Commit Graph

400 Commits

Author SHA1 Message Date
djm@openbsd.org
107eb3eeaf upstream: cap channel input buffer size at 16MB; avoids high memory use
when peer advertises a large window but is slow to consume the data we send
(e.g. because of a slow network)

reported by Pierre-Yves David

fix with & ok markus@

OpenBSD-Commit-ID: 1452771f5e5e768876d3bfe2544e3866d6ade216
2020-09-20 16:16:46 +10:00
djm@openbsd.org
aa6fa4bf30 upstream: put back the mux_ctx memleak fix, but only for channels of
type SSH_CHANNEL_MUX_LISTENER; Specifically SSH_CHANNEL_MUX_PROXY channels
should not have this structure freed.

OpenBSD-Commit-ID: f3b213ae60405f77439e2b06262f054760c9d325
2020-07-03 17:26:23 +10:00
djm@openbsd.org
d8195914eb upstream: revert r1.399 - the lifetime of c->mux_ctx is more complex;
simply freeing it here causes other problems

OpenBSD-Commit-ID: c6fee8ca94e2485faa783839541962be2834c5ed
2020-07-03 17:22:28 +10:00
djm@openbsd.org
1b90ddde49 upstream: fix memory leak of mux_ctx; patch from Sergiy Lozovsky
via bz3189 ok dtucker

OpenBSD-Commit-ID: db249bd4526fd42d0f4f43f72f7b8b7705253bde
2020-07-03 15:12:31 +10:00
dtucker@openbsd.org
4d2c87b4d1 upstream: We've standardized on memset over bzero, replace a couple
that had slipped in.  ok deraadt markus djm.

OpenBSD-Commit-ID: f5be055554ee93e6cc66b0053b590bef3728dbd6
2020-05-01 13:13:28 +10:00
markus@openbsd.org
a6134b02b5 upstream: fix uninitialized pointers for forward_cancel; ok djm
OpenBSD-Commit-ID: 612778e6d87ee865d0ba97d0a335f141cee1aa37
2020-03-13 13:13:30 +11:00
jsg@openbsd.org
d5ba1c0327 upstream: change explicit_bzero();free() to freezero()
While freezero() returns early if the pointer is NULL the tests for
NULL in callers are left to avoid warnings about passing an
uninitialised size argument across a function boundry.

ok deraadt@ djm@

OpenBSD-Commit-ID: 2660fa334fcc7cd05ec74dd99cb036f9ade6384a
2020-02-28 12:26:28 +11:00
djm@openbsd.org
846446bf3e upstream: the GatewayPorts vs -R listen address selection logic is
still confusing people, so add another comment explaining the special
handling of "localhost"; bz#3258

OpenBSD-Commit-ID: e6bf0f0fbf1c7092bf0dbd9c6eab105970b5b53a
2020-01-25 18:20:01 +11:00
Damien Miller
cfc1897a20 wrap stdint.h include in HAVE_STDINT_H
make the indenting a little more consistent too..

Fixes Solaris 2.6; reported by Tom G. Christensen
2019-10-09 09:06:35 +11:00
dtucker@openbsd.org
696fb4298e upstream: Remove some set but never used variables. ok daraadt@
OpenBSD-Commit-ID: 824baf9c59afc66a4637017e397b9b74a41684e7
2019-07-08 11:45:51 +10:00
deraadt@openbsd.org
4d28fa78ab upstream: When system calls indicate an error they return -1, not
some arbitrary value < 0.  errno is only updated in this case.  Change all
(most?) callers of syscalls to follow this better, and let's see if this
strictness helps us in the future.

OpenBSD-Commit-ID: 48081f00db7518e3b712a49dca06efc2a5428075
2019-07-05 11:10:39 +10:00
dtucker@openbsd.org
4b7dd22b02 upstream: Typo and spelling fixes in comments and error messages.
Patch from knweiss at gmail.com via -portable.

OpenBSD-Commit-ID: 2577465442f761a39703762c4f87a8dfcb918b4b
2019-06-08 00:49:26 +10:00
florian@openbsd.org
cb4accb123 upstream: For PermitOpen violations add the remote host and port to
be able to find out from where the request was comming.

Add the same logging for PermitListen violations which where not
logged at all.

Pointed out by Robert Kisteleki (robert AT ripe.net)

input markus
OK deraadt

OpenBSD-Commit-ID: 8a7d0f1b7175504c0d1dca8d9aca1588b66448c8
2019-05-17 10:07:42 +10:00
dtucker@openbsd.org
62be1ffe5f upstream: Free channel objects on exit path. Patch from markus at
blueflash.cc, ok deraadt

OpenBSD-Commit-ID: dbe4db381603909482211ffdd2b48abd72169117
2019-05-08 18:42:43 +10:00
Damien Miller
03e92dd27d use same close logic for stderr as stdout
Avoids sending SIGPIPE to child processes after their parent exits
if they attempt to write to stderr.

Analysis and patch from JD Paul; patch reworked by Jakub Jelen and
myself. bz#2071; ok dtucker@
2019-02-08 14:50:36 +11:00
djm@openbsd.org
8cc7a679d2 upstream: convert channels.c to new packet API
with & ok markus@

OpenBSD-Commit-ID: 0b8279b56113cbd4011fc91315c0796b63dc862c
2019-01-20 09:02:37 +11:00
djm@openbsd.org
0fa174ebe1 upstream: begin landing remaining refactoring of packet parsing
API, started almost exactly six years ago.

This change stops including the old packet_* API by default and makes
each file that requires the old API include it explicitly. We will
commit file-by-file refactoring to remove the old API in consistent
steps.

with & ok markus@

OpenBSD-Commit-ID: 93c98a6b38f6911fd1ae025a1ec57807fb4d4ef4
2019-01-20 09:02:10 +11:00
djm@openbsd.org
285310b897 upstream: no need to allocate channels_pre/channels_post in
channel_init_channels() as we do it anyway in channel_handler_init() that we
call at the end of the function. Fix from Markus Schmidt via bz#2938

OpenBSD-Commit-ID: 74893638af49e3734f1e33a54af1b7ea533373ed
2018-12-07 13:58:49 +11:00
djm@openbsd.org
6f1aabb128 upstream: factor out channel status formatting from
channel_open_message() so we can use it in other debug messages

OpenBSD-Commit-ID: 9c3903ca28fcabad57f566c9d0045b41ab7d52ba
2018-10-04 17:50:22 +10:00
djm@openbsd.org
f1dd179e12 upstream: include a little more information about the status and
disposition of channel's extended (stderr) fd; makes debugging some things a
bit easier. No behaviour change.

OpenBSD-Commit-ID: 483eb6467dc7d5dbca8eb109c453e7a43075f7ce
2018-10-04 10:44:49 +10:00
markus@openbsd.org
5d14019ba2 upstream: avoid expensive channel_open_message() calls; ok djm@
OpenBSD-Commit-ID: aea3b5512ad681cd8710367d743e8a753d4425d9
2018-07-31 12:20:13 +10:00
markus@openbsd.org
5467fbcb09 upstream: remove legacy key emulation layer; ok djm@
OpenBSD-Commit-ID: 2b1f9619259e222bbd4fe9a8d3a0973eafb9dd8d
2018-07-12 13:18:25 +10:00
djm@openbsd.org
90e51d6727 upstream: fix NULL dereference in open_listen_match_tcpip()
OpenBSD-Commit-ID: c968c1d29e392352383c0f9681fcc1e93620c4a9
2018-06-26 08:30:43 +10:00
djm@openbsd.org
115063a664 upstream: Add a PermitListen directive to control which server-side
addresses may be listened on when the client requests remote forwarding (ssh
-R).

This is the converse of the existing PermitOpen directive and this
includes some refactoring to share much of its implementation.

feedback and ok markus@

OpenBSD-Commit-ID: 15a931238c61a3f2ac74ea18a98c933e358e277f
2018-06-07 04:27:20 +10:00
djm@openbsd.org
001aa55484 upstream: lots of typos in comments/docs. Patch from Karsten Weiss
after checking with codespell tool
(https://github.com/lucasdemarchi/codespell)

OpenBSD-Commit-ID: 373222f12d7ab606598a2d36840c60be93568528
2018-04-10 10:17:15 +10:00
tb@openbsd.org
5069320be9 upstream commit
The file descriptors for socket, stdin, stdout and stderr
aren't necessarily distinct, so check if they are the same to avoid closing
the same fd several times.

ok djm

OpenBSD-Commit-ID: 60d71fd22e9a32f5639d4ba6e25a2f417fc36ac1
2018-02-07 07:50:46 +11:00
djm@openbsd.org
14b5c635d1 upstream commit
Drop compatibility hacks for some ancient SSH
implementations, including ssh.com <=2.* and OpenSSH <= 3.*.

These versions were all released in or before 2001 and predate the
final SSH RFCs. The hacks in question aren't necessary for RFC-
compliant SSH implementations.

ok markus@

OpenBSD-Commit-ID: 4be81c67db57647f907f4e881fb9341448606138
2018-01-23 16:40:29 +11:00
djm@openbsd.org
927f8514ce upstream commit
include the addr:port in bind/listen failure messages

OpenBSD-Commit-ID: fdadb69fe1b38692608809cf0376b71c2c28e58e
2017-12-07 11:46:35 +11:00
djm@openbsd.org
acf559e1cf upstream commit
Add optional rdomain qualifier to sshd_config's
ListenAddress option to allow listening on a different rdomain(4), e.g.

ListenAddress 0.0.0.0 rdomain 4

Upstream-ID: 24b6622c376feeed9e9be8b9605e593695ac9091
2017-10-25 12:26:06 +11:00
djm@openbsd.org
218e6f98df upstream commit
fix inverted test on channel open failure path that
"upgraded" a transient failure into a fatal error; reported by sthen and also
seen by benno@; ok sthen@

Upstream-ID: b58b3fbb79ba224599c6cd6b60c934fc46c68472
2017-09-24 23:46:12 +10:00
djm@openbsd.org
c704f641f7 upstream commit
write the correct buffer when tunnel forwarding; doesn't
matter on OpenBSD (they are the same) but does matter on portable where we
use an output filter to translate os-specific tun/tap headers

Upstream-ID: f1ca94eff48404827b12e1d12f6139ee99a72284
2017-09-24 19:51:01 +10:00
djm@openbsd.org
55486f5cef upstream commit
fix tunnel forwarding problem introduced in refactor;
reported by stsp@ ok markus@

Upstream-ID: 81a731cdae1122c8522134095d1a8b60fa9dcd04
2017-09-24 14:08:36 +10:00
markus@openbsd.org
609d7a66ce upstream commit
Add 'reverse' dynamic forwarding which combines dynamic
forwarding (-D) with remote forwarding (-R) where the remote-forwarded port
expects SOCKS-requests.

The SSH server code is unchanged and the parsing happens at the SSH
clients side. Thus the full SOCKS-request is sent over the forwarded
channel and the client parses c->output. Parsing happens in
channel_before_prepare_select(), _before_ the select bitmask is
computed in the pre[] handlers, but after network input processing
in the post[] handlers.

help and ok djm@

Upstream-ID: aa25a6a3851064f34fe719e0bf15656ad5a64b89
2017-09-22 09:14:53 +10:00
millert@openbsd.org
3e8d185af3 upstream commit
Use explicit_bzero() instead of bzero() before free() to
prevent the compiler from optimizing away the bzero() call.  OK djm@

Upstream-ID: cdc6197e64c9684c7250e23d60863ee1b53cef1d
2017-09-22 09:14:53 +10:00
djm@openbsd.org
4ec0bb9f9a upstream commit
unused variable

Upstream-ID: 2f9ba09f2708993d35eac5aa71df910dcc52bac1
2017-09-12 17:57:11 +10:00
djm@openbsd.org
9145a73ce2 upstream commit
fix tun/tap forwarding case in previous

Upstream-ID: 43ebe37a930320e24bca6900dccc39857840bc53
2017-09-12 17:37:03 +10:00
djm@openbsd.org
9f53229c2a upstream commit
Make remote channel ID a u_int

Previously we tracked the remote channel IDs in an int, but this is
strictly incorrect: the wire protocol uses uint32 and there is nothing
in-principle stopping a SSH implementation from sending, say, 0xffff0000.

In practice everyone numbers their channels sequentially, so this has
never been a problem.

ok markus@

Upstream-ID: b9f4cd3dc53155b4a5c995c0adba7da760d03e73
2017-09-12 17:37:03 +10:00
djm@openbsd.org
dbee4119b5 upstream commit
refactor channels.c

Move static state to a "struct ssh_channels" that is allocated at
runtime and tracked as a member of struct ssh.

Explicitly pass "struct ssh" to all channels functions.

Replace use of the legacy packet APIs in channels.c.

Rework sshd_config PermitOpen handling: previously the configuration
parser would call directly into the channels layer. After the refactor
this is not possible, as the channels structures are allocated at
connection time and aren't available when the configuration is parsed.
The server config parser now tracks PermitOpen itself and explicitly
configures the channels code later.

ok markus@

Upstream-ID: 11828f161656b965cc306576422613614bea2d8f
2017-09-12 17:37:02 +10:00
djm@openbsd.org
71e5a536ec upstream commit
pass packet state down to some of the channels function
(more to come...); ok markus@

Upstream-ID: d8ce7a94f4059d7ac1e01fb0eb01de0c4b36c81b
2017-09-04 09:38:57 +10:00
deraadt@openbsd.org
dc5dc45662 upstream commit
These shutdown() SHUT_RDWR are not needed before close()
ok djm markus claudio

Upstream-ID: 36f13ae4ba10f5618cb9347933101eb4a98dbcb5
2017-06-01 14:54:46 +10:00
djm@openbsd.org
c04e979503 upstream commit
fix possible OOB strlen() in SOCKS4A hostname parsing;
ok markus@

Upstream-ID: c67297cbeb0e5a19d81752aa18ec44d31270cd11
2017-05-31 10:51:09 +10:00
markus@openbsd.org
2ae666a8fc upstream commit
protocol handlers all get struct ssh passed; ok djm@

Upstream-ID: 0ca9ea2a5d01a6d2ded94c5024456a930c5bfb5d
2017-05-31 10:50:05 +10:00
markus@openbsd.org
c221219b1f upstream commit
remove ssh1 references; ok djm@

Upstream-ID: fc23b7578e7b0a8daaec72946d7f5e58ffff5a3d
2017-05-31 10:46:44 +10:00
markus@openbsd.org
6cf711752c upstream commit
remove SSH_CHANNEL_XXX_DRAINING (ssh1 only); ok djm@

Upstream-ID: e2e225b6ac67b84dd024f38819afff2554fafe42
2017-05-27 15:35:52 +10:00
markus@openbsd.org
364f0d5ede upstream commit
remove channel_input_close_confirmation (ssh1 only); ok
djm@

Upstream-ID: 8e7c8c38f322d255bb0294a5c0ebef53fdf576f1
2017-05-27 15:35:52 +10:00
djm@openbsd.org
930e8d2827 upstream commit
obliterate ssh1.h and some dead code that used it

ok markus@

Upstream-ID: 1ca9159a9fb95618f9d51e069ac8e1131a087343
2017-05-01 10:05:06 +10:00
djm@openbsd.org
97f4d3083b upstream commit
remove compat20/compat13/compat15 variables

ok markus@

Upstream-ID: 43802c035ceb3fef6c50c400e4ecabf12354691c
2017-05-01 09:42:37 +10:00
Darren Tucker
da39b09d43 If OSX is using launchd, remove screen no.
Check for socket with and without screen number.  From Apple and Jakob
Schlyter via bz#2341, with contributions from Ron Frederick, ok djm@
2017-03-10 13:22:32 +11:00
dtucker@openbsd.org
858252fb1d upstream commit
Return true reason for port forwarding failures where
feasible rather than always "administratively prohibited".  bz#2674, ok djm@

Upstream-ID: d901d9887951774e604ca970e1827afaaef9e419
2017-02-03 14:23:24 +11:00
dtucker@openbsd.org
246aa842a4 upstream commit
Remove channel_input_port_forward_request(); the only caller
was the recently-removed SSH1 server code so it's now dead code.  ok markus@

Upstream-ID: 05453983230a1f439562535fec2818f63f297af9
2016-10-19 07:16:01 +11:00