summaryrefslogtreecommitdiff
path: root/channels.c
Commit message (Collapse)AuthorAgeFilesLines
* don't call connect() on negative socketDamien Miller2023-03-311-1/+3
| | | | Coverity CID 405037
* upstream: Expliticly ignore return code from fcntl(.. FD_CLOEXEC) sincedtucker@openbsd.org2023-03-101-4/+4
| | | | | | there's not much we can do anyway. From Coverity CID 291857, ok djm@ OpenBSD-Commit-ID: 051429dd07af8db3fec10d82cdc78d90bb051729
* upstream: refactor to be more readable top to bottom. Prompted bydjm@openbsd.org2023-03-081-11/+19
| | | | | | Coverity CID 405048 which was a false-positive fd leak; ok dtucker@ OpenBSD-Commit-ID: fc55ec2af622a017defb9b768bf26faefc792c00
* upstream: Use time_t for x11 timeout.dtucker@openbsd.org2023-03-041-4/+4
| | | | | | | Use time_t instead of u_int for remaining x11 timeout checks for 64bit time_t safety. From Coverity CIDs 405197 and 405028, ok djm@ OpenBSD-Commit-ID: 356685bfa1fc3d81bd95722d3fc47101cc1a4972
* upstream: when restoring non-blocking mode to stdio fds, restoredjm@openbsd.org2023-01-181-5/+14
| | | | | | | | | exactly the flags that ssh started with and don't just clobber them with zero, as this could also remove the append flag from the set; bz3523; ok dtucker@ OpenBSD-Commit-ID: 1336b03e881db7564a4b66014eb24c5230e9a0c0
* upstream: Implement channel inactivity timeoutsdjm@openbsd.org2023-01-061-12/+106
| | | | | | | | | | | | | | | This adds a sshd_config ChannelTimeouts directive that allows channels that have not seen traffic in a configurable interval to be automatically closed. Different timeouts may be applied to session, X11, agent and TCP forwarding channels. Note: this only affects channels over an opened SSH connection and not the connection itself. Most clients close the connection when their channels go away, with a notable exception being ssh(1) in multiplexing mode. ok markus dtucker OpenBSD-Commit-ID: ae8bba3ed9d9f95ff2e2dc8dcadfa36b48e6c0b8
* upstream: Add channel_set_xtype()djm@openbsd.org2023-01-061-3/+23
| | | | | | | | | | This sets an "extended" channel type after channel creation (e.g. "session:subsystem:sftp") that will be used for setting channel inactivity timeouts. ok markus dtucker OpenBSD-Commit-ID: 42564aa92345045b4a74300528f960416a15d4ca
* upstream: tweak channel ctype namesdjm@openbsd.org2023-01-061-9/+9
| | | | | | | | | These are now used by sshd_config:ChannelTimeouts to specify timeouts by channel type, so force them all to use a similar format without whitespace. ok dtucker markus OpenBSD-Commit-ID: 66834765bb4ae14f96d2bb981ac98a7dae361b65
* upstream: Add channel_force_close()djm@openbsd.org2023-01-061-14/+29
| | | | | | | | | | | | | | | This will forcibly close an open channel by simulating read/write errors, draining the IO buffers and calling the detach function. Previously the detach function was only ever called during channel garbage collection, but there was no way to signal the user of a channel (e.g. session.c) that its channel was being closed deliberately (vs. by the usual state-machine logic). So this adds an extra "force" argument to the channel cleanup callback to indicate this condition. ok markus dtucker OpenBSD-Commit-ID: 23052707a42bdc62fda2508636e624afd466324b
* upstream: replace manual poll/ppoll timeout math with ptimeout APIdjm@openbsd.org2023-01-061-18/+9
| | | | | | feedback markus / ok markus dtucker OpenBSD-Commit-ID: c5ec4f2d52684cdb788cd9cbc1bcf89464014be2
* upstream: In channel_request_remote_forwarding the parameters formbuhl@openbsd.org2022-11-301-7/+6
| | | | | | | permission_set_add are leaked as they are also duplicated in the call. Found by CodeChecker. ok djm OpenBSD-Commit-ID: 4aef50fa9be7c0b138188814c8fe3dccc196f61e
* avoid Wuninitialized false positive in gcc-12ishDamien Miller2022-09-191-1/+1
|
* upstream: better debugging for connect_next()djm@openbsd.org2022-09-191-7/+8
| | | | OpenBSD-Commit-ID: d16a307a0711499c971807f324484ed3a6036640
* upstream: channel_new no longer frees remote_name. So update thedjm@openbsd.org2022-05-051-4/+4
| | | | | | | comment accordingly. As remote_name is not modified, it can be const as well. From Martin Vahlensieck OpenBSD-Commit-ID: e4e10dc8dc9f40c166ea5a8e991942bedc75a76a
* upstream: make sure stdout is non-blocking; ok djm@markus@openbsd.org2022-05-051-4/+9
| | | | OpenBSD-Commit-ID: 64940fffbd1b882eda2d7c8c7a43c79368309c0d
* upstream: Try to continue running local I/O for channels in statedjm@openbsd.org2022-04-201-6/+5
| | | | | | | | OPEN during SSH transport rekeying. The most visible benefit is that it should make ~-escapes work in the client (e.g. to exit) if the connection happened to have stalled during a rekey event. Based work by and ok dtucker@ OpenBSD-Commit-ID: a66e8f254e92edd4ce09c9f750883ec8f1ea5f45
* upstream: clear io_want/io_ready flags at start of poll() cycle;djm@openbsd.org2022-04-121-2/+7
| | | | | | | avoids plausible spin during rekeying if channel io_want flags are reused across cycles. ok markus@ deraadt@ OpenBSD-Commit-ID: 91034f855b7c73cd2591657c49ac30f10322b967
* upstream: fix poll() spin when a channel's output fd closes withoutdjm@openbsd.org2022-03-311-104/+118
| | | | | | | data in the channel buffer. Introduce more exact packing of channel fds into the pollfd array. fixes bz3405 and bz3411; ok deraadt@ markus@ OpenBSD-Commit-ID: 06740737849c9047785622ad5d472cb6a3907d10
* upstream: improve DEBUG_CHANNEL_POLL debugging messagedjm@openbsd.org2022-03-181-5/+5
| | | | OpenBSD-Commit-ID: 2275eb7bc4707d019b1a0194b9c92c0b78da848f
* upstream: check for EINTR/EAGAIN failures in the rfd fast-path; caughtdjm@openbsd.org2022-02-171-1/+4
| | | | | | by dtucker's minix3 vm :) ok dtucker@ OpenBSD-Commit-ID: 2e2c895a3e82ef347aa6694394a76a438be91361
* Put poll.h inside ifdef.Darren Tucker2022-02-101-0/+2
|
* upstream: Use sshbuf_read() to read directly into the channel inputdjm@openbsd.org2022-01-251-9/+41
| | | | | | | | buffer rather than into a stack buffer that needs to be copied again; Improves performance by about 1% on cipher-speed.sh feedback dtucker@ ok markus@ OpenBSD-Commit-ID: bf5e6e3c821ac3546dc8241d8a94e70d47716572
* restore tty force-read hackDamien Miller2022-01-221-2/+2
| | | | | | | | This portable-specific hack fixes a hang on exit for ttyful sessions on Linux and some SysVish Unix variants. It was accidentally disabled in commit 5c79952dfe1a (a precursor to the mainloop poll(2) conversion). Spotted by John in bz3383
* upstream: convert ssh, sshd mainloops from select() to poll();djm@openbsd.org2022-01-071-127/+270
| | | | | | feedback & ok deraadt@ and markus@ has been in snaps for a few months OpenBSD-Commit-ID: a77e16a667d5b194dcdb3b76308b8bba7fa7239c
* upstream: prepare for conversion of ssh, sshd mainloop fromdjm@openbsd.org2022-01-071-82/+128
| | | | | | | select() to poll() by moving FD_SET construction out of channel handlers into separate functions. ok markus OpenBSD-Commit-ID: 937fbf2a4de12b19fb9d5168424e206124807027
* upstream: spelling ok dtucker@jsg@openbsd.org2022-01-011-2/+2
| | | | OpenBSD-Commit-ID: bfc7ba74c22c928de2e257328b3f1274a3dfdf19
* remove sys/param.h in -portable, after upstreamDamien Miller2021-12-221-1/+1
|
* upstream: put back the mux_ctx memleak fix for SSH_CHANNEL_MUX_CLIENTmbuhl@openbsd.org2021-09-151-3/+5
| | | | | | OK mfriedl@ OpenBSD-Commit-ID: 1aba1da828956cacaadb81a637338734697d9798
* Remove duplicate error on error path.Darren Tucker2021-07-031-1/+0
| | | | | There's an extra error() call on the listen error path, it looks like its removal was missed during an upstream sync.
* Remove some whitespace not in upstream.Darren Tucker2021-07-031-1/+1
| | | | Reduces diff vs OpenBSD by a small amount.
* upstream: restore blocking status on stdio fds before closedjm@openbsd.org2021-05-191-20/+47
| | | | | | | | | | | | | | | | | | | | | | | | | | ssh(1) needs to set file descriptors to non-blocking mode to operate but it was not restoring the original state on exit. This could cause problems with fds shared with other programs via the shell, e.g. > $ cat > test.sh << _EOF > #!/bin/sh > { > ssh -Fnone -oLogLevel=verbose ::1 hostname > cat /usr/share/dict/words > } | sleep 10 > _EOF > $ ./test.sh > Authenticated to ::1 ([::1]:22). > Transferred: sent 2352, received 2928 bytes, in 0.1 seconds > Bytes per second: sent 44338.9, received 55197.4 > cat: stdout: Resource temporarily unavailable This restores the blocking status for fds 0,1,2 (stdio) before ssh(1) abandons/closes them. This was reported as bz3280 and GHPR246; ok dtucker@ OpenBSD-Commit-ID: 8cc67346f05aa85a598bddf2383fcfcc3aae61ce
* polish whitespace for portable filesDamien Miller2021-04-031-1/+1
|
* upstream: highly polished whitespace, mostly fixing spaces-for-tabdjm@openbsd.org2021-04-031-4/+4
| | | | | | and bad indentation on continuation lines. Prompted by GHPR#185 OpenBSD-Commit-ID: e5c81f0cbdcc6144df1ce468ec1bac366d8ad6e9
* upstream: ssh: add PermitRemoteOpen for remote dynamic forwardingmarkus@openbsd.org2021-02-171-1/+20
| | | | | | with SOCKS ok djm@, dtucker@ OpenBSD-Commit-ID: 64fe7b6360acc4ea56aa61b66498b5ecc0a96a7c
* upstream: remove global variable used to stash compat flags and use thedjm@openbsd.org2021-01-271-5/+5
| | | | | | purpose-built ssh->compat variable instead; feedback/ok markus@ OpenBSD-Commit-ID: 7c4f200e112dae6bcf99f5bae1a5629288378a06
* upstream: use the new variant log macros instead of prependingdjm@openbsd.org2020-10-181-274/+189
| | | | | | __func__ and appending ssh_err(r) manually; ok markus@ OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8
* upstream: cap channel input buffer size at 16MB; avoids high memory usedjm@openbsd.org2020-09-201-1/+4
| | | | | | | | | | | when peer advertises a large window but is slow to consume the data we send (e.g. because of a slow network) reported by Pierre-Yves David fix with & ok markus@ OpenBSD-Commit-ID: 1452771f5e5e768876d3bfe2544e3866d6ade216
* upstream: put back the mux_ctx memleak fix, but only for channels ofdjm@openbsd.org2020-07-031-1/+5
| | | | | | | type SSH_CHANNEL_MUX_LISTENER; Specifically SSH_CHANNEL_MUX_PROXY channels should not have this structure freed. OpenBSD-Commit-ID: f3b213ae60405f77439e2b06262f054760c9d325
* upstream: revert r1.399 - the lifetime of c->mux_ctx is more complex;djm@openbsd.org2020-07-031-3/+1
| | | | | | simply freeing it here causes other problems OpenBSD-Commit-ID: c6fee8ca94e2485faa783839541962be2834c5ed
* upstream: fix memory leak of mux_ctx; patch from Sergiy Lozovskydjm@openbsd.org2020-07-031-1/+3
| | | | | | via bz3189 ok dtucker OpenBSD-Commit-ID: db249bd4526fd42d0f4f43f72f7b8b7705253bde
* upstream: We've standardized on memset over bzero, replace a coupledtucker@openbsd.org2020-05-011-2/+2
| | | | | | that had slipped in. ok deraadt markus djm. OpenBSD-Commit-ID: f5be055554ee93e6cc66b0053b590bef3728dbd6
* upstream: fix uninitialized pointers for forward_cancel; ok djmmarkus@openbsd.org2020-03-131-3/+3
| | | | OpenBSD-Commit-ID: 612778e6d87ee865d0ba97d0a335f141cee1aa37
* upstream: change explicit_bzero();free() to freezero()jsg@openbsd.org2020-02-281-7/+4
| | | | | | | | | | While freezero() returns early if the pointer is NULL the tests for NULL in callers are left to avoid warnings about passing an uninitialised size argument across a function boundry. ok deraadt@ djm@ OpenBSD-Commit-ID: 2660fa334fcc7cd05ec74dd99cb036f9ade6384a
* upstream: the GatewayPorts vs -R listen address selection logic isdjm@openbsd.org2020-01-251-2/+7
| | | | | | | still confusing people, so add another comment explaining the special handling of "localhost"; bz#3258 OpenBSD-Commit-ID: e6bf0f0fbf1c7092bf0dbd9c6eab105970b5b53a
* wrap stdint.h include in HAVE_STDINT_HDamien Miller2019-10-091-1/+1
| | | | | | make the indenting a little more consistent too.. Fixes Solaris 2.6; reported by Tom G. Christensen
* upstream: Remove some set but never used variables. ok daraadt@dtucker@openbsd.org2019-07-081-3/+2
| | | | OpenBSD-Commit-ID: 824baf9c59afc66a4637017e397b9b74a41684e7
* upstream: When system calls indicate an error they return -1, notderaadt@openbsd.org2019-07-051-23/+23
| | | | | | | | some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future. OpenBSD-Commit-ID: 48081f00db7518e3b712a49dca06efc2a5428075
* upstream: Typo and spelling fixes in comments and error messages.dtucker@openbsd.org2019-06-081-2/+2
| | | | | | Patch from knweiss at gmail.com via -portable. OpenBSD-Commit-ID: 2577465442f761a39703762c4f87a8dfcb918b4b
* upstream: For PermitOpen violations add the remote host and port toflorian@openbsd.org2019-05-171-3/+21
| | | | | | | | | | | | | | be able to find out from where the request was comming. Add the same logging for PermitListen violations which where not logged at all. Pointed out by Robert Kisteleki (robert AT ripe.net) input markus OK deraadt OpenBSD-Commit-ID: 8a7d0f1b7175504c0d1dca8d9aca1588b66448c8
* upstream: Free channel objects on exit path. Patch from markus atdtucker@openbsd.org2019-05-081-4/+24
| | | | | | blueflash.cc, ok deraadt OpenBSD-Commit-ID: dbe4db381603909482211ffdd2b48abd72169117
View Lorry Controller Status