| Age | Commit message (Collapse) | Author |
|---|
|
traffic on a X11 forwarding channel recently.
Should fix X11 forwarding performance problems when this setting is
enabled. Patch from Antonio Larrosa via bz3655
|
|
If a mux started with ControlPersist then later has a forwarding added using
mux proxy connection and the forwarding was used, then when the mux proxy
session terminates, the mux master process will send a channel close to the
server with a bad channel ID and crash the connection.
This was caused by my stupidly reusing c->remote_id for mux channel
associations when I should have just added another member to struct channel.
ok markus@
|
|
splits sshd into a listener and a session binary. More splits are
planned.
After this changes, the listener binary will validate the configuration,
load the hostkeys, listen on port 22 and manage MaxStartups only. All
session handling will be performed by a new sshd-session binary that the
listener fork+execs.
This reduces the listener process to the minimum necessary and sets us
up for future work on the sshd-session binary.
feedback/ok markus@ deraadt@
NB. if you're updating via source, please restart sshd after installing,
otherwise you run the risk of locking yourself out.
|
|
found by RASU JSC, reported by Maks Mishin in GHPR#467
|
|
all open channels and will close all open channels if there is no
traffic on any of them for the specified interval. This is in addition
to the existing per-channel timeouts added a few releases ago.
This supports use-cases like having a session + x11 forwarding channel
open where one may be idle for an extended period but the other is
actively used. The global timeout would allow closing both channels when
both have been idle for too long.
ok dtucker@
|
|
This makes ssh/sshd more strict in handling non-compliant peers that
send more data than the advertised channel window allows. Previously
the additional data would be silently discarded. This change will
cause ssh/sshd to terminate the connection if the channel window is
exceeded by more than a small grace allowance.
ok markus@
|
|
only consider enabling it when a channel with a tty is open.
Avoids turning on the obfucation when X11 forwarding only is in use,
which slows it right down. Reported by Roger Marsh
|
|
data was enqueued. Will be used to improve keystroke timing
obfuscation. Problem spotted by / tested by naddy@
|
|
ok djm@ dtucker@
|
|
Fixes sign compare warnings systems with 32-bit time_t due to type
promotion. OK djm@
|
|
not much we can do anyway. From Coverity CID 291857, ok djm@
|
|
405048 which was a false-positive fd leak; ok dtucker@
|
|
time_t safety. From Coverity CIDs 405197 and 405028, ok djm@
|
|
the flags that ssh started with and don't just clobber them with
zero, as this could also remove the append flag from the set;
bz3523; ok dtucker@
|
|
This adds a sshd_config ChannelTimeouts directive that allows channels that
have not seen traffic in a configurable interval to be automatically closed.
Different timeouts may be applied to session, X11, agent and TCP forwarding
channels.
Note: this only affects channels over an opened SSH connection and not
the connection itself. Most clients close the connection when their channels
go away, with a notable exception being ssh(1) in multiplexing mode.
ok markus dtucker
|
|
This sets an "extended" channel type after channel creation (e.g.
"session:subsystem:sftp") that will be used for setting channel inactivity
timeouts.
ok markus dtucker
|
|
These are now used by sshd_config:ChannelTimeouts to specify timeouts by
channel type, so force them all to use a similar format without whitespace.
ok dtucker markus
|
|
This will forcibly close an open channel by simulating read/write errors,
draining the IO buffers and calling the detach function.
Previously the detach function was only ever called during channel garbage
collection, but there was no way to signal the user of a channel (e.g.
session.c) that its channel was being closed deliberately (vs. by the
usual state-machine logic). So this adds an extra "force" argument to the
channel cleanup callback to indicate this condition.
ok markus dtucker
|
|
feedback markus / ok markus dtucker
|
|
are leaked as they are also duplicated in the call.
Found by CodeChecker.
ok djm
|
|
|
|
accordingly. As remote_name is not modified, it can be const
as well. From Martin Vahlensieck
|
|
|
|
SSH transport rekeying. The most visible benefit is that it should make
~-escapes work in the client (e.g. to exit) if the connection happened
to have stalled during a rekey event. Based work by and ok dtucker@
|
|
avoids plausible spin during rekeying if channel io_want flags are
reused across cycles. ok markus@ deraadt@
|
|
channel buffer. Introduce more exact packing of channel fds into the
pollfd array. fixes bz3405 and bz3411; ok deraadt@ markus@
|
|
|
|
caught by dtucker's minix3 vm :) ok dtucker@
|
|
rather than into a stack buffer that needs to be copied again;
Improves performance by about 1% on cipher-speed.sh
feedback dtucker@ ok markus@
|
|
feedback & ok deraadt@ and markus@
has been in snaps for a few months
|
|
by moving FD_SET construction out of channel handlers into separate
functions. ok markus
|
|
ok dtucker@
|
|
OK mfriedl@
|
|
ssh(1) needs to set file descriptors to non-blocking mode to operate
but it was not restoring the original state on exit. This could cause
problems with fds shared with other programs via the shell, e.g.
> $ cat > test.sh << _EOF
> #!/bin/sh
> {
> ssh -Fnone -oLogLevel=verbose ::1 hostname
> cat /usr/share/dict/words
> } | sleep 10
> _EOF
> $ ./test.sh
> Authenticated to ::1 ([::1]:22).
> Transferred: sent 2352, received 2928 bytes, in 0.1 seconds
> Bytes per second: sent 44338.9, received 55197.4
> cat: stdout: Resource temporarily unavailable
This restores the blocking status for fds 0,1,2 (stdio) before ssh(1)
abandons/closes them.
This was reported as bz3280 and GHPR246; ok dtucker@
|
|
indentation on continuation lines. Prompted by GHPR#185
|
|
ok djm@, dtucker@
|
|
purpose-built ssh->compat variable instead; feedback/ok markus@
|
|
appending ssh_err(r) manually; ok markus@
|
|
peer advertises a large window but is slow to consume the data we
send (e.g. because of a slow network)
reported by Pierre-Yves David
fix with & ok markus@
|
|
SSH_CHANNEL_MUX_LISTENER; Specifically SSH_CHANNEL_MUX_PROXY channels
should not have this structure freed.
|
|
it here causes other problems
|
|
ok dtucker
|
|
in. ok deraadt markus djm.
|
|
|
|
While freezero() returns early if the pointer is NULL the tests for
NULL in callers are left to avoid warnings about passing an
uninitialised size argument across a function boundry.
ok deraadt@ djm@
|
|
confusing people, so add another comment explaining the special
handling of "localhost"; bz#3258
|
|
|
|
value < 0. errno is only updated in this case. Change all (most?)
callers of syscalls to follow this better, and let's see if this strictness
helps us in the future.
|
|
knweiss at gmail.com via -portable.
|
|
be able to find out from where the request was comming.
Add the same logging for PermitListen violations which where not
logged at all.
Pointed out by Robert Kisteleki (robert AT ripe.net)
input markus
OK deraadt
|
