mirror of
https://git.FreeBSD.org/src.git
synced 2024-10-18 02:19:39 +00:00
f374ba41f5
Release notes are available at https://www.openssh.com/txt/release-9.2 OpenSSH 9.2 contains fixes for two security problems and a memory safety problem. The memory safety problem is not believed to be exploitable. These fixes have already been committed to OpenSSH 9.1 in FreeBSD. Some other notable items from the release notes: * ssh(1): add a new EnableEscapeCommandline ssh_config(5) option that controls whether the client-side ~C escape sequence that provides a command-line is available. Among other things, the ~C command-line could be used to add additional port-forwards at runtime. * sshd(8): add support for channel inactivity timeouts via a new sshd_config(5) ChannelTimeout directive. This allows channels that have not seen traffic in a configurable interval to be automatically closed. Different timeouts may be applied to session, X11, agent and TCP forwarding channels. * sshd(8): add a sshd_config UnusedConnectionTimeout option to terminate client connections that have no open channels for a length of time. This complements the ChannelTimeout option above. * sshd(8): add a -V (version) option to sshd like the ssh client has. * scp(1), sftp(1): add a -X option to both scp(1) and sftp(1) to allow control over some SFTP protocol parameters: the copy buffer length and the number of in-flight requests, both of which are used during upload/download. Previously these could be controlled in sftp(1) only. This makes them available in both SFTP protocol clients using the same option character sequence. * ssh-keyscan(1): allow scanning of complete CIDR address ranges, e.g. "ssh-keyscan 192.168.0.0/24". If a CIDR range is passed, then it will be expanded to all possible addresses in the range including the all-0s and all-1s addresses. bz#976 * ssh(1): support dynamic remote port forwarding in escape command-line's -R processing. bz#3499 MFC after: 1 week Sponsored by: The FreeBSD Foundation
65 lines
2.4 KiB
C
65 lines
2.4 KiB
C
/*
|
|
* Copyright (c) 2004,2005 Damien Miller <djm@mindrot.org>
|
|
*
|
|
* Permission to use, copy, modify, and distribute this software for any
|
|
* purpose with or without fee is hereby granted, provided that the above
|
|
* copyright notice and this permission notice appear in all copies.
|
|
*
|
|
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
|
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
|
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
|
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
|
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
|
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
|
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
|
*/
|
|
|
|
/* Address handling routines */
|
|
|
|
#ifndef _ADDR_H
|
|
#define _ADDR_H
|
|
|
|
#include <sys/socket.h>
|
|
#include <netinet/in.h>
|
|
|
|
struct xaddr {
|
|
sa_family_t af;
|
|
union {
|
|
struct in_addr v4;
|
|
struct in6_addr v6;
|
|
u_int8_t addr8[16];
|
|
u_int16_t addr16[8];
|
|
u_int32_t addr32[4];
|
|
} xa; /* 128-bit address */
|
|
u_int32_t scope_id; /* iface scope id for v6 */
|
|
#define v4 xa.v4
|
|
#define v6 xa.v6
|
|
#define addr8 xa.addr8
|
|
#define addr16 xa.addr16
|
|
#define addr32 xa.addr32
|
|
};
|
|
|
|
int addr_unicast_masklen(int af);
|
|
int addr_xaddr_to_sa(const struct xaddr *xa, struct sockaddr *sa,
|
|
socklen_t *len, u_int16_t port);
|
|
int addr_sa_to_xaddr(struct sockaddr *sa, socklen_t slen, struct xaddr *xa);
|
|
int addr_netmask(int af, u_int l, struct xaddr *n);
|
|
int addr_hostmask(int af, u_int l, struct xaddr *n);
|
|
int addr_invert(struct xaddr *n);
|
|
int addr_pton(const char *p, struct xaddr *n);
|
|
int addr_sa_pton(const char *h, const char *s, struct sockaddr *sa,
|
|
socklen_t slen);
|
|
int addr_pton_cidr(const char *p, struct xaddr *n, u_int *l);
|
|
int addr_ntop(const struct xaddr *n, char *p, size_t len);
|
|
int addr_and(struct xaddr *dst, const struct xaddr *a, const struct xaddr *b);
|
|
int addr_or(struct xaddr *dst, const struct xaddr *a, const struct xaddr *b);
|
|
int addr_cmp(const struct xaddr *a, const struct xaddr *b);
|
|
int addr_is_all0s(const struct xaddr *n);
|
|
int addr_host_is_all0s(const struct xaddr *n, u_int masklen);
|
|
int addr_host_to_all0s(struct xaddr *a, u_int masklen);
|
|
int addr_host_to_all1s(struct xaddr *a, u_int masklen);
|
|
int addr_netmatch(const struct xaddr *host, const struct xaddr *net,
|
|
u_int masklen);
|
|
void addr_increment(struct xaddr *a);
|
|
#endif /* _ADDR_H */
|