Commit Graph

371 Commits

Author SHA1 Message Date
djm@openbsd.org
218e6f98df upstream commit
fix inverted test on channel open failure path that
"upgraded" a transient failure into a fatal error; reported by sthen and also
seen by benno@; ok sthen@

Upstream-ID: b58b3fbb79ba224599c6cd6b60c934fc46c68472
2017-09-24 23:46:12 +10:00
djm@openbsd.org
c704f641f7 upstream commit
write the correct buffer when tunnel forwarding; doesn't
matter on OpenBSD (they are the same) but does matter on portable where we
use an output filter to translate os-specific tun/tap headers

Upstream-ID: f1ca94eff48404827b12e1d12f6139ee99a72284
2017-09-24 19:51:01 +10:00
djm@openbsd.org
55486f5cef upstream commit
fix tunnel forwarding problem introduced in refactor;
reported by stsp@ ok markus@

Upstream-ID: 81a731cdae1122c8522134095d1a8b60fa9dcd04
2017-09-24 14:08:36 +10:00
markus@openbsd.org
609d7a66ce upstream commit
Add 'reverse' dynamic forwarding which combines dynamic
forwarding (-D) with remote forwarding (-R) where the remote-forwarded port
expects SOCKS-requests.

The SSH server code is unchanged and the parsing happens at the SSH
clients side. Thus the full SOCKS-request is sent over the forwarded
channel and the client parses c->output. Parsing happens in
channel_before_prepare_select(), _before_ the select bitmask is
computed in the pre[] handlers, but after network input processing
in the post[] handlers.

help and ok djm@

Upstream-ID: aa25a6a3851064f34fe719e0bf15656ad5a64b89
2017-09-22 09:14:53 +10:00
millert@openbsd.org
3e8d185af3 upstream commit
Use explicit_bzero() instead of bzero() before free() to
prevent the compiler from optimizing away the bzero() call.  OK djm@

Upstream-ID: cdc6197e64c9684c7250e23d60863ee1b53cef1d
2017-09-22 09:14:53 +10:00
djm@openbsd.org
4ec0bb9f9a upstream commit
unused variable

Upstream-ID: 2f9ba09f2708993d35eac5aa71df910dcc52bac1
2017-09-12 17:57:11 +10:00
djm@openbsd.org
9145a73ce2 upstream commit
fix tun/tap forwarding case in previous

Upstream-ID: 43ebe37a930320e24bca6900dccc39857840bc53
2017-09-12 17:37:03 +10:00
djm@openbsd.org
9f53229c2a upstream commit
Make remote channel ID a u_int

Previously we tracked the remote channel IDs in an int, but this is
strictly incorrect: the wire protocol uses uint32 and there is nothing
in-principle stopping a SSH implementation from sending, say, 0xffff0000.

In practice everyone numbers their channels sequentially, so this has
never been a problem.

ok markus@

Upstream-ID: b9f4cd3dc53155b4a5c995c0adba7da760d03e73
2017-09-12 17:37:03 +10:00
djm@openbsd.org
dbee4119b5 upstream commit
refactor channels.c

Move static state to a "struct ssh_channels" that is allocated at
runtime and tracked as a member of struct ssh.

Explicitly pass "struct ssh" to all channels functions.

Replace use of the legacy packet APIs in channels.c.

Rework sshd_config PermitOpen handling: previously the configuration
parser would call directly into the channels layer. After the refactor
this is not possible, as the channels structures are allocated at
connection time and aren't available when the configuration is parsed.
The server config parser now tracks PermitOpen itself and explicitly
configures the channels code later.

ok markus@

Upstream-ID: 11828f161656b965cc306576422613614bea2d8f
2017-09-12 17:37:02 +10:00
djm@openbsd.org
71e5a536ec upstream commit
pass packet state down to some of the channels function
(more to come...); ok markus@

Upstream-ID: d8ce7a94f4059d7ac1e01fb0eb01de0c4b36c81b
2017-09-04 09:38:57 +10:00
deraadt@openbsd.org
dc5dc45662 upstream commit
These shutdown() SHUT_RDWR are not needed before close()
ok djm markus claudio

Upstream-ID: 36f13ae4ba10f5618cb9347933101eb4a98dbcb5
2017-06-01 14:54:46 +10:00
djm@openbsd.org
c04e979503 upstream commit
fix possible OOB strlen() in SOCKS4A hostname parsing;
ok markus@

Upstream-ID: c67297cbeb0e5a19d81752aa18ec44d31270cd11
2017-05-31 10:51:09 +10:00
markus@openbsd.org
2ae666a8fc upstream commit
protocol handlers all get struct ssh passed; ok djm@

Upstream-ID: 0ca9ea2a5d01a6d2ded94c5024456a930c5bfb5d
2017-05-31 10:50:05 +10:00
markus@openbsd.org
c221219b1f upstream commit
remove ssh1 references; ok djm@

Upstream-ID: fc23b7578e7b0a8daaec72946d7f5e58ffff5a3d
2017-05-31 10:46:44 +10:00
markus@openbsd.org
6cf711752c upstream commit
remove SSH_CHANNEL_XXX_DRAINING (ssh1 only); ok djm@

Upstream-ID: e2e225b6ac67b84dd024f38819afff2554fafe42
2017-05-27 15:35:52 +10:00
markus@openbsd.org
364f0d5ede upstream commit
remove channel_input_close_confirmation (ssh1 only); ok
djm@

Upstream-ID: 8e7c8c38f322d255bb0294a5c0ebef53fdf576f1
2017-05-27 15:35:52 +10:00
djm@openbsd.org
930e8d2827 upstream commit
obliterate ssh1.h and some dead code that used it

ok markus@

Upstream-ID: 1ca9159a9fb95618f9d51e069ac8e1131a087343
2017-05-01 10:05:06 +10:00
djm@openbsd.org
97f4d3083b upstream commit
remove compat20/compat13/compat15 variables

ok markus@

Upstream-ID: 43802c035ceb3fef6c50c400e4ecabf12354691c
2017-05-01 09:42:37 +10:00
Darren Tucker
da39b09d43 If OSX is using launchd, remove screen no.
Check for socket with and without screen number.  From Apple and Jakob
Schlyter via bz#2341, with contributions from Ron Frederick, ok djm@
2017-03-10 13:22:32 +11:00
dtucker@openbsd.org
858252fb1d upstream commit
Return true reason for port forwarding failures where
feasible rather than always "administratively prohibited".  bz#2674, ok djm@

Upstream-ID: d901d9887951774e604ca970e1827afaaef9e419
2017-02-03 14:23:24 +11:00
dtucker@openbsd.org
246aa842a4 upstream commit
Remove channel_input_port_forward_request(); the only caller
was the recently-removed SSH1 server code so it's now dead code.  ok markus@

Upstream-ID: 05453983230a1f439562535fec2818f63f297af9
2016-10-19 07:16:01 +11:00
djm@openbsd.org
2f78a2a698 upstream commit
fix some -Wpointer-sign warnings in the new mux proxy; ok
markus@

Upstream-ID: b1ba7b3769fbc6b7f526792a215b0197f5e55dfd
2016-10-01 07:07:58 +10:00
markus@openbsd.org
8d05784785 upstream commit
ssh proxy mux mode (-O proxy; idea from Simon Tatham): - mux
client speaks the ssh-packet protocol directly over unix-domain socket. - mux
server acts as a proxy, translates channel IDs and relays to the server. - no
filedescriptor passing necessary. - combined with unix-domain forwarding it's
even possible to run mux client   and server on different machines. feedback
& ok djm@

Upstream-ID: 666a2fb79f58e5c50e246265fb2b9251e505c25b
2016-10-01 02:45:10 +10:00
natano@openbsd.org
492710894a upstream commit
Replace two more arc4random() loops with
arc4random_buf().

tweaks and ok dtucker
ok deraadt

Upstream-ID: 738d3229130ccc7eac975c190276ca6fcf0208e4
2016-09-21 11:03:55 +10:00
deraadt@openbsd.org
9136ec134c upstream commit
Add MAXIMUM(), MINIMUM(), and ROUNDUP() to misc.h, then
use those definitions rather than pulling <sys/param.h> and unknown namespace
pollution. ok djm markus dtucker

Upstream-ID: 712cafa816c9f012a61628b66b9fbd5687223fb8
2016-09-12 13:46:29 +10:00
dtucker@openbsd.org
d7eabc86fa upstream commit
Allow wildcard for PermitOpen hosts as well as ports.
bz#2582, patch from openssh at mzpqnxow.com and jjelen at redhat.com.  ok
markus@

Upstream-ID: af0294e9b9394c4e16e991424ca0a47a7cc605f2
2016-07-22 13:36:40 +10:00
djm@openbsd.org
95767262ca upstream commit
refactor canohost.c: move functions that cache results closer
 to the places that use them (authn and session code). After this, no state is
 cached in canohost.c

feedback and ok markus@

Upstream-ID: 5f2e4df88d4803fc8ec59ec53629105e23ce625e
2016-03-08 06:20:35 +11:00
naddy@openbsd.org
603ba41179 upstream commit
Only check errno if read() has returned an error.  EOF is
 not an error. This fixes a problem where the mux master would sporadically
 fail to notice that the client had exited. ok mikeb@ djm@

Upstream-ID: 3c2dadc21fac6ef64665688aac8a75fffd57ae53
2016-02-08 21:58:31 +11:00
djm@openbsd.org
b1d38a3cc6 upstream commit
fix some signed/unsigned integer type mismatches in
 format strings; reported by Nicholas Lemonias

Upstream-ID: 78cd55420a0eef68c4095bdfddd1af84afe5f95c
2015-10-16 10:54:08 +11:00
djm@openbsd.org
1bf477d3cd upstream commit
better refuse ForwardX11Trusted=no connections attempted
 after ForwardX11Timeout expires; reported by Jann Horn

Upstream-ID: bf0fddadc1b46a0334e26c080038313b4b6dea21
2015-07-01 12:29:43 +10:00
djm@openbsd.org
629df770db upstream commit
fatal() when a remote window update causes the window
 value to overflow. Reported by Georg Wicherski, ok markus@

Upstream-ID: ead397a9aceb3bf74ebfa5fcaf259d72e569f351
2015-06-30 16:12:20 +10:00
djm@openbsd.org
f715afebe7 upstream commit
Fix math error in remote window calculations that causes
 eventual stalls for datagram channels. Reported by Georg Wicherski, ok
 markus@

Upstream-ID: be54059d11bf64e0d85061f7257f53067842e2ab
2015-06-30 16:12:20 +10:00
millert@openbsd.org
ec04dc4a55 upstream commit
For "ssh -L 12345:/tmp/sock" don't fail with "No forward host
 name." (we have a path, not a host name).  Based on a diff from Jared
 Yanovich. OK djm@

Upstream-ID: 2846b0a8c7de037e33657f95afbd282837fc213f
2015-06-07 13:09:58 +10:00
dtucker@openbsd.org
297060f42d upstream commit
Use xcalloc for permitted_adm_opens instead of xmalloc to
 ensure it's zeroed. Fixes post-auth crash with permitopen=none.  bz#2355, ok
 djm@
2015-05-08 13:32:59 +10:00
deraadt@openbsd.org
657a5fbc0d upstream commit
rename xrealloc() to xreallocarray() since it follows
 that form. ok djm
2015-04-29 18:15:23 +10:00
Darren Tucker
37f9220db8 Wrap stdint.h includes in ifdefs. 2015-02-23 03:07:24 +11:00
millert@openbsd.org
fd36834871 upstream commit
SIZE_MAX is standard, we should be using it in preference to
 the obsolete SIZE_T_MAX.  OK miod@ beck@
2015-02-09 09:28:17 +11:00
deraadt@openbsd.org
087266ec33 upstream commit
Reduce use of <sys/param.h> and transition to <limits.h>
 throughout. ok djm markus
2015-01-26 23:58:53 +11:00
markus@openbsd.org
3fdc88a0de upstream commit
move dispatch to struct ssh; ok djm@
2015-01-20 09:14:16 +11:00
djm@openbsd.org
48b68ce19c upstream commit
explicitly include sys/param.h in files that use the
 howmany() macro; from portable
2014-12-11 19:20:29 +11:00
djm@openbsd.org
bb005dc815 upstream commit
fix a few -Wpointer-sign warnings from clang
2014-10-13 11:39:18 +11:00
Damien Miller
7acefbbcbe - millert@cvs.openbsd.org 2014/07/15 15:54:14
[PROTOCOL auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
     [auth-rsa.c auth.c auth1.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
     [auth2-passwd.c auth2-pubkey.c auth2.c canohost.c channels.c channels.h]
     [clientloop.c misc.c misc.h monitor.c mux.c packet.c readconf.c]
     [readconf.h servconf.c servconf.h serverloop.c session.c ssh-agent.c]
     [ssh.c ssh_config.5 sshconnect.c sshconnect1.c sshconnect2.c sshd.c]
     [sshd_config.5 sshlogin.c]
     Add support for Unix domain socket forwarding.  A remote TCP port
     may be forwarded to a local Unix domain socket and vice versa or
     both ends may be a Unix domain socket.  This is a reimplementation
     of the streamlocal patches by William Ahern from:
         http://www.25thandclement.com/~william/projects/streamlocal.html
     OK djm@ markus@
2014-07-18 14:11:24 +10:00
Damien Miller
3a48cc0900 - djm@cvs.openbsd.org 2014/07/05 23:11:48
[channels.c]
     fix remote-forward cancel regression; ok markus@
2014-07-06 09:32:49 +10:00
Damien Miller
602943d117 - djm@cvs.openbsd.org 2014/07/03 22:33:41
[channels.c]
     allow explicit ::1 and 127.0.0.1 forwarding bind addresses when
     GatewayPorts=no; allows client to choose address family;
     bz#2222 ok markus@
2014-07-04 08:59:41 +10:00
Damien Miller
4b3ed647d5 - markus@cvs.openbsd.org 2014/06/27 16:41:56
[channels.c channels.h clientloop.c ssh.c]
     fix remote fwding with same listen port but different listen address
     with gerhard@, ok djm@
2014-07-02 15:29:40 +10:00
Damien Miller
e84d10302a revert a diff I didn't mean to commit 2014-05-21 17:13:36 +10:00
Damien Miller
795b86313f - (djm) [misc.c] Use CLOCK_BOOTTIME in preference to CLOCK_MONOTONIC
when it is available. It takes into account time spent suspended,
   thereby ensuring timeouts (e.g. for expiring agent keys) fire
   correctly. bz#2228 reported by John Haxby
2014-05-21 17:12:53 +10:00
Damien Miller
633de33b19 - djm@cvs.openbsd.org 2014/04/28 03:09:18
[authfile.c bufaux.c buffer.h channels.c krl.c mux.c packet.c packet.h]
     [ssh-keygen.c]
     buffer_get_string_ptr's return should be const to remind
     callers that futzing with it will futz with the actual buffer
     contents
2014-05-15 13:48:26 +10:00
Damien Miller
1348129a34 - djm@cvs.openbsd.org 2014/02/26 20:29:29
[channels.c]
     don't assume that the socks4 username is \0 terminated;
     spotted by Ben Hawkes; ok markus@
2014-02-27 10:18:32 +11:00
Damien Miller
0890dc8191 - djm@cvs.openbsd.org 2014/02/15 23:05:36
[channels.c]
     avoid spurious "getsockname failed: Bad file descriptor" errors in ssh -W;
     bz#2200, debian#738692 via Colin Watson; ok dtucker@
2014-02-24 15:56:07 +11:00