summaryrefslogtreecommitdiff
path: root/serverloop.c
AgeCommit message (Collapse)Author
2005-12-20 - (dtucker) OpenBSD CVS SyncDarren Tucker
- reyk@cvs.openbsd.org 2005/12/13 15:03:02 [serverloop.c] if forced_tun_device is not set, it is -1 and not SSH_TUNID_ANY
2005-12-13 - reyk@cvs.openbsd.org 2005/12/08 18:34:11Damien Miller
[auth-options.c includes.h misc.c misc.h readconf.c servconf.c] [serverloop.c ssh.c ssh_config.5 sshd_config.5 configure.ac] two changes to the new ssh tunnel support. this breaks compatibility with the initial commit but is required for a portable approach. - make the tunnel id u_int and platform friendly, use predefined types. - support configuration of layer 2 (ethernet) or layer 3 (point-to-point, default) modes. configuration is done using the Tunnel (yes|point-to-point|ethernet|no) option is ssh_config(5) and restricted by the PermitTunnel (yes|point-to-point|ethernet|no) option in sshd_config(5). ok djm@, man page bits by jmc@
2005-12-13 - reyk@cvs.openbsd.org 2005/12/06 22:38:28Damien Miller
[auth-options.c auth-options.h channels.c channels.h clientloop.c] [misc.c misc.h readconf.c readconf.h scp.c servconf.c servconf.h] [serverloop.c sftp.c ssh.1 ssh.c ssh_config ssh_config.5 sshconnect.c] [sshconnect.h sshd.8 sshd_config sshd_config.5] Add support for tun(4) forwarding over OpenSSH, based on an idea and initial channel code bits by markus@. This is a simple and easy way to use OpenSSH for ad hoc virtual private network connections, e.g. administrative tunnels or secure wireless access. It's based on a new ssh channel and works similar to the existing TCP forwarding support, except that it depends on the tun(4) network interface on both ends of the connection for layer 2 or layer 3 tunneling. This diff also adds support for LocalCommand in the ssh(1) client. ok djm@, markus@, jmc@ (manpages), tested and discussed with others
2005-11-05 - dtucker@cvs.openbsd.org 2005/11/03 13:38:29Damien Miller
[canohost.c] Cache reverse lookups with and without DNS separately; ok markus@
2005-11-05 - djm@cvs.openbsd.org 2005/10/30 08:52:18Damien Miller
[clientloop.c packet.c serverloop.c session.c ssh-agent.c ssh-keygen.c] [ssh.c sshconnect.c sshconnect1.c sshd.c] no need to escape single quotes in comments, no binary change
2005-11-05 - djm@cvs.openbsd.org 2005/10/10 10:23:08Damien Miller
[channels.c channels.h clientloop.c serverloop.c session.c] fix regression I introduced in 4.2: X11 forwardings initiated after a session has exited (e.g. "(sleep 5; xterm) &") would not start. bz #1086 reported by t8m AT centrum.cz; ok markus@ dtucker@
2005-07-17 -(djm) [audit.c auth1.c auth2.c entropy.c loginrec.c serverloop.c]Damien Miller
[ssh-rand-helper.c] fix portable 2nd level indents at 4 spaces too
2005-07-17 - djm@cvs.openbsd.org 2005/07/17 07:17:55Damien Miller
[auth-rh-rsa.c auth-rhosts.c auth2-chall.c auth2-gss.c channels.c] [cipher-ctr.c gss-genr.c gss-serv.c kex.c moduli.c readconf.c] [serverloop.c session.c sftp-client.c sftp.c ssh-add.c ssh-keygen.c] [sshconnect.c sshconnect2.c] knf says that a 2nd level indent is four (not three or five) spaces
2004-08-13 - avsm@cvs.openbsd.org 2004/08/11 21:43:05Darren Tucker
[channels.c channels.h clientloop.c misc.c misc.h serverloop.c ssh-agent.c] some signed/unsigned int comparison cleanups; markus@ ok
2004-05-24 - djm@cvs.openbsd.org 2004/05/21 11:33:11Darren Tucker
[channels.c channels.h clientloop.c serverloop.c ssh.1] bz #756: add support for the cancel-tcpip-forward request for the server and the client (through the ~C commandline). reported by z3p AT twistedmatrix.com; ok markus@
2004-01-21 - markus@cvs.openbsd.org 2004/01/19 21:25:15Damien Miller
[auth2-hostbased.c auth2-pubkey.c serverloop.c ssh-keysign.c sshconnect2.c] fix mem leaks; some fixes from Pete Flugstad; tested dtucker@
2003-12-1720031217Damien Miller
- (djm) OpenBSD CVS Sync - markus@cvs.openbsd.org 2003/12/09 15:28:43 [serverloop.c] make ClientKeepAlive work for ssh -N, too (no login shell requested). 1) send a bogus channel request if we find a channel 2) send a bogus global request if we don't have a channel ok + test beck@
2003-11-18 - (djm) OpenBSD CVS SyncDamien Miller
- dtucker@cvs.openbsd.org 2003/11/18 00:40:05 [serverloop.c] Correct check for authctxt->valid. ok djm@
2003-11-17 - djm@cvs.openbsd.org 2003/11/04 08:54:09Damien Miller
[auth1.c auth2.c auth2-pubkey.c auth.h auth-krb5.c auth-passwd.c] [auth-rhosts.c auth-rh-rsa.c auth-rsa.c monitor.c serverloop.c] [session.c] standardise arguments to auth methods - they should all take authctxt. check authctxt->valid rather then pw != NULL; ok markus@
2003-10-02 - markus@cvs.openbsd.org 2003/09/23 20:17:11Darren Tucker
[Makefile.in auth1.c auth2.c auth.c auth.h auth-krb5.c canohost.c cleanup.c clientloop.c fatal.c gss-serv.c log.c log.h monitor.c monitor.h monitor_wrap.c monitor_wrap.h packet.c serverloop.c session.c session.h ssh-agent.c sshd.c] replace fatal_cleanup() and linked list of fatal callbacks with static cleanup_exit() function. re-refine cleanup_exit() where appropriate, allocate sshd's authctxt eary to allow simpler cleanup in sshd. tested by many, ok deraadt@
2003-06-28 - markus@cvs.openbsd.org 2003/06/24 08:23:46Darren Tucker
[auth2-hostbased.c auth2-pubkey.c auth2.c channels.c key.c key.h monitor.c packet.c packet.h serverloop.c sshconnect2.c sshd.c] int -> u_int; ok djm@, deraadt@, mouring@
2003-06-04 - djm@cvs.openbsd.org 2003/06/04 12:03:59Damien Miller
[serverloop.c] remove bitrotten commet; ok markus@
2003-05-14 - markus@cvs.openbsd.org 2003/05/11 20:30:25Damien Miller
[channels.c clientloop.c serverloop.c session.c ssh.c] make channel_new() strdup the 'remote_name' (not the caller); ok theo
2003-04-09 - (djm) OpenBSD CVS SyncDamien Miller
- markus@cvs.openbsd.org 2003/04/02 09:48:07 [clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c] [readconf.h serverloop.c sshconnect2.c] reapply rekeying chage, tested by henning@, ok djm@
2003-04-01 - markus@cvs.openbsd.org 2003/04/01 10:10:23Damien Miller
[clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c] [readconf.h serverloop.c sshconnect2.c] rekeying bugfixes and automatic rekeying: * both client and server rekey _automatically_ (a) after 2^31 packets, because after 2^32 packets the sequence number for packets wraps (b) after 2^(blocksize_in_bits/4) blocks (see: draft-ietf-secsh-newmodes-00.txt) (a) and (b) are _enabled_ by default, and only disabled for known openssh versions, that don't support rekeying properly. * client option 'RekeyLimit' * do not reply to requests during rekeying - markus@cvs.openbsd.org 2003/04/01 10:22:21 [clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c] [readconf.h serverloop.c sshconnect2.c] backout rekeying changes (for 3.6.1)
2002-09-25Cray fixes (bug 367) based on patch from Wendy Palm @ cray.Tim Rice
This does not include the deattack.c fixes.
2002-09-22 - stevesk@cvs.openbsd.org 2002/09/19 16:03:15Damien Miller
[serverloop.c] log IP address also; ok markus@
2002-07-09 - (bal) NO_IPPORT_RESERVED_CONCEPT used instead of CYGWIN so other platformsBen Lindstrom
lacking that concept can share it. Patch by vinschen@redhat.com
2002-06-25 - markus@cvs.openbsd.org 2002/06/24 14:33:27Ben Lindstrom
[channels.c channels.h clientloop.c serverloop.c] move channel counter to u_int
2002-06-11 - mpech@cvs.openbsd.org 2002/06/11 05:46:20Ben Lindstrom
[auth-krb4.c monitor.h serverloop.c session.c ssh-agent.c sshd.c] pid_t cleanup. Markus need this now to keep hacking. markus@, millert@ ok
2002-04-02 - markus@cvs.openbsd.org 2002/03/30 18:51:15Ben Lindstrom
[monitor.c serverloop.c sftp-int.c sftp.c sshd.c] check waitpid for EINTR; based on patch from peter@ifm.liu.se
2002-03-26 - markus@cvs.openbsd.org 2002/03/24 16:00:27Ben Lindstrom
[serverloop.c] remove unused debug
2002-03-22 - provos@cvs.openbsd.org 2002/03/18 17:50:31Ben Lindstrom
[auth-bsdauth.c auth-options.c auth-rh-rsa.c auth-rsa.c auth-skey.c auth.h auth1.c auth2-chall.c auth2.c kex.c kex.h kexdh.c kexgex.c servconf.c session.h servconf.h serverloop.c session.c sshd.c] integrate privilege separated openssh; its turned off by default for now. work done by me and markus@ applied, but outside of ensure that smaller code bits migrated with their owners.. no work was tried to 'fix' it to work. =) Later project!
2002-02-08 - markus@cvs.openbsd.org 2002/02/06 14:55:16Damien Miller
[channels.c clientloop.c serverloop.c ssh.c] channel_new never returns NULL, mouring@; ok djm@
2002-02-05 - markus@cvs.openbsd.org 2002/02/03 17:53:25Damien Miller
[auth1.c serverloop.c session.c session.h] don't use channel_input_channel_request and callback use new server_input_channel_req() instead: server_input_channel_req does generic request parsing on server side session_input_channel_req handles just session specific things now ok djm@
2002-02-05 - markus@cvs.openbsd.org 2002/01/31 15:00:05Damien Miller
[serverloop.c] no need for WNOHANG; ok stevesk@
2002-01-22 - markus@cvs.openbsd.org 2002/01/16 13:17:51Damien Miller
[channels.c channels.h serverloop.c ssh.c] wrapper for channel_setup_fwd_listener
2002-01-22 - markus@cvs.openbsd.org 2002/01/10 11:13:29Damien Miller
[serverloop.c] skip client_alive_check until there are channels; ok beck@
2002-01-22 - markus@cvs.openbsd.org 2001/12/28 15:06:00Damien Miller
[auth2.c auth2-chall.c channels.c channels.h clientloop.c dispatch.c dispatch.h kex.c kex.h serverloop.c ssh.c sshconnect2.c] remove plen from the dispatch fn. it's no longer used.
2002-01-22 - markus@cvs.openbsd.org 2001/12/28 14:50:54Damien Miller
[auth1.c auth-rsa.c channels.c dispatch.c kex.c kexdh.c kexgex.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshconnect2.c sshd.c] packet_read* no longer return the packet length, since it's not used.
2002-01-22 - markus@cvs.openbsd.org 2001/12/27 20:39:58Damien Miller
[auth1.c auth-rsa.c channels.c clientloop.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshd.c ttymodes.c] get rid of packet_integrity_check, use packet_done() instead.
2002-01-22 - markus@cvs.openbsd.org 2001/12/27 20:39:58Damien Miller
[auth1.c auth-rsa.c channels.c clientloop.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshd.c ttymodes.c] get rid of packet_integrity_check, use packet_done() instead.
2002-01-22 - markus@cvs.openbsd.org 2001/12/21 12:17:33Damien Miller
[serverloop.c] remove ifdef for USE_PIPES since fdin != fdout; ok djm@
2001-12-21 - djm@cvs.openbsd.org 2001/12/20 22:50:24Damien Miller
[auth2.c auth2-chall.c channels.c channels.h clientloop.c dispatch.c] [dispatch.h kex.c kex.h packet.c packet.h serverloop.c ssh.c] [sshconnect2.c] Conformance fix: we should send failing packet sequence number when responding with a SSH_MSG_UNIMPLEMENTED message. Spotted by yakk@yakk.dot.net; ok markus@
2001-12-21 - markus@cvs.openbsd.org 2001/12/19 16:09:39Damien Miller
[serverloop.c] fix race between SIGCHLD and select with an additional pipe. writing to the pipe on SIGCHLD wakes up select(). using pselect() is not portable and siglongjmp() ugly. W. R. Stevens suggests similar solution. initial idea by pmenage@ensim.com; ok deraadt@, djm@
2001-12-21 - deraadt@cvs.openbsd.org 2001/12/19 07:18:56Damien Miller
[auth1.c auth2.c auth2-chall.c auth-bsdauth.c auth.c authfile.c auth.h] [auth-krb4.c auth-rhosts.c auth-skey.c bufaux.c canohost.c channels.c] [cipher.c clientloop.c compat.c compress.c deattack.c key.c log.c mac.c] [match.c misc.c nchan.c packet.c readconf.c rijndael.c rijndael.h scard.c] [servconf.c servconf.h serverloop.c session.c sftp.c sftp-client.c] [sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c] [sshconnect1.c sshconnect2.c sshconnect.c sshd.8 sshd.c sshd_config] [ssh-keygen.c sshlogin.c sshpty.c sshtty.c ttymodes.c uidswap.c] basic KNF done while i was looking for something else
2001-12-06 - itojun@cvs.openbsd.org 2001/12/05 03:50:01Ben Lindstrom
[clientloop.c serverloop.c sshd.c] deal with LP64 printf issue with sig_atomic_t. from thorpej
2001-12-06 - markus@cvs.openbsd.org 2001/11/22 12:34:22Ben Lindstrom
[clientloop.c serverloop.c sshd.c] volatile sig_atomic_t
2001-11-12 - markus@cvs.openbsd.org 2001/11/09 18:59:23Damien Miller
[clientloop.c serverloop.c] don't memset too much memory, ok millert@ original patch from jlk@kamens.brookline.ma.us via nalin@redhat.com
2001-10-12 - (djm) OpenBSD CVS SyncDamien Miller
- markus@cvs.openbsd.org 2001/10/10 22:18:47 [channels.c channels.h clientloop.c nchan.c serverloop.c] [session.c session.h] try to keep channels open until an exit-status message is sent. don't kill the login shells if the shells stdin/out/err is closed. this should now work: ssh -2n localhost 'exec > /dev/null 2>&1; sleep 10; exit 5'; echo ?
2001-10-10 - markus@cvs.openbsd.org 2001/10/09 21:59:41Damien Miller
[channels.c channels.h serverloop.c session.c session.h] simplify session close: no more delayed session_close, no more blocking wait() calls.
2001-10-10 - markus@cvs.openbsd.org 2001/10/09 19:51:18Damien Miller
[serverloop.c] close all channels if the connection to the remote host has been closed, should fix sshd's hanging with WCHAN==wait
2001-10-10 - markus@cvs.openbsd.org 2001/10/04 15:12:37Damien Miller
[serverloop.c] client_alive_check cleanup
2001-10-10 - markus@cvs.openbsd.org 2001/10/04 15:05:40Damien Miller
[channels.c serverloop.c] comment out bogus conditions for selecting on connection_in
2001-09-18 - markus@cvs.openbsd.org 2001/09/17 21:04:02Ben Lindstrom
[channels.c serverloop.c] don't send fake dummy packets on CR (\r) bugreport from yyua@cs.sfu.ca via solar@@openwall.com