-2008 |
djm |
only send eow@openssh.com notifications for session channels; ok! markus@
|
#
1.59 |
|
09-May-2008 |
markus |
unbreak ssh -2 localhost od /bin/ls | true ignoring SIGPIPE by adding a new channel message (EOW) that signals the peer that we're not interested in any data it might send. fixes bz #85; discussion, debugging and ok djm@
|
#
1.58 |
|
08-May-2008 |
djm |
Implement a channel success/failure status confirmation callback mechanism. Each channel maintains a queue of callbacks, which will be drained in order (RFC4253 guarantees confirm messages are not reordered within an channel).
Also includes a abandonment callback to clean up if a channel is closed without sending confirmation messages. This probably shouldn't happen in compliant implementations, but it could be abused to leak memory.
ok markus@ (as part of a larger diff)
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE
|
#
1.57 |
|
03-Aug-2006 |
deraadt |
almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step
|
#
1.56 |
|
22-Jul-2006 |
stevesk |
move #include <string.h> out of includes.h
|
#
1.55 |
|
11-Jul-2006 |
stevesk |
move #include <errno.h> out of includes.h; ok markus@
|
#
1.54 |
|
08-Jul-2006 |
stevesk |
move #include <sys/socket.h> out of includes.h
|
#
1.53 |
|
25-Mar-2006 |
djm |
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
|
#
1.52 |
|
19-Mar-2006 |
deraadt |
RCSID() can die
|
Revision tags: OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE
|
#
1.51 |
|
11-Jul-2004 |
deraadt |
branches: 1.51.6; 1.51.8; spaces
|
#
1.50 |
|
21-Jun-2004 |
avsm |
make ssh -Wshadow clean, no functional changes markus@ ok
|
Revision tags: OPENBSD_3_4_BASE OPENBSD_3_5_BASE
|
#
1.49 |
|
29-Aug-2003 |
markus |
branches: 1.49.2; 1.49.4; be less chatty; debug -> debug2, cleanup; ok henning@
|
#
1.48 |
|
08-Apr-2003 |
itojun |
rename log() into logit() to avoid name conflict. markus ok, from netbsd
|
Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE
|
#
1.47 |
|
19-Jun-2002 |
deraadt |
branches: 1.47.2; 1.47.4; KNF done automatically while reading....
|
#
1.46 |
|
09-Jun-2002 |
markus |
use tab not spaces (|unexpand)
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.45 |
|
25-Mar-2002 |
markus |
branches: 1.45.2; don't send stderr data after EOF, accept this from older known (broken) sshd servers only, fixes http://bugzilla.mindrot.org/show_bug.cgi?id=179
|
#
1.44 |
|
21-Jan-2002 |
markus |
cleanup channels faster if the are empty and we are in drain-state; ok deraadt@
|
#
1.43 |
|
14-Jan-2002 |
markus |
(c) 2002
|
#
1.42 |
|
14-Jan-2002 |
markus |
remove function pointers for events, remove chan_init*; ok provos@
|
#
1.41 |
|
14-Jan-2002 |
markus |
remove duplicated code; ok provos@
|
#
1.40 |
|
14-Jan-2002 |
markus |
correct fn names for ssh2, do not switch from closed to closed; ok provos@
|
#
1.39 |
|
14-Jan-2002 |
markus |
merge chan_[io]buf_empty[12]; ok provos@
|
#
1.38 |
|
14-Jan-2002 |
markus |
chan_send_oclose1() no longer calls chan_shutdown_write(); ok provos@
|
#
1.37 |
|
13-Jan-2002 |
markus |
add chan_set_[io]state(), order states, state is now an u_int, simplifies debugging messages; ok provos@
|
#
1.36 |
|
10-Jan-2002 |
markus |
more unused code (with channels.c:1.156)
|
#
1.35 |
|
10-Jan-2002 |
markus |
remove dead code (skip drain)
|
#
1.34 |
|
09-Jan-2002 |
markus |
replace buffer_consume(b, buffer_len(b)) with buffer_clear(b); ok provos@
|
#
1.33 |
|
19-Dec-2001 |
deraadt |
basic KNF done while i was looking for something else
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.32 |
|
10-Oct-2001 |
markus |
branches: 1.32.2; try to keep channels open until an exit-status message is sent. don't kill the login shells if the shells stdin/out/err is closed. this should now work: ssh -2n localhost 'exec > /dev/null 2>&1; sleep 10; exit 5'; echo ?
|
#
1.31 |
|
17-Jul-2001 |
markus |
keep track of both maxfd and the size of the malloc'ed fdsets. update maxfd if maxfd gets closed.
|
#
1.30 |
|
25-Jun-2001 |
markus |
update copyright for 2001
|
#
1.29 |
|
23-Jun-2001 |
itojun |
more strict prototypes. raise warning level in Makefile.inc. markus ok'ed TODO; cleanup headers
|
#
1.28 |
|
31-May-2001 |
markus |
undo the .c file split, just merge the header and keep the cvs history
|
#
1.27 |
|
30-May-2001 |
markus |
channel layer cleanup: merge header files and split .c files
|
#
1.26 |
|
28-May-2001 |
markus |
undo broken channel fix and try a different one. there should be still some select errors...
|
#
1.25 |
|
16-May-2001 |
markus |
more select() error fixes (don't set rfd/wfd to -1).
|
#
1.24 |
|
04-May-2001 |
markus |
move to Channel **channels (instead of Channel *channels), fixes realloc problems. channel_new now returns a Channel *, favour Channel * over channel id. remove old channel_allocate interface.
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.23 |
|
28-Feb-2001 |
markus |
branches: 1.23.2; make sure remote stderr does not get truncated. remove closed fd's from the select mask.
|
#
1.22 |
|
21-Jan-2001 |
markus |
split ssh.h and try to cleanup the #include mess. remove unnecessary #includes. rename util.[ch] -> misc.[ch]
|
#
1.21 |
|
19-Jan-2001 |
markus |
move ssh1 definitions to ssh1.h, pathnames to pathnames.h
|
#
1.20 |
|
06-Nov-2000 |
markus |
agent forwarding and -R for ssh2, based on work from jhuuskon@messi.uku.fi
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.19 |
|
07-Sep-2000 |
deraadt |
branches: 1.19.2; cleanup copyright notices on all files. I have attempted to be accurate with the details. everything is now under Tatu's licence (which I copied from his readme), and/or the core-sdi bsd-ish thing for deattack, or various openbsd developers under a 2-term bsd licence. We're not changing any rules, just being accurate.
|
#
1.18 |
|
20-Jun-2000 |
markus |
OpenBSD tag
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.17 |
|
08-May-2000 |
markus |
branches: 1.17.2; no drain if ibuf_empty, fixes x11fwd problems; tests by fries@
|
#
1.16 |
|
03-May-2000 |
markus |
fix close for non-open ssh1 channels
|
#
1.15 |
|
02-May-2000 |
markus |
use c-style comments
|
#
1.14 |
|
14-Apr-2000 |
markus |
whitespace cleanup
|
#
1.13 |
|
03-Apr-2000 |
markus |
channel layer support for ssh2
|
#
1.12 |
|
28-Mar-2000 |
markus |
sync w/ channels.c
|
#
1.11 |
|
28-Mar-2000 |
markus |
replace big switch() with function tables (prepare for ssh2)
|
#
1.10 |
|
10-Jan-2000 |
markus |
handle OCLOSE for CHAN_INPUT_WAIT_DRAIN, i.e. do not drain buffer if peer is not going to read the data.
|
#
1.9 |
|
02-Dec-1999 |
markus |
use error() for internal errors
|
#
1.8 |
|
24-Nov-1999 |
markus |
it's not an error() if shutdown_write failes in nchan.
|
#
1.7 |
|
24-Nov-1999 |
markus |
missing copyright
|
#
1.6 |
|
23-Nov-1999 |
markus |
KNF part 1
|
#
1.5 |
|
25-Oct-1999 |
markus |
remove buggy 'x11-fix'
|
#
1.4 |
|
25-Oct-1999 |
markus |
typo in debug messages (input vs. ouput)
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.3 |
|
17-Oct-1999 |
markus |
re-implement the proto-1.5 channel close protocol, see nchan.ms.
|
#
1.2 |
|
16-Oct-1999 |
markus |
add CVS tags, fix comments and whitespace
|
#
1.1 |
|
16-Oct-1999 |
markus |
support for SSH protocol 1.5 which is poorly documented, the RFC.troff lies. interops (x11,agent,etc) with 1.2.27 and protocol 1.3
|
#
1.74 |
|
01-Feb-2022 |
djm |
mark const string array contents const too, i.e. static const char *array => static const char * const array from Mike Frysinger
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.73 |
|
19-May-2021 |
djm |
restore blocking status on stdio fds before close
ssh(1) needs to set file descriptors to non-blocking mode to operate but it was not restoring the original state on exit. This could cause problems with fds shared with other programs via the shell, e.g.
> $ cat > test.sh << _EOF > #!/bin/sh > { > ssh -Fnone -oLogLevel=verbose ::1 hostname > cat /usr/share/dict/words > } | sleep 10 > _EOF > $ ./test.sh > Authenticated to ::1 ([::1]:22). > Transferred: sent 2352, received 2928 bytes, in 0.1 seconds > Bytes per second: sent 44338.9, received 55197.4 > cat: stdout: Resource temporarily unavailable
This restores the blocking status for fds 0,1,2 (stdio) before ssh(1) abandons/closes them.
This was reported as bz3280 and GHPR246; ok dtucker@
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.72 |
|
27-Jan-2021 |
djm |
remove global variable used to stash compat flags and use the purpose-built ssh->compat variable instead; feedback/ok markus@
|
#
1.71 |
|
18-Oct-2020 |
djm |
use the new variant log macros instead of prepending __func__ and appending ssh_err(r) manually; ok markus@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE
|
#
1.70 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_4_BASE OPENBSD_6_5_BASE
|
#
1.69 |
|
04-Oct-2018 |
djm |
when the peer sends a channel-close message, make sure we close the local extended read fd (stderr) along with the regular read fd (stdout). Avoids weird stuck processed in multiplexing mode.
Report and analysis by Nelson Elhage and Geoffrey Thomas in bz#2863
ok dtucker@ markus@
|
#
1.68 |
|
04-Oct-2018 |
djm |
include a little more information about the status and disposition of channel's extended (stderr) fd; makes debugging some things a bit easier. No behaviour change.
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.67 |
|
12-Sep-2017 |
djm |
Make remote channel ID a u_int
Previously we tracked the remote channel IDs in an int, but this is strictly incorrect: the wire protocol uses uint32 and there is nothing in-principle stopping a SSH implementation from sending, say, 0xffff0000.
In practice everyone numbers their channels sequentially, so this has never been a problem.
ok markus@
|
#
1.66 |
|
12-Sep-2017 |
djm |
refactor channels.c
Move static state to a "struct ssh_channels" that is allocated at runtime and tracked as a member of struct ssh.
Explicitly pass "struct ssh" to all channels functions.
Replace use of the legacy packet APIs in channels.c.
Rework sshd_config PermitOpen handling: previously the configuration parser would call directly into the channels layer. After the refactor this is not possible, as the channels structures are allocated at connection time and aren't available when the configuration is parsed. The server config parser now tracks PermitOpen itself and explicitly configures the channels code later.
ok markus@
|
#
1.65 |
|
30-Apr-2017 |
djm |
obliterate ssh1.h and some dead code that used it
ok markus@
|
#
1.64 |
|
30-Apr-2017 |
djm |
remove compat20/compat13/compat15 variables
ok markus@
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.63 |
|
26-Jan-2010 |
djm |
rewrite ssh(1) multiplexing code to a more sensible protocol.
The new multiplexing code uses channels for the listener and accepted control sockets to make the mux master non-blocking, so no stalls when processing messages from a slave.
avoid use of fatal() in mux master protocol parsing so an errant slave process cannot take down a running master.
implement requesting of port-forwards over multiplexed sessions. Any port forwards requested by the slave are added to those the master has established.
add support for stdio forwarding ("ssh -W host:port ...") in mux slaves.
document master/slave mux protocol so that other tools can use it to control a running ssh(1). Note: there are no guarantees that this protocol won't be incompatibly changed (though it is versioned).
feedback Salvador Fandino, dtucker@ channel changes ok markus@
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.62 |
|
07-Nov-2008 |
stevesk |
add space to some log/debug messages for readability; ok djm@ markus@
|
#
1.61 |
|
11-Sep-2008 |
markus |
only send eow and no-more-sessions requests to openssh 5 and newer; fixes interop problems with broken ssh v2 implementations; ok djm@
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.60 |
|
30-Jun-2008 |
djm |
only send eow@openssh.com notifications for session channels; ok! markus@
|
#
1.59 |
|
09-May-2008 |
markus |
unbreak ssh -2 localhost od /bin/ls | true ignoring SIGPIPE by adding a new channel message (EOW) that signals the peer that we're not interested in any data it might send. fixes bz #85; discussion, debugging and ok djm@
|
#
1.58 |
|
08-May-2008 |
djm |
Implement a channel success/failure status confirmation callback mechanism. Each channel maintains a queue of callbacks, which will be drained in order (RFC4253 guarantees confirm messages are not reordered within an channel).
Also includes a abandonment callback to clean up if a channel is closed without sending confirmation messages. This probably shouldn't happen in compliant implementations, but it could be abused to leak memory.
ok markus@ (as part of a larger diff)
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE
|
#
1.57 |
|
03-Aug-2006 |
deraadt |
almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step
|
#
1.56 |
|
22-Jul-2006 |
stevesk |
move #include <string.h> out of includes.h
|
#
1.55 |
|
11-Jul-2006 |
stevesk |
move #include <errno.h> out of includes.h; ok markus@
|
#
1.54 |
|
08-Jul-2006 |
stevesk |
move #include <sys/socket.h> out of includes.h
|
#
1.53 |
|
25-Mar-2006 |
djm |
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
|
#
1.52 |
|
19-Mar-2006 |
deraadt |
RCSID() can die
|
Revision tags: OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE
|
#
1.51 |
|
11-Jul-2004 |
deraadt |
branches: 1.51.6; 1.51.8; spaces
|
#
1.50 |
|
21-Jun-2004 |
avsm |
make ssh -Wshadow clean, no functional changes markus@ ok
|
Revision tags: OPENBSD_3_4_BASE OPENBSD_3_5_BASE
|
#
1.49 |
|
29-Aug-2003 |
markus |
branches: 1.49.2; 1.49.4; be less chatty; debug -> debug2, cleanup; ok henning@
|
#
1.48 |
|
08-Apr-2003 |
itojun |
rename log() into logit() to avoid name conflict. markus ok, from netbsd
|
Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE
|
#
1.47 |
|
19-Jun-2002 |
deraadt |
branches: 1.47.2; 1.47.4; KNF done automatically while reading....
|
#
1.46 |
|
09-Jun-2002 |
markus |
use tab not spaces (|unexpand)
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.45 |
|
25-Mar-2002 |
markus |
branches: 1.45.2; don't send stderr data after EOF, accept this from older known (broken) sshd servers only, fixes http://bugzilla.mindrot.org/show_bug.cgi?id=179
|
#
1.44 |
|
21-Jan-2002 |
markus |
cleanup channels faster if the are empty and we are in drain-state; ok deraadt@
|
#
1.43 |
|
14-Jan-2002 |
markus |
(c) 2002
|
#
1.42 |
|
14-Jan-2002 |
markus |
remove function pointers for events, remove chan_init*; ok provos@
|
#
1.41 |
|
14-Jan-2002 |
markus |
remove duplicated code; ok provos@
|
#
1.40 |
|
14-Jan-2002 |
markus |
correct fn names for ssh2, do not switch from closed to closed; ok provos@
|
#
1.39 |
|
14-Jan-2002 |
markus |
merge chan_[io]buf_empty[12]; ok provos@
|
#
1.38 |
|
14-Jan-2002 |
markus |
chan_send_oclose1() no longer calls chan_shutdown_write(); ok provos@
|
#
1.37 |
|
13-Jan-2002 |
markus |
add chan_set_[io]state(), order states, state is now an u_int, simplifies debugging messages; ok provos@
|
#
1.36 |
|
10-Jan-2002 |
markus |
more unused code (with channels.c:1.156)
|
#
1.35 |
|
10-Jan-2002 |
markus |
remove dead code (skip drain)
|
#
1.34 |
|
09-Jan-2002 |
markus |
replace buffer_consume(b, buffer_len(b)) with buffer_clear(b); ok provos@
|
#
1.33 |
|
19-Dec-2001 |
deraadt |
basic KNF done while i was looking for something else
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.32 |
|
10-Oct-2001 |
markus |
branches: 1.32.2; try to keep channels open until an exit-status message is sent. don't kill the login shells if the shells stdin/out/err is closed. this should now work: ssh -2n localhost 'exec > /dev/null 2>&1; sleep 10; exit 5'; echo ?
|
#
1.31 |
|
17-Jul-2001 |
markus |
keep track of both maxfd and the size of the malloc'ed fdsets. update maxfd if maxfd gets closed.
|
#
1.30 |
|
25-Jun-2001 |
markus |
update copyright for 2001
|
#
1.29 |
|
23-Jun-2001 |
itojun |
more strict prototypes. raise warning level in Makefile.inc. markus ok'ed TODO; cleanup headers
|
#
1.28 |
|
31-May-2001 |
markus |
undo the .c file split, just merge the header and keep the cvs history
|
#
1.27 |
|
30-May-2001 |
markus |
channel layer cleanup: merge header files and split .c files
|
#
1.26 |
|
28-May-2001 |
markus |
undo broken channel fix and try a different one. there should be still some select errors...
|
#
1.25 |
|
16-May-2001 |
markus |
more select() error fixes (don't set rfd/wfd to -1).
|
#
1.24 |
|
04-May-2001 |
markus |
move to Channel **channels (instead of Channel *channels), fixes realloc problems. channel_new now returns a Channel *, favour Channel * over channel id. remove old channel_allocate interface.
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.23 |
|
28-Feb-2001 |
markus |
branches: 1.23.2; make sure remote stderr does not get truncated. remove closed fd's from the select mask.
|
#
1.22 |
|
21-Jan-2001 |
markus |
split ssh.h and try to cleanup the #include mess. remove unnecessary #includes. rename util.[ch] -> misc.[ch]
|
#
1.21 |
|
19-Jan-2001 |
markus |
move ssh1 definitions to ssh1.h, pathnames to pathnames.h
|
#
1.20 |
|
06-Nov-2000 |
markus |
agent forwarding and -R for ssh2, based on work from jhuuskon@messi.uku.fi
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.19 |
|
07-Sep-2000 |
deraadt |
branches: 1.19.2; cleanup copyright notices on all files. I have attempted to be accurate with the details. everything is now under Tatu's licence (which I copied from his readme), and/or the core-sdi bsd-ish thing for deattack, or various openbsd developers under a 2-term bsd licence. We're not changing any rules, just being accurate.
|
#
1.18 |
|
20-Jun-2000 |
markus |
OpenBSD tag
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.17 |
|
08-May-2000 |
markus |
branches: 1.17.2; no drain if ibuf_empty, fixes x11fwd problems; tests by fries@
|
#
1.16 |
|
03-May-2000 |
markus |
fix close for non-open ssh1 channels
|
#
1.15 |
|
02-May-2000 |
markus |
use c-style comments
|
#
1.14 |
|
14-Apr-2000 |
markus |
whitespace cleanup
|
#
1.13 |
|
03-Apr-2000 |
markus |
channel layer support for ssh2
|
#
1.12 |
|
28-Mar-2000 |
markus |
sync w/ channels.c
|
#
1.11 |
|
28-Mar-2000 |
markus |
replace big switch() with function tables (prepare for ssh2)
|
#
1.10 |
|
10-Jan-2000 |
markus |
handle OCLOSE for CHAN_INPUT_WAIT_DRAIN, i.e. do not drain buffer if peer is not going to read the data.
|
#
1.9 |
|
02-Dec-1999 |
markus |
use error() for internal errors
|
#
1.8 |
|
24-Nov-1999 |
markus |
it's not an error() if shutdown_write failes in nchan.
|
#
1.7 |
|
24-Nov-1999 |
markus |
missing copyright
|
#
1.6 |
|
23-Nov-1999 |
markus |
KNF part 1
|
#
1.5 |
|
25-Oct-1999 |
markus |
remove buggy 'x11-fix'
|
#
1.4 |
|
25-Oct-1999 |
markus |
typo in debug messages (input vs. ouput)
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.3 |
|
17-Oct-1999 |
markus |
re-implement the proto-1.5 channel close protocol, see nchan.ms.
|
#
1.2 |
|
16-Oct-1999 |
markus |
add CVS tags, fix comments and whitespace
|
#
1.1 |
|
16-Oct-1999 |
markus |
support for SSH protocol 1.5 which is poorly documented, the RFC.troff lies. interops (x11,agent,etc) with 1.2.27 and protocol 1.3
|
#
1.73 |
|
19-May-2021 |
djm |
restore blocking status on stdio fds before close
ssh(1) needs to set file descriptors to non-blocking mode to operate but it was not restoring the original state on exit. This could cause problems with fds shared with other programs via the shell, e.g.
> $ cat > test.sh << _EOF > #!/bin/sh > { > ssh -Fnone -oLogLevel=verbose ::1 hostname > cat /usr/share/dict/words > } | sleep 10 > _EOF > $ ./test.sh > Authenticated to ::1 ([::1]:22). > Transferred: sent 2352, received 2928 bytes, in 0.1 seconds > Bytes per second: sent 44338.9, received 55197.4 > cat: stdout: Resource temporarily unavailable
This restores the blocking status for fds 0,1,2 (stdio) before ssh(1) abandons/closes them.
This was reported as bz3280 and GHPR246; ok dtucker@
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.72 |
|
27-Jan-2021 |
djm |
remove global variable used to stash compat flags and use the purpose-built ssh->compat variable instead; feedback/ok markus@
|
#
1.71 |
|
18-Oct-2020 |
djm |
use the new variant log macros instead of prepending __func__ and appending ssh_err(r) manually; ok markus@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE
|
#
1.70 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_4_BASE OPENBSD_6_5_BASE
|
#
1.69 |
|
04-Oct-2018 |
djm |
when the peer sends a channel-close message, make sure we close the local extended read fd (stderr) along with the regular read fd (stdout). Avoids weird stuck processed in multiplexing mode.
Report and analysis by Nelson Elhage and Geoffrey Thomas in bz#2863
ok dtucker@ markus@
|
#
1.68 |
|
04-Oct-2018 |
djm |
include a little more information about the status and disposition of channel's extended (stderr) fd; makes debugging some things a bit easier. No behaviour change.
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.67 |
|
12-Sep-2017 |
djm |
Make remote channel ID a u_int
Previously we tracked the remote channel IDs in an int, but this is strictly incorrect: the wire protocol uses uint32 and there is nothing in-principle stopping a SSH implementation from sending, say, 0xffff0000.
In practice everyone numbers their channels sequentially, so this has never been a problem.
ok markus@
|
#
1.66 |
|
12-Sep-2017 |
djm |
refactor channels.c
Move static state to a "struct ssh_channels" that is allocated at runtime and tracked as a member of struct ssh.
Explicitly pass "struct ssh" to all channels functions.
Replace use of the legacy packet APIs in channels.c.
Rework sshd_config PermitOpen handling: previously the configuration parser would call directly into the channels layer. After the refactor this is not possible, as the channels structures are allocated at connection time and aren't available when the configuration is parsed. The server config parser now tracks PermitOpen itself and explicitly configures the channels code later.
ok markus@
|
#
1.65 |
|
30-Apr-2017 |
djm |
obliterate ssh1.h and some dead code that used it
ok markus@
|
#
1.64 |
|
30-Apr-2017 |
djm |
remove compat20/compat13/compat15 variables
ok markus@
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.63 |
|
26-Jan-2010 |
djm |
rewrite ssh(1) multiplexing code to a more sensible protocol.
The new multiplexing code uses channels for the listener and accepted control sockets to make the mux master non-blocking, so no stalls when processing messages from a slave.
avoid use of fatal() in mux master protocol parsing so an errant slave process cannot take down a running master.
implement requesting of port-forwards over multiplexed sessions. Any port forwards requested by the slave are added to those the master has established.
add support for stdio forwarding ("ssh -W host:port ...") in mux slaves.
document master/slave mux protocol so that other tools can use it to control a running ssh(1). Note: there are no guarantees that this protocol won't be incompatibly changed (though it is versioned).
feedback Salvador Fandino, dtucker@ channel changes ok markus@
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.62 |
|
07-Nov-2008 |
stevesk |
add space to some log/debug messages for readability; ok djm@ markus@
|
#
1.61 |
|
11-Sep-2008 |
markus |
only send eow and no-more-sessions requests to openssh 5 and newer; fixes interop problems with broken ssh v2 implementations; ok djm@
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.60 |
|
30-Jun-2008 |
djm |
only send eow@openssh.com notifications for session channels; ok! markus@
|
#
1.59 |
|
09-May-2008 |
markus |
unbreak ssh -2 localhost od /bin/ls | true ignoring SIGPIPE by adding a new channel message (EOW) that signals the peer that we're not interested in any data it might send. fixes bz #85; discussion, debugging and ok djm@
|
#
1.58 |
|
08-May-2008 |
djm |
Implement a channel success/failure status confirmation callback mechanism. Each channel maintains a queue of callbacks, which will be drained in order (RFC4253 guarantees confirm messages are not reordered within an channel).
Also includes a abandonment callback to clean up if a channel is closed without sending confirmation messages. This probably shouldn't happen in compliant implementations, but it could be abused to leak memory.
ok markus@ (as part of a larger diff)
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE
|
#
1.57 |
|
03-Aug-2006 |
deraadt |
almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step
|
#
1.56 |
|
22-Jul-2006 |
stevesk |
move #include <string.h> out of includes.h
|
#
1.55 |
|
11-Jul-2006 |
stevesk |
move #include <errno.h> out of includes.h; ok markus@
|
#
1.54 |
|
08-Jul-2006 |
stevesk |
move #include <sys/socket.h> out of includes.h
|
#
1.53 |
|
25-Mar-2006 |
djm |
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
|
#
1.52 |
|
19-Mar-2006 |
deraadt |
RCSID() can die
|
Revision tags: OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE
|
#
1.51 |
|
11-Jul-2004 |
deraadt |
branches: 1.51.6; 1.51.8; spaces
|
#
1.50 |
|
21-Jun-2004 |
avsm |
make ssh -Wshadow clean, no functional changes markus@ ok
|
Revision tags: OPENBSD_3_4_BASE OPENBSD_3_5_BASE
|
#
1.49 |
|
29-Aug-2003 |
markus |
branches: 1.49.2; 1.49.4; be less chatty; debug -> debug2, cleanup; ok henning@
|
#
1.48 |
|
08-Apr-2003 |
itojun |
rename log() into logit() to avoid name conflict. markus ok, from netbsd
|
Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE
|
#
1.47 |
|
19-Jun-2002 |
deraadt |
branches: 1.47.2; 1.47.4; KNF done automatically while reading....
|
#
1.46 |
|
09-Jun-2002 |
markus |
use tab not spaces (|unexpand)
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.45 |
|
25-Mar-2002 |
markus |
branches: 1.45.2; don't send stderr data after EOF, accept this from older known (broken) sshd servers only, fixes http://bugzilla.mindrot.org/show_bug.cgi?id=179
|
#
1.44 |
|
21-Jan-2002 |
markus |
cleanup channels faster if the are empty and we are in drain-state; ok deraadt@
|
#
1.43 |
|
14-Jan-2002 |
markus |
(c) 2002
|
#
1.42 |
|
14-Jan-2002 |
markus |
remove function pointers for events, remove chan_init*; ok provos@
|
#
1.41 |
|
14-Jan-2002 |
markus |
remove duplicated code; ok provos@
|
#
1.40 |
|
14-Jan-2002 |
markus |
correct fn names for ssh2, do not switch from closed to closed; ok provos@
|
#
1.39 |
|
14-Jan-2002 |
markus |
merge chan_[io]buf_empty[12]; ok provos@
|
#
1.38 |
|
14-Jan-2002 |
markus |
chan_send_oclose1() no longer calls chan_shutdown_write(); ok provos@
|
#
1.37 |
|
13-Jan-2002 |
markus |
add chan_set_[io]state(), order states, state is now an u_int, simplifies debugging messages; ok provos@
|
#
1.36 |
|
10-Jan-2002 |
markus |
more unused code (with channels.c:1.156)
|
#
1.35 |
|
10-Jan-2002 |
markus |
remove dead code (skip drain)
|
#
1.34 |
|
09-Jan-2002 |
markus |
replace buffer_consume(b, buffer_len(b)) with buffer_clear(b); ok provos@
|
#
1.33 |
|
19-Dec-2001 |
deraadt |
basic KNF done while i was looking for something else
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.32 |
|
10-Oct-2001 |
markus |
branches: 1.32.2; try to keep channels open until an exit-status message is sent. don't kill the login shells if the shells stdin/out/err is closed. this should now work: ssh -2n localhost 'exec > /dev/null 2>&1; sleep 10; exit 5'; echo ?
|
#
1.31 |
|
17-Jul-2001 |
markus |
keep track of both maxfd and the size of the malloc'ed fdsets. update maxfd if maxfd gets closed.
|
#
1.30 |
|
25-Jun-2001 |
markus |
update copyright for 2001
|
#
1.29 |
|
23-Jun-2001 |
itojun |
more strict prototypes. raise warning level in Makefile.inc. markus ok'ed TODO; cleanup headers
|
#
1.28 |
|
31-May-2001 |
markus |
undo the .c file split, just merge the header and keep the cvs history
|
#
1.27 |
|
30-May-2001 |
markus |
channel layer cleanup: merge header files and split .c files
|
#
1.26 |
|
28-May-2001 |
markus |
undo broken channel fix and try a different one. there should be still some select errors...
|
#
1.25 |
|
16-May-2001 |
markus |
more select() error fixes (don't set rfd/wfd to -1).
|
#
1.24 |
|
04-May-2001 |
markus |
move to Channel **channels (instead of Channel *channels), fixes realloc problems. channel_new now returns a Channel *, favour Channel * over channel id. remove old channel_allocate interface.
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.23 |
|
28-Feb-2001 |
markus |
branches: 1.23.2; make sure remote stderr does not get truncated. remove closed fd's from the select mask.
|
#
1.22 |
|
21-Jan-2001 |
markus |
split ssh.h and try to cleanup the #include mess. remove unnecessary #includes. rename util.[ch] -> misc.[ch]
|
#
1.21 |
|
19-Jan-2001 |
markus |
move ssh1 definitions to ssh1.h, pathnames to pathnames.h
|
#
1.20 |
|
06-Nov-2000 |
markus |
agent forwarding and -R for ssh2, based on work from jhuuskon@messi.uku.fi
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.19 |
|
07-Sep-2000 |
deraadt |
branches: 1.19.2; cleanup copyright notices on all files. I have attempted to be accurate with the details. everything is now under Tatu's licence (which I copied from his readme), and/or the core-sdi bsd-ish thing for deattack, or various openbsd developers under a 2-term bsd licence. We're not changing any rules, just being accurate.
|
#
1.18 |
|
20-Jun-2000 |
markus |
OpenBSD tag
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.17 |
|
08-May-2000 |
markus |
branches: 1.17.2; no drain if ibuf_empty, fixes x11fwd problems; tests by fries@
|
#
1.16 |
|
03-May-2000 |
markus |
fix close for non-open ssh1 channels
|
#
1.15 |
|
02-May-2000 |
markus |
use c-style comments
|
#
1.14 |
|
14-Apr-2000 |
markus |
whitespace cleanup
|
#
1.13 |
|
03-Apr-2000 |
markus |
channel layer support for ssh2
|
#
1.12 |
|
28-Mar-2000 |
markus |
sync w/ channels.c
|
#
1.11 |
|
28-Mar-2000 |
markus |
replace big switch() with function tables (prepare for ssh2)
|
#
1.10 |
|
10-Jan-2000 |
markus |
handle OCLOSE for CHAN_INPUT_WAIT_DRAIN, i.e. do not drain buffer if peer is not going to read the data.
|
#
1.9 |
|
02-Dec-1999 |
markus |
use error() for internal errors
|
#
1.8 |
|
24-Nov-1999 |
markus |
it's not an error() if shutdown_write failes in nchan.
|
#
1.7 |
|
24-Nov-1999 |
markus |
missing copyright
|
#
1.6 |
|
23-Nov-1999 |
markus |
KNF part 1
|
#
1.5 |
|
25-Oct-1999 |
markus |
remove buggy 'x11-fix'
|
#
1.4 |
|
25-Oct-1999 |
markus |
typo in debug messages (input vs. ouput)
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.3 |
|
17-Oct-1999 |
markus |
re-implement the proto-1.5 channel close protocol, see nchan.ms.
|
#
1.2 |
|
16-Oct-1999 |
markus |
add CVS tags, fix comments and whitespace
|
#
1.1 |
|
16-Oct-1999 |
markus |
support for SSH protocol 1.5 which is poorly documented, the RFC.troff lies. interops (x11,agent,etc) with 1.2.27 and protocol 1.3
|
#
1.72 |
|
27-Jan-2021 |
djm |
remove global variable used to stash compat flags and use the purpose-built ssh->compat variable instead; feedback/ok markus@
|
#
1.71 |
|
18-Oct-2020 |
djm |
use the new variant log macros instead of prepending __func__ and appending ssh_err(r) manually; ok markus@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE
|
#
1.70 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_4_BASE OPENBSD_6_5_BASE
|
#
1.69 |
|
04-Oct-2018 |
djm |
when the peer sends a channel-close message, make sure we close the local extended read fd (stderr) along with the regular read fd (stdout). Avoids weird stuck processed in multiplexing mode.
Report and analysis by Nelson Elhage and Geoffrey Thomas in bz#2863
ok dtucker@ markus@
|
#
1.68 |
|
04-Oct-2018 |
djm |
include a little more information about the status and disposition of channel's extended (stderr) fd; makes debugging some things a bit easier. No behaviour change.
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.67 |
|
12-Sep-2017 |
djm |
Make remote channel ID a u_int
Previously we tracked the remote channel IDs in an int, but this is strictly incorrect: the wire protocol uses uint32 and there is nothing in-principle stopping a SSH implementation from sending, say, 0xffff0000.
In practice everyone numbers their channels sequentially, so this has never been a problem.
ok markus@
|
#
1.66 |
|
12-Sep-2017 |
djm |
refactor channels.c
Move static state to a "struct ssh_channels" that is allocated at runtime and tracked as a member of struct ssh.
Explicitly pass "struct ssh" to all channels functions.
Replace use of the legacy packet APIs in channels.c.
Rework sshd_config PermitOpen handling: previously the configuration parser would call directly into the channels layer. After the refactor this is not possible, as the channels structures are allocated at connection time and aren't available when the configuration is parsed. The server config parser now tracks PermitOpen itself and explicitly configures the channels code later.
ok markus@
|
#
1.65 |
|
30-Apr-2017 |
djm |
obliterate ssh1.h and some dead code that used it
ok markus@
|
#
1.64 |
|
30-Apr-2017 |
djm |
remove compat20/compat13/compat15 variables
ok markus@
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.63 |
|
26-Jan-2010 |
djm |
rewrite ssh(1) multiplexing code to a more sensible protocol.
The new multiplexing code uses channels for the listener and accepted control sockets to make the mux master non-blocking, so no stalls when processing messages from a slave.
avoid use of fatal() in mux master protocol parsing so an errant slave process cannot take down a running master.
implement requesting of port-forwards over multiplexed sessions. Any port forwards requested by the slave are added to those the master has established.
add support for stdio forwarding ("ssh -W host:port ...") in mux slaves.
document master/slave mux protocol so that other tools can use it to control a running ssh(1). Note: there are no guarantees that this protocol won't be incompatibly changed (though it is versioned).
feedback Salvador Fandino, dtucker@ channel changes ok markus@
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.62 |
|
07-Nov-2008 |
stevesk |
add space to some log/debug messages for readability; ok djm@ markus@
|
#
1.61 |
|
11-Sep-2008 |
markus |
only send eow and no-more-sessions requests to openssh 5 and newer; fixes interop problems with broken ssh v2 implementations; ok djm@
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.60 |
|
30-Jun-2008 |
djm |
only send eow@openssh.com notifications for session channels; ok! markus@
|
#
1.59 |
|
09-May-2008 |
markus |
unbreak ssh -2 localhost od /bin/ls | true ignoring SIGPIPE by adding a new channel message (EOW) that signals the peer that we're not interested in any data it might send. fixes bz #85; discussion, debugging and ok djm@
|
#
1.58 |
|
08-May-2008 |
djm |
Implement a channel success/failure status confirmation callback mechanism. Each channel maintains a queue of callbacks, which will be drained in order (RFC4253 guarantees confirm messages are not reordered within an channel).
Also includes a abandonment callback to clean up if a channel is closed without sending confirmation messages. This probably shouldn't happen in compliant implementations, but it could be abused to leak memory.
ok markus@ (as part of a larger diff)
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE
|
#
1.57 |
|
03-Aug-2006 |
deraadt |
almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step
|
#
1.56 |
|
22-Jul-2006 |
stevesk |
move #include <string.h> out of includes.h
|
#
1.55 |
|
11-Jul-2006 |
stevesk |
move #include <errno.h> out of includes.h; ok markus@
|
#
1.54 |
|
08-Jul-2006 |
stevesk |
move #include <sys/socket.h> out of includes.h
|
#
1.53 |
|
25-Mar-2006 |
djm |
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
|
#
1.52 |
|
19-Mar-2006 |
deraadt |
RCSID() can die
|
Revision tags: OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE
|
#
1.51 |
|
11-Jul-2004 |
deraadt |
branches: 1.51.6; 1.51.8; spaces
|
#
1.50 |
|
21-Jun-2004 |
avsm |
make ssh -Wshadow clean, no functional changes markus@ ok
|
Revision tags: OPENBSD_3_4_BASE OPENBSD_3_5_BASE
|
#
1.49 |
|
29-Aug-2003 |
markus |
branches: 1.49.2; 1.49.4; be less chatty; debug -> debug2, cleanup; ok henning@
|
#
1.48 |
|
08-Apr-2003 |
itojun |
rename log() into logit() to avoid name conflict. markus ok, from netbsd
|
Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE
|
#
1.47 |
|
19-Jun-2002 |
deraadt |
branches: 1.47.2; 1.47.4; KNF done automatically while reading....
|
#
1.46 |
|
09-Jun-2002 |
markus |
use tab not spaces (|unexpand)
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.45 |
|
25-Mar-2002 |
markus |
branches: 1.45.2; don't send stderr data after EOF, accept this from older known (broken) sshd servers only, fixes http://bugzilla.mindrot.org/show_bug.cgi?id=179
|
#
1.44 |
|
21-Jan-2002 |
markus |
cleanup channels faster if the are empty and we are in drain-state; ok deraadt@
|
#
1.43 |
|
14-Jan-2002 |
markus |
(c) 2002
|
#
1.42 |
|
14-Jan-2002 |
markus |
remove function pointers for events, remove chan_init*; ok provos@
|
#
1.41 |
|
14-Jan-2002 |
markus |
remove duplicated code; ok provos@
|
#
1.40 |
|
14-Jan-2002 |
markus |
correct fn names for ssh2, do not switch from closed to closed; ok provos@
|
#
1.39 |
|
14-Jan-2002 |
markus |
merge chan_[io]buf_empty[12]; ok provos@
|
#
1.38 |
|
14-Jan-2002 |
markus |
chan_send_oclose1() no longer calls chan_shutdown_write(); ok provos@
|
#
1.37 |
|
13-Jan-2002 |
markus |
add chan_set_[io]state(), order states, state is now an u_int, simplifies debugging messages; ok provos@
|
#
1.36 |
|
10-Jan-2002 |
markus |
more unused code (with channels.c:1.156)
|
#
1.35 |
|
10-Jan-2002 |
markus |
remove dead code (skip drain)
|
#
1.34 |
|
09-Jan-2002 |
markus |
replace buffer_consume(b, buffer_len(b)) with buffer_clear(b); ok provos@
|
#
1.33 |
|
19-Dec-2001 |
deraadt |
basic KNF done while i was looking for something else
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.32 |
|
10-Oct-2001 |
markus |
branches: 1.32.2; try to keep channels open until an exit-status message is sent. don't kill the login shells if the shells stdin/out/err is closed. this should now work: ssh -2n localhost 'exec > /dev/null 2>&1; sleep 10; exit 5'; echo ?
|
#
1.31 |
|
17-Jul-2001 |
markus |
keep track of both maxfd and the size of the malloc'ed fdsets. update maxfd if maxfd gets closed.
|
#
1.30 |
|
25-Jun-2001 |
markus |
update copyright for 2001
|
#
1.29 |
|
23-Jun-2001 |
itojun |
more strict prototypes. raise warning level in Makefile.inc. markus ok'ed TODO; cleanup headers
|
#
1.28 |
|
31-May-2001 |
markus |
undo the .c file split, just merge the header and keep the cvs history
|
#
1.27 |
|
30-May-2001 |
markus |
channel layer cleanup: merge header files and split .c files
|
#
1.26 |
|
28-May-2001 |
markus |
undo broken channel fix and try a different one. there should be still some select errors...
|
#
1.25 |
|
16-May-2001 |
markus |
more select() error fixes (don't set rfd/wfd to -1).
|
#
1.24 |
|
04-May-2001 |
markus |
move to Channel **channels (instead of Channel *channels), fixes realloc problems. channel_new now returns a Channel *, favour Channel * over channel id. remove old channel_allocate interface.
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.23 |
|
28-Feb-2001 |
markus |
branches: 1.23.2; make sure remote stderr does not get truncated. remove closed fd's from the select mask.
|
#
1.22 |
|
21-Jan-2001 |
markus |
split ssh.h and try to cleanup the #include mess. remove unnecessary #includes. rename util.[ch] -> misc.[ch]
|
#
1.21 |
|
19-Jan-2001 |
markus |
move ssh1 definitions to ssh1.h, pathnames to pathnames.h
|
#
1.20 |
|
06-Nov-2000 |
markus |
agent forwarding and -R for ssh2, based on work from jhuuskon@messi.uku.fi
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.19 |
|
07-Sep-2000 |
deraadt |
branches: 1.19.2; cleanup copyright notices on all files. I have attempted to be accurate with the details. everything is now under Tatu's licence (which I copied from his readme), and/or the core-sdi bsd-ish thing for deattack, or various openbsd developers under a 2-term bsd licence. We're not changing any rules, just being accurate.
|
#
1.18 |
|
20-Jun-2000 |
markus |
OpenBSD tag
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.17 |
|
08-May-2000 |
markus |
branches: 1.17.2; no drain if ibuf_empty, fixes x11fwd problems; tests by fries@
|
#
1.16 |
|
03-May-2000 |
markus |
fix close for non-open ssh1 channels
|
#
1.15 |
|
02-May-2000 |
markus |
use c-style comments
|
#
1.14 |
|
14-Apr-2000 |
markus |
whitespace cleanup
|
#
1.13 |
|
03-Apr-2000 |
markus |
channel layer support for ssh2
|
#
1.12 |
|
28-Mar-2000 |
markus |
sync w/ channels.c
|
#
1.11 |
|
28-Mar-2000 |
markus |
replace big switch() with function tables (prepare for ssh2)
|
#
1.10 |
|
10-Jan-2000 |
markus |
handle OCLOSE for CHAN_INPUT_WAIT_DRAIN, i.e. do not drain buffer if peer is not going to read the data.
|
#
1.9 |
|
02-Dec-1999 |
markus |
use error() for internal errors
|
#
1.8 |
|
24-Nov-1999 |
markus |
it's not an error() if shutdown_write failes in nchan.
|
#
1.7 |
|
24-Nov-1999 |
markus |
missing copyright
|
#
1.6 |
|
23-Nov-1999 |
markus |
KNF part 1
|
#
1.5 |
|
25-Oct-1999 |
markus |
remove buggy 'x11-fix'
|
#
1.4 |
|
25-Oct-1999 |
markus |
typo in debug messages (input vs. ouput)
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.3 |
|
17-Oct-1999 |
markus |
re-implement the proto-1.5 channel close protocol, see nchan.ms.
|
#
1.2 |
|
16-Oct-1999 |
markus |
add CVS tags, fix comments and whitespace
|
#
1.1 |
|
16-Oct-1999 |
markus |
support for SSH protocol 1.5 which is poorly documented, the RFC.troff lies. interops (x11,agent,etc) with 1.2.27 and protocol 1.3
|
#
1.71 |
|
18-Oct-2020 |
djm |
use the new variant log macros instead of prepending __func__ and appending ssh_err(r) manually; ok markus@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE
|
#
1.70 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_4_BASE OPENBSD_6_5_BASE
|
#
1.69 |
|
04-Oct-2018 |
djm |
when the peer sends a channel-close message, make sure we close the local extended read fd (stderr) along with the regular read fd (stdout). Avoids weird stuck processed in multiplexing mode.
Report and analysis by Nelson Elhage and Geoffrey Thomas in bz#2863
ok dtucker@ markus@
|
#
1.68 |
|
04-Oct-2018 |
djm |
include a little more information about the status and disposition of channel's extended (stderr) fd; makes debugging some things a bit easier. No behaviour change.
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.67 |
|
12-Sep-2017 |
djm |
Make remote channel ID a u_int
Previously we tracked the remote channel IDs in an int, but this is strictly incorrect: the wire protocol uses uint32 and there is nothing in-principle stopping a SSH implementation from sending, say, 0xffff0000.
In practice everyone numbers their channels sequentially, so this has never been a problem.
ok markus@
|
#
1.66 |
|
12-Sep-2017 |
djm |
refactor channels.c
Move static state to a "struct ssh_channels" that is allocated at runtime and tracked as a member of struct ssh.
Explicitly pass "struct ssh" to all channels functions.
Replace use of the legacy packet APIs in channels.c.
Rework sshd_config PermitOpen handling: previously the configuration parser would call directly into the channels layer. After the refactor this is not possible, as the channels structures are allocated at connection time and aren't available when the configuration is parsed. The server config parser now tracks PermitOpen itself and explicitly configures the channels code later.
ok markus@
|
#
1.65 |
|
30-Apr-2017 |
djm |
obliterate ssh1.h and some dead code that used it
ok markus@
|
#
1.64 |
|
30-Apr-2017 |
djm |
remove compat20/compat13/compat15 variables
ok markus@
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.63 |
|
26-Jan-2010 |
djm |
rewrite ssh(1) multiplexing code to a more sensible protocol.
The new multiplexing code uses channels for the listener and accepted control sockets to make the mux master non-blocking, so no stalls when processing messages from a slave.
avoid use of fatal() in mux master protocol parsing so an errant slave process cannot take down a running master.
implement requesting of port-forwards over multiplexed sessions. Any port forwards requested by the slave are added to those the master has established.
add support for stdio forwarding ("ssh -W host:port ...") in mux slaves.
document master/slave mux protocol so that other tools can use it to control a running ssh(1). Note: there are no guarantees that this protocol won't be incompatibly changed (though it is versioned).
feedback Salvador Fandino, dtucker@ channel changes ok markus@
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.62 |
|
07-Nov-2008 |
stevesk |
add space to some log/debug messages for readability; ok djm@ markus@
|
#
1.61 |
|
11-Sep-2008 |
markus |
only send eow and no-more-sessions requests to openssh 5 and newer; fixes interop problems with broken ssh v2 implementations; ok djm@
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.60 |
|
30-Jun-2008 |
djm |
only send eow@openssh.com notifications for session channels; ok! markus@
|
#
1.59 |
|
09-May-2008 |
markus |
unbreak ssh -2 localhost od /bin/ls | true ignoring SIGPIPE by adding a new channel message (EOW) that signals the peer that we're not interested in any data it might send. fixes bz #85; discussion, debugging and ok djm@
|
#
1.58 |
|
08-May-2008 |
djm |
Implement a channel success/failure status confirmation callback mechanism. Each channel maintains a queue of callbacks, which will be drained in order (RFC4253 guarantees confirm messages are not reordered within an channel).
Also includes a abandonment callback to clean up if a channel is closed without sending confirmation messages. This probably shouldn't happen in compliant implementations, but it could be abused to leak memory.
ok markus@ (as part of a larger diff)
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE
|
#
1.57 |
|
03-Aug-2006 |
deraadt |
almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step
|
#
1.56 |
|
22-Jul-2006 |
stevesk |
move #include <string.h> out of includes.h
|
#
1.55 |
|
11-Jul-2006 |
stevesk |
move #include <errno.h> out of includes.h; ok markus@
|
#
1.54 |
|
08-Jul-2006 |
stevesk |
move #include <sys/socket.h> out of includes.h
|
#
1.53 |
|
25-Mar-2006 |
djm |
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
|
#
1.52 |
|
19-Mar-2006 |
deraadt |
RCSID() can die
|
Revision tags: OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE
|
#
1.51 |
|
11-Jul-2004 |
deraadt |
branches: 1.51.6; 1.51.8; spaces
|
#
1.50 |
|
21-Jun-2004 |
avsm |
make ssh -Wshadow clean, no functional changes markus@ ok
|
Revision tags: OPENBSD_3_4_BASE OPENBSD_3_5_BASE
|
#
1.49 |
|
29-Aug-2003 |
markus |
branches: 1.49.2; 1.49.4; be less chatty; debug -> debug2, cleanup; ok henning@
|
#
1.48 |
|
08-Apr-2003 |
itojun |
rename log() into logit() to avoid name conflict. markus ok, from netbsd
|
Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE
|
#
1.47 |
|
19-Jun-2002 |
deraadt |
branches: 1.47.2; 1.47.4; KNF done automatically while reading....
|
#
1.46 |
|
09-Jun-2002 |
markus |
use tab not spaces (|unexpand)
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.45 |
|
25-Mar-2002 |
markus |
branches: 1.45.2; don't send stderr data after EOF, accept this from older known (broken) sshd servers only, fixes http://bugzilla.mindrot.org/show_bug.cgi?id=179
|
#
1.44 |
|
21-Jan-2002 |
markus |
cleanup channels faster if the are empty and we are in drain-state; ok deraadt@
|
#
1.43 |
|
14-Jan-2002 |
markus |
(c) 2002
|
#
1.42 |
|
14-Jan-2002 |
markus |
remove function pointers for events, remove chan_init*; ok provos@
|
#
1.41 |
|
14-Jan-2002 |
markus |
remove duplicated code; ok provos@
|
#
1.40 |
|
14-Jan-2002 |
markus |
correct fn names for ssh2, do not switch from closed to closed; ok provos@
|
#
1.39 |
|
14-Jan-2002 |
markus |
merge chan_[io]buf_empty[12]; ok provos@
|
#
1.38 |
|
14-Jan-2002 |
markus |
chan_send_oclose1() no longer calls chan_shutdown_write(); ok provos@
|
#
1.37 |
|
13-Jan-2002 |
markus |
add chan_set_[io]state(), order states, state is now an u_int, simplifies debugging messages; ok provos@
|
#
1.36 |
|
10-Jan-2002 |
markus |
more unused code (with channels.c:1.156)
|
#
1.35 |
|
10-Jan-2002 |
markus |
remove dead code (skip drain)
|
#
1.34 |
|
09-Jan-2002 |
markus |
replace buffer_consume(b, buffer_len(b)) with buffer_clear(b); ok provos@
|
#
1.33 |
|
19-Dec-2001 |
deraadt |
basic KNF done while i was looking for something else
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.32 |
|
10-Oct-2001 |
markus |
branches: 1.32.2; try to keep channels open until an exit-status message is sent. don't kill the login shells if the shells stdin/out/err is closed. this should now work: ssh -2n localhost 'exec > /dev/null 2>&1; sleep 10; exit 5'; echo ?
|
#
1.31 |
|
17-Jul-2001 |
markus |
keep track of both maxfd and the size of the malloc'ed fdsets. update maxfd if maxfd gets closed.
|
#
1.30 |
|
25-Jun-2001 |
markus |
update copyright for 2001
|
#
1.29 |
|
23-Jun-2001 |
itojun |
more strict prototypes. raise warning level in Makefile.inc. markus ok'ed TODO; cleanup headers
|
#
1.28 |
|
31-May-2001 |
markus |
undo the .c file split, just merge the header and keep the cvs history
|
#
1.27 |
|
30-May-2001 |
markus |
channel layer cleanup: merge header files and split .c files
|
#
1.26 |
|
28-May-2001 |
markus |
undo broken channel fix and try a different one. there should be still some select errors...
|
#
1.25 |
|
16-May-2001 |
markus |
more select() error fixes (don't set rfd/wfd to -1).
|
#
1.24 |
|
04-May-2001 |
markus |
move to Channel **channels (instead of Channel *channels), fixes realloc problems. channel_new now returns a Channel *, favour Channel * over channel id. remove old channel_allocate interface.
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.23 |
|
28-Feb-2001 |
markus |
branches: 1.23.2; make sure remote stderr does not get truncated. remove closed fd's from the select mask.
|
#
1.22 |
|
21-Jan-2001 |
markus |
split ssh.h and try to cleanup the #include mess. remove unnecessary #includes. rename util.[ch] -> misc.[ch]
|
#
1.21 |
|
19-Jan-2001 |
markus |
move ssh1 definitions to ssh1.h, pathnames to pathnames.h
|
#
1.20 |
|
06-Nov-2000 |
markus |
agent forwarding and -R for ssh2, based on work from jhuuskon@messi.uku.fi
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.19 |
|
07-Sep-2000 |
deraadt |
branches: 1.19.2; cleanup copyright notices on all files. I have attempted to be accurate with the details. everything is now under Tatu's licence (which I copied from his readme), and/or the core-sdi bsd-ish thing for deattack, or various openbsd developers under a 2-term bsd licence. We're not changing any rules, just being accurate.
|
#
1.18 |
|
20-Jun-2000 |
markus |
OpenBSD tag
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.17 |
|
08-May-2000 |
markus |
branches: 1.17.2; no drain if ibuf_empty, fixes x11fwd problems; tests by fries@
|
#
1.16 |
|
03-May-2000 |
markus |
fix close for non-open ssh1 channels
|
#
1.15 |
|
02-May-2000 |
markus |
use c-style comments
|
#
1.14 |
|
14-Apr-2000 |
markus |
whitespace cleanup
|
#
1.13 |
|
03-Apr-2000 |
markus |
channel layer support for ssh2
|
#
1.12 |
|
28-Mar-2000 |
markus |
sync w/ channels.c
|
#
1.11 |
|
28-Mar-2000 |
markus |
replace big switch() with function tables (prepare for ssh2)
|
#
1.10 |
|
10-Jan-2000 |
markus |
handle OCLOSE for CHAN_INPUT_WAIT_DRAIN, i.e. do not drain buffer if peer is not going to read the data.
|
#
1.9 |
|
02-Dec-1999 |
markus |
use error() for internal errors
|
#
1.8 |
|
24-Nov-1999 |
markus |
it's not an error() if shutdown_write failes in nchan.
|
#
1.7 |
|
24-Nov-1999 |
markus |
missing copyright
|
#
1.6 |
|
23-Nov-1999 |
markus |
KNF part 1
|
#
1.5 |
|
25-Oct-1999 |
markus |
remove buggy 'x11-fix'
|
#
1.4 |
|
25-Oct-1999 |
markus |
typo in debug messages (input vs. ouput)
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.3 |
|
17-Oct-1999 |
markus |
re-implement the proto-1.5 channel close protocol, see nchan.ms.
|
#
1.2 |
|
16-Oct-1999 |
markus |
add CVS tags, fix comments and whitespace
|
#
1.1 |
|
16-Oct-1999 |
markus |
support for SSH protocol 1.5 which is poorly documented, the RFC.troff lies. interops (x11,agent,etc) with 1.2.27 and protocol 1.3
|
#
1.70 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_4_BASE OPENBSD_6_5_BASE
|
#
1.69 |
|
04-Oct-2018 |
djm |
when the peer sends a channel-close message, make sure we close the local extended read fd (stderr) along with the regular read fd (stdout). Avoids weird stuck processed in multiplexing mode.
Report and analysis by Nelson Elhage and Geoffrey Thomas in bz#2863
ok dtucker@ markus@
|
#
1.68 |
|
04-Oct-2018 |
djm |
include a little more information about the status and disposition of channel's extended (stderr) fd; makes debugging some things a bit easier. No behaviour change.
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.67 |
|
12-Sep-2017 |
djm |
Make remote channel ID a u_int
Previously we tracked the remote channel IDs in an int, but this is strictly incorrect: the wire protocol uses uint32 and there is nothing in-principle stopping a SSH implementation from sending, say, 0xffff0000.
In practice everyone numbers their channels sequentially, so this has never been a problem.
ok markus@
|
#
1.66 |
|
12-Sep-2017 |
djm |
refactor channels.c
Move static state to a "struct ssh_channels" that is allocated at runtime and tracked as a member of struct ssh.
Explicitly pass "struct ssh" to all channels functions.
Replace use of the legacy packet APIs in channels.c.
Rework sshd_config PermitOpen handling: previously the configuration parser would call directly into the channels layer. After the refactor this is not possible, as the channels structures are allocated at connection time and aren't available when the configuration is parsed. The server config parser now tracks PermitOpen itself and explicitly configures the channels code later.
ok markus@
|
#
1.65 |
|
30-Apr-2017 |
djm |
obliterate ssh1.h and some dead code that used it
ok markus@
|
#
1.64 |
|
30-Apr-2017 |
djm |
remove compat20/compat13/compat15 variables
ok markus@
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.63 |
|
26-Jan-2010 |
djm |
rewrite ssh(1) multiplexing code to a more sensible protocol.
The new multiplexing code uses channels for the listener and accepted control sockets to make the mux master non-blocking, so no stalls when processing messages from a slave.
avoid use of fatal() in mux master protocol parsing so an errant slave process cannot take down a running master.
implement requesting of port-forwards over multiplexed sessions. Any port forwards requested by the slave are added to those the master has established.
add support for stdio forwarding ("ssh -W host:port ...") in mux slaves.
document master/slave mux protocol so that other tools can use it to control a running ssh(1). Note: there are no guarantees that this protocol won't be incompatibly changed (though it is versioned).
feedback Salvador Fandino, dtucker@ channel changes ok markus@
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.62 |
|
07-Nov-2008 |
stevesk |
add space to some log/debug messages for readability; ok djm@ markus@
|
#
1.61 |
|
11-Sep-2008 |
markus |
only send eow and no-more-sessions requests to openssh 5 and newer; fixes interop problems with broken ssh v2 implementations; ok djm@
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.60 |
|
30-Jun-2008 |
djm |
only send eow@openssh.com notifications for session channels; ok! markus@
|
#
1.59 |
|
09-May-2008 |
markus |
unbreak ssh -2 localhost od /bin/ls | true ignoring SIGPIPE by adding a new channel message (EOW) that signals the peer that we're not interested in any data it might send. fixes bz #85; discussion, debugging and ok djm@
|
#
1.58 |
|
08-May-2008 |
djm |
Implement a channel success/failure status confirmation callback mechanism. Each channel maintains a queue of callbacks, which will be drained in order (RFC4253 guarantees confirm messages are not reordered within an channel).
Also includes a abandonment callback to clean up if a channel is closed without sending confirmation messages. This probably shouldn't happen in compliant implementations, but it could be abused to leak memory.
ok markus@ (as part of a larger diff)
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE
|
#
1.57 |
|
03-Aug-2006 |
deraadt |
almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step
|
#
1.56 |
|
22-Jul-2006 |
stevesk |
move #include <string.h> out of includes.h
|
#
1.55 |
|
11-Jul-2006 |
stevesk |
move #include <errno.h> out of includes.h; ok markus@
|
#
1.54 |
|
08-Jul-2006 |
stevesk |
move #include <sys/socket.h> out of includes.h
|
#
1.53 |
|
25-Mar-2006 |
djm |
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
|
#
1.52 |
|
19-Mar-2006 |
deraadt |
RCSID() can die
|
Revision tags: OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE
|
#
1.51 |
|
11-Jul-2004 |
deraadt |
branches: 1.51.6; 1.51.8; spaces
|
#
1.50 |
|
21-Jun-2004 |
avsm |
make ssh -Wshadow clean, no functional changes markus@ ok
|
Revision tags: OPENBSD_3_4_BASE OPENBSD_3_5_BASE
|
#
1.49 |
|
29-Aug-2003 |
markus |
branches: 1.49.2; 1.49.4; be less chatty; debug -> debug2, cleanup; ok henning@
|
#
1.48 |
|
08-Apr-2003 |
itojun |
rename log() into logit() to avoid name conflict. markus ok, from netbsd
|
Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE
|
#
1.47 |
|
19-Jun-2002 |
deraadt |
branches: 1.47.2; 1.47.4; KNF done automatically while reading....
|
#
1.46 |
|
09-Jun-2002 |
markus |
use tab not spaces (|unexpand)
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.45 |
|
25-Mar-2002 |
markus |
branches: 1.45.2; don't send stderr data after EOF, accept this from older known (broken) sshd servers only, fixes http://bugzilla.mindrot.org/show_bug.cgi?id=179
|
#
1.44 |
|
21-Jan-2002 |
markus |
cleanup channels faster if the are empty and we are in drain-state; ok deraadt@
|
#
1.43 |
|
14-Jan-2002 |
markus |
(c) 2002
|
#
1.42 |
|
14-Jan-2002 |
markus |
remove function pointers for events, remove chan_init*; ok provos@
|
#
1.41 |
|
14-Jan-2002 |
markus |
remove duplicated code; ok provos@
|
#
1.40 |
|
14-Jan-2002 |
markus |
correct fn names for ssh2, do not switch from closed to closed; ok provos@
|
#
1.39 |
|
14-Jan-2002 |
markus |
merge chan_[io]buf_empty[12]; ok provos@
|
#
1.38 |
|
14-Jan-2002 |
markus |
chan_send_oclose1() no longer calls chan_shutdown_write(); ok provos@
|
#
1.37 |
|
13-Jan-2002 |
markus |
add chan_set_[io]state(), order states, state is now an u_int, simplifies debugging messages; ok provos@
|
#
1.36 |
|
10-Jan-2002 |
markus |
more unused code (with channels.c:1.156)
|
#
1.35 |
|
10-Jan-2002 |
markus |
remove dead code (skip drain)
|
#
1.34 |
|
09-Jan-2002 |
markus |
replace buffer_consume(b, buffer_len(b)) with buffer_clear(b); ok provos@
|
#
1.33 |
|
19-Dec-2001 |
deraadt |
basic KNF done while i was looking for something else
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.32 |
|
10-Oct-2001 |
markus |
branches: 1.32.2; try to keep channels open until an exit-status message is sent. don't kill the login shells if the shells stdin/out/err is closed. this should now work: ssh -2n localhost 'exec > /dev/null 2>&1; sleep 10; exit 5'; echo ?
|
#
1.31 |
|
17-Jul-2001 |
markus |
keep track of both maxfd and the size of the malloc'ed fdsets. update maxfd if maxfd gets closed.
|
#
1.30 |
|
25-Jun-2001 |
markus |
update copyright for 2001
|
#
1.29 |
|
23-Jun-2001 |
itojun |
more strict prototypes. raise warning level in Makefile.inc. markus ok'ed TODO; cleanup headers
|
#
1.28 |
|
31-May-2001 |
markus |
undo the .c file split, just merge the header and keep the cvs history
|
#
1.27 |
|
30-May-2001 |
markus |
channel layer cleanup: merge header files and split .c files
|
#
1.26 |
|
28-May-2001 |
markus |
undo broken channel fix and try a different one. there should be still some select errors...
|
#
1.25 |
|
16-May-2001 |
markus |
more select() error fixes (don't set rfd/wfd to -1).
|
#
1.24 |
|
04-May-2001 |
markus |
move to Channel **channels (instead of Channel *channels), fixes realloc problems. channel_new now returns a Channel *, favour Channel * over channel id. remove old channel_allocate interface.
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.23 |
|
28-Feb-2001 |
markus |
branches: 1.23.2; make sure remote stderr does not get truncated. remove closed fd's from the select mask.
|
#
1.22 |
|
21-Jan-2001 |
markus |
split ssh.h and try to cleanup the #include mess. remove unnecessary #includes. rename util.[ch] -> misc.[ch]
|
#
1.21 |
|
19-Jan-2001 |
markus |
move ssh1 definitions to ssh1.h, pathnames to pathnames.h
|
#
1.20 |
|
06-Nov-2000 |
markus |
agent forwarding and -R for ssh2, based on work from jhuuskon@messi.uku.fi
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.19 |
|
07-Sep-2000 |
deraadt |
branches: 1.19.2; cleanup copyright notices on all files. I have attempted to be accurate with the details. everything is now under Tatu's licence (which I copied from his readme), and/or the core-sdi bsd-ish thing for deattack, or various openbsd developers under a 2-term bsd licence. We're not changing any rules, just being accurate.
|
#
1.18 |
|
20-Jun-2000 |
markus |
OpenBSD tag
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.17 |
|
08-May-2000 |
markus |
branches: 1.17.2; no drain if ibuf_empty, fixes x11fwd problems; tests by fries@
|
#
1.16 |
|
03-May-2000 |
markus |
fix close for non-open ssh1 channels
|
#
1.15 |
|
02-May-2000 |
markus |
use c-style comments
|
#
1.14 |
|
14-Apr-2000 |
markus |
whitespace cleanup
|
#
1.13 |
|
03-Apr-2000 |
markus |
channel layer support for ssh2
|
#
1.12 |
|
28-Mar-2000 |
markus |
sync w/ channels.c
|
#
1.11 |
|
28-Mar-2000 |
markus |
replace big switch() with function tables (prepare for ssh2)
|
#
1.10 |
|
10-Jan-2000 |
markus |
handle OCLOSE for CHAN_INPUT_WAIT_DRAIN, i.e. do not drain buffer if peer is not going to read the data.
|
#
1.9 |
|
02-Dec-1999 |
markus |
use error() for internal errors
|
#
1.8 |
|
24-Nov-1999 |
markus |
it's not an error() if shutdown_write failes in nchan.
|
#
1.7 |
|
24-Nov-1999 |
markus |
missing copyright
|
#
1.6 |
|
23-Nov-1999 |
markus |
KNF part 1
|
#
1.5 |
|
25-Oct-1999 |
markus |
remove buggy 'x11-fix'
|
#
1.4 |
|
25-Oct-1999 |
markus |
typo in debug messages (input vs. ouput)
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.3 |
|
17-Oct-1999 |
markus |
re-implement the proto-1.5 channel close protocol, see nchan.ms.
|
#
1.2 |
|
16-Oct-1999 |
markus |
add CVS tags, fix comments and whitespace
|
#
1.1 |
|
16-Oct-1999 |
markus |
support for SSH protocol 1.5 which is poorly documented, the RFC.troff lies. interops (x11,agent,etc) with 1.2.27 and protocol 1.3
|
#
1.69 |
|
04-Oct-2018 |
djm |
when the peer sends a channel-close message, make sure we close the local extended read fd (stderr) along with the regular read fd (stdout). Avoids weird stuck processed in multiplexing mode.
Report and analysis by Nelson Elhage and Geoffrey Thomas in bz#2863
ok dtucker@ markus@
|
#
1.68 |
|
04-Oct-2018 |
djm |
include a little more information about the status and disposition of channel's extended (stderr) fd; makes debugging some things a bit easier. No behaviour change.
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.67 |
|
12-Sep-2017 |
djm |
Make remote channel ID a u_int
Previously we tracked the remote channel IDs in an int, but this is strictly incorrect: the wire protocol uses uint32 and there is nothing in-principle stopping a SSH implementation from sending, say, 0xffff0000.
In practice everyone numbers their channels sequentially, so this has never been a problem.
ok markus@
|
#
1.66 |
|
12-Sep-2017 |
djm |
refactor channels.c
Move static state to a "struct ssh_channels" that is allocated at runtime and tracked as a member of struct ssh.
Explicitly pass "struct ssh" to all channels functions.
Replace use of the legacy packet APIs in channels.c.
Rework sshd_config PermitOpen handling: previously the configuration parser would call directly into the channels layer. After the refactor this is not possible, as the channels structures are allocated at connection time and aren't available when the configuration is parsed. The server config parser now tracks PermitOpen itself and explicitly configures the channels code later.
ok markus@
|
#
1.65 |
|
30-Apr-2017 |
djm |
obliterate ssh1.h and some dead code that used it
ok markus@
|
#
1.64 |
|
30-Apr-2017 |
djm |
remove compat20/compat13/compat15 variables
ok markus@
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.63 |
|
26-Jan-2010 |
djm |
rewrite ssh(1) multiplexing code to a more sensible protocol.
The new multiplexing code uses channels for the listener and accepted control sockets to make the mux master non-blocking, so no stalls when processing messages from a slave.
avoid use of fatal() in mux master protocol parsing so an errant slave process cannot take down a running master.
implement requesting of port-forwards over multiplexed sessions. Any port forwards requested by the slave are added to those the master has established.
add support for stdio forwarding ("ssh -W host:port ...") in mux slaves.
document master/slave mux protocol so that other tools can use it to control a running ssh(1). Note: there are no guarantees that this protocol won't be incompatibly changed (though it is versioned).
feedback Salvador Fandino, dtucker@ channel changes ok markus@
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.62 |
|
07-Nov-2008 |
stevesk |
add space to some log/debug messages for readability; ok djm@ markus@
|
#
1.61 |
|
11-Sep-2008 |
markus |
only send eow and no-more-sessions requests to openssh 5 and newer; fixes interop problems with broken ssh v2 implementations; ok djm@
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.60 |
|
30-Jun-2008 |
djm |
only send eow@openssh.com notifications for session channels; ok! markus@
|
#
1.59 |
|
09-May-2008 |
markus |
unbreak ssh -2 localhost od /bin/ls | true ignoring SIGPIPE by adding a new channel message (EOW) that signals the peer that we're not interested in any data it might send. fixes bz #85; discussion, debugging and ok djm@
|
#
1.58 |
|
08-May-2008 |
djm |
Implement a channel success/failure status confirmation callback mechanism. Each channel maintains a queue of callbacks, which will be drained in order (RFC4253 guarantees confirm messages are not reordered within an channel).
Also includes a abandonment callback to clean up if a channel is closed without sending confirmation messages. This probably shouldn't happen in compliant implementations, but it could be abused to leak memory.
ok markus@ (as part of a larger diff)
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE
|
#
1.57 |
|
03-Aug-2006 |
deraadt |
almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step
|
#
1.56 |
|
22-Jul-2006 |
stevesk |
move #include <string.h> out of includes.h
|
#
1.55 |
|
11-Jul-2006 |
stevesk |
move #include <errno.h> out of includes.h; ok markus@
|
#
1.54 |
|
08-Jul-2006 |
stevesk |
move #include <sys/socket.h> out of includes.h
|
#
1.53 |
|
25-Mar-2006 |
djm |
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
|
#
1.52 |
|
19-Mar-2006 |
deraadt |
RCSID() can die
|
Revision tags: OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE
|
#
1.51 |
|
11-Jul-2004 |
deraadt |
branches: 1.51.6; 1.51.8; spaces
|
#
1.50 |
|
21-Jun-2004 |
avsm |
make ssh -Wshadow clean, no functional changes markus@ ok
|
Revision tags: OPENBSD_3_4_BASE OPENBSD_3_5_BASE
|
#
1.49 |
|
29-Aug-2003 |
markus |
branches: 1.49.2; 1.49.4; be less chatty; debug -> debug2, cleanup; ok henning@
|
#
1.48 |
|
08-Apr-2003 |
itojun |
rename log() into logit() to avoid name conflict. markus ok, from netbsd
|
Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE
|
#
1.47 |
|
19-Jun-2002 |
deraadt |
branches: 1.47.2; 1.47.4; KNF done automatically while reading....
|
#
1.46 |
|
09-Jun-2002 |
markus |
use tab not spaces (|unexpand)
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.45 |
|
25-Mar-2002 |
markus |
branches: 1.45.2; don't send stderr data after EOF, accept this from older known (broken) sshd servers only, fixes http://bugzilla.mindrot.org/show_bug.cgi?id=179
|
#
1.44 |
|
21-Jan-2002 |
markus |
cleanup channels faster if the are empty and we are in drain-state; ok deraadt@
|
#
1.43 |
|
14-Jan-2002 |
markus |
(c) 2002
|
#
1.42 |
|
14-Jan-2002 |
markus |
remove function pointers for events, remove chan_init*; ok provos@
|
#
1.41 |
|
14-Jan-2002 |
markus |
remove duplicated code; ok provos@
|
#
1.40 |
|
14-Jan-2002 |
markus |
correct fn names for ssh2, do not switch from closed to closed; ok provos@
|
#
1.39 |
|
14-Jan-2002 |
markus |
merge chan_[io]buf_empty[12]; ok provos@
|
#
1.38 |
|
14-Jan-2002 |
markus |
chan_send_oclose1() no longer calls chan_shutdown_write(); ok provos@
|
#
1.37 |
|
13-Jan-2002 |
markus |
add chan_set_[io]state(), order states, state is now an u_int, simplifies debugging messages; ok provos@
|
#
1.36 |
|
10-Jan-2002 |
markus |
more unused code (with channels.c:1.156)
|
#
1.35 |
|
10-Jan-2002 |
markus |
remove dead code (skip drain)
|
#
1.34 |
|
09-Jan-2002 |
markus |
replace buffer_consume(b, buffer_len(b)) with buffer_clear(b); ok provos@
|
#
1.33 |
|
19-Dec-2001 |
deraadt |
basic KNF done while i was looking for something else
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.32 |
|
10-Oct-2001 |
markus |
branches: 1.32.2; try to keep channels open until an exit-status message is sent. don't kill the login shells if the shells stdin/out/err is closed. this should now work: ssh -2n localhost 'exec > /dev/null 2>&1; sleep 10; exit 5'; echo ?
|
#
1.31 |
|
17-Jul-2001 |
markus |
keep track of both maxfd and the size of the malloc'ed fdsets. update maxfd if maxfd gets closed.
|
#
1.30 |
|
25-Jun-2001 |
markus |
update copyright for 2001
|
#
1.29 |
|
23-Jun-2001 |
itojun |
more strict prototypes. raise warning level in Makefile.inc. markus ok'ed TODO; cleanup headers
|
#
1.28 |
|
31-May-2001 |
markus |
undo the .c file split, just merge the header and keep the cvs history
|
#
1.27 |
|
30-May-2001 |
markus |
channel layer cleanup: merge header files and split .c files
|
#
1.26 |
|
28-May-2001 |
markus |
undo broken channel fix and try a different one. there should be still some select errors...
|
#
1.25 |
|
16-May-2001 |
markus |
more select() error fixes (don't set rfd/wfd to -1).
|
#
1.24 |
|
04-May-2001 |
markus |
move to Channel **channels (instead of Channel *channels), fixes realloc problems. channel_new now returns a Channel *, favour Channel * over channel id. remove old channel_allocate interface.
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.23 |
|
28-Feb-2001 |
markus |
branches: 1.23.2; make sure remote stderr does not get truncated. remove closed fd's from the select mask.
|
#
1.22 |
|
21-Jan-2001 |
markus |
split ssh.h and try to cleanup the #include mess. remove unnecessary #includes. rename util.[ch] -> misc.[ch]
|
#
1.21 |
|
19-Jan-2001 |
markus |
move ssh1 definitions to ssh1.h, pathnames to pathnames.h
|
#
1.20 |
|
06-Nov-2000 |
markus |
agent forwarding and -R for ssh2, based on work from jhuuskon@messi.uku.fi
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.19 |
|
07-Sep-2000 |
deraadt |
branches: 1.19.2; cleanup copyright notices on all files. I have attempted to be accurate with the details. everything is now under Tatu's licence (which I copied from his readme), and/or the core-sdi bsd-ish thing for deattack, or various openbsd developers under a 2-term bsd licence. We're not changing any rules, just being accurate.
|
#
1.18 |
|
20-Jun-2000 |
markus |
OpenBSD tag
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.17 |
|
08-May-2000 |
markus |
branches: 1.17.2; no drain if ibuf_empty, fixes x11fwd problems; tests by fries@
|
#
1.16 |
|
03-May-2000 |
markus |
fix close for non-open ssh1 channels
|
#
1.15 |
|
02-May-2000 |
markus |
use c-style comments
|
#
1.14 |
|
14-Apr-2000 |
markus |
whitespace cleanup
|
#
1.13 |
|
03-Apr-2000 |
markus |
channel layer support for ssh2
|
#
1.12 |
|
28-Mar-2000 |
markus |
sync w/ channels.c
|
#
1.11 |
|
28-Mar-2000 |
markus |
replace big switch() with function tables (prepare for ssh2)
|
#
1.10 |
|
10-Jan-2000 |
markus |
handle OCLOSE for CHAN_INPUT_WAIT_DRAIN, i.e. do not drain buffer if peer is not going to read the data.
|
#
1.9 |
|
02-Dec-1999 |
markus |
use error() for internal errors
|
#
1.8 |
|
24-Nov-1999 |
markus |
it's not an error() if shutdown_write failes in nchan.
|
#
1.7 |
|
24-Nov-1999 |
markus |
missing copyright
|
#
1.6 |
|
23-Nov-1999 |
markus |
KNF part 1
|
#
1.5 |
|
25-Oct-1999 |
markus |
remove buggy 'x11-fix'
|
#
1.4 |
|
25-Oct-1999 |
markus |
typo in debug messages (input vs. ouput)
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.3 |
|
17-Oct-1999 |
markus |
re-implement the proto-1.5 channel close protocol, see nchan.ms.
|
#
1.2 |
|
16-Oct-1999 |
markus |
add CVS tags, fix comments and whitespace
|
#
1.1 |
|
16-Oct-1999 |
markus |
support for SSH protocol 1.5 which is poorly documented, the RFC.troff lies. interops (x11,agent,etc) with 1.2.27 and protocol 1.3
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.67 |
|
12-Sep-2017 |
djm |
Make remote channel ID a u_int
Previously we tracked the remote channel IDs in an int, but this is strictly incorrect: the wire protocol uses uint32 and there is nothing in-principle stopping a SSH implementation from sending, say, 0xffff0000.
In practice everyone numbers their channels sequentially, so this has never been a problem.
ok markus@
|
#
1.66 |
|
12-Sep-2017 |
djm |
refactor channels.c
Move static state to a "struct ssh_channels" that is allocated at runtime and tracked as a member of struct ssh.
Explicitly pass "struct ssh" to all channels functions.
Replace use of the legacy packet APIs in channels.c.
Rework sshd_config PermitOpen handling: previously the configuration parser would call directly into the channels layer. After the refactor this is not possible, as the channels structures are allocated at connection time and aren't available when the configuration is parsed. The server config parser now tracks PermitOpen itself and explicitly configures the channels code later.
ok markus@
|
#
1.65 |
|
30-Apr-2017 |
djm |
obliterate ssh1.h and some dead code that used it
ok markus@
|
#
1.64 |
|
30-Apr-2017 |
djm |
remove compat20/compat13/compat15 variables
ok markus@
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.63 |
|
26-Jan-2010 |
djm |
rewrite ssh(1) multiplexing code to a more sensible protocol.
The new multiplexing code uses channels for the listener and accepted control sockets to make the mux master non-blocking, so no stalls when processing messages from a slave.
avoid use of fatal() in mux master protocol parsing so an errant slave process cannot take down a running master.
implement requesting of port-forwards over multiplexed sessions. Any port forwards requested by the slave are added to those the master has established.
add support for stdio forwarding ("ssh -W host:port ...") in mux slaves.
document master/slave mux protocol so that other tools can use it to control a running ssh(1). Note: there are no guarantees that this protocol won't be incompatibly changed (though it is versioned).
feedback Salvador Fandino, dtucker@ channel changes ok markus@
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.62 |
|
07-Nov-2008 |
stevesk |
add space to some log/debug messages for readability; ok djm@ markus@
|
#
1.61 |
|
11-Sep-2008 |
markus |
only send eow and no-more-sessions requests to openssh 5 and newer; fixes interop problems with broken ssh v2 implementations; ok djm@
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.60 |
|
30-Jun-2008 |
djm |
only send eow@openssh.com notifications for session channels; ok! markus@
|
#
1.59 |
|
09-May-2008 |
markus |
unbreak ssh -2 localhost od /bin/ls | true ignoring SIGPIPE by adding a new channel message (EOW) that signals the peer that we're not interested in any data it might send. fixes bz #85; discussion, debugging and ok djm@
|
#
1.58 |
|
08-May-2008 |
djm |
Implement a channel success/failure status confirmation callback mechanism. Each channel maintains a queue of callbacks, which will be drained in order (RFC4253 guarantees confirm messages are not reordered within an channel).
Also includes a abandonment callback to clean up if a channel is closed without sending confirmation messages. This probably shouldn't happen in compliant implementations, but it could be abused to leak memory.
ok markus@ (as part of a larger diff)
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE
|
#
1.57 |
|
03-Aug-2006 |
deraadt |
almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step
|
#
1.56 |
|
22-Jul-2006 |
stevesk |
move #include <string.h> out of includes.h
|
#
1.55 |
|
11-Jul-2006 |
stevesk |
move #include <errno.h> out of includes.h; ok markus@
|
#
1.54 |
|
08-Jul-2006 |
stevesk |
move #include <sys/socket.h> out of includes.h
|
#
1.53 |
|
25-Mar-2006 |
djm |
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that Theo nuked - our scripts to sync -portable need them in the files
|
#
1.52 |
|
19-Mar-2006 |
deraadt |
RCSID() can die
|
Revision tags: OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE
|
#
1.51 |
|
11-Jul-2004 |
deraadt |
branches: 1.51.6; 1.51.8; spaces
|
#
1.50 |
|
21-Jun-2004 |
avsm |
make ssh -Wshadow clean, no functional changes markus@ ok
|
Revision tags: OPENBSD_3_4_BASE OPENBSD_3_5_BASE
|
#
1.49 |
|
29-Aug-2003 |
markus |
branches: 1.49.2; 1.49.4; be less chatty; debug -> debug2, cleanup; ok henning@
|
#
1.48 |
|
08-Apr-2003 |
itojun |
rename log() into logit() to avoid name conflict. markus ok, from netbsd
|
Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE
|
#
1.47 |
|
19-Jun-2002 |
deraadt |
branches: 1.47.2; 1.47.4; KNF done automatically while reading....
|
#
1.46 |
|
09-Jun-2002 |
markus |
use tab not spaces (|unexpand)
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.45 |
|
25-Mar-2002 |
markus |
branches: 1.45.2; don't send stderr data after EOF, accept this from older known (broken) sshd servers only, fixes http://bugzilla.mindrot.org/show_bug.cgi?id=179
|
#
1.44 |
|
21-Jan-2002 |
markus |
cleanup channels faster if the are empty and we are in drain-state; ok deraadt@
|
#
1.43 |
|
14-Jan-2002 |
markus |
(c) 2002
|
#
1.42 |
|
14-Jan-2002 |
markus |
remove function pointers for events, remove chan_init*; ok provos@
|
#
1.41 |
|
14-Jan-2002 |
markus |
remove duplicated code; ok provos@
|
#
1.40 |
|
14-Jan-2002 |
markus |
correct fn names for ssh2, do not switch from closed to closed; ok provos@
|
#
1.39 |
|
14-Jan-2002 |
markus |
merge chan_[io]buf_empty[12]; ok provos@
|
#
1.38 |
|
14-Jan-2002 |
markus |
chan_send_oclose1() no longer calls chan_shutdown_write(); ok provos@
|
#
1.37 |
|
13-Jan-2002 |
markus |
add chan_set_[io]state(), order states, state is now an u_int, simplifies debugging messages; ok provos@
|
#
1.36 |
|
10-Jan-2002 |
markus |
more unused code (with channels.c:1.156)
|
#
1.35 |
|
10-Jan-2002 |
markus |
remove dead code (skip drain)
|
#
1.34 |
|
09-Jan-2002 |
markus |
replace buffer_consume(b, buffer_len(b)) with buffer_clear(b); ok provos@
|
#
1.33 |
|
19-Dec-2001 |
deraadt |
basic KNF done while i was looking for something else
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.32 |
|
10-Oct-2001 |
markus |
branches: 1.32.2; try to keep channels open until an exit-status message is sent. don't kill the login shells if the shells stdin/out/err is closed. this should now work: ssh -2n localhost 'exec > /dev/null 2>&1; sleep 10; exit 5'; echo ?
|
#
1.31 |
|
17-Jul-2001 |
markus |
keep track of both maxfd and the size of the malloc'ed fdsets. update maxfd if maxfd gets closed.
|
#
1.30 |
|
25-Jun-2001 |
markus |
update copyright for 2001
|
#
1.29 |
|
23-Jun-2001 |
itojun |
more strict prototypes. raise warning level in Makefile.inc. markus ok'ed TODO; cleanup headers
|
#
1.28 |
|
31-May-2001 |
markus |
undo the .c file split, just merge the header and keep the cvs history
|
#
1.27 |
|
30-May-2001 |
markus |
channel layer cleanup: merge header files and split .c files
|
#
1.26 |
|
28-May-2001 |
markus |
undo broken channel fix and try a different one. there should be still some select errors...
|
#
1.25 |
|
16-May-2001 |
markus |
more select() error fixes (don't set rfd/wfd to -1).
|
#
1.24 |
|
04-May-2001 |
markus |
move to Channel **channels (instead of Channel *channels), fixes realloc problems. channel_new now returns a Channel *, favour Channel * over channel id. remove old channel_allocate interface.
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.23 |
|
28-Feb-2001 |
markus |
branches: 1.23.2; make sure remote stderr does not get truncated. remove closed fd's from the select mask.
|
#
1.22 |
|
21-Jan-2001 |
markus |
split ssh.h and try to cleanup the #include mess. remove unnecessary #includes. rename util.[ch] -> misc.[ch]
|
#
1.21 |
|
19-Jan-2001 |
markus |
move ssh1 definitions to ssh1.h, pathnames to pathnames.h
|
#
1.20 |
|
06-Nov-2000 |
markus |
agent forwarding and -R for ssh2, based on work from jhuuskon@messi.uku.fi
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.19 |
|
07-Sep-2000 |
deraadt |
branches: 1.19.2; cleanup copyright notices on all files. I have attempted to be accurate with the details. everything is now under Tatu's licence (which I copied from his readme), and/or the core-sdi bsd-ish thing for deattack, or various openbsd developers under a 2-term bsd licence. We're not changing any rules, just being accurate.
|
#
1.18 |
|
20-Jun-2000 |
markus |
OpenBSD tag
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.17 |
|
08-May-2000 |
markus |
branches: 1.17.2; no drain if ibuf_empty, fixes x11fwd problems; tests by fries@
|
#
1.16 |
|
03-May-2000 |
markus |
fix close for non-open ssh1 channels
|
#
1.15 |
|
02-May-2000 |
markus |
use c-style comments
|
#
1.14 |
|
14-Apr-2000 |
markus |
whitespace cleanup
|
#
1.13 |
|
03-Apr-2000 |
markus |
channel layer support for ssh2
|
#
1.12 |
|
28-Mar-2000 |
markus |
sync w/ channels.c
|
#
1.11 |
|
28-Mar-2000 |
markus |
replace big switch() with function tables (prepare for ssh2)
|
#
1.10 |
|
10-Jan-2000 |
markus |
handle OCLOSE for CHAN_INPUT_WAIT_DRAIN, i.e. do not drain buffer if peer is not going to read the data.
|
#
1.9 |
|
02-Dec-1999 |
markus |
use error() for internal errors
|
#
1.8 |
|
24-Nov-1999 |
markus |
it's not an error() if shutdown_write failes in nchan.
|
#
1.7 |
|
24-Nov-1999 |
markus |
missing copyright
|
#
1.6 |
|
23-Nov-1999 |
markus |
KNF part 1
|
#
1.5 |
|
25-Oct-1999 |
markus |
remove buggy 'x11-fix'
|
#
1.4 |
|
25-Oct-1999 |
markus |
typo in debug messages (input vs. ouput)
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.3 |
|
17-Oct-1999 |
markus |
re-implement the proto-1.5 channel close protocol, see nchan.ms.
|
#
1.2 |
|
16-Oct-1999 |
markus |
add CVS tags, fix comments and whitespace
|
#
1.1 |
|
16-Oct-1999 |
markus |
support for SSH protocol 1.5 which is poorly documented, the RFC.troff lies. interops (x11,agent,etc) with 1.2.27 and protocol 1.3
|