Commit Graph

213 Commits

Author SHA1 Message Date
Damien Miller
17e91c0fb0 - stevesk@cvs.openbsd.org 2006/02/10 00:27:13
[channels.c clientloop.c includes.h misc.c progressmeter.c sftp.c]
     [ssh.c sshd.c sshpty.c]
     move #include <sys/ioctl.h> out of includes.h; ok markus@
2006-03-15 11:28:34 +11:00
Damien Miller
99bd21e3fe - stevesk@cvs.openbsd.org 2006/02/07 01:42:00
[channels.c clientloop.c clientloop.h includes.h packet.h]
     [serverloop.c sshpty.c sshpty.h sshtty.c ttymodes.c]
     move #include <termios.h> out of includes.h; ok markus@
2006-03-15 11:11:28 +11:00
Damien Miller
e204f6aa0d - reyk@cvs.openbsd.org 2006/01/30 12:22:22
[channels.c]
     mark channel as write failed or dead instead of read failed on error
     of the channel output filter.
     ok markus@
2006-01-31 21:47:15 +11:00
Damien Miller
a969437645 - (djm) [channels.c] clean up harmless merge error, from reyk@ 2006-01-04 07:27:50 +11:00
Damien Miller
077b23864f - reyk@cvs.openbsd.org 2005/12/30 15:56:37
[channels.c channels.h clientloop.c]
     add channel output filter interface.
     ok djm@, suggested by markus@
2005-12-31 16:22:32 +11:00
Damien Miller
5eb137c6d1 - (djm) OpenBSD CVS Sync
- stevesk@cvs.openbsd.org 2005/12/28 22:46:06
     [canohost.c channels.c clientloop.c]
     use 'break-in' for consistency; ok deraadt@ ok and input jmc@
2005-12-31 16:19:53 +11:00
Damien Miller
d47c62a714 - markus@cvs.openbsd.org 2005/12/12 13:46:18
[channels.c channels.h session.c]
     make sure protocol messages for internal channels are ignored.
     allow adjust messages for non-open channels; with and ok djm@
2005-12-13 19:33:57 +11:00
Damien Miller
d27b947178 - reyk@cvs.openbsd.org 2005/12/06 22:38:28
[auth-options.c auth-options.h channels.c channels.h clientloop.c]
     [misc.c misc.h readconf.c readconf.h scp.c servconf.c servconf.h]
     [serverloop.c sftp.c ssh.1 ssh.c ssh_config ssh_config.5 sshconnect.c]
     [sshconnect.h sshd.8 sshd_config sshd_config.5]
     Add support for tun(4) forwarding over OpenSSH, based on an idea and
     initial channel code bits by markus@. This is a simple and easy way to
     use OpenSSH for ad hoc virtual private network connections, e.g.
     administrative tunnels or secure wireless access. It's based on a new
     ssh channel and works similar to the existing TCP forwarding support,
     except that it depends on the tun(4) network interface on both ends of
     the connection for layer 2 or layer 3 tunneling. This diff also adds
     support for LocalCommand in the ssh(1) client.

     ok djm@, markus@, jmc@ (manpages), tested and discussed with others
2005-12-13 19:29:02 +11:00
Damien Miller
0a0176e9f3 - stevesk@cvs.openbsd.org 2005/10/14 02:29:37
[channels.c clientloop.c]
     free()->xfree(); ok djm@
2005-11-05 15:07:59 +11:00
Damien Miller
5e7fd076f5 - djm@cvs.openbsd.org 2005/10/11 23:37:37
[channels.c]
     bz #1076 set SO_REUSEADDR on X11 forwarding listner sockets, preventing
     bind() failure when a previous connection's listeners are in TIME_WAIT,
     reported by plattner AT inf.ethz.ch; ok dtucker@
2005-11-05 14:53:39 +11:00
Damien Miller
39eda6eb6a - djm@cvs.openbsd.org 2005/10/10 10:23:08
[channels.c channels.h clientloop.c serverloop.c session.c]
     fix regression I introduced in 4.2: X11 forwardings initiated after
     a session has exited (e.g. "(sleep 5; xterm) &") would not start.
     bz #1086 reported by t8m AT centrum.cz; ok markus@ dtucker@
2005-11-05 14:52:50 +11:00
Darren Tucker
d3d0fa1558 - markus@cvs.openbsd.org 2005/09/07 08:53:53
[channels.c]
     enforce chanid != NULL; ok djm
2005-10-03 18:03:05 +10:00
Damien Miller
0dc1bef12d - djm@cvs.openbsd.org 2005/07/17 07:17:55
[auth-rh-rsa.c auth-rhosts.c auth2-chall.c auth2-gss.c channels.c]
     [cipher-ctr.c gss-genr.c gss-serv.c kex.c moduli.c readconf.c]
     [serverloop.c session.c sftp-client.c sftp.c ssh-add.c ssh-keygen.c]
     [sshconnect.c sshconnect2.c]
     knf says that a 2nd level indent is four (not three or five) spaces
2005-07-17 17:22:45 +10:00
Damien Miller
2b9b045d93 - (djm) [auth-pam.c sftp.c] spaces vs. tabs at start of line
- djm@cvs.openbsd.org 2005/07/17 06:49:04
     [channels.c channels.h session.c session.h]
     Fix a number of X11 forwarding channel leaks:
     1. Refuse multiple X11 forwarding requests on the same session
     2. Clean up all listeners after a single_connection X11 forward, not just
        the one that made the single connection
     3. Destroy X11 listeners when the session owning them goes away
     testing and ok dtucker@
2005-07-17 17:19:24 +10:00
Damien Miller
46d38de48b - djm@cvs.openbsd.org 2005/07/16 01:35:24
[auth1.c channels.c cipher.c clientloop.c kex.c session.c ssh.c]
     [sshconnect.c]
     spacing
2005-07-17 17:02:09 +10:00
Damien Miller
f92c0794ec - markus@cvs.openbsd.org 2005/07/04 14:04:11
[channels.c]
     don't forget to set x11_saved_display
2005-07-06 09:45:26 +10:00
Damien Miller
1339002e8b - djm@cvs.openbsd.org 2005/07/04 00:58:43
[channels.c clientloop.c clientloop.h misc.c misc.h ssh.c ssh_config.5]
     implement support for X11 and agent forwarding over multiplex slave
     connections. Because of protocol limitations, the slave connections inherit
     the master's DISPLAY and SSH_AUTH_SOCK rather than distinctly forwarding
     their own.
     ok dtucker@ "put it in" deraadt@
2005-07-06 09:44:19 +10:00
Damien Miller
a7270309fc - markus@cvs.openbsd.org 2005/07/01 13:19:47
[channels.c]
     don't free() if getaddrinfo() fails; report mpech@
2005-07-06 09:36:05 +10:00
Damien Miller
eccb9de72a - djm@cvs.openbsd.org 2005/06/17 02:44:33
[auth-rsa.c auth.c auth1.c auth2-chall.c auth2-gss.c authfd.c authfile.c]
     [bufaux.c canohost.c channels.c cipher.c clientloop.c dns.c gss-serv.c]
     [kex.c kex.h key.c mac.c match.c misc.c packet.c packet.h scp.c]
     [servconf.c session.c session.h sftp-client.c sftp-server.c sftp.c]
     [ssh-keyscan.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c sshd.c]
     make this -Wsign-compare clean; ok avsm@ markus@
     NB. auth1.c changes not committed yet (conflicts with uncommitted sync)
     NB2. more work may be needed to make portable Wsign-compare clean
2005-06-17 12:59:34 +10:00
Damien Miller
677257fe07 - markus@cvs.openbsd.org 2005/06/16 08:00:00
[canohost.c channels.c sshd.c]
     don't exit if getpeername fails for forwarded ports; bugzilla #1054;
     ok djm
2005-06-17 12:55:03 +10:00
Damien Miller
17e7ed0e75 - (djm) OpenBSD CVS Sync
- djm@cvs.openbsd.org 2005/06/16 03:38:36
     [channels.c channels.h clientloop.c clientloop.h ssh.c]
     move x11_get_proto from ssh.c to clientloop.c, to make muliplexed xfwd
     easier later; ok deraadt@
2005-06-17 12:54:33 +10:00
Darren Tucker
11327cc5d7 - markus@cvs.openbsd.org 2005/03/14 11:46:56
[buffer.c buffer.h channels.c]
     limit input buffer size for channels; bugzilla #896; with and ok dtucker@
2005-03-14 23:22:25 +11:00
Darren Tucker
47eede77ed - deraadt@cvs.openbsd.org 2005/03/10 22:01:05
[misc.c ssh-keygen.c servconf.c clientloop.c auth-options.c ssh-add.c
     monitor.c sftp-client.c bufaux.h hostfile.c ssh.c sshconnect.c channels.c
     readconf.c bufaux.c sftp.c]
     spacing
2005-03-14 23:08:12 +11:00
Damien Miller
f91ee4c3de - djm@cvs.openbsd.org 2005/03/01 10:09:52
[auth-options.c channels.c channels.h clientloop.c compat.c compat.h]
     [misc.c misc.h readconf.c readconf.h servconf.c ssh.1 ssh.c ssh_config.5]
     [sshd_config.5]
     bz#413: allow optional specification of bind address for port forwardings.
     Patch originally by Dan Astorian, but worked on by several people
     Adds GatewayPorts=clientspecified option on server to allow remote
     forwards to bind to client-specified ports.
2005-03-01 21:24:33 +11:00
Darren Tucker
5d78de6283 - djm@cvs.openbsd.org 2004/10/29 21:47:15
[channels.c channels.h clientloop.c]
     fix some window size change bugs for multiplexed connections: windows sizes
     were not being updated if they had changed after ~^Z suspends and SIGWINCH
     was not being processed unless the first connection had requested a tty;
     ok markus
2004-11-05 20:35:44 +11:00
Darren Tucker
e6ed83976b - djm@cvs.openbsd.org 2004/08/23 11:48:47
[channels.c]
     typo, spotted by Martin.Kraemer AT Fujitsu-Siemens.com; ok markus
2004-08-29 16:29:44 +10:00
Darren Tucker
c7a6fc41bf - avsm@cvs.openbsd.org 2004/08/11 21:43:05
[channels.c channels.h clientloop.c misc.c misc.h serverloop.c ssh-agent.c]
     some signed/unsigned int comparison cleanups; markus@ ok
2004-08-13 21:18:00 +10:00
Darren Tucker
fc9597034b - deraadt@cvs.openbsd.org 2004/07/11 17:48:47
[channels.c cipher.c clientloop.c clientloop.h compat.h moduli.c
     readconf.c nchan.c pathnames.h progressmeter.c readconf.h servconf.c
     session.c sftp-client.c sftp.c ssh-agent.1 ssh-keygen.c ssh.c ssh1.h
     sshd.c ttymodes.h]
     spaces
2004-07-17 16:12:08 +10:00
Darren Tucker
3f9fdc7121 - avsm@cvs.openbsd.org 2004/06/21 17:36:31
[auth-rsa.c auth2-gss.c auth2-pubkey.c authfile.c canohost.c channels.c
     cipher.c dns.c kex.c monitor.c monitor_fdpass.c monitor_wrap.c
     monitor_wrap.h nchan.c packet.c progressmeter.c scp.c sftp-server.c sftp.c
     ssh-gss.h ssh-keygen.c ssh.c sshconnect.c sshconnect1.c sshlogin.c
     sshpty.c]
     make ssh -Wshadow clean, no functional changes
     markus@ ok

There are also some portable-specific -Wshadow warnings to be fixed in
monitor.c and montior_wrap.c.
2004-06-22 12:56:01 +10:00
Damien Miller
3bbd878c2e - djm@cvs.openbsd.org 2004/06/18 11:11:54
[channels.c clientloop.c]
     Don't explode in clientloop when we receive a bogus channel id, but
     also don't generate them to begin with; ok markus@
2004-06-18 22:23:22 +10:00
Damien Miller
232711f6db - djm@cvs.openbsd.org 2004/06/14 01:44:39
[channels.c clientloop.c misc.c misc.h packet.c ssh-agent.c ssh-keyscan.c]
     [sshd.c]
     set_nonblock() instead of fnctl(...,O_NONBLOCK); "looks sane" deraadt@
2004-06-15 10:35:30 +10:00
Damien Miller
0e220dbfbc - djm@cvs.openbsd.org 2004/06/13 15:03:02
[channels.c channels.h clientloop.c clientloop.h includes.h readconf.c]
     [readconf.h scp.1 sftp.1 ssh.1 ssh.c ssh_config.5]
     implement session multiplexing in the client (the server has supported
     this since 2.0); ok markus@
2004-06-15 10:34:08 +10:00
Damien Miller
3e4dffb140 - markus@cvs.openbsd.org 2004/05/26 23:02:39
[channels.c]
     missing freeaddrinfo; Andrey Matveev
2004-06-15 10:27:15 +10:00
Darren Tucker
e7066dfde3 - djm@cvs.openbsd.org 2004/05/21 11:33:11
[channels.c channels.h clientloop.c serverloop.c ssh.1]
     bz #756: add support for the cancel-tcpip-forward request for the server and
     the client (through the ~C commandline). reported by z3p AT twistedmatrix.com;
     ok markus@
2004-05-24 10:18:05 +10:00
Darren Tucker
1f8311c836 - deraadt@cvs.openbsd.org 2004/05/11 19:01:43
[auth.c auth2-none.c authfile.c channels.c monitor.c monitor_mm.c
     packet.c packet.h progressmeter.c session.c openbsd-compat/xmmap.c]
     improve some code lint did not like; djm millert ok
2004-05-13 16:39:33 +10:00
Damien Miller
a04ad496f6 - markus@cvs.openbsd.org 2004/01/19 09:24:21
[channels.c]
     fake consumption for half closed channels since the peer is waiting for
     window adjust messages; bugzilla #790 Matthew Dillon; test + ok dtucker@
     reproduce with sh -c 'ulimit -f 10; ssh host -n od /bsd | cat > foo'
2004-01-21 11:02:09 +11:00
Darren Tucker
3175eb9a5a - markus@cvs.openbsd.org 2003/12/02 17:01:15
[channels.c session.c ssh-agent.c ssh.h sshd.c]
     use SSH_LISTEN_BACKLOG (=128) in listen(2).
2003-12-09 19:15:11 +11:00
Darren Tucker
240fdfa909 - (dtucker) [channels.c] Make AIX write limit code clearer. Suggested by djm@ 2003-11-22 14:10:02 +11:00
Damien Miller
787b2ec18c more whitespace (tabs this time) 2003-11-21 23:56:47 +11:00
Damien Miller
a8e06cef35 - djm@cvs.openbsd.org 2003/11/21 11:57:03
[everything]
     unexpand and delete whitespace at EOL; ok markus@
     (done locally and RCS IDs synced)
2003-11-21 23:48:55 +11:00
Darren Tucker
5dcdd219fb - markus@cvs.openbsd.org 2003/09/23 20:41:11
[channels.c channels.h clientloop.c]
     move client only agent code to clientloop.c
2003-10-02 16:17:00 +10:00
Darren Tucker
3dbff2a93b - markus@cvs.openbsd.org 2003/09/19 11:31:33
[channels.c]
     do not call channel_free_all on fatal; ok deraadt
2003-09-22 21:12:56 +10:00
Damien Miller
5efcecc265 - (djm) OpenBSD Sync
- markus@cvs.openbsd.org 2003/09/16 21:02:40
     [buffer.c channels.c version.h]
     more malloc/fatal fixes; ok millert/deraadt; ghudson at MIT.EDU
2003-09-17 07:31:14 +10:00
Damien Miller
fbdeecef92 - markus@cvs.openbsd.org 2003/08/29 10:04:36
[channels.c nchan.c]
     be less chatty; debug -> debug2, cleanup; ok henning@
2003-09-02 22:52:31 +10:00
Darren Tucker
46471c9a81 - markus@cvs.openbsd.org 2003/07/02 14:51:16
[channels.c ssh.1 ssh_config.5]
     (re)add socks5 suppport to -D; ok djm@
     now ssh(1) can act both as a socks 4 and socks 5 server and
     dynamically forward ports.
2003-07-03 13:55:19 +10:00
Darren Tucker
9189ff89c3 - markus@cvs.openbsd.org 2003/07/02 12:56:34
[channels.c]
     deny dynamic forwarding with -R for v1, too; ok djm@
2003-07-03 13:52:04 +10:00
Darren Tucker
502d384b74 - markus@cvs.openbsd.org 2003/06/24 08:23:46
[auth2-hostbased.c auth2-pubkey.c auth2.c channels.c key.c key.h
      monitor.c packet.c packet.h serverloop.c sshconnect2.c sshd.c]
     int -> u_int; ok djm@, deraadt@, mouring@
2003-06-28 12:38:01 +10:00
Damien Miller
b1ca8bb159 - markus@cvs.openbsd.org 2003/05/11 20:30:25
[channels.c clientloop.c serverloop.c session.c ssh.c]
     make channel_new() strdup the 'remote_name' (not the caller); ok theo
2003-05-14 13:45:42 +10:00
Damien Miller
2372ace572 - markus@cvs.openbsd.org 2003/04/14 14:17:50
[channels.c sshconnect.c sshd.c ssh-keyscan.c]
     avoid hardcoded SOCK_xx; with itojun@; should allow ssh over SCTP
2003-05-14 13:42:23 +10:00
Damien Miller
d558092522 - (djm) RCSID sync w/ OpenBSD 2003-05-14 13:40:06 +10:00