summaryrefslogtreecommitdiff
path: root/session.c
Commit message (Collapse)AuthorAgeFilesLines
* upstream: Fix mem leak in environment setup.dtucker@openbsd.org2023-03-071-1/+2
| | | | | | From jjelen at redhat.com via bz#2687, ok djm@ OpenBSD-Commit-ID: 9f9e4ba3cac003e6f81da3bcebd1b9ec43e7f353
* upstream: Remove unused compat.h includes.dtucker@openbsd.org2023-03-051-2/+1
| | | | | | | | We've previously removed a lot of the really old compatibility code, and with it went the need to include compat.h in most of the files that have it. OpenBSD-Commit-ID: 5af8baa194be00a3092d17598e88a5b29f7ea2b4
* upstream: Add channel_set_xtype()djm@openbsd.org2023-01-061-2/+11
| | | | | | | | | | This sets an "extended" channel type after channel creation (e.g. "session:subsystem:sftp") that will be used for setting channel inactivity timeouts. ok markus dtucker OpenBSD-Commit-ID: 42564aa92345045b4a74300528f960416a15d4ca
* upstream: tweak channel ctype namesdjm@openbsd.org2023-01-061-2/+2
| | | | | | | | | These are now used by sshd_config:ChannelTimeouts to specify timeouts by channel type, so force them all to use a similar format without whitespace. ok dtucker markus OpenBSD-Commit-ID: 66834765bb4ae14f96d2bb981ac98a7dae361b65
* upstream: Add channel_force_close()djm@openbsd.org2023-01-061-6/+8
| | | | | | | | | | | | | | | This will forcibly close an open channel by simulating read/write errors, draining the IO buffers and calling the detach function. Previously the detach function was only ever called during channel garbage collection, but there was no way to signal the user of a channel (e.g. session.c) that its channel was being closed deliberately (vs. by the usual state-machine logic). So this adds an extra "force" argument to the channel cleanup callback to indicate this condition. ok markus dtucker OpenBSD-Commit-ID: 23052707a42bdc62fda2508636e624afd466324b
* upstream: Switch hpdelim interface to accept only ":" as delimiter.dtucker@openbsd.org2022-02-101-2/+2
| | | | | | | | | | Historicallly, hpdelim accepted ":" or "/" as a port delimiter between hosts (or addresses) and ports. These days most of the uses for "/" are no longer accepted, so there are several places where it checks the delimiter to disallow it. Make hpdelim accept only ":" and use hpdelim2 in the other cases. ok djm@ OpenBSD-Commit-ID: 7e6420bd1be87590b6840973f5ad5305804e3102
* remove sys/param.h in -portable, after upstreamDamien Miller2021-12-221-1/+0
|
* upstream: remove a bunch of %p in format strings; leftovers ofdjm@openbsd.org2021-08-111-3/+2
| | | | | | debuggings past. prompted by Michael Forney, ok dtucker@ OpenBSD-Commit-ID: 4853a0d6c9cecaba9ecfcc19066e52d3a8dcb2ac
* upstream: highly polished whitespace, mostly fixing spaces-for-tabdjm@openbsd.org2021-04-031-2/+2
| | | | | | and bad indentation on continuation lines. Prompted by GHPR#185 OpenBSD-Commit-ID: e5c81f0cbdcc6144df1ce468ec1bac366d8ad6e9
* don't free string returned by login_getcapstr(3)Damien Miller2021-02-181-4/+1
| | | | | | | | | | OpenBSD and NetBSD require the caller to free strings returned bu the login_* functions, but FreeBSD requires that callers don't. Fortunately in this case, we can harmlessly leak as the process is about to exec the shell/command. From https://reviews.freebsd.org/D28617 via Ed Maste; ok dtucker@
* upstream: use _PATH_SSH_USER_DIR instead of hardcoded .ssh in pathdjm@openbsd.org2020-12-141-3/+3
| | | | OpenBSD-Commit-ID: 5c1048468813107baa872f5ee33ba51623630e01
* upstream: check result of strchr() against NULL rather thandjm@openbsd.org2020-11-281-2/+2
| | | | | | searched-for characters; from zhongjubin@huawei.com OpenBSD-Commit-ID: e6f57de1d4a4d25f8db2d44e8d58d847e247a4fe
* session.c: use "denylist" terminologyDuncan Eastoe2020-10-291-10/+10
| | | | | Follow upstream (6d755706a0059eb9e2d63517f288b75cbc3b4701) language improvements in this portable-specific code.
* upstream: use the new variant log macros instead of prependingdjm@openbsd.org2020-10-181-71/+60
| | | | | | __func__ and appending ssh_err(r) manually; ok markus@ OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8
* Adjust portable code to match changes in 939d787d,Darren Tucker2020-07-151-2/+2
|
* upstream: correct recently broken commentsderaadt@openbsd.org2020-07-151-2/+2
| | | | OpenBSD-Commit-ID: 964d9a88f7de1d0eedd3f8070b43fb6e426351f1
* upstream: some language improvements; ok markusdjm@openbsd.org2020-07-151-10/+10
| | | | OpenBSD-Commit-ID: 939d787d571b4d5da50b3b721fd0b2ac236acaa8
* upstream: avoid tilde_expand_filename() in expanding ~/.ssh/rc - ifdjm@openbsd.org2020-07-031-2/+2
| | | | | | | sshd is in chroot mode, the likely absence of a password database will cause tilde_expand_filename() to fatal; ok dtucker@ OpenBSD-Commit-ID: e20aee6159e8b79190d18dba1513fc1b7c8b7ee1
* upstream: when redirecting sshd's log output to a file, undo thisdjm@openbsd.org2020-07-031-1/+4
| | | | | | redirection after the session child process is forked(); ok dtucker@ OpenBSD-Commit-ID: 6df86dd653c91f5bc8ac1916e7680d9d24690865
* upstream: Expand path to ~/.ssh/rc rather than relying on itdtucker@openbsd.org2020-06-261-8/+12
| | | | | | | | being relative to the current directory, so that it'll still be found if the shell startup changes its directory. Since the path is potentially longer, make the cmd buffer that uses it dynamically sized. bz#3185, with & ok djm@ OpenBSD-Commit-ID: 36e33ff01497af3dc8226d0c4c1526fc3a1e46bf
* upstream: spelling errors in comments; no code change fromdjm@openbsd.org2020-03-141-3/+3
| | | | OpenBSD-Commit-ID: 166ea64f6d84f7bac5636dbd38968592cb5eb924
* upstream: Replace all calls to signal(2) with a wrapper arounddtucker@openbsd.org2020-01-231-2/+2
| | | | | | | | sigaction(2). This wrapper blocks all other signals during the handler preventing races between handlers, and sets SA_RESTART which should reduce the potential for short read/write operations. OpenBSD-Commit-ID: 5e047663fd77a40d7b07bdabe68529df51fd2519
* Wrap copy_environment_blacklist() in #ifdefDamien Miller2020-01-211-0/+2
| | | | | It's only needed for USE_PAM or HAVE_CYGWIN cases and will cause compiler warnings otherwise.
* Fix missing prototype warning for copy_environmentRuben Kerkhof2020-01-211-1/+3
| | | | | | This function is only used in this file, and only on Cygwin, so make it static and hide it behind HAVE_CYGWIN. Prevents missing prototype warning.
* upstream: stdarg.h required more broadly; ok djmderaadt@openbsd.org2019-11-151-2/+2
| | | | OpenBSD-Commit-ID: b5b15674cde1b54d6dbbae8faf30d47e6e5d6513
* upstream: When system calls indicate an error they return -1, notderaadt@openbsd.org2019-07-051-24/+24
| | | | | | | | some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future. OpenBSD-Commit-ID: 48081f00db7518e3b712a49dca06efc2a5428075
* session: Do not use removed APIDamien Miller2019-04-041-1/+1
| | | | from Jakub Jelen
* upstream: perform removal of agent-forwarding directory in forwarddjm@openbsd.org2019-02-221-1/+3
| | | | | | | | | | | | | | setup error path with user's privileged. This is a no-op as this code always runs with user privilege now that we no longer support running sshd with privilege separation disabled, but as long as the privsep skeleton is there we should follow the rules. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit bz#2969 with patch from Erik Sjölund OpenBSD-Commit-ID: 2b708401a5a8d6133c865d7698d9852210dca846
* upstream: syslog when connection is dropped for attempting to run adjm@openbsd.org2019-02-101-3/+6
| | | | | | command when ForceCommand=internal-sftp is in effect; bz2960; ok dtucker@ OpenBSD-Commit-ID: 8c87fa66d7fc6c0fffa3a3c28e8ab5e8dde234b8
* don't set $MAIL if UsePam=yesDamien Miller2019-02-081-2/+5
| | | | | PAM typically specifies the user environment if it's enabled, so don't second guess. bz#2937; ok dtucker@
* upstream: Adapt code in the non-USE_PIPES codepath to the new packetdtucker@openbsd.org2019-02-081-2/+2
| | | | | | | API. This code is not normally reachable since USE_PIPES is always defined. bz#2961, patch from adrian.fita at gmail com. OpenBSD-Commit-ID: 8d8428d678d1d5eb4bb21921df34e8173e6d238a
* last bits of old packet API / active_state globalDamien Miller2019-01-201-32/+0
|
* upstream: convert session.c to new packet APIdjm@openbsd.org2019-01-201-64/+87
| | | | | | with & ok markus@ OpenBSD-Commit-ID: fae817207e23099ddd248960c984f7b7f26ea68e
* upstream: convert auth.c to new packet APIdjm@openbsd.org2019-01-201-2/+2
| | | | | | with & ok markus@ OpenBSD-Commit-ID: 7e10359f614ff522b52a3f05eec576257794e8e4
* upstream: begin landing remaining refactoring of packet parsingdjm@openbsd.org2019-01-201-1/+4
| | | | | | | | | | | | | API, started almost exactly six years ago. This change stops including the old packet_* API by default and makes each file that requires the old API include it explicitly. We will commit file-by-file refactoring to remove the old API in consistent steps. with & ok markus@ OpenBSD-Commit-ID: 93c98a6b38f6911fd1ae025a1ec57807fb4d4ef4
* upstream: tun_fwd_ifnames variable should bdjm@openbsd.org2019-01-171-2/+2
| | | | | | | | | =?UTF-8?q?e=20extern;=20from=20Hanno=20B=C3=B6ck?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit OpenBSD-Commit-ID: d53dede6e521161bf04d39d09947db6253a38271
* expose $SSH_CONNECTION in the PAM environmentDamien Miller2018-12-141-4/+7
| | | | | This makes the connection 4-tuple available to PAM modules that wish to use it in decision-making. bz#2741
* upstream: use path_absolute() for pathname checks; from Manoj Ampalamdjm@openbsd.org2018-11-161-2/+2
| | | | OpenBSD-Commit-ID: 482ce71a5ea5c5f3bc4d00fd719481a6a584d925
* upstream: include a little more information about the status anddjm@openbsd.org2018-10-041-4/+5
| | | | | | | disposition of channel's extended (stderr) fd; makes debugging some things a bit easier. No behaviour change. OpenBSD-Commit-ID: 483eb6467dc7d5dbca8eb109c453e7a43075f7ce
* only support SIGINFO on systems with SIGINFODamien Miller2018-10-021-0/+2
|
* upstream: Add server support for signalling sessions via the SSHdjm@openbsd.org2018-10-021-1/+75
| | | | | | | | | | | | channel/ session protocol. Signalling is only supported to sesssions that are not subsystems and were not started with a forced command. Long requested in bz#1424 Based on a patch from markus@ and reworked by dtucker@; ok markus@ dtucker@ OpenBSD-Commit-ID: 4bea826f575862eaac569c4bedd1056a268be1c3
* upstream: fix indent; Clemens Goessnitzerderaadt@openbsd.org2018-07-261-2/+2
| | | | OpenBSD-Commit-ID: b5149a6d92b264d35f879d24608087b254857a83
* upstream: remove legacy key emulation layer; ok djm@markus@openbsd.org2018-07-121-2/+2
| | | | OpenBSD-Commit-ID: 2b1f9619259e222bbd4fe9a8d3a0973eafb9dd8d
* Adapt portable to legacy buffer API removalDamien Miller2018-07-101-1/+1
|
* upstream: sshd: switch loginmsg to sshbuf API; ok djm@markus@openbsd.org2018-07-101-9/+13
| | | | OpenBSD-Commit-ID: f3cb4e54bff15c593602d95cc43e32ee1a4bac42
* upstream: ttymodes: switch to sshbuf API; ok djm@markus@openbsd.org2018-07-101-4/+2
| | | | OpenBSD-Commit-ID: 5df340c5965e822c9da21e19579d08dea3cbe429
* Fix other callers of read_environment_file.Darren Tucker2018-07-051-2/+4
| | | | | | read_environment_file recently gained an extra argument Some platform specific code also calls it so add the argument to those too. Fixes build on Solaris and AIX.
* upstream: allow sshd_config PermitUserEnvironment to accept adjm@openbsd.org2018-07-031-4/+15
| | | | | | | | pattern-list of whitelisted environment variable names in addition to yes|no. bz#1800, feedback and ok markus@ OpenBSD-Commit-ID: 77dc2b468e0bf04b53f333434ba257008a1fdf24
* upstream: add a SetEnv directive for sshd_config to allow andjm@openbsd.org2018-06-091-2/+13
| | | | | | | | | | | administrator to explicitly specify environment variables set in sessions started by sshd. These override the default environment and any variables set by user configuration (PermitUserEnvironment, etc), but not the SSH_* variables set by sshd itself. ok markus@ OpenBSD-Commit-ID: b6a96c0001ccd7dd211df6cae9e961c20fd718c0
* upstream: reorder child environment preparation so that variablesdjm@openbsd.org2018-06-091-46/+48
| | | | | | | read from ~/.ssh/environment (if enabled) do not override SSH_* variables set by the server. OpenBSD-Commit-ID: 59f9d4c213cdcef2ef21f4b4ae006594dcf2aa7a
View Lorry Controller Status