summaryrefslogtreecommitdiff
path: root/clientloop.c
AgeCommit message (Collapse)Author
2011-01-16 - djm@cvs.openbsd.org 2011/01/16 12:05:59Damien Miller
[clientloop.c] a couple more tweaks to the post-close protocol 1 stderr/stdout flush: now that we use atomicio(), convert them from while loops to if statements add test and cast to compile cleanly with -Wsigned
2011-01-16 - djm@cvs.openbsd.org 2011/01/16 11:50:05Damien Miller
[clientloop.c] Use atomicio when flushing protocol 1 std{out,err} buffers at session close. This was a latent bug exposed by setting a SIGCHLD handler and spotted by kevin.brott AT gmail.com; ok dtucker@
2011-01-11 - djm@cvs.openbsd.org 2011/01/11 06:13:10Damien Miller
[clientloop.c ssh-keygen.c sshd.c] some unsigned long long casts that make things a bit easier for portable without resorting to dropping PRIu64 formats everywhere
2011-01-11 - djm@cvs.openbsd.org 2011/01/08 10:51:51Damien Miller
[clientloop.c] use host and not options.hostname, as the latter may have unescaped substitution characters
2011-01-07 - djm@cvs.openbsd.org 2011/01/06 22:23:02Damien Miller
[clientloop.c] when exiting due to ServerAliveTimeout, mention the hostname that caused it (useful with backgrounded controlmaster)
2010-12-01 - djm@cvs.openbsd.org 2010/11/23 23:57:24Damien Miller
[clientloop.c] avoid NULL deref on receiving a channel request on an unknown or invalid channel; report bz#1842 from jchadima AT redhat.com; ok dtucker@
2010-12-01 - djm@cvs.openbsd.org 2010/11/21 01:01:13Damien Miller
[clientloop.c misc.c misc.h ssh-agent.1 ssh-agent.c] honour $TMPDIR for client xauth and ssh-agent temporary directories; feedback and ok markus@
2010-11-20 - djm@cvs.openbsd.org 2010/11/13 23:27:51Damien Miller
[clientloop.c misc.c misc.h packet.c packet.h readconf.c readconf.h] [servconf.c servconf.h session.c ssh.c ssh_config.5 sshd_config.5] allow ssh and sshd to set arbitrary TOS/DSCP/QoS values instead of hardcoding lowdelay/throughput. bz#1733 patch from philipp AT redfish-solutions.com; ok markus@ deraadt@
2010-10-07 - djm@cvs.openbsd.org 2010/10/06 06:39:28Damien Miller
[clientloop.c ssh.c sshconnect.c sshconnect.h] kill proxy command on fatal() (we already kill it on clean exit); ok markus@
2010-08-03 - djm@cvs.openbsd.org 2010/07/19 09:15:12Damien Miller
[clientloop.c readconf.c readconf.h ssh.c ssh_config.5] add a "ControlPersist" option that automatically starts a background ssh(1) multiplex master when connecting. This connection can stay alive indefinitely, or can be set to automatically close after a user-specified duration of inactivity. bz#1330 - patch by dwmw2 AT infradead.org, but further hacked on by wmertens AT cisco.com, apb AT cequrux.com, martin-mindrot-bugzilla AT earth.li and myself; "looks ok" markus@
2010-06-26 - djm@cvs.openbsd.org 2010/06/25 23:10:30Damien Miller
[ssh.c] log the hostname and address that we connected to at LogLevel=verbose after authentication is successful to mitigate "phishing" attacks by servers with trusted keys that accept authentication silently and automatically before presenting fake password/passphrase prompts; "nice!" markus@
2010-04-16 - djm@cvs.openbsd.org 2010/04/10 02:08:44Damien Miller
[clientloop.c] bz#1698: kill channel when pty allocation requests fail. Fixed stuck client if the server refuses pty allocation. ok dtucker@ "think so" markus@
2010-03-22 - djm@cvs.openbsd.org 2010/03/13 21:10:38Damien Miller
[clientloop.c] protocol conformance fix: send language tag when disconnecting normally; spotted by 1.41421 AT gmail.com, ok markus@ deraadt@
2010-01-30 - djm@cvs.openbsd.org 2010/01/28 00:21:18Damien Miller
[clientloop.c] downgrade an error() to a debug() - this particular case can be hit in normal operation for certain sequences of mux slave vs session closure and is harmless
2010-01-26 - djm@cvs.openbsd.org 2010/01/26 01:28:35Damien Miller
[channels.c channels.h clientloop.c clientloop.h mux.c nchan.c ssh.c] rewrite ssh(1) multiplexing code to a more sensible protocol. The new multiplexing code uses channels for the listener and accepted control sockets to make the mux master non-blocking, so no stalls when processing messages from a slave. avoid use of fatal() in mux master protocol parsing so an errant slave process cannot take down a running master. implement requesting of port-forwards over multiplexed sessions. Any port forwards requested by the slave are added to those the master has established. add support for stdio forwarding ("ssh -W host:port ...") in mux slaves. document master/slave mux protocol so that other tools can use it to control a running ssh(1). Note: there are no guarantees that this protocol won't be incompatibly changed (though it is versioned). feedback Salvador Fandino, dtucker@ channel changes ok markus@
2010-01-09 - djm@cvs.openbsd.org 2010/01/09 05:04:24Darren Tucker
[mux.c sshpty.h clientloop.c sshtty.c] quell tc[gs]etattr warnings when forcing a tty (ssh -tt), since we usually don't actually have a tty to read/set; bz#1686 ok dtucker@
2010-01-08 - djm@cvs.openbsd.org 2009/11/17 05:31:44Darren Tucker
[clientloop.c] fix incorrect exit status when multiplexing and channel ID 0 is recycled bz#1570 reported by peter.oliver AT eon-is.co.uk; ok dtucker
2010-01-08 - andreas@cvs.openbsd.org 2009/10/24 11:15:29Darren Tucker
[clientloop.c] client_loop() must detect if the session has been suspended and resumed, and take appropriate action in that case. From Martin Forssen, maf at appgate dot com ok markus@
2009-08-28 - (dtucker) [clientloop.c configure.ac defines.h] Make the client's IO bufferDarren Tucker
size a compile-time option and set it to 64k on Cygwin, since Corinna reports that it makes a significant difference to performance. ok djm@
2009-07-06 - stevesk@cvs.openbsd.org 2009/07/05 19:28:33Darren Tucker
[clientloop.c] only send SSH2_MSG_DISCONNECT if we're in compat20; from dtucker@ ok deraadt@ markus@
2009-06-21 - andreas@cvs.openbsd.org 2009/05/28 16:50:16Darren Tucker
[sshd.c packet.c serverloop.c monitor_wrap.c clientloop.c sshconnect.c monitor.c Added roaming.h roaming_common.c roaming_dummy.c] Keep track of number of bytes read and written. Needed for upcoming changes. Most code from Martin Forssen, maf at appgate dot com. ok markus@ Also, applied appropriate changes to Makefile.in
2009-06-21 - andreas@cvs.openbsd.org 2009/05/27 06:34:36Darren Tucker
[kex.c kex.h] Move the KEX_COOKIE_LEN define to kex.h ok markus@
2009-06-21 - andreas@cvs.openbsd.org 2009/05/27 06:31:25Darren Tucker
[canohost.h canohost.c] Add clear_cached_addr(), needed for upcoming changes allowing the peer address to change. ok markus@
2009-02-14 - djm@cvs.openbsd.org 2009/02/12 03:00:56Damien Miller
[canohost.c canohost.h channels.c channels.h clientloop.c readconf.c] [readconf.h serverloop.c ssh.c] support remote port forwarding with a zero listen port (-R0:...) to dyamically allocate a listen port at runtime (this is actually specified in rfc4254); bz#1003 ok markus@
2009-01-28 - djm@cvs.openbsd.org 2009/01/22 10:02:34Damien Miller
[clientloop.c misc.c readconf.c readconf.h servconf.c servconf.h] [serverloop.c ssh-keyscan.c ssh.c sshd.c] make a2port() return -1 when it encounters an invalid port number rather than 0, which it will now treat as valid (needed for future work) adjust current consumers of a2port() to check its return value is <= 0, which in turn required some things to be converted from u_short => int make use of int vs. u_short consistent in some other places too feedback & ok markus@
2009-01-28 - stevesk@cvs.openbsd.org 2008/12/09 22:37:33Damien Miller
[clientloop.c] fix typo in error message
2008-12-09 - djm@cvs.openbsd.org 2008/12/09 02:38:18Damien Miller
[clientloop.c] The ~C escape handler does not work correctly for multiplexed sessions - it opens a commandline on the master session, instead of on the slave that requested it. Disable it on slave sessions until such time as it is fixed; bz#1543 report from Adrian Bridgett via Colin Watson ok markus@
2008-12-08 - markus@cvs.openbsd.org 2008/12/02 19:01:07Damien Miller
[clientloop.c] we have to use the recipient's channel number (RFC 4254) for SSH2_MSG_CHANNEL_SUCCESS/SSH2_MSG_CHANNEL_FAILURE messages, otherwise we trigger 'Non-public channel' error messages on sshd systems with clientkeepalive enabled; noticed by sturm; ok djm;
2008-11-05 - stevesk@cvs.openbsd.org 2008/11/05 03:23:09Damien Miller
[clientloop.c ssh.1] add dynamic forward escape command line; ok djm@
2008-11-03 - stevesk@cvs.openbsd.org 2008/11/01 17:40:33Damien Miller
[clientloop.c readconf.c readconf.h ssh.c] merge dynamic forward parsing into parse_forward(); 'i think this is OK' djm@
2008-11-03 - stevesk@cvs.openbsd.org 2008/10/30 19:31:16Damien Miller
[clientloop.c sshd.c] don't need to #include "monitor_fdpass.h"
2008-07-16 - djm@cvs.openbsd.org 2008/07/16 11:51:14Damien Miller
[clientloop.c] rename variable first_gc -> last_gc (since it is actually the last in the list).
2008-07-11 - markus@cvs.openbsd.org 2008/07/10 18:08:11Damien Miller
[clientloop.c monitor.c monitor_wrap.c packet.c packet.h sshd.c] sync v1 and v2 traffic accounting; add it to sshd, too; ok djm@, dtucker@
2008-07-04 - (djm) [atomicio.c channels.c clientloop.c defines.h includes.h]Damien Miller
[packet.c scp.c serverloop.c sftp-client.c ssh-agent.c ssh-keyscan.c] [sshd.c] Explicitly handle EWOULDBLOCK wherever we handle EAGAIN, on some platforms (HP nonstop) it is a distinct errno; bz#1467 reported by sconeu AT yahoo.com; ok dtucker@
2008-06-13 - djm@cvs.openbsd.org 2008/06/12 21:06:25Darren Tucker
[clientloop.c] I was coalescing expected global request confirmation replies at the wrong end of the queue - fix; prompted by markus@
2008-06-13 - (dtucker) [clientloop.c serverloop.c] channel_register_filter nowDarren Tucker
takes 2 more args. with djm@
2008-06-13 - djm@cvs.openbsd.org 2008/06/12 15:19:17Darren Tucker
[clientloop.h channels.h clientloop.c channels.c mux.c] The multiplexing escape char handler commit last night introduced a small memory leak per session; plug it.
2008-06-13 - djm@cvs.openbsd.org 2008/06/12 04:17:47Darren Tucker
[clientloop.c] thall shalt not code past the eightieth column
2008-06-13 - djm@cvs.openbsd.org 2008/06/12 04:06:00Darren Tucker
[clientloop.h ssh.c clientloop.c] maintain an ordered queue of outstanding global requests that we expect replies to, similar to the per-channel confirmation queue. Use this queue to verify success or failure for remote forward establishment in a race free way. ok dtucker@
2008-06-13 - djm@cvs.openbsd.org 2008/06/12 03:40:52Darren Tucker
[clientloop.h mux.c channels.c clientloop.c channels.h] Enable ~ escapes for multiplex slave sessions; give each channel its own escape state and hook the escape filters up to muxed channels. bz #1331 Mux slaves do not currently support the ~^Z and ~& escapes. NB. this change cranks the mux protocol version, so a new ssh mux client will not be able to connect to a running old ssh mux master. ok dtucker@
2008-06-08 - djm@cvs.openbsd.org 2008/05/19 20:53:52Darren Tucker
[clientloop.c] unbreak tree by committing this bit that I missed from: Fix sending tty modes when stdin is not a tty (bz#1199). Previously we would send the modes corresponding to a zeroed struct termios, whereas we should have been sending an empty list of modes. Based on patch from daniel.ritz AT alcatel.ch; ok dtucker@ markus@
2008-05-19 - markus@cvs.openbsd.org 2008/05/09 16:21:13Damien Miller
[channels.h clientloop.c nchan.c serverloop.c] unbreak ssh -2 localhost od /bin/ls | true ignoring SIGPIPE by adding a new channel message (EOW) that signals the peer that we're not interested in any data it might send. fixes bz #85; discussion, debugging and ok djm@
2008-05-19 - djm@cvs.openbsd.org 2008/05/09 14:18:44Damien Miller
[clientloop.c clientloop.h ssh.c mux.c] tidy up session multiplexing code, moving it into its own file and making the function names more consistent - making ssh.c and clientloop.c a fair bit more readable. ok markus@
2008-05-19 - djm@cvs.openbsd.org 2008/05/09 04:55:56Damien Miller
[channels.c channels.h clientloop.c serverloop.c] Try additional addresses when connecting to a port forward destination whose DNS name resolves to more than one address. The previous behaviour was to try the first address and give up. Reported by stig AT venaas.com in bz#343 great feedback and ok markus@
2008-05-19 - djm@cvs.openbsd.org 2008/05/08 13:06:11Damien Miller
[clientloop.c clientloop.h ssh.c] Use new channel status confirmation callback system to properly deal with "important" channel requests that fail, in particular command exec, shell and subsystem requests. Previously we would optimistically assume that the requests would always succeed, which could cause hangs if they did not (e.g. when the server runs out of fds) or were unimplemented by the server (bz #1384) Also, properly report failing multiplex channel requests via the mux client stderr (subject to LogLevel in the mux master) - better than silently failing. most bits ok markus@ (as part of a larger diff)
2008-05-19 - djm@cvs.openbsd.org 2008/05/08 12:02:23Damien Miller
[auth-options.c auth1.c channels.c channels.h clientloop.c gss-serv.c] [monitor.c monitor_wrap.c nchan.c servconf.c serverloop.c session.c] [ssh.c sshd.c] Implement a channel success/failure status confirmation callback mechanism. Each channel maintains a queue of callbacks, which will be drained in order (RFC4253 guarantees confirm messages are not reordered within an channel). Also includes a abandonment callback to clean up if a channel is closed without sending confirmation messages. This probably shouldn't happen in compliant implementations, but it could be abused to leak memory. ok markus@ (as part of a larger diff)
2008-03-07 - dtucker@cvs.openbsd.org 2008/02/22 20:44:02Damien Miller
[clientloop.c packet.c packet.h serverloop.c] Allow all SSH2 packet types, including UNIMPLEMENTED to reset the keepalive timer (bz #1307). ok markus@
2008-02-10 - dtucker@cvs.openbsd.org 2008/01/23 01:56:54Damien Miller
[clientloop.c packet.c serverloop.c] Revert the change for bz #1307 as it causes connection aborts if an IGNORE packet arrives while we're waiting in packet_read_expect (and possibly elsewhere).
2008-02-10 - djm@cvs.openbsd.org 2008/01/19 20:48:53Damien Miller
[clientloop.c] fd leak on session multiplexing error path. Report and patch from gregory_shively AT fanniemae.com
2007-12-29 - dtucker@cvs.openbsd.org 2007/12/28 22:34:47Darren Tucker
[clientloop.c] Use the correct packet maximum sizes for remote port and agent forwarding. Prevents the server from killing the connection if too much data is queued and an excessively large packet gets sent. bz #1360, ok djm@.