Age | Commit message (Collapse) | Author |
|
Improve error checking.
OK okan@
|
|
probably doesn't compile, since the types for some variables have
changed from long to char *).
OK millert@
|
|
on Itanium on Linux); from Dale Talcott (bug #1462); ok djm@
|
|
(longer an) RCS file in CVSROOT, both -- GNU cvs and OpenCVS -- segfaulted.
ok joris
|
|
ok joris
|
|
OK tobias@
|
|
which was a bogus limit. Spotted by naddy.
horribly prodded by and ok joris
|
|
ssh -2 localhost od /bin/ls | true
ignoring SIGPIPE by adding a new channel message (EOW) that signals
the peer that we're not interested in any data it might send.
fixes bz #85; discussion, debugging and ok djm@
|
|
for channels with both in- and output closed, since the channel
will go away before we call select();
report, lots of debugging help and ok djm@
|
|
without pipes shutdown-read from the sshd does not trigger
a SIGPIPE when the forked program does a write.
ok djm@
|
|
|
|
making the function names more consistent - making ssh.c and
clientloop.c a fair bit more readable.
ok markus@
|
|
|
|
|
|
|
|
|
|
|
|
whose DNS name resolves to more than one address. The previous behaviour
was to try the first address and give up.
Reported by stig AT venaas.com in bz#343
great feedback and ok markus@
|
|
relevant kernel variables via kvm(3)
ok dlg@ deraadt@
|
|
with "important" channel requests that fail, in particular command exec,
shell and subsystem requests. Previously we would optimistically assume
that the requests would always succeed, which could cause hangs if they
did not (e.g. when the server runs out of fds) or were unimplemented by
the server (bz #1384)
Also, properly report failing multiplex channel requests via the mux
client stderr (subject to LogLevel in the mux master) - better than
silently failing.
most bits ok markus@ (as part of a larger diff)
|
|
a sshd_config MaxSessions knob. This is useful for disabling
login/shell/subsystem access while leaving port-forwarding working
(MaxSessions 0), disabling connection multiplexing (MaxSessions 1) or
simply increasing the number of allows multiplexed sessions.
Because some bozos are sure to configure MaxSessions in excess of the
number of available file descriptors in sshd (which, at peak, might be
as many as 9*MaxSessions), audit sshd to ensure that it doesn't leak fds
on error paths, and make it fail gracefully on out-of-fd conditions -
sending channel errors instead of than exiting with fatal().
bz#1090; MaxSessions config bits and manpage from junyer AT gmail.com
ok markus@
|
|
mechanism. Each channel maintains a queue of callbacks, which will
be drained in order (RFC4253 guarantees confirm messages are not
reordered within an channel).
Also includes a abandonment callback to clean up if a channel is
closed without sending confirmation messages. This probably
shouldn't happen in compliant implementations, but it could be
abused to leak memory.
ok markus@ (as part of a larger diff)
|
|
routing priority. hai norby@
|
|
|
|
~10% speedup for localhost-scp; ok djm@
|
|
Change the wording accordingly.
OK markus@, dlg@
|
|
tested by ian@ sthen@
OK ian@, "move ahead with it" deraadt@
|
|
no binary change
found by Daniel Dickman <didickman at gmail.com>
ok ray@
|
|
|
|
|
|
|
|
context), to specify if agents should be permitted on the server.
As the man page states:
``Note that disabling Agent forwarding does not improve security
unless users are also denied shell access, as they can always install
their own forwarders.''
ok djm@, ok and a mild frown markus@
|
|
- shorten the argument names to -IO
|
|
an Argumentx directive has been sent to server without prior Argument.
ok joris, xsa
|
|
|
|
misinterpreting the ``returned'' status could lead to segfauts, as reported
by ``Filth'' (hygdrasil, gmail dot com)
ok deraadt@
|
|
|
|
larsnooden AT openoffice.org
|
|
|
|
the others by myself
|
|
the list in case of multiple/inexact matches
o if the argument to cddb is invalid, do not exit, just print and error
and ignore the command
espie@ ok.
|
|
ok jmc@, no objections espie@
|
|
ok jmc@
|
|
|
|
each argument and freeing each argument on error.
OK joris, tobias
|
|
the recommended way to set the play block size
ok jakemsr
|
|
do with record.errors for recording (overruns).
ok ratchov
|
|
ok ratchov
|
|
exceed buffer size (diff based on OpenCVS code).
ok ray, xsa
|
|
strerror(). Although our vasprintf() sets errno, we cannot rely on it on
other systems.
ok ray (who spotted this issue), xsa
|