summaryrefslogtreecommitdiffstats
path: root/serverloop.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* upstream: Explicitly specify the signature algorithm when signingdjm@openbsd.org2024-11-261-2/+3
| | | | | | | | | | | | hostkeys-prove requests. Fixes a corner-case triggered by UpdateHostKeys with one or more unknown host keys stored in ssh-agent where sshd refuses to accept the signature coming back from the agent. Report/fix from Maxime Rey OpenBSD-Commit-ID: 460c7d527a24f92b7e5f68ca1a2fa242ebf0d086
* upstream: promote connection-closed messages from verbose to infodjm@openbsd.org2024-06-171-3/+3
| | | | | | | log level; they could be the only record of the connection terminating if the client doesn't send a SSH2_MSG_DISCONNECT message. ok dtucker@ OpenBSD-Commit-ID: 0c8bfaf5e9fdff945cee09ac21e641f6c5d65d3c
* upstream: Start the process of splitting sshd into separatedjm@openbsd.org2024-05-171-40/+4
| | | | | | | | | | | | | | | | | | | | binaries. This step splits sshd into a listener and a session binary. More splits are planned. After this changes, the listener binary will validate the configuration, load the hostkeys, listen on port 22 and manage MaxStartups only. All session handling will be performed by a new sshd-session binary that the listener fork+execs. This reduces the listener process to the minimum necessary and sets us up for future work on the sshd-session binary. feedback/ok markus@ deraadt@ NB. if you're updating via source, please restart sshd after installing, otherwise you run the risk of locking yourself out. OpenBSD-Commit-ID: 43c04a1ab96cdbdeb53d2df0125a6d42c5f19934
* upstream: correctly restore sigprocmask around ppoll() reporteddjm@openbsd.org2024-04-301-2/+2
| | | | | | by Tõivo Leedjärv; ok deraadt@ OpenBSD-Commit-ID: c0c0f89de5294a166578f071eade2501929c4686
* upstream: correct math for ClientAliveInterval that caused thedjm@openbsd.org2023-08-281-2/+2
| | | | | | probes to be sent less frequently than configured; from Dawid Majchrzak OpenBSD-Commit-ID: 641153e7c05117436ddfc58267aa267ca8b80038
* upstream: Delete obsolete /* ARGSUSED */ lint comments.guenther@openbsd.org2023-03-081-3/+1
| | | | | | ok miod@ millert@ OpenBSD-Commit-ID: 7be168a570264d59e96a7d2d22e927d45fee0e4c
* upstream: Remove unused compat.h includes.dtucker@openbsd.org2023-03-051-2/+1
| | | | | | | | We've previously removed a lot of the really old compatibility code, and with it went the need to include compat.h in most of the files that have it. OpenBSD-Commit-ID: 5af8baa194be00a3092d17598e88a5b29f7ea2b4
* upstream: Add a sshd_config UnusedConnectionTimeout option to terminatedjm@openbsd.org2023-01-171-5/+28
| | | | | | | | | | client connections that have no open channels for some length of time. This complements the recently-added ChannelTimeout option that terminates inactive channels after a timeout. ok markus@ OpenBSD-Commit-ID: ca983be74c0350364c11f8ba3bd692f6f24f5da9
* upstream: replace manual poll/ppoll timeout math with ptimeout APIdjm@openbsd.org2023-01-061-46/+23
| | | | | | feedback markus / ok markus dtucker OpenBSD-Commit-ID: c5ec4f2d52684cdb788cd9cbc1bcf89464014be2
* upstream: Try to continue running local I/O for channels in statedjm@openbsd.org2022-04-201-3/+2
| | | | | | | | OPEN during SSH transport rekeying. The most visible benefit is that it should make ~-escapes work in the client (e.g. to exit) if the connection happened to have stalled during a rekey event. Based work by and ok dtucker@ OpenBSD-Commit-ID: a66e8f254e92edd4ce09c9f750883ec8f1ea5f45
* Put poll.h inside ifdef.Darren Tucker2022-02-101-0/+2
|
* upstream: add a ssh_packet_process_read() function that reads fromdjm@openbsd.org2022-01-251-16/+13
| | | | | | | | | | | | | | a fd directly into the transport input buffer. Use this in the client and server mainloops to avoid unnecessary copying. It also lets us use a more greedy read size without penalty. Yields a 2-3% performance gain on cipher-speed.sh (in a fairly unscientific test tbf) feedback dtucker@ ok markus@ OpenBSD-Commit-ID: df4112125bf79d8e38e79a77113e1b373078e632
* upstream: Fix signature algorithm selection logic fordjm@openbsd.org2022-01-061-9/+18
| | | | | | | | | | | | | UpdateHostkeys on the server side. The previous code tried to prefer RSA/SHA2 for hostkey proofs of RSA keys, but missed some cases. This will use RSA/SHA2 signatures for RSA keys if the client proposed these algorithms in initial KEX. bz3375 Mostly by Dmitry Belyavskiy with some tweaks by me. ok markus@ OpenBSD-Commit-ID: c17ba0c3236340d2c6a248158ebed042ac6a8029
* upstream: convert ssh, sshd mainloops from select() to poll();djm@openbsd.org2022-01-061-66/+67
| | | | | | feedback & ok deraadt@ and markus@ has been in snaps for a few months OpenBSD-Commit-ID: a77e16a667d5b194dcdb3b76308b8bba7fa7239c
* upstream: Explicitly check for and start time-based rekeying in thedjm@openbsd.org2021-07-161-2/+5
| | | | | | | | | | | | client and server mainloops. Previously the rekey timeout could expire but rekeying would not start until a packet was sent or received. This could cause us to spin in select() on the rekey timeout if the connection was quiet. ok markus@ OpenBSD-Commit-ID: 4356cf50d7900f3df0a8f2117d9e07c91b9ff987
* upstream: Replace SIGCHLD/notify_pipe kludge with pselect.dtucker@openbsd.org2021-06-251-80/+28
| | | | | | | | | | | | | | | Previously sshd's SIGCHLD handler would wake up select() by writing a byte to notify_pipe. We can remove this by blocking SIGCHLD, checking for child terminations then passing the original signal mask through to pselect. This ensures that the pselect will immediately wake up if a child terminates between wait()ing on them and the pselect. In -portable, for platforms that do not have pselect the kludge is still there but is hidden behind a pselect interface. Based on other changes for bz#2158, ok djm@ OpenBSD-Commit-ID: 202c85de0b3bdf1744fe53529a05404c5480d813
* sshd don't exit on transient read errorsDamien Miller2021-04-141-1/+1
| | | | | | openssh-8.5 introduced a regression that would cause sshd to exit because of transient read errors on the network socket (e.g. EINTR, EAGAIN). Reported by balu.gajjala AT gmail.com via bz3297
* upstream: highly polished whitespace, mostly fixing spaces-for-tabdjm@openbsd.org2021-04-031-2/+2
| | | | | | and bad indentation on continuation lines. Prompted by GHPR#185 OpenBSD-Commit-ID: e5c81f0cbdcc6144df1ce468ec1bac366d8ad6e9
* upstream: make ssh->kex->session_id a sshbuf instead of u_char*/size_tdjm@openbsd.org2021-01-271-3/+3
| | | | | | | and use that instead of global variables containing copies of it. feedback/ok markus@ OpenBSD-Commit-ID: a4b1b1ca4afd2e37cb9f64f737b30a6a7f96af68
* upstream: use the new variant log macros instead of prependingdjm@openbsd.org2020-10-181-46/+38
| | | | | | __func__ and appending ssh_err(r) manually; ok markus@ OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8
* upstream: start ClientAliveInterval bookkeeping before first passdjm@openbsd.org2020-07-031-1/+3
| | | | | | | through select() loop; fixed theoretical case where busy sshd may ignore timeouts from client; inspired by and ok dtucker OpenBSD-Commit-ID: 96bfc4b1f86c7da313882a84755b2b47eb31957f
* upstream: use sshpkt_fatal() instead of plain fatal() fordjm@openbsd.org2020-01-301-4/+5
| | | | | | | ssh_packet_write_poll() failures here too as the former yields better error messages; ok dtucker@ OpenBSD-Commit-ID: 1f7a6ca95bc2b716c2e948fc1370753be772d8e3
* upstream: make sshd_config:ClientAliveCountMax=0 disable thedjm@openbsd.org2020-01-261-2/+3
| | | | | | | | connection killing behaviour, rather than killing the connection after sending the first liveness test probe (regardless of whether the client was responsive) bz2627; ok markus OpenBSD-Commit-ID: 5af79c35f4c9fa280643b6852f524bfcd9bccdaf
* upstream: unrevert this:djm@openbsd.org2020-01-251-5/+3
| | | | | | | | | | | | > revision 1.217 > date: 2019/11/27 03:34:04; author: dtucker; state: Exp; lines: +5 -7; commitid: wkiMn49XJyjzoJIs; > Make channel_id u_int32_t and remove unnecessary check and cast that were > left over from the type conversion. Noted by t-hashida@amiya.co.jp in > bz#3098, ok markus@ djm@ Darren was right the first time; ok dtucker@ "agreed" markus@ OpenBSD-Commit-ID: 641dd1b99a6bbd85b7160da462ae1be83432c7c8
* upstream: Replace all calls to signal(2) with a wrapper arounddtucker@openbsd.org2020-01-231-5/+5
| | | | | | | | sigaction(2). This wrapper blocks all other signals during the handler preventing races between handlers, and sets SA_RESTART which should reduce the potential for short read/write operations. OpenBSD-Commit-ID: 5e047663fd77a40d7b07bdabe68529df51fd2519
* upstream: Revert previous commit. The channels code still uses intdtucker@openbsd.org2019-11-271-5/+7
| | | | | | in many places for channel ids so the INT_MAX check still makes sense. OpenBSD-Commit-ID: 532e4b644791b826956c3c61d6ac6da39bac84bf
* upstream: Make channel_id u_int32_t and remove unnecessary checkdtucker@openbsd.org2019-11-271-7/+5
| | | | | | | and cast that were left over from the type conversion. Noted by t-hashida@amiya.co.jp in bz#3098, ok markus@ djm@ OpenBSD-Commit-ID: 3ad105b6a905284e780b1fd7ff118e1c346e90b5
* upstream: When system calls indicate an error they return -1, notderaadt@openbsd.org2019-07-051-4/+4
| | | | | | | | some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future. OpenBSD-Commit-ID: 48081f00db7518e3b712a49dca06efc2a5428075
* upstream: fix interaction between ClientAliveInterval and RekeyLimitdjm@openbsd.org2019-03-271-3/+4
| | | | | | | that could cause connection to close incorrectly; Report and patch from Jakub Jelen in bz#2757; ok dtucker@ markus@ OpenBSD-Commit-ID: 17229a8a65bd8e6c2080318ec2b7a61e1aede3fb
* upstream: Reset last-seen time when sending a keepalive. Preventsdtucker@openbsd.org2019-03-081-6/+9
| | | | | | | | sending two keepalives successively and prematurely terminating connection when ClientAliveCount=1. While there, collapse two similar tests into one. ok markus@ OpenBSD-Commit-ID: 043670d201dfe222537a2a4bed16ce1087de5ddd
* upstream: fix error in refactor: use ssh_packet_disconnect() instead ofdjm@openbsd.org2019-01-191-4/+6
| | | | | | | sshpkt_error(). The first one logs the error and exits (what we want) instead of just logging and blundering on. OpenBSD-Commit-ID: 39f51b43641dce9ce0f408ea6c0e6e077e2e91ae
* upstream: remove last references to active_statedjm@openbsd.org2019-01-191-3/+3
| | | | | | with & ok markus@ OpenBSD-Commit-ID: 78619a50ea7e4ca2f3b54d4658b3227277490ba2
* upstream: convert serverloop.c to new packet APIdjm@openbsd.org2019-01-191-152/+204
| | | | | | with & ok markus@ OpenBSD-Commit-ID: c92dd19b55457541478f95c0d6b318426d86d885
* upstream: begin landing remaining refactoring of packet parsingdjm@openbsd.org2019-01-191-1/+4
| | | | | | | | | | | | | API, started almost exactly six years ago. This change stops including the old packet_* API by default and makes each file that requires the old API include it explicitly. We will commit file-by-file refactoring to remove the old API in consistent steps. with & ok markus@ OpenBSD-Commit-ID: 93c98a6b38f6911fd1ae025a1ec57807fb4d4ef4
* upstream: Remove uid checks from low port binds. Now that sshdtucker@openbsd.org2018-07-311-1/+12
| | | | | | | | | cannot be setuid and sshd always has privsep on, we can remove the uid checks for low port binds and just let the system do the check. We leave a sanity check for the !privsep case so long as the code is stil there. with & ok djm@ OpenBSD-Commit-ID: 9535cfdbd1cd54486fdbedfaee44ce4367ec7ca0
* upstream: remove legacy key emulation layer; ok djm@markus@openbsd.org2018-07-121-2/+2
| | | | OpenBSD-Commit-ID: 2b1f9619259e222bbd4fe9a8d3a0973eafb9dd8d
* upstream: sshd: switch config to sshbuf API; ok djm@markus@openbsd.org2018-07-101-2/+2
| | | | OpenBSD-Commit-ID: 72b02017bac7feac48c9dceff8355056bea300bd
* upstream: fix some over-long lines and __func__ up some debugdjm@openbsd.org2018-06-091-9/+9
| | | | | | messages OpenBSD-Commit-ID: c70a60b4c8207d9f242fc2351941ba50916bb267
* upstream: switch over to the new authorized_keys options API anddjm@openbsd.org2018-03-031-15/+18
| | | | | | | | | | | remove the legacy one. Includes a fairly big refactor of auth2-pubkey.c to retain less state between key file lines. feedback and ok markus@ OpenBSD-Commit-ID: dece6cae0f47751b9892080eb13d6625599573df
* Replace remaining mysignal() with signal().Darren Tucker2018-02-151-1/+1
| | | | | | These seem to have been missed during the replacement of mysignal with #define signal in commit 5ade9ab. Both include the requisite headers to pick up the #define.
* upstream Don't reset signal handlers inside handlers.dtucker@openbsd.org2018-02-121-4/+1
| | | | | | | | | | | The signal handlers from the original ssh1 code on which OpenSSH is based assume unreliable signals and reinstall their handlers. Since OpenBSD (and pretty much every current system) has reliable signals this is not needed. In the unlikely even that -portable is still being used on such systems we will deal with it in the compat layer. ok deraadt@ OpenBSD-Commit-ID: f53a1015cb6908431b92116130d285d71589612c
* Whitespace sync with upstream.Darren Tucker2018-02-121-0/+1
|
* upstream commitdjm@openbsd.org2018-01-231-5/+3
| | | | | | | | | | | | | Drop compatibility hacks for some ancient SSH implementations, including ssh.com <=2.* and OpenSSH <= 3.*. These versions were all released in or before 2001 and predate the final SSH RFCs. The hacks in question aren't necessary for RFC- compliant SSH implementations. ok markus@ OpenBSD-Commit-ID: 4be81c67db57647f907f4e881fb9341448606138
* upstream commitdjm@openbsd.org2017-12-191-3/+11
| | | | | | | | unbreak hostkey rotation; attempting to sign with a desired signature algorithm of kex->hostkey_alg is incorrect when the key type isn't capable of making those signatures. ok markus@ OpenBSD-Commit-ID: 35ae46864e1f5859831ec0d115ee5ea50953a906
* upstream commitdjm@openbsd.org2017-12-191-2/+3
| | | | | | | | pass negotiated signing algorithm though to sshkey_verify() and check that the negotiated algorithm matches the type in the signature (only matters for RSA SHA1/SHA2 sigs). ok markus@ OpenBSD-Commit-ID: 735fb15bf4adc060d3bee9d047a4bcaaa81b1af9
* upstream commitdtucker@openbsd.org2017-12-121-2/+4
| | | | | | | | Put remote client info back into the ClientAlive connection termination message. Based in part on diff from lars.nooden at gmail, ok djm OpenBSD-Commit-ID: 80a0f619a29bbf2f32eb5297a69978a0e05d0ee0
* upstream commitdjm@openbsd.org2017-10-231-2/+20
| | | | | | | | | | | | | | | Expose devices allocated for tun/tap forwarding. At the client, the device may be obtained from a new %T expansion for LocalCommand. At the server, the allocated devices will be listed in a SSH_TUNNEL variable exposed to the environment of any user sessions started after the tunnel forwarding was established. ok markus Upstream-ID: e61e53f8ae80566e9ddc0d67a5df5bdf2f3c9f9e
* adapt portable to channels API changesDamien Miller2017-09-121-1/+1
|
* upstream commitdjm@openbsd.org2017-09-121-1/+5
| | | | | | | | | | | | | | | Make remote channel ID a u_int Previously we tracked the remote channel IDs in an int, but this is strictly incorrect: the wire protocol uses uint32 and there is nothing in-principle stopping a SSH implementation from sending, say, 0xffff0000. In practice everyone numbers their channels sequentially, so this has never been a problem. ok markus@ Upstream-ID: b9f4cd3dc53155b4a5c995c0adba7da760d03e73
* upstream commitdjm@openbsd.org2017-09-121-53/+52
| | | | | | | | | | | | | | | | | | | | | | refactor channels.c Move static state to a "struct ssh_channels" that is allocated at runtime and tracked as a member of struct ssh. Explicitly pass "struct ssh" to all channels functions. Replace use of the legacy packet APIs in channels.c. Rework sshd_config PermitOpen handling: previously the configuration parser would call directly into the channels layer. After the refactor this is not possible, as the channels structures are allocated at connection time and aren't available when the configuration is parsed. The server config parser now tracks PermitOpen itself and explicitly configures the channels code later. ok markus@ Upstream-ID: 11828f161656b965cc306576422613614bea2d8f
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-18 08:51:40 +0100