summaryrefslogtreecommitdiffstats
path: root/channels.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* upstream: De-magic the x11 base port number into a define. ok djm@dtucker@openbsd.org2024-12-051-7/+9
| | | | OpenBSD-Commit-ID: 23b85ca9d222cb739b9c33ee5e4d6ac9fdeecbfa
* upstream: Prevent integer overflow in x11 port handling. These aredtucker@openbsd.org2024-12-051-5/+6
| | | | | | | | theoretically possible if the admin misconfigures X11DisplayOffset or the user misconfigures their own $DISPLAY, but don't happen in normal operation. From Suhov Roman via bz#3730, ok djm@ OpenBSD-Commit-ID: e9e3860f1a19b862ccf07dc8ecbe8f1e1034f4ed
* upstream: don't start the ObscureKeystrokeTiming mitigations ifdjm@openbsd.org2024-10-141-1/+20
| | | | | | | | | there has been traffic on a X11 forwarding channel recently. Should fix X11 forwarding performance problems when this setting is enabled. Patch from Antonio Larrosa via bz3655 OpenBSD-Commit-ID: 820284a92eb4592fcd3d181a62c1b86b08a4a7ab
* upstream: Fix proxy multiplexing (-O proxy) bugdjm@openbsd.org2024-07-261-3/+5
| | | | | | | | | | | | | | If a mux started with ControlPersist then later has a forwarding added using mux proxy connection and the forwarding was used, then when the mux proxy session terminates, the mux master process will send a channel close to the server with a bad channel ID and crash the connection. This was caused by my stupidly reusing c->remote_id for mux channel associations when I should have just added another member to struct channel. ok markus@ OpenBSD-Commit-ID: c9f474e0124e3fe456c5e43749b97d75e65b82b2
* upstream: Start the process of splitting sshd into separatedjm@openbsd.org2024-05-171-21/+1
| | | | | | | | | | | | | | | | | | | | binaries. This step splits sshd into a listener and a session binary. More splits are planned. After this changes, the listener binary will validate the configuration, load the hostkeys, listen on port 22 and manage MaxStartups only. All session handling will be performed by a new sshd-session binary that the listener fork+execs. This reduces the listener process to the minimum necessary and sets us up for future work on the sshd-session binary. feedback/ok markus@ deraadt@ NB. if you're updating via source, please restart sshd after installing, otherwise you run the risk of locking yourself out. OpenBSD-Commit-ID: 43c04a1ab96cdbdeb53d2df0125a6d42c5f19934
* upstream: fix memory leak in mux proxy mode when requesting forwarding.djm@openbsd.org2024-03-061-4/+3
| | | | | | found by RASU JSC, reported by Maks Mishin in GHPR#467 OpenBSD-Commit-ID: 97d96a166b1ad4b8d229864a553e3e56d3116860
* upstream: add a "global" ChannelTimeout type to ssh(1) and sshd(8)djm@openbsd.org2024-01-091-17/+57
| | | | | | | | | | | | | | | that watches all open channels and will close all open channels if there is no traffic on any of them for the specified interval. This is in addition to the existing per-channel timeouts added a few releases ago. This supports use-cases like having a session + x11 forwarding channel open where one may be idle for an extended period but the other is actively used. The global timeout would allow closing both channels when both have been idle for too long. ok dtucker@ OpenBSD-Commit-ID: 0054157d24d2eaa5dc1a9a9859afefc13d1d7eb3
* upstream: stricter handling of channel window limitsdjm@openbsd.org2023-12-181-5/+14
| | | | | | | | | | | | This makes ssh/sshd more strict in handling non-compliant peers that send more data than the advertised channel window allows. Previously the additional data would be silently discarded. This change will cause ssh/sshd to terminate the connection if the channel window is exceeded by more than a small grace allowance. ok markus@ OpenBSD-Commit-ID: 811e21b41831eba3dd7f67b3d409a438f20d3037
* upstream: when deciding whether to enable keystroke timingdjm@openbsd.org2023-11-151-1/+18
| | | | | | | | | obfuscation, only consider enabling it when a channel with a tty is open. Avoids turning on the obfucation when X11 forwarding only is in use, which slows it right down. Reported by Roger Marsh OpenBSD-Commit-ID: c292f738db410f729190f92de100c39ec931a4f1
* upstream: make channel_output_poll() return a flag indicatingdjm@openbsd.org2023-09-041-13/+22
| | | | | | | whether channel data was enqueued. Will be used to improve keystroke timing obfuscation. Problem spotted by / tested by naddy@ OpenBSD-Commit-ID: f9776c7b0065ba7c3bbe50431fd3b629f44314d0
* upstream: add support for unix domain sockets to ssh -Wdlg@openbsd.org2023-07-071-3/+4
| | | | | | ok djm@ dtucker@ OpenBSD-Commit-ID: 3e6d47567b895c7c28855c7bd614e106c987a6d8
* upstream: Store timeouts as int, not u_int as they are limited tomillert@openbsd.org2023-06-201-5/+5
| | | | | | | INT_MAX. Fixes sign compare warnings systems with 32-bit time_t due to type promotion. OK djm@ OpenBSD-Commit-ID: 48081e9ad35705c5f1705711704a4c2ff94e87b7
* don't call connect() on negative socketDamien Miller2023-03-311-1/+3
| | | | Coverity CID 405037
* upstream: Expliticly ignore return code from fcntl(.. FD_CLOEXEC) sincedtucker@openbsd.org2023-03-101-4/+4
| | | | | | there's not much we can do anyway. From Coverity CID 291857, ok djm@ OpenBSD-Commit-ID: 051429dd07af8db3fec10d82cdc78d90bb051729
* upstream: refactor to be more readable top to bottom. Prompted bydjm@openbsd.org2023-03-081-11/+19
| | | | | | Coverity CID 405048 which was a false-positive fd leak; ok dtucker@ OpenBSD-Commit-ID: fc55ec2af622a017defb9b768bf26faefc792c00
* upstream: Use time_t for x11 timeout.dtucker@openbsd.org2023-03-041-4/+4
| | | | | | | Use time_t instead of u_int for remaining x11 timeout checks for 64bit time_t safety. From Coverity CIDs 405197 and 405028, ok djm@ OpenBSD-Commit-ID: 356685bfa1fc3d81bd95722d3fc47101cc1a4972
* upstream: when restoring non-blocking mode to stdio fds, restoredjm@openbsd.org2023-01-181-5/+14
| | | | | | | | | exactly the flags that ssh started with and don't just clobber them with zero, as this could also remove the append flag from the set; bz3523; ok dtucker@ OpenBSD-Commit-ID: 1336b03e881db7564a4b66014eb24c5230e9a0c0
* upstream: Implement channel inactivity timeoutsdjm@openbsd.org2023-01-061-12/+106
| | | | | | | | | | | | | | | This adds a sshd_config ChannelTimeouts directive that allows channels that have not seen traffic in a configurable interval to be automatically closed. Different timeouts may be applied to session, X11, agent and TCP forwarding channels. Note: this only affects channels over an opened SSH connection and not the connection itself. Most clients close the connection when their channels go away, with a notable exception being ssh(1) in multiplexing mode. ok markus dtucker OpenBSD-Commit-ID: ae8bba3ed9d9f95ff2e2dc8dcadfa36b48e6c0b8
* upstream: Add channel_set_xtype()djm@openbsd.org2023-01-061-3/+23
| | | | | | | | | | This sets an "extended" channel type after channel creation (e.g. "session:subsystem:sftp") that will be used for setting channel inactivity timeouts. ok markus dtucker OpenBSD-Commit-ID: 42564aa92345045b4a74300528f960416a15d4ca
* upstream: tweak channel ctype namesdjm@openbsd.org2023-01-061-9/+9
| | | | | | | | | These are now used by sshd_config:ChannelTimeouts to specify timeouts by channel type, so force them all to use a similar format without whitespace. ok dtucker markus OpenBSD-Commit-ID: 66834765bb4ae14f96d2bb981ac98a7dae361b65
* upstream: Add channel_force_close()djm@openbsd.org2023-01-061-14/+29
| | | | | | | | | | | | | | | This will forcibly close an open channel by simulating read/write errors, draining the IO buffers and calling the detach function. Previously the detach function was only ever called during channel garbage collection, but there was no way to signal the user of a channel (e.g. session.c) that its channel was being closed deliberately (vs. by the usual state-machine logic). So this adds an extra "force" argument to the channel cleanup callback to indicate this condition. ok markus dtucker OpenBSD-Commit-ID: 23052707a42bdc62fda2508636e624afd466324b
* upstream: replace manual poll/ppoll timeout math with ptimeout APIdjm@openbsd.org2023-01-061-18/+9
| | | | | | feedback markus / ok markus dtucker OpenBSD-Commit-ID: c5ec4f2d52684cdb788cd9cbc1bcf89464014be2
* upstream: In channel_request_remote_forwarding the parameters formbuhl@openbsd.org2022-11-301-7/+6
| | | | | | | permission_set_add are leaked as they are also duplicated in the call. Found by CodeChecker. ok djm OpenBSD-Commit-ID: 4aef50fa9be7c0b138188814c8fe3dccc196f61e
* avoid Wuninitialized false positive in gcc-12ishDamien Miller2022-09-191-1/+1
|
* upstream: better debugging for connect_next()djm@openbsd.org2022-09-191-7/+8
| | | | OpenBSD-Commit-ID: d16a307a0711499c971807f324484ed3a6036640
* upstream: channel_new no longer frees remote_name. So update thedjm@openbsd.org2022-05-051-4/+4
| | | | | | | comment accordingly. As remote_name is not modified, it can be const as well. From Martin Vahlensieck OpenBSD-Commit-ID: e4e10dc8dc9f40c166ea5a8e991942bedc75a76a
* upstream: make sure stdout is non-blocking; ok djm@markus@openbsd.org2022-05-051-4/+9
| | | | OpenBSD-Commit-ID: 64940fffbd1b882eda2d7c8c7a43c79368309c0d
* upstream: Try to continue running local I/O for channels in statedjm@openbsd.org2022-04-201-6/+5
| | | | | | | | OPEN during SSH transport rekeying. The most visible benefit is that it should make ~-escapes work in the client (e.g. to exit) if the connection happened to have stalled during a rekey event. Based work by and ok dtucker@ OpenBSD-Commit-ID: a66e8f254e92edd4ce09c9f750883ec8f1ea5f45
* upstream: clear io_want/io_ready flags at start of poll() cycle;djm@openbsd.org2022-04-121-2/+7
| | | | | | | avoids plausible spin during rekeying if channel io_want flags are reused across cycles. ok markus@ deraadt@ OpenBSD-Commit-ID: 91034f855b7c73cd2591657c49ac30f10322b967
* upstream: fix poll() spin when a channel's output fd closes withoutdjm@openbsd.org2022-03-301-104/+118
| | | | | | | data in the channel buffer. Introduce more exact packing of channel fds into the pollfd array. fixes bz3405 and bz3411; ok deraadt@ markus@ OpenBSD-Commit-ID: 06740737849c9047785622ad5d472cb6a3907d10
* upstream: improve DEBUG_CHANNEL_POLL debugging messagedjm@openbsd.org2022-03-181-5/+5
| | | | OpenBSD-Commit-ID: 2275eb7bc4707d019b1a0194b9c92c0b78da848f
* upstream: check for EINTR/EAGAIN failures in the rfd fast-path; caughtdjm@openbsd.org2022-02-171-1/+4
| | | | | | by dtucker's minix3 vm :) ok dtucker@ OpenBSD-Commit-ID: 2e2c895a3e82ef347aa6694394a76a438be91361
* Put poll.h inside ifdef.Darren Tucker2022-02-101-0/+2
|
* upstream: Use sshbuf_read() to read directly into the channel inputdjm@openbsd.org2022-01-251-9/+41
| | | | | | | | buffer rather than into a stack buffer that needs to be copied again; Improves performance by about 1% on cipher-speed.sh feedback dtucker@ ok markus@ OpenBSD-Commit-ID: bf5e6e3c821ac3546dc8241d8a94e70d47716572
* restore tty force-read hackDamien Miller2022-01-221-2/+2
| | | | | | | | This portable-specific hack fixes a hang on exit for ttyful sessions on Linux and some SysVish Unix variants. It was accidentally disabled in commit 5c79952dfe1a (a precursor to the mainloop poll(2) conversion). Spotted by John in bz3383
* upstream: convert ssh, sshd mainloops from select() to poll();djm@openbsd.org2022-01-061-127/+270
| | | | | | feedback & ok deraadt@ and markus@ has been in snaps for a few months OpenBSD-Commit-ID: a77e16a667d5b194dcdb3b76308b8bba7fa7239c
* upstream: prepare for conversion of ssh, sshd mainloop fromdjm@openbsd.org2022-01-061-82/+128
| | | | | | | select() to poll() by moving FD_SET construction out of channel handlers into separate functions. ok markus OpenBSD-Commit-ID: 937fbf2a4de12b19fb9d5168424e206124807027
* upstream: spelling ok dtucker@jsg@openbsd.org2022-01-011-2/+2
| | | | OpenBSD-Commit-ID: bfc7ba74c22c928de2e257328b3f1274a3dfdf19
* remove sys/param.h in -portable, after upstreamDamien Miller2021-12-211-1/+1
|
* upstream: put back the mux_ctx memleak fix for SSH_CHANNEL_MUX_CLIENTmbuhl@openbsd.org2021-09-151-3/+5
| | | | | | OK mfriedl@ OpenBSD-Commit-ID: 1aba1da828956cacaadb81a637338734697d9798
* Remove duplicate error on error path.Darren Tucker2021-07-031-1/+0
| | | | | There's an extra error() call on the listen error path, it looks like its removal was missed during an upstream sync.
* Remove some whitespace not in upstream.Darren Tucker2021-07-031-1/+1
| | | | Reduces diff vs OpenBSD by a small amount.
* upstream: restore blocking status on stdio fds before closedjm@openbsd.org2021-05-191-20/+47
| | | | | | | | | | | | | | | | | | | | | | | | | | ssh(1) needs to set file descriptors to non-blocking mode to operate but it was not restoring the original state on exit. This could cause problems with fds shared with other programs via the shell, e.g. > $ cat > test.sh << _EOF > #!/bin/sh > { > ssh -Fnone -oLogLevel=verbose ::1 hostname > cat /usr/share/dict/words > } | sleep 10 > _EOF > $ ./test.sh > Authenticated to ::1 ([::1]:22). > Transferred: sent 2352, received 2928 bytes, in 0.1 seconds > Bytes per second: sent 44338.9, received 55197.4 > cat: stdout: Resource temporarily unavailable This restores the blocking status for fds 0,1,2 (stdio) before ssh(1) abandons/closes them. This was reported as bz3280 and GHPR246; ok dtucker@ OpenBSD-Commit-ID: 8cc67346f05aa85a598bddf2383fcfcc3aae61ce
* polish whitespace for portable filesDamien Miller2021-04-031-1/+1
|
* upstream: highly polished whitespace, mostly fixing spaces-for-tabdjm@openbsd.org2021-04-031-4/+4
| | | | | | and bad indentation on continuation lines. Prompted by GHPR#185 OpenBSD-Commit-ID: e5c81f0cbdcc6144df1ce468ec1bac366d8ad6e9
* upstream: ssh: add PermitRemoteOpen for remote dynamic forwardingmarkus@openbsd.org2021-02-171-1/+20
| | | | | | with SOCKS ok djm@, dtucker@ OpenBSD-Commit-ID: 64fe7b6360acc4ea56aa61b66498b5ecc0a96a7c
* upstream: remove global variable used to stash compat flags and use thedjm@openbsd.org2021-01-271-5/+5
| | | | | | purpose-built ssh->compat variable instead; feedback/ok markus@ OpenBSD-Commit-ID: 7c4f200e112dae6bcf99f5bae1a5629288378a06
* upstream: use the new variant log macros instead of prependingdjm@openbsd.org2020-10-181-274/+189
| | | | | | __func__ and appending ssh_err(r) manually; ok markus@ OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8
* upstream: cap channel input buffer size at 16MB; avoids high memory usedjm@openbsd.org2020-09-201-1/+4
| | | | | | | | | | | when peer advertises a large window but is slow to consume the data we send (e.g. because of a slow network) reported by Pierre-Yves David fix with & ok markus@ OpenBSD-Commit-ID: 1452771f5e5e768876d3bfe2544e3866d6ade216
* upstream: put back the mux_ctx memleak fix, but only for channels ofdjm@openbsd.org2020-07-031-1/+5
| | | | | | | type SSH_CHANNEL_MUX_LISTENER; Specifically SSH_CHANNEL_MUX_PROXY channels should not have this structure freed. OpenBSD-Commit-ID: f3b213ae60405f77439e2b06262f054760c9d325