theoretically possible if the admin misconfigures X11DisplayOffset or the
user misconfigures their own $DISPLAY, but don't happen in normal operation.
From Suhov Roman via bz#3730, ok djm@
OpenBSD-Commit-ID: e9e3860f1a19b862ccf07dc8ecbe8f1e1034f4ed
there has been traffic on a X11 forwarding channel recently.
Should fix X11 forwarding performance problems when this setting is
enabled. Patch from Antonio Larrosa via bz3655
OpenBSD-Commit-ID: 820284a92eb4592fcd3d181a62c1b86b08a4a7ab
If a mux started with ControlPersist then later has a forwarding added using
mux proxy connection and the forwarding was used, then when the mux proxy
session terminates, the mux master process will send a channel close to the
server with a bad channel ID and crash the connection.
This was caused by my stupidly reusing c->remote_id for mux channel
associations when I should have just added another member to struct channel.
ok markus@
OpenBSD-Commit-ID: c9f474e0124e3fe456c5e43749b97d75e65b82b2
binaries. This step splits sshd into a listener and a session binary. More
splits are planned.
After this changes, the listener binary will validate the configuration,
load the hostkeys, listen on port 22 and manage MaxStartups only. All
session handling will be performed by a new sshd-session binary that the
listener fork+execs.
This reduces the listener process to the minimum necessary and sets us
up for future work on the sshd-session binary.
feedback/ok markus@ deraadt@
NB. if you're updating via source, please restart sshd after installing,
otherwise you run the risk of locking yourself out.
OpenBSD-Commit-ID: 43c04a1ab96cdbdeb53d2df0125a6d42c5f19934
that watches all open channels and will close all open channels if there is
no traffic on any of them for the specified interval. This is in addition to
the existing per-channel timeouts added a few releases ago.
This supports use-cases like having a session + x11 forwarding channel
open where one may be idle for an extended period but the other is
actively used. The global timeout would allow closing both channels when
both have been idle for too long.
ok dtucker@
OpenBSD-Commit-ID: 0054157d24d2eaa5dc1a9a9859afefc13d1d7eb3
This makes ssh/sshd more strict in handling non-compliant peers that
send more data than the advertised channel window allows. Previously
the additional data would be silently discarded. This change will
cause ssh/sshd to terminate the connection if the channel window is
exceeded by more than a small grace allowance.
ok markus@
OpenBSD-Commit-ID: 811e21b41831eba3dd7f67b3d409a438f20d3037
obfuscation, only consider enabling it when a channel with a tty is open.
Avoids turning on the obfucation when X11 forwarding only is in use,
which slows it right down. Reported by Roger Marsh
OpenBSD-Commit-ID: c292f738db410f729190f92de100c39ec931a4f1
whether channel data was enqueued. Will be used to improve keystroke timing
obfuscation. Problem spotted by / tested by naddy@
OpenBSD-Commit-ID: f9776c7b0065ba7c3bbe50431fd3b629f44314d0
INT_MAX. Fixes sign compare warnings systems with 32-bit time_t due to type
promotion. OK djm@
OpenBSD-Commit-ID: 48081e9ad35705c5f1705711704a4c2ff94e87b7
Use time_t instead of u_int for remaining x11 timeout checks for 64bit
time_t safety. From Coverity CIDs 405197 and 405028, ok djm@
OpenBSD-Commit-ID: 356685bfa1fc3d81bd95722d3fc47101cc1a4972
exactly the flags that ssh started with and don't just clobber them with
zero, as this could also remove the append flag from the set;
bz3523; ok dtucker@
OpenBSD-Commit-ID: 1336b03e881db7564a4b66014eb24c5230e9a0c0
This adds a sshd_config ChannelTimeouts directive that allows channels that
have not seen traffic in a configurable interval to be automatically closed.
Different timeouts may be applied to session, X11, agent and TCP forwarding
channels.
Note: this only affects channels over an opened SSH connection and not
the connection itself. Most clients close the connection when their channels
go away, with a notable exception being ssh(1) in multiplexing mode.
ok markus dtucker
OpenBSD-Commit-ID: ae8bba3ed9d9f95ff2e2dc8dcadfa36b48e6c0b8
This sets an "extended" channel type after channel creation (e.g.
"session:subsystem:sftp") that will be used for setting channel inactivity
timeouts.
ok markus dtucker
OpenBSD-Commit-ID: 42564aa92345045b4a74300528f960416a15d4ca
These are now used by sshd_config:ChannelTimeouts to specify timeouts by
channel type, so force them all to use a similar format without whitespace.
ok dtucker markus
OpenBSD-Commit-ID: 66834765bb4ae14f96d2bb981ac98a7dae361b65
This will forcibly close an open channel by simulating read/write errors,
draining the IO buffers and calling the detach function.
Previously the detach function was only ever called during channel garbage
collection, but there was no way to signal the user of a channel (e.g.
session.c) that its channel was being closed deliberately (vs. by the
usual state-machine logic). So this adds an extra "force" argument to the
channel cleanup callback to indicate this condition.
ok markus dtucker
OpenBSD-Commit-ID: 23052707a42bdc62fda2508636e624afd466324b
permission_set_add are leaked as they are also duplicated in the call. Found
by CodeChecker. ok djm
OpenBSD-Commit-ID: 4aef50fa9be7c0b138188814c8fe3dccc196f61e
comment accordingly. As remote_name is not modified, it can be const as
well. From Martin Vahlensieck
OpenBSD-Commit-ID: e4e10dc8dc9f40c166ea5a8e991942bedc75a76a
OPEN during SSH transport rekeying. The most visible benefit is that it
should make ~-escapes work in the client (e.g. to exit) if the connection
happened to have stalled during a rekey event. Based work by and ok dtucker@
OpenBSD-Commit-ID: a66e8f254e92edd4ce09c9f750883ec8f1ea5f45
avoids plausible spin during rekeying if channel io_want flags are reused
across cycles. ok markus@ deraadt@
OpenBSD-Commit-ID: 91034f855b7c73cd2591657c49ac30f10322b967
data in the channel buffer. Introduce more exact packing of channel fds into
the pollfd array. fixes bz3405 and bz3411; ok deraadt@ markus@
OpenBSD-Commit-ID: 06740737849c9047785622ad5d472cb6a3907d10
buffer rather than into a stack buffer that needs to be copied again;
Improves performance by about 1% on cipher-speed.sh feedback dtucker@ ok
markus@
OpenBSD-Commit-ID: bf5e6e3c821ac3546dc8241d8a94e70d47716572
This portable-specific hack fixes a hang on exit for ttyful sessions
on Linux and some SysVish Unix variants. It was accidentally disabled
in commit 5c79952dfe (a precursor to the mainloop poll(2) conversion).
Spotted by John in bz3383
select() to poll() by moving FD_SET construction out of channel handlers into
separate functions. ok markus
OpenBSD-Commit-ID: 937fbf2a4de12b19fb9d5168424e206124807027
ssh(1) needs to set file descriptors to non-blocking mode to operate
but it was not restoring the original state on exit. This could cause
problems with fds shared with other programs via the shell, e.g.
> $ cat > test.sh << _EOF
> #!/bin/sh
> {
> ssh -Fnone -oLogLevel=verbose ::1 hostname
> cat /usr/share/dict/words
> } | sleep 10
> _EOF
> $ ./test.sh
> Authenticated to ::1 ([::1]:22).
> Transferred: sent 2352, received 2928 bytes, in 0.1 seconds
> Bytes per second: sent 44338.9, received 55197.4
> cat: stdout: Resource temporarily unavailable
This restores the blocking status for fds 0,1,2 (stdio) before ssh(1)
abandons/closes them.
This was reported as bz3280 and GHPR246; ok dtucker@
OpenBSD-Commit-ID: 8cc67346f05aa85a598bddf2383fcfcc3aae61ce
when peer advertises a large window but is slow to consume the data we send
(e.g. because of a slow network)
reported by Pierre-Yves David
fix with & ok markus@
OpenBSD-Commit-ID: 1452771f5e5e768876d3bfe2544e3866d6ade216
type SSH_CHANNEL_MUX_LISTENER; Specifically SSH_CHANNEL_MUX_PROXY channels
should not have this structure freed.
OpenBSD-Commit-ID: f3b213ae60405f77439e2b06262f054760c9d325
