summaryrefslogtreecommitdiff
path: root/session.c
Commit message (Collapse)AuthorAgeFilesLines
* - millert@cvs.openbsd.org 2014/07/15 15:54:14Damien Miller2014-07-181-26/+8
| | | | | | | | | | | | | | | | [PROTOCOL auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c] [auth-rsa.c auth.c auth1.c auth2-hostbased.c auth2-kbdint.c auth2-none.c] [auth2-passwd.c auth2-pubkey.c auth2.c canohost.c channels.c channels.h] [clientloop.c misc.c misc.h monitor.c mux.c packet.c readconf.c] [readconf.h servconf.c servconf.h serverloop.c session.c ssh-agent.c] [ssh.c ssh_config.5 sshconnect.c sshconnect1.c sshconnect2.c sshd.c] [sshd_config.5 sshlogin.c] Add support for Unix domain socket forwarding. A remote TCP port may be forwarded to a local Unix domain socket and vice versa or both ends may be a Unix domain socket. This is a reimplementation of the streamlocal patches by William Ahern from: http://www.25thandclement.com/~william/projects/streamlocal.html OK djm@ markus@
* - djm@cvs.openbsd.org 2014/07/03 22:40:43Damien Miller2014-07-041-2/+3
| | | | | | | [servconf.c servconf.h session.c sshd.8 sshd_config.5] Add a sshd_config PermitUserRC option to control whether ~/.ssh/rc is executed, mirroring the no-user-rc authorized_keys option; bz#2160; ok markus@
* - djm@cvs.openbsd.org 2014/07/03 03:34:09Damien Miller2014-07-031-2/+3
| | | | | | [gss-serv.c session.c ssh-keygen.c] standardise on NI_MAXHOST for gethostname() string lengths; about 1/2 the cases were using it already. Fixes bz#2239 en passant
* - (tim) [openssh/session.c] Work around to get chroot sftp working on UnixWareTim Rice2014-06-181-1/+14
|
* - djm@cvs.openbsd.org 2014/03/03 22:22:30Damien Miller2014-04-201-1/+1
| | | | | | | [session.c] ignore enviornment variables with embedded '=' or '\0' characters; spotted by Jann Horn; ok deraadt@ Id sync only - portable already has this.
* - djm@cvs.openbsd.org 2014/03/03 22:22:30Damien Miller2014-03-041-2/+7
| | | | | | [session.c] ignore enviornment variables with embedded '=' or '\0' characters; spotted by Jann Horn; ok deraadt@
* - tedu@cvs.openbsd.org 2014/01/31 16:39:19Damien Miller2014-02-041-2/+2
| | | | | | | | | | [auth2-chall.c authfd.c authfile.c bufaux.c bufec.c canohost.c] [channels.c cipher-chachapoly.c clientloop.c configure.ac hostfile.c] [kexc25519.c krl.c monitor.c sandbox-systrace.c session.c] [sftp-client.c ssh-keygen.c ssh.c sshconnect2.c sshd.c sshlogin.c] [openbsd-compat/explicit_bzero.c openbsd-compat/openbsd-compat.h] replace most bzero with explicit_bzero, except a few that cna be memset ok djm dtucker
* - (tim) [session.c] Improve error reporting on set_id().Tim Rice2014-01-221-1/+1
|
* - (tim) [platform.c session.c] Fix bug affecting SVR5 platforms introducedTim Rice2014-01-201-0/+5
| | | | with sftp chroot support. Move set_id call after chroot.
* - dtucker@cvs.openbsd.org 2014/01/18 09:36:26Darren Tucker2014-01-191-2/+2
| | | | | | | [session.c] explicitly define USE_PIPES to 1 to prevent redefinition warnings in portable on platforms that use pipes for everything. From redhat @ redhat.
* - djm@cvs.openbsd.org 2013/10/29 09:48:02Damien Miller2013-10-301-2/+2
| | | | | | | [servconf.c servconf.h session.c sshd_config sshd_config.5] shd_config PermitTTY to disallow TTY allocation, mirroring the longstanding no-pty authorized_keys option; bz#2070, patch from Teran McKinney; ok markus@
* - djm@cvs.openbsd.org 2013/10/14 21:20:52Damien Miller2013-10-151-14/+38
| | | | | | [session.c session.h] Add logging of session starts in a useful format; ok markus@ feedback and ok dtucker@
* - markus@cvs.openbsd.org 2013/07/19 07:37:48Damien Miller2013-07-201-1/+9
| | | | | | | | [auth.h kex.h kexdhs.c kexecdhs.c kexgexs.c monitor.c servconf.c] [servconf.h session.c sshd.c sshd_config.5] add ssh-agent(1) support to sshd(8); allows encrypted hostkeys, or hostkeys on smartcards; most of the work by Zev Weiss; bz #1974 ok djm@
* - (dtucker) [M auth-chall.c auth-krb5.c auth-pam.c cipher-aes.c cipher-ctr.cDarren Tucker2013-06-021-4/+4
| | | | | | | | groupaccess.c loginrec.c monitor.c monitor_wrap.c session.c sshd.c sshlogin.c uidswap.c openbsd-compat/bsd-cygwin_util.c openbsd-compat/getrrsetbyname-ldns.c openbsd-compat/port-aix.c openbsd-compat/port-linux.c] Replace portable-specific instances of xfree with the equivalent calls to free.
* - djm@cvs.openbsd.org 2013/05/17 00:13:13Darren Tucker2013-06-021-54/+38
| | | | | | | | | | | | | | | | | | [xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c dns.c packet.c readpass.c authfd.c moduli.c] bye, bye xfree(); ok markus@
* - djm@cvs.openbsd.org 2013/04/19 01:03:01Damien Miller2013-04-231-1/+7
| | | | | | | [session.c] reintroduce 1.262 without the connection-killing bug: fatal() when ChrootDirectory specified by running without root privileges; ok markus@
* - dtucker@cvs.openbsd.org 2013/04/17 09:04:09Damien Miller2013-04-231-4/+2
| | | | | [session.c] revert rev 1.262; it fails because uid is already set here. ok djm@
* - djm@cvs.openbsd.org 2013/03/06 23:35:23Damien Miller2013-04-231-2/+4
| | | | | | [session.c] fatal() when ChrootDirectory specified by running without root privileges; ok markus@
* - (djm) [session.c] FreeBSD needs setusercontext(..., LOGIN_SETUMASK) toDamien Miller2013-03-151-0/+5
| | | | | occur after UID switch; patch from John Marshall via des AT des.no; ok dtucker@
* - djm@cvs.openbsd.org 2012/12/02 20:46:11Damien Miller2012-12-031-3/+6
| | | | | | | | [auth-options.c channels.c servconf.c servconf.h serverloop.c session.c] [sshd_config.5] make AllowTcpForwarding accept "local" and "remote" in addition to its current "yes"/"no" to allow the server to specify whether just local or remote TCP forwarding is enabled. ok markus@
* - guenther@cvs.openbsd.org 2012/03/15 03:10:27Damien Miller2012-04-221-2/+2
| | | | | | | | [session.c] root should always be excluded from the test for /etc/nologin instead of having it always enforced even when marked as ignorenologin. This regressed when the logic was incompletely flipped around in rev 1.251 ok halex@ millert@
* - djm@cvs.openbsd.org 2011/10/24 02:13:13Darren Tucker2011-11-041-2/+2
| | | | | | [session.c] bz#1859: send tty break to pty master instead of (probably already closed) slave side; "looks good" markus@
* - (djm) [session.c] call setexeccon() before executing passwd for pwDamien Miller2011-05-201-0/+7
| | | | changes; bz#1891 reported by jchadima AT redhat.com; ok dtucker@
* - djm@cvs.openbsd.org 2010/11/25 04:10:09Damien Miller2010-12-011-5/+2
| | | | | | [session.c] replace close() loop for fds 3->64 with closefrom(); ok markus deraadt dtucker
* - (dtucker) [platform.c session.c] Move the getluid call out of session.c andDarren Tucker2010-11-241-6/+0
| | | | into the platform-specific code Only affects SCO, tested by and ok tim@.
* - djm@cvs.openbsd.org 2010/11/13 23:27:51Damien Miller2010-11-201-3/+5
| | | | | | | | | [clientloop.c misc.c misc.h packet.c packet.h readconf.c readconf.h] [servconf.c servconf.h session.c ssh.c ssh_config.5 sshd_config.5] allow ssh and sshd to set arbitrary TOS/DSCP/QoS values instead of hardcoding lowdelay/throughput. bz#1733 patch from philipp AT redfish-solutions.com; ok markus@ deraadt@
* - (dtucker) [platform.c platform.h session.c] Move the Cygwin special-caseDarren Tucker2010-11-051-4/+1
| | | | check into platform.c
* - (dtucker) [platform.c session.c] Move PAM credential establishment for theDarren Tucker2010-11-051-10/+0
| | | | non-LOGIN_CAP case into platform.c.
* - (dtucker) [platform.c session.c] Move irix setusercontext fragment intoDarren Tucker2010-11-051-3/+0
| | | | platform.c.
* - (dtucker) platform.c session.c] Move aix_usrinfo frament into platform.c.Darren Tucker2010-11-051-3/+0
|
* - (dtucker) platform.c session.c] Move the USE_LIBIAF fragment intoDarren Tucker2010-11-051-5/+0
| | | | platform.c
* - (dtucker) [platform.c session.c] Move the PAM credential establishment forDarren Tucker2010-11-051-5/+0
| | | | the LOGIN_CAP case into platform.c.
* - (dtucker) [platform.c session.c] Move the BSDI setpgrp into platform.c.Darren Tucker2010-11-051-3/+0
|
* - (dtucker) [platform.c session.c] Move the AIX setpcred+chroot hack intoDarren Tucker2010-11-051-18/+0
| | | | platform.c
* - (dtucker) [platform.c platform.h session.c] Add a platform hook to runDarren Tucker2010-11-051-8/+1
| | | | after the user's groups are established and move the selinux calls into it.
* - (dtucker) [configure.ac platform.{c,h} session.cDarren Tucker2010-11-051-0/+2
| | | | | | openbsd-compat/port-solaris.{c,h}] Bug #1824: Add Solaris Project support. Patch from cory.erickson at csu mnscu edu with a bit of rework from me. ok djm@
* - djm@cvs.openbsd.org 2010/06/25 07:20:04Damien Miller2010-06-261-53/+28
| | | | | | | | [channels.c session.c] bz#1750: fix requirement for /dev/null inside ChrootDirectory for internal-sftp accidentally introduced in r1.253 by removing the code that opens and dup /dev/null to stderr and modifying the channels code to read stderr but discard it instead; ok markus@
* - djm@cvs.openbsd.org 2010/06/22 04:59:12Damien Miller2010-06-261-2/+3
| | | | | | [session.c] include the user name on "subsystem request for ..." log messages; bz#1571; ok dtucker@
* - djm@cvs.openbsd.org 2010/06/18 03:16:03Damien Miller2010-06-261-2/+3
| | | | | | [session.c] Missing check for chroot_director == "none" (we already checked against NULL); bz#1564 from Jan.Pechanec AT Sun.COM
* - djm@cvs.openbsd.org 2010/04/23 22:42:05Damien Miller2010-05-101-28/+55
| | | | | | | [session.c] set stderr to /dev/null for subsystems rather than just closing it. avoids hangs if a subsystem or shell initialisation writes to stderr. bz#1750; ok markus@
* - (djm) [session.c] Allow ChrootDirectory to work on SELinux platforms -Damien Miller2010-03-261-4/+4
| | | | | set up SELinux execution context before chroot() call. From Russell Coker via Colin watson; bz#1726 ok dtucker@
* - dtucker@cvs.openbsd.org 2010/03/07 11:57:13Darren Tucker2010-03-071-1/+3
| | | | | | | [auth-rhosts.c monitor.c monitor_wrap.c session.c auth-options.c sshd.c] Hold authentication debug messages until after successful authentication. Fixes an info leak of environment variables specified in authorized_keys, reported by Jacob Appelbaum. ok djm@
* - (dtucker) [session.c] Also initialize creds to NULL for handing toDarren Tucker2010-03-071-1/+1
| | | | setpcred.
* - (dtucker) [session.c] Bug #1567: move setpcred call to before chroot andDarren Tucker2010-03-071-4/+18
| | | | | do not set real uid, since that's needed for the chroot, and will be set by permanently_set_uid.
* - dtucker@cvs.openbsd.org 2010/01/12 08:33:17Darren Tucker2010-01-121-18/+22
| | | | | | [session.c] Add explicit stat so we reliably detect nologin with bad perms. ok djm markus
* - dtucker@cvs.openbsd.org 2010/01/12 01:31:05Darren Tucker2010-01-121-2/+4
| | | | | | [session.c] Do not allow logins if /etc/nologin exists but is not readable by the user logging in. Noted by Jan.Pechanec at Sun, ok djm@ deraadt@
* - dtucker@cvs.openbsd.org 2009/11/20 00:15:41Darren Tucker2010-01-081-7/+7
| | | | | | | [session.c] Warn but do not fail if stat()ing the subsystem binary fails. This helps with chrootdirectory+forcecommand=sftp-server and restricted shells. bz #1599, ok djm.
* - djm@cvs.openbsd.org 2009/11/19 23:39:50Darren Tucker2010-01-081-11/+18
| | | | | | | | [session.c] bz#1606: error when an attempt is made to connect to a server with ForceCommand=internal-sftp with a shell session (i.e. not a subsystem session). Avoids stuck client when attempting to ssh to such a service. ok dtucker@
* - (dtucker) [session.c openbsd-compat/port-linux.{c,h}] Bug #1637: if selinuxDarren Tucker2009-10-241-0/+3
| | | | | is enabled set the security context to "sftpd_t" before running the internal sftp server Based on a patch from jchadima at redhat.
* - djm@cvs.openbsd.org 2009/10/06 04:46:40Darren Tucker2009-10-071-1/+3
| | | | | | [session.c] bz#1596: fflush(NULL) before exec() to ensure that everying (motd in particular) has made it out before the streams go away.