From 2cbec749d76e73be167bc600ba4c5886b607eab2 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 12 Jun 2007 23:41:33 +1000 Subject: - djm@cvs.openbsd.org 2007/06/12 11:11:08 [ssh.c] fix slave exit value when a control master goes away without passing the full exit status by ensuring that the slave reads a full int. bz#1261 reported by frekko AT gmail.com; ok markus@ dtucker@ --- ssh.c | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) (limited to 'ssh.c') diff --git a/ssh.c b/ssh.c index cfaa1ff22..74c9a091b 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.295 2007/01/03 03:01:40 stevesk Exp $ */ +/* $OpenBSD: ssh.c,v 1.296 2007/06/12 11:11:08 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1458,25 +1458,28 @@ control_client(const char *path) /* Stick around until the controlee closes the client_fd */ exitval = 0; - for (;!control_client_terminate;) { - r = read(sock, &exitval, sizeof(exitval)); + for (i = 0; !control_client_terminate && i < (int)sizeof(exitval);) { + r = read(sock, (char *)&exitval + i, sizeof(exitval) - i); if (r == 0) { debug2("Received EOF from master"); break; } - if (r > 0) - debug2("Received exit status from master %d", exitval); if (r == -1 && errno != EINTR) fatal("%s: read %s", __func__, strerror(errno)); + i += r; } - - if (control_client_terminate) - debug2("Exiting on signal %d", control_client_terminate); - close(sock); - leave_raw_mode(); + if (control_client_terminate) { + debug2("Exiting on signal %d", control_client_terminate); + exitval = 255; + } else if (i < (int)sizeof(exitval)) { + debug2("Control master terminated unexpectedly"); + exitval = 255; + } else + debug2("Received exit status from master %d", exitval); + if (tty_flag && options.log_level != SYSLOG_LEVEL_QUIET) fprintf(stderr, "Connection to master closed.\r\n"); -- cgit v1.2.3 From 415bddc1bdd2d0be418ab82520512d77643c05b0 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 12 Jun 2007 23:43:16 +1000 Subject: - djm@cvs.openbsd.org 2007/06/12 11:15:17 [ssh.c ssh.1] Add "-K" flag for ssh to set GSSAPIAuthentication=yes and GSSAPIDelegateCredentials=yes. This is symmetric with -k (disable GSSAPI) and is useful for hosts with /home on Kerberised NFS; bz #1312 patch from Markus.Kuhn AT cl.cam.ac.uk; ok dtucker@ markus@ --- ChangeLog | 8 +++++++- ssh.1 | 7 +++++-- ssh.c | 10 +++++++--- 3 files changed, 19 insertions(+), 6 deletions(-) (limited to 'ssh.c') diff --git a/ChangeLog b/ChangeLog index 41c47d2ab..890625fa2 100644 --- a/ChangeLog +++ b/ChangeLog @@ -23,6 +23,12 @@ fix slave exit value when a control master goes away without passing the full exit status by ensuring that the slave reads a full int. bz#1261 reported by frekko AT gmail.com; ok markus@ dtucker@ + - djm@cvs.openbsd.org 2007/06/12 11:15:17 + [ssh.c ssh.1] + Add "-K" flag for ssh to set GSSAPIAuthentication=yes and + GSSAPIDelegateCredentials=yes. This is symmetric with -k (disable GSSAPI) + and is useful for hosts with /home on Kerberised NFS; bz #1312 + patch from Markus.Kuhn AT cl.cam.ac.uk; ok dtucker@ markus@ 20070611 - (djm) Bugzilla #1306: silence spurious error messages from hang-on-exit @@ -3037,4 +3043,4 @@ OpenServer 6 and add osr5bigcrypt support so when someone migrates passwords between UnixWare and OpenServer they will still work. OK dtucker@ -$Id: ChangeLog,v 1.4693 2007/06/12 13:41:33 dtucker Exp $ +$Id: ChangeLog,v 1.4694 2007/06/12 13:43:16 dtucker Exp $ diff --git a/ssh.1 b/ssh.1 index 6b76c1c0e..336d851dd 100644 --- a/ssh.1 +++ b/ssh.1 @@ -34,8 +34,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.268 2007/06/07 19:37:34 pvalchev Exp $ -.Dd $Mdocdate: June 7 2007 $ +.\" $OpenBSD: ssh.1,v 1.269 2007/06/12 11:15:17 djm Exp $ +.Dd $Mdocdate: June 11 2007 $ .Dt SSH 1 .Os .Sh NAME @@ -315,6 +315,9 @@ It is possible to have multiple .Fl i options (and multiple identities specified in configuration files). +.It Fl K +Enables GSSAPI-based authentication and forwarding (delegation) of GSSAPI +credentials to the server. .It Fl k Disables forwarding (delegation) of GSSAPI credentials to the server. .It Fl L Xo diff --git a/ssh.c b/ssh.c index 74c9a091b..5155da791 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.296 2007/06/12 11:11:08 djm Exp $ */ +/* $OpenBSD: ssh.c,v 1.297 2007/06/12 11:15:17 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -185,7 +185,7 @@ static void usage(void) { fprintf(stderr, -"usage: ssh [-1246AaCfgkMNnqsTtVvXxY] [-b bind_address] [-c cipher_spec]\n" +"usage: ssh [-1246AaCfgKkMNnqsTtVvXxY] [-b bind_address] [-c cipher_spec]\n" " [-D [bind_address:]port] [-e escape_char] [-F configfile]\n" " [-i identity_file] [-L [bind_address:]port:host:hostport]\n" " [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]\n" @@ -272,7 +272,7 @@ main(int ac, char **av) again: while ((opt = getopt(ac, av, - "1246ab:c:e:fgi:kl:m:no:p:qstvxACD:F:I:L:MNO:PR:S:TVw:XY")) != -1) { + "1246ab:c:e:fgi:kl:m:no:p:qstvxACD:F:I:KL:MNO:PR:S:TVw:XY")) != -1) { switch (opt) { case '1': options.protocol = SSH_PROTO_1; @@ -326,6 +326,10 @@ main(int ac, char **av) case 'k': options.gss_deleg_creds = 0; break; + case 'K': + options.gss_authentication = 1; + options.gss_deleg_creds = 1; + break; case 'i': if (stat(optarg, &st) < 0) { fprintf(stderr, "Warning: Identity file %s " -- cgit v1.2.3 From 26047496519e9ad25fb60da24645580200ecae50 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 12 Jun 2007 23:44:10 +1000 Subject: - djm@cvs.openbsd.org 2007/06/12 11:45:27 [ssh.c] improved exit message from multiplex slave sessions; bz #1262 reported by alexandre.nunes AT gmail.com; ok dtucker@ --- ChangeLog | 6 +++++- ssh.c | 5 +++-- 2 files changed, 8 insertions(+), 3 deletions(-) (limited to 'ssh.c') diff --git a/ChangeLog b/ChangeLog index 890625fa2..1ad2b3573 100644 --- a/ChangeLog +++ b/ChangeLog @@ -29,6 +29,10 @@ GSSAPIDelegateCredentials=yes. This is symmetric with -k (disable GSSAPI) and is useful for hosts with /home on Kerberised NFS; bz #1312 patch from Markus.Kuhn AT cl.cam.ac.uk; ok dtucker@ markus@ + - djm@cvs.openbsd.org 2007/06/12 11:45:27 + [ssh.c] + improved exit message from multiplex slave sessions; bz #1262 + reported by alexandre.nunes AT gmail.com; ok dtucker@ 20070611 - (djm) Bugzilla #1306: silence spurious error messages from hang-on-exit @@ -3043,4 +3047,4 @@ OpenServer 6 and add osr5bigcrypt support so when someone migrates passwords between UnixWare and OpenServer they will still work. OK dtucker@ -$Id: ChangeLog,v 1.4694 2007/06/12 13:43:16 dtucker Exp $ +$Id: ChangeLog,v 1.4695 2007/06/12 13:44:10 dtucker Exp $ diff --git a/ssh.c b/ssh.c index 5155da791..9af61d3c2 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.297 2007/06/12 11:15:17 djm Exp $ */ +/* $OpenBSD: ssh.c,v 1.298 2007/06/12 11:45:27 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1485,7 +1485,8 @@ control_client(const char *path) debug2("Received exit status from master %d", exitval); if (tty_flag && options.log_level != SYSLOG_LEVEL_QUIET) - fprintf(stderr, "Connection to master closed.\r\n"); + fprintf(stderr, "Shared connection to %s closed.\r\n", + host); exit(exitval); } -- cgit v1.2.3 From d989adadd33ed305a22f555d7d69db3cff4e83da Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 25 Jun 2007 18:34:43 +1000 Subject: - djm@cvs.openbsd.org 2007/06/14 21:43:25 [ssh.c] handle EINTR when waiting for mux exit status properly --- ChangeLog | 5 ++++- ssh.c | 7 +++++-- 2 files changed, 9 insertions(+), 3 deletions(-) (limited to 'ssh.c') diff --git a/ChangeLog b/ChangeLog index d1a244abf..880ec45e7 100644 --- a/ChangeLog +++ b/ChangeLog @@ -4,6 +4,9 @@ [scp.c] don't ftruncate() non-regular files; bz#1236 reported by wood AT xmission.com; ok dtucker@ + - djm@cvs.openbsd.org 2007/06/14 21:43:25 + [ssh.c] + handle EINTR when waiting for mux exit status properly 20070614 - (dtucker) [cipher-ctr.c umac.c openbsd-compat/openssl-compat.h] Move the @@ -3079,4 +3082,4 @@ OpenServer 6 and add osr5bigcrypt support so when someone migrates passwords between UnixWare and OpenServer they will still work. OK dtucker@ -$Id: ChangeLog,v 1.4703 2007/06/25 08:32:33 dtucker Exp $ +$Id: ChangeLog,v 1.4704 2007/06/25 08:34:43 dtucker Exp $ diff --git a/ssh.c b/ssh.c index 9af61d3c2..ab9da1e97 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.298 2007/06/12 11:45:27 djm Exp $ */ +/* $OpenBSD: ssh.c,v 1.299 2007/06/14 21:43:25 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1468,8 +1468,11 @@ control_client(const char *path) debug2("Received EOF from master"); break; } - if (r == -1 && errno != EINTR) + if (r == -1) { + if (errno == EINTR) + continue; fatal("%s: read %s", __func__, strerror(errno)); + } i += r; } close(sock); -- cgit v1.2.3 From 132367f76f3529b3f4d530a38a4988ec296a3d3f Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 25 Jun 2007 18:59:17 +1000 Subject: - djm@cvs.openbsd.org 2007/06/14 22:48:05 [ssh.c] when waiting for the multiplex exit status, read until the master end writes an entire int of data *and* closes the client_fd; fixes mux regression spotted by dtucker, ok dtucker@ --- ChangeLog | 7 ++++++- ssh.c | 34 +++++++++++++++++++++------------- 2 files changed, 27 insertions(+), 14 deletions(-) (limited to 'ssh.c') diff --git a/ChangeLog b/ChangeLog index 880ec45e7..89e561800 100644 --- a/ChangeLog +++ b/ChangeLog @@ -7,6 +7,11 @@ - djm@cvs.openbsd.org 2007/06/14 21:43:25 [ssh.c] handle EINTR when waiting for mux exit status properly + - djm@cvs.openbsd.org 2007/06/14 22:48:05 + [ssh.c] + when waiting for the multiplex exit status, read until the master end + writes an entire int of data *and* closes the client_fd; fixes mux + regression spotted by dtucker, ok dtucker@ 20070614 - (dtucker) [cipher-ctr.c umac.c openbsd-compat/openssl-compat.h] Move the @@ -3082,4 +3087,4 @@ OpenServer 6 and add osr5bigcrypt support so when someone migrates passwords between UnixWare and OpenServer they will still work. OK dtucker@ -$Id: ChangeLog,v 1.4704 2007/06/25 08:34:43 dtucker Exp $ +$Id: ChangeLog,v 1.4705 2007/06/25 08:59:17 dtucker Exp $ diff --git a/ssh.c b/ssh.c index ab9da1e97..449ec256e 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.299 2007/06/14 21:43:25 djm Exp $ */ +/* $OpenBSD: ssh.c,v 1.300 2007/06/14 22:48:05 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1311,7 +1311,7 @@ static void control_client(const char *path) { struct sockaddr_un addr; - int i, r, fd, sock, exitval, num_env, addr_len; + int i, r, fd, sock, exitval[2], num_env, addr_len; Buffer m; char *term; extern char **environ; @@ -1460,10 +1460,16 @@ control_client(const char *path) if (tty_flag) enter_raw_mode(); - /* Stick around until the controlee closes the client_fd */ - exitval = 0; + /* + * Stick around until the controlee closes the client_fd. + * Before it does, it is expected to write this process' exit + * value (one int). This process must read the value and wait for + * the closure of the client_fd; if this one closes early, the + * multiplex master will terminate early too (possibly losing data). + */ + exitval[0] = 0; for (i = 0; !control_client_terminate && i < (int)sizeof(exitval);) { - r = read(sock, (char *)&exitval + i, sizeof(exitval) - i); + r = read(sock, (char *)exitval + i, sizeof(exitval) - i); if (r == 0) { debug2("Received EOF from master"); break; @@ -1475,21 +1481,23 @@ control_client(const char *path) } i += r; } + close(sock); leave_raw_mode(); - + if (i > (int)sizeof(int)) + fatal("%s: master returned too much data (%d > %lu)", + __func__, i, sizeof(int)); if (control_client_terminate) { debug2("Exiting on signal %d", control_client_terminate); - exitval = 255; - } else if (i < (int)sizeof(exitval)) { + exitval[0] = 255; + } else if (i < (int)sizeof(int)) { debug2("Control master terminated unexpectedly"); - exitval = 255; + exitval[0] = 255; } else - debug2("Received exit status from master %d", exitval); + debug2("Received exit status from master %d", exitval[0]); if (tty_flag && options.log_level != SYSLOG_LEVEL_QUIET) - fprintf(stderr, "Shared connection to %s closed.\r\n", - host); + fprintf(stderr, "Shared connection to %s closed.\r\n", host); - exit(exitval); + exit(exitval[0]); } -- cgit v1.2.3 From b3ce9fec309a6dd695811d977593961d6dfac710 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Wed, 8 Aug 2007 14:32:41 +1000 Subject: - djm@cvs.openbsd.org 2007/08/07 07:32:53 [clientloop.c clientloop.h ssh.c] bz#1232: ensure that any specified LocalCommand is executed after the tunnel device is opened. Also, make failures to open a tunnel device fatal when ExitOnForwardFailure is active. Reported by h.goebel AT goebel-consult.de; ok dtucker markus reyk deraadt --- ChangeLog | 8 +++++++- clientloop.c | 46 +++++++++++++++++++++++++++++++++++++++++++++- clientloop.h | 3 ++- ssh.c | 44 +++++++++++++++----------------------------- 4 files changed, 69 insertions(+), 32 deletions(-) (limited to 'ssh.c') diff --git a/ChangeLog b/ChangeLog index c4a7d1261..55319fc23 100644 --- a/ChangeLog +++ b/ChangeLog @@ -10,6 +10,12 @@ and synopsis of commands lots of good ideas by jmc@ ok jmc@ + - djm@cvs.openbsd.org 2007/08/07 07:32:53 + [clientloop.c clientloop.h ssh.c] + bz#1232: ensure that any specified LocalCommand is executed after the + tunnel device is opened. Also, make failures to open a tunnel device + fatal when ExitOnForwardFailure is active. + Reported by h.goebel AT goebel-consult.de; ok dtucker markus reyk deraadt 20070724 - (tim) [openssh.xml.in] make FMRI match what package scripts use. @@ -3129,4 +3135,4 @@ OpenServer 6 and add osr5bigcrypt support so when someone migrates passwords between UnixWare and OpenServer they will still work. OK dtucker@ -$Id: ChangeLog,v 1.4717 2007/08/08 04:29:58 djm Exp $ +$Id: ChangeLog,v 1.4718 2007/08/08 04:32:41 djm Exp $ diff --git a/clientloop.c b/clientloop.c index 1aeb412a9..538644c20 100644 --- a/clientloop.c +++ b/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.179 2007/03/20 03:56:12 tedu Exp $ */ +/* $OpenBSD: clientloop.c,v 1.180 2007/08/07 07:32:53 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1773,6 +1773,50 @@ client_request_agent(const char *request_type, int rchan) return c; } +int +client_request_tun_fwd(int tun_mode, int local_tun, int remote_tun) +{ + Channel *c; + int fd; + + if (tun_mode == SSH_TUNMODE_NO) + return 0; + + if (!compat20) { + error("Tunnel forwarding is not support for protocol 1"); + return -1; + } + + debug("Requesting tun unit %d in mode %d", local_tun, tun_mode); + + /* Open local tunnel device */ + if ((fd = tun_open(local_tun, tun_mode)) == -1) { + error("Tunnel device open failed."); + return -1; + } + + c = channel_new("tun", SSH_CHANNEL_OPENING, fd, fd, -1, + CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, 0, "tun", 1); + c->datagram = 1; + +#if defined(SSH_TUN_FILTER) + if (options.tun_open == SSH_TUNMODE_POINTOPOINT) + channel_register_filter(c->self, sys_tun_infilter, + sys_tun_outfilter); +#endif + + packet_start(SSH2_MSG_CHANNEL_OPEN); + packet_put_cstring("tun@openssh.com"); + packet_put_int(c->self); + packet_put_int(c->local_window_max); + packet_put_int(c->local_maxpacket); + packet_put_int(tun_mode); + packet_put_int(remote_tun); + packet_send(); + + return 0; +} + /* XXXX move to generic input handler */ static void client_input_channel_open(int type, u_int32_t seq, void *ctxt) diff --git a/clientloop.h b/clientloop.h index beec62f70..c7d2233d0 100644 --- a/clientloop.h +++ b/clientloop.h @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.h,v 1.16 2006/03/25 22:22:42 djm Exp $ */ +/* $OpenBSD: clientloop.h,v 1.17 2007/08/07 07:32:53 djm Exp $ */ /* * Author: Tatu Ylonen @@ -44,6 +44,7 @@ void client_x11_get_proto(const char *, const char *, u_int, void client_global_request_reply_fwd(int, u_int32_t, void *); void client_session2_setup(int, int, int, const char *, struct termios *, int, Buffer *, char **, dispatch_fn *); +int client_request_tun_fwd(int, int, int); /* Multiplexing protocol version */ #define SSHMUX_VER 1 diff --git a/ssh.c b/ssh.c index 449ec256e..d3a7ffc9b 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.300 2007/06/14 22:48:05 djm Exp $ */ +/* $OpenBSD: ssh.c,v 1.301 2007/08/07 07:32:53 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -857,6 +857,17 @@ ssh_init_forwarding(void) "forwarding."); } } + + /* Initiate tunnel forwarding. */ + if (options.tun_open != SSH_TUNMODE_NO) { + if (client_request_tun_fwd(options.tun_open, + options.tun_local, options.tun_remote) == -1) { + if (options.exit_on_forward_failure) + fatal("Could not request tunnel forwarding."); + else + error("Could not request tunnel forwarding."); + } + } } static void @@ -1119,33 +1130,6 @@ ssh_session2_setup(int id, void *arg) packet_send(); } - if (options.tun_open != SSH_TUNMODE_NO) { - Channel *c; - int fd; - - debug("Requesting tun."); - if ((fd = tun_open(options.tun_local, - options.tun_open)) >= 0) { - c = channel_new("tun", SSH_CHANNEL_OPENING, fd, fd, -1, - CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, - 0, "tun", 1); - c->datagram = 1; -#if defined(SSH_TUN_FILTER) - if (options.tun_open == SSH_TUNMODE_POINTOPOINT) - channel_register_filter(c->self, sys_tun_infilter, - sys_tun_outfilter); -#endif - packet_start(SSH2_MSG_CHANNEL_OPEN); - packet_put_cstring("tun@openssh.com"); - packet_put_int(c->self); - packet_put_int(c->local_window_max); - packet_put_int(c->local_maxpacket); - packet_put_int(options.tun_open); - packet_put_int(options.tun_remote); - packet_send(); - } - } - client_session2_setup(id, tty_flag, subsystem_flag, getenv("TERM"), NULL, fileno(stdin), &command, environ, &ssh_subsystem_reply); @@ -1205,7 +1189,6 @@ ssh_session2(void) /* XXX should be pre-session */ ssh_init_forwarding(); - ssh_control_listener(); if (!no_shell_flag || (datafellows & SSH_BUG_DUMMYCHAN)) id = ssh_session2_open(); @@ -1215,6 +1198,9 @@ ssh_session2(void) options.permit_local_command) ssh_local_cmd(options.local_command); + /* Start listening for multiplex clients */ + ssh_control_listener(); + /* If requested, let ssh continue in the background. */ if (fork_after_authentication_flag) if (daemon(1, 1) < 0) -- cgit v1.2.3