| Age | Commit message (Collapse) | Author |
|---|
|
R=golang-dev, bradfitz
CC=golang-dev
https://golang.org/cl/5569064
|
|
Remove NewMD5, NewSHA1 and NewSHA256 in favor of using New and
explicitly importing the used hash-function. This way when using, for
example, HMAC with RIPEMD there's no md5, sha1 and sha256 linked in
through the hmac package.
A gofix rule is included, and applied to the standard library (3 files
altered).
This change is the result of a discussion at
https://golang.org/cl/5550043/ to pull the discussion about
deprecating these functions out of that issue.
R=golang-dev, agl
CC=golang-dev, r, rsc
https://golang.org/cl/5556058
|
|
Previously, a timeout (in int64 nanoseconds) applied to a granularity
even smaller than one operation: a 100 byte read with a 1 second timeout
could take 100 seconds, if the bytes all arrived on the network 1 second
apart. This was confusing.
Rather than making the timeout granularity be per-Read/Write,
this CL makes callers set an absolute deadline (in time.Time)
after which operations will fail. This makes it possible to
set deadlines at higher levels, without knowing exactly how
many read/write operations will happen in e.g. reading an HTTP
request.
Fixes #2723
R=r, rsc, dave
CC=golang-dev
https://golang.org/cl/5555048
|
|
djm recommend that we do this because OpenSSL was only fixed in 2008:
http://anoncvs.mindrot.org/index.cgi/openssh/sshd.c?revision=1.380&view=markup
R=dave, jonathan.mark.pittman
CC=golang-dev
https://golang.org/cl/5555044
|
|
First was, apart from adding tests, a single line of code (to add the
constructor function). Adding SHA512-based hashing to crypto/hmac
required minor rework of the package because of a previously hardcoded
block-size in it's implementation. Instead of using a hash.Hash
generator function the constructor function now uses a crypto.Hash
type, which was extended to expose information about block size.
The only standard library package impacted by the change is
crypto/tls, for which the fix is included in this patch. It might be
useful to extend gofix to include this API change too.
R=agl, r, rsc, r
CC=golang-dev
https://golang.org/cl/5550043
|
|
R=dave, agl, agl
CC=golang-dev
https://golang.org/cl/5494057
|
|
R=golang-dev, dave, agl
CC=golang-dev
https://golang.org/cl/5533081
|
|
R=golang-dev
CC=golang-dev
https://golang.org/cl/5541060
|
|
The terminal code in exp/terminal was forked from the code in exp/ssh.
This change removes the duplicated code from exp/ssh in favour of
using exp/terminal.
R=rsc
CC=golang-dev
https://golang.org/cl/5375064
|
|
This CL fixes two issues sending data to the remote peer.
The first bug occurs when the size of the buffer passed to
Write is larger than the current window, in this case, w.rwin
can become negative.
The second issue is more problematic than the first as the
amount of data passed to writePacket was not limited to w.rwin.
In this case the remote peer could silently drop the additional
data, or drop the connection.
Credit to Jacek Masiulaniec for the bug report.
R=agl, jacek.masiulaniec
CC=golang-dev
https://golang.org/cl/5511043
|
|
transport.go:
* remove unused nil check.
doc.go:
* improve documentation about supported auth
methods and update Run example.
Thanks Jacek Masiulaniec for both reports.
R=jacek.masiulaniec, agl
CC=golang-dev
https://golang.org/cl/5501075
|
|
- no empty lines inside empty structs and interfaces
- top-level declarations are separated by a blank line if
a) they are of different kind (e.g. const vs type); or
b) there are documentation comments associated with a
declaration (this is new)
- applied gofmt -w misc src
The actual changes are in go/printer/nodes.go:397-400 (empty structs/interfaces),
and go/printer/printer.go:307-309 (extra line break). The remaining
changes are cleanups w/o changing the existing functionality.
Fixes issue 2570.
R=rsc
CC=golang-dev
https://golang.org/cl/5493057
|
|
If a Pipe method is called, return the underlying
reader/writer from session.clientChan, bypassing the
io.Copy and io.Pipe harness.
StdoutPipe and StderrPipe now return an io.Reader not
an io.ReadCloser as SSH cannot signal the close of the
local reader to the remote process.
R=rsc, agl, gustav.paul, cw
CC=golang-dev
https://golang.org/cl/5493047
|
|
Also, rename ServerConfig.PubKeyCallback to PublicKeyCallback.
R=rsc, agl
CC=golang-dev
https://golang.org/cl/5477059
|
|
R=gustav.paul
CC=golang-dev
https://golang.org/cl/5480062
|
|
I added the clientChan's msg channel to the list of channels that are closed in mainloop when the server sends a channelCloseMsg.
I added an ExitError type that wraps a Waitmsg similar to that of os/exec. I fill ExitStatus with the data returned in the 'exit-status' channel message and Msg with the data returned in the 'exit-signal' channel message.
Instead of having Wait() return on the first 'exit-status'/'exit-signal' I have it return an ExitError containing the status and signal when the clientChan's msg channel is closed.
I added two tests cases to session_test.go that test for exit status 0 (in which case Wait() returns nil) and exit status 1 (in which case Wait() returns an ExitError with ExitStatus 1)
R=dave, agl, rsc, golang-dev, bradfitz
CC=golang-dev
https://golang.org/cl/5452051
|
|
This CL cleans up the client auth tests, making the
individual test body more manageable.
Also, adds tests for rsa and dsa key negotiation.
Finally, remove the package level use of the variable
strings, which avoids conflicting with the strings pkg.
R=gustav.paul, agl, n13m3y3r, rsc
CC=golang-dev
https://golang.org/cl/5447049
|
|
This is part one of a small set of CL's that aim to resolve
the outstanding TODOs relating to channel close and blocking
behavior.
Firstly, the hairy handling of assigning the peersId is now
done in one place. The cost of this change is the slightly
paradoxical construction of the partially created clientChan.
Secondly, by creating clientChan.stdin/out/err when the channel
is opened, the creation of consumers like tcpchan and Session
is simplified; they just have to wire themselves up to the
relevant readers/writers.
R=agl, gustav.paul, rsc
CC=golang-dev
https://golang.org/cl/5448073
|
|
R=golang-dev, dsymonds
CC=golang-dev
https://golang.org/cl/5437142
|
|
R=golang-dev, bradfitz, gri
CC=golang-dev
https://golang.org/cl/5451079
|
|
The SSH spec allows for the server to send a banner message to the client at any point during the authentication process. Currently the ssh client auth types all assume that the first response from the server after issuing a userAuthRequestMsg will be one of a couple of possible authentication success/failure messages. This means that client authentication breaks if the ssh server being connected to has a banner message configured.
This changeset refactors the noneAuth, passwordAuth and publickeyAuth types' auth() function and allows for msgUserAuthBanner during authentication.
R=golang-dev, rsc, dave, agl
CC=golang-dev
https://golang.org/cl/5432065
|
|
R=dave, agl, rsc, golang-dev, n13m3y3r
CC=golang-dev
https://golang.org/cl/5450059
|
|
This is the result of running `gofix -r hashsum` over the tree, changing
the hash function implementations by hand and then fixing a couple of
instances where gofix didn't catch something.
The changed implementations are as simple as possible while still
working: I'm not trying to optimise in this CL.
R=rsc, cw, rogpeppe
CC=golang-dev
https://golang.org/cl/5448065
|
|
R=gustav.paul, cw, agl, rsc, n13m3y3r
CC=golang-dev
https://golang.org/cl/5433080
|
|
Remove the accidentally exported net.Listener
««« original CL description
exp/ssh: remove unused forwarding methods in Server Listener
R=agl, rsc
CC=golang-dev
https://golang.org/cl/5436056
»»»
R=agl, rsc
CC=golang-dev
https://golang.org/cl/5437090
|
|
Exec to Run.
Exec() has been renamed to Run() in keeping with the os/exec API.
Added func (*Session) Start(cmd string) which starts a remote process but unlike Run() doesn't wait for it to finish before returning.
Run() has been refactored to use Start internally. Its really just a refactoring, no new code but some extra functionality was won.
Also added func (*Session) Signal(sig signal) which sends a UNIX signal to a remote process. This is espcially useful in conjunction with Start() as the two allow you to start a remote process, monitor its stdout/stderr, and send it a TERM/HUP/etc signal when you want it to close.
R=dave, rsc, agl, bradfitz, n13m3y3r, gustavo
CC=golang-dev
https://golang.org/cl/5437058
|
|
openChan was only being called by NewSession, Dial has
its own version.
R=gustav.paul, agl, rsc
CC=golang-dev
https://golang.org/cl/5435071
|
|
R=huin, agl, gustav.paul, cw
CC=golang-dev
https://golang.org/cl/5399044
|
|
Thanks for Ke Lan for the initial report and investigation.
R=agl, gustav.paul, tg8866, rsc
CC=golang-dev
https://golang.org/cl/5443044
|
|
R=dave, agl, rsc, golang-dev
CC=golang-dev
https://golang.org/cl/5431089
|
|
According to http://www.ietf.org/rfc/rfc4254.txt most channel messages contain the channel id of the recipient channel, not the sender id. This allows the recipient connection multiplexer to route the message to the correct channel.
This changeset fixes several messages that incorrectly send the local channel id instead of the remote channel's id.
While sessions were being created and closed in sequence channels in the channel pool were freed and reused on the server side of the connection at the same rate as was done on the client, so the channel local and remote channel ids always corresponded. As soon as I had concurrent sessions on the same clientConn the server started to complain of 'uknown channel id N' where N is the local channel id, which is actually paired with server channel id K.
R=golang-dev, dave, rsc, agl
CC=golang-dev
https://golang.org/cl/5433063
|
|
R=rsc, agl, n13m3y3r, bradfitz
CC=golang-dev
https://golang.org/cl/5385041
|
|
R=agl, rsc
CC=golang-dev
https://golang.org/cl/5436056
|
|
This CL inverts the direction of the Stdin/out/err members of the
Session struct so they reflect the API of the exec.Cmd. In doing so
it borrows heavily from the exec package.
Additionally Shell now returns immediately, wait for completion using
Wait. Exec calls Wait internally and so blocks until the remote
command is complete.
Credit to Gustavo Niemeyer for the impetus for this CL.
R=rsc, agl, n13m3y3r, huin, bradfitz
CC=cw, golang-dev
https://golang.org/cl/5322055
|
|
RFC4345.
R=dave, agl, taruti, rsc, r
CC=golang-dev
https://golang.org/cl/5342057
|
|
R=golang-dev, rsc
CC=dave, golang-dev
https://golang.org/cl/5364061
|
|
Fixes use of c after Dial failure (causes crash).
May fix Dial failure by listening to 127.0.0.1:0
instead of 0.0.0.0:0 (tests should only listen on
localhost).
R=golang-dev, gri
CC=golang-dev
https://golang.org/cl/5395052
|
|
Ensure that empty NameLists always return
a zero length []string, not nil.
In practice NameLists are only used in a few
message types and always consumed by a for
range function so the difference between nil
and []string{} is not significant.
Also, add exp/ssh to pkg/Makefile as suggested
by rsc.
R=rsc, agl
CC=golang-dev
https://golang.org/cl/5400042
|
|
This CL adds experimental support for making proxied
net.Conn connections via the remote server.
nb. Functional tests exist for this feature but CL
5320053 or similar needs to be committed to support them.
R=rsc, agl, n13m3y3r
CC=cw, golang-dev, huin
https://golang.org/cl/5371081
|
|
Requires CL 5373055
R=rsc, agl, n13m3y3r
CC=golang-dev
https://golang.org/cl/5320053
|
|
Closes TODO from 5373055
R=agl
CC=golang-dev
https://golang.org/cl/5375081
|
|
client.go/client_auth.go:
* add support for publickey key auth using the interface
outlined by rsc in the previous auth CL
client_auth_test.go:
* password and publickey tests against server.go
common.go/server.go:
* move some helper methods from server.go into common.go
* generalise serializeRSASignature
R=rsc, agl, huin
CC=cw, golang-dev, n13m3y3r
https://golang.org/cl/5373055
|
|
Some remote servers send a 0 window size in the channel
open confirm msg, others send a non zero window size. Make
sure this initial advertisement is not lost.
R=agl, rsc, cw
CC=golang-dev
https://golang.org/cl/5372083
|
|
R=rsc
CC=golang-dev
https://golang.org/cl/5358041
|
|
This CL adds an API for handling the various SSH
authenticaton methods. None and password continue
to be the only supported methods.
R=bradfitz, agl, n13m3y3r, rsc, cw
CC=golang-dev
https://golang.org/cl/5328045
|
|
R=adg
CC=golang-dev
https://golang.org/cl/5328062
|
|
R=golang-dev, iant
CC=golang-dev
https://golang.org/cl/5322051
|
|
The payload of a data message is defined as an SSH string type,
which uses the first four bytes to encode its length. When channelData
and channelExtendedData were added I defined Payload as []byte to
be able to use it directly without a string to []byte conversion. This
resulted in the length data leaking into the payload data.
This CL fixes the bug, and restores agl's original fast path code.
Additionally, a bug whereby s.lock was not released if a packet arrived
for an invalid channel has been fixed.
Finally, as they were no longer used, I have removed
the channelData and channelExtedendData structs.
R=agl, rsc
CC=golang-dev
https://golang.org/cl/5330053
|
|
This CL replaces the Cmd type with a Session type representing
interactive channels. This lays the foundation for supporting
other kinds of channels like direct-tcpip or x11.
client.go:
* replace chanlist map with slice.
* generalize stdout and stderr into a single type.
* unexport ClientChan to clientChan.
doc.go:
* update ServerConfig/ServerConn documentation.
* update Client example for Session.
message.go:
* make channelExtendedData more like channelData.
session.go:
* added Session which replaces Cmd.
R=agl, rsc, n13m3y3r, gustavo
CC=golang-dev
https://golang.org/cl/5302054
|
|
server.go/channel.go:
* rename Server to ServerConfig to match Client.
* rename ServerConnection to ServeConn to match Client.
* add Listen/Listener.
* ServerConn.Handshake(), general cleanups.
client.go:
* fix bug where fmt.Error was not assigned to err
R=rsc, agl
CC=golang-dev
https://golang.org/cl/5265049
|
