Merge pull request #83 from rapier1/release_candidates

Official Release of 18.4.1

.github/workflows/cifuzz.yml

@@ -1,27 +1,27 @@
 name: CIFuzz
 on:
   push:
-    branches: [master, pre-stage]
+    branches: [master, dev_minor, dev_major, release_candidates]
     paths: [ '**.c', '**.h', '**.m4', '**.sh', '.github/**', '**/Makefile.in', 'configure.ac' ]
   pull_request:
     paths: [ '**.c', '**.h', '**.m4', '**.sh', '.github/**', '**/Makefile.in', 'configure.ac' ]
 
 jobs:
   Fuzzing:
-    if: github.repository != 'rapier1/openssh-portable-selfhosted'
+    if: github.repository != 'rapier1/hpn-ssh-selfhosted'
     runs-on: ubuntu-latest
     steps:
     - name: Build Fuzzers
       id: build
       uses: google/oss-fuzz/infra/cifuzz/actions/build_fuzzers@master
       with:
-        oss-fuzz-project-name: 'openssh'
+        oss-fuzz-project-name: 'hpn-ssh'
         dry-run: false
         language: c++
     - name: Run Fuzzers
       uses: google/oss-fuzz/infra/cifuzz/actions/run_fuzzers@master
       with:
-        oss-fuzz-project-name: 'openssh'
+        oss-fuzz-project-name: 'hpn-ssh'
         fuzz-seconds: 600
         dry-run: false
         language: c++
@@ -30,4 +30,4 @@ jobs:
       if: failure() && steps.build.outcome == 'success'
       with:
         name: artifacts
-        path: ./out/artifacts
+        path: ./out/artifacts

channels.c

@@ -534,9 +534,16 @@ channel_new(struct ssh *ssh, char *ctype, int type, int rfd, int wfd, int efd,
 	    (c->output = sshbuf_new()) == NULL ||
 	    (c->extended = sshbuf_new()) == NULL)
 		fatal_f("sshbuf_new failed");
+
+	/* these buffers are important in terms of tracking channel
+	 * buffer usage so label and type them with descriptive names */
 	sshbuf_relabel(c->input, "channel input");
+	sshbuf_type(c->input, BUF_CHANNEL_INPUT);
 	sshbuf_relabel(c->output, "channel output");
+	sshbuf_type(c->output, BUF_CHANNEL_OUTPUT);
 	sshbuf_relabel(c->extended, "channel extended");
+	sshbuf_type(c->extended, BUF_CHANNEL_EXTENDED);
+
 	if ((r = sshbuf_set_max_size(c->input, CHAN_INPUT_MAX)) != 0)
 		fatal_fr(r, "sshbuf_set_max_size");
 	c->ostate = CHAN_OUTPUT_OPEN;
@@ -2401,40 +2408,20 @@ channel_check_window(struct ssh *ssh, Channel *c)
 {
 	int r;
 
-	/* going back to a set denominator of 2. Prior versions had a
-	 * dynamic denominator based on the size of the buffer. This may
-	 * have been helpful in some situations but it isn't helping in
-	 * the general case -cjr 6/30/23 */
 	if (c->type == SSH_CHANNEL_OPEN &&
 	    !(c->flags & (CHAN_CLOSE_SENT|CHAN_CLOSE_RCVD)) &&
 	    ((c->local_window_max - c->local_window > c->local_maxpacket*3) ||
 	    c->local_window < c->local_window_max/2) &&
 	    c->local_consumed > 0) {
-		u_int addition = 0;
+		int addition = 0;
 		u_int32_t tcpwinsz = channel_tcpwinsz(ssh);
 		/* adjust max window size if we are in a dynamic environment
 		 * and the tcp receive buffer is larger than the ssh window */
 		if (c->dynamic_window && (tcpwinsz > c->local_window_max)) {
-			if (c->hpn_buffer_limit) {
-				/* limit window growth to prevent buffer issues
-				 * still not sure what is causing the buffer issues
-				 * but it may be an issue with c->local_consumed not being
-				 * handled properly in the cases of bottenecked IO to the
-				 * wfd endpoint. This does have an impact on throughput
-				 * as we're essentially maxing out local_window_max to
-				 * half of the window size */
-				addition = (tcpwinsz/2 - c->local_window_max);
-			}
-			else {
-				/* aggressively grow the window */
-				addition = tcpwinsz - c->local_window_max;
-			}
+			/* aggressively grow the window */
+			addition = tcpwinsz - c->local_window_max;
 			c->local_window_max += addition;
-			/* doesn't look like we need these
-			 * sshbuf_set_window_max(c->output, c->local_window_max);
-			 * sshbuf_set_window_max(c->input, c->local_window_max);
-			 */
-			debug("Channel %d: Window growth to %d by %d bytes",c->self,
+			debug_f("Channel %d: Window growth to %d by %d bytes",c->self,
 			      c->local_window_max, addition);
 		}
 		if (!c->have_remote_id)

channels.h

@@ -175,7 +175,6 @@ struct Channel {
 	u_int	local_consumed;
 	u_int	local_maxpacket;
 	int	dynamic_window;
-	int     hpn_buffer_limit;
 	int     extended_usage;
 	int	single_connection;
 	/* u_int	tcpwinsz; */

clientloop.c

@@ -2911,11 +2911,6 @@ client_session2_setup(struct ssh *ssh, int id, int want_tty, int want_subsystem,
 	if ((c = channel_lookup(ssh, id)) == NULL)
 		fatal_f("channel %d: unknown channel", id);
 
-	if (options.hpn_buffer_limit) {
-		debug_f("Limiting receive buffer size");
-		c->hpn_buffer_limit = 1;
-	}
-
 	ssh_packet_set_interactive(ssh, want_tty,
 	    options.ip_qos_interactive, options.ip_qos_bulk);
 

configure.ac

@@ -2883,12 +2883,12 @@ if test "x$openssl" = "xyes" ; then
 				*) ;;	# Assume all other versions are good.
 				esac
 				;;
-			300*)
+			300*|301*|302*|303*)
 				# OpenSSL 3; we use the 1.1x API
 				CPPFLAGS="$CPPFLAGS -DOPENSSL_API_COMPAT=0x10100000L"
 				AC_DEFINE([WITH_OPENSSL3], [1], [With OpenSSL3])
 				;;
-			301*|302*|303*)
+			304*)
 				# OpenSSL development branch; request 1.1x API
 				CPPFLAGS="$CPPFLAGS -DOPENSSL_API_COMPAT=0x10100000L"
 				AC_DEFINE([WITH_OPENSSL3], [1], [With OpenSSL3])

hpnssh.1

@@ -555,7 +555,6 @@ For full details of the options listed below, and their possible values, see
 .It HostKeyAlias
 .It Hostname
 .It HPNDisabled*
-.It HPNBufferLimit*
 .It IdentitiesOnly
 .It IdentityAgent
 .It IdentityFile

hpnssh_config.5

@@ -1081,15 +1081,6 @@ In some situations, such as transfers on a local area network, the impact
 of the HPN code produces a net decrease in performance. In these cases it is
 helpful to disable the HPN functionality. By default HPNDisabled is set to 
 .Cm no. HPNSSH only.
-.It Cm HPNBufferLimit
-This option will force the hpnssh receive buffer to grow more slowly and limits
-the growth to one half of the TCP receive buffer. This option can prove useful
-in situation where a high speed path with larger RTTs are writing to a slower
-device or file system. Enabling this option will reduce performance but may provide
-a more stable connection. The option only impacts the receiving side of the connection. 
-For example, a client receiving data from a server but not a client sending data.
-By default this option is set to 
-.Cm no. HPNSSH only.
 .It Cm IdentitiesOnly
 Specifies that
 .Xr ssh 1

hpnsshd_config.5

@@ -890,16 +890,6 @@ In some situations, such as transfers on a local area network, the impact
 of the HPN code produces a net decrease in performance. In these cases it is
 helpful to disable the HPN functionality. By default HPNDisabled is set to 
 .CM no.
-.It Cm HPNBufferLimit
-This option will force the hpnssh receive buffer to grow more slowly and limits
-the growth to one half of the TCP receive buffer. This option can prove useful
-in situation where a high speed path with larger RTTs are writing to a slower
-device or file system. Enabling this option will reduce performance but may provide
-a more stable connection. The option only impacts the receiving side of the connection. 
-For example, a client receiving data from a server but not a client sending data. If 
-enabled on a server this will impact all incoming connections. 
-By default this option is set to 
-.Cm no. HPNSSH only.
 .It Cm IgnoreRhosts
 Specifies whether to ignore per-user
 .Pa .rhosts

kex.c

@@ -1041,9 +1041,11 @@ patch_list(char * orig)
 int
 kex_ready(struct ssh *ssh, char *proposal[PROPOSAL_MAX])
 {
-	int r;
+	int r = 0;
 
 #ifdef WITH_OPENSSL
+	char * orig_ctos = proposal[PROPOSAL_ENC_ALGS_CTOS];
+	char * orig_stoc = proposal[PROPOSAL_ENC_ALGS_STOC];
 	proposal[PROPOSAL_ENC_ALGS_CTOS] =
 	    patch_list(proposal[PROPOSAL_ENC_ALGS_CTOS]);
 	proposal[PROPOSAL_ENC_ALGS_STOC] =
@@ -1057,11 +1059,18 @@ kex_ready(struct ssh *ssh, char *proposal[PROPOSAL_MAX])
 #endif
 
 	if ((r = kex_prop2buf(ssh->kex->my, proposal)) != 0)
-		return r;
+		goto restoreProposal;
 	ssh->kex->flags = KEX_INITIAL;
 	kex_reset_dispatch(ssh);
 	ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_input_kexinit);
-	return 0;
+ restoreProposal:
+#ifdef WITH_OPENSSL
+	free(proposal[PROPOSAL_ENC_ALGS_CTOS]);
+	free(proposal[PROPOSAL_ENC_ALGS_STOC]);
+	proposal[PROPOSAL_ENC_ALGS_CTOS] = orig_ctos;
+	proposal[PROPOSAL_ENC_ALGS_STOC] = orig_stoc;
+#endif
+	return r;
 }
 
 int

packet.c

@@ -257,11 +257,15 @@ ssh_alloc_session_state(void)
 	    (state->incoming_packet = sshbuf_new()) == NULL)
 		goto fail;
 	/* these buffers are important in terms of tracking buffer usage
-	 * so we explicitly label them with descriptive names */
+	 * so we explicitly label and type them with descriptive names */
 	sshbuf_relabel(state->input, "input");
+	sshbuf_type(state->input, BUF_PACKET_INPUT);
 	sshbuf_relabel(state->incoming_packet, "inpacket");
+	sshbuf_type(state->incoming_packet, BUF_PACKET_INCOMING);
 	sshbuf_relabel(state->output, "output");
+	sshbuf_type(state->output, BUF_PACKET_OUTPUT);
 	sshbuf_relabel(state->outgoing_packet, "outpacket");
+	sshbuf_type(state->outgoing_packet, BUF_PACKET_OUTGOING);
 
 	TAILQ_INIT(&state->outgoing);
 	TAILQ_INIT(&ssh->private_keys);

packet.h

@@ -97,9 +97,6 @@ struct ssh {
 
 	/* track if we have disabled the mac as well */
 	int none_mac;
-
-	/* use the less agressive window growth option */
-	int hpn_buffer_limit;
 };
 
 typedef int (ssh_packet_hook_fn)(struct ssh *, struct sshbuf *,

readconf.c

@@ -171,7 +171,7 @@ typedef enum {
 	oTunnel, oTunnelDevice,
 	oLocalCommand, oPermitLocalCommand, oRemoteCommand,
 	oTcpRcvBufPoll, oHPNDisabled,
-	oNoneEnabled, oNoneMacEnabled, oNoneSwitch, oHPNBufferLimit,
+	oNoneEnabled, oNoneMacEnabled, oNoneSwitch,
 	oMetrics, oMetricsPath, oMetricsInterval, oFallback, oFallbackPort,
 	oVisualHostKey,
 	oKexAlgorithms, oIPQoS, oRequestTTY, oSessionType, oStdinNull,
@@ -310,7 +310,6 @@ static struct {
 	{ "noneenabled", oNoneEnabled },
 	{ "nonemacenabled", oNoneMacEnabled },
 	{ "noneswitch", oNoneSwitch },
-	{ "hpnbufferlimit", oHPNBufferLimit },
 	{ "metrics", oMetrics },
 	{ "metricspath", oMetricsPath },
 	{ "metricsinterval", oMetricsInterval },
@@ -1270,10 +1269,6 @@ process_config_line_depth(Options *options, struct passwd *pw, const char *host,
 		intptr = &options->nonemac_enabled;
 		goto parse_flag;
 
-	case oHPNBufferLimit:
-		intptr = &options->hpn_buffer_limit;
-		goto parse_flag;
-
 	case oMetrics:
 		intptr = &options->metrics;
 		goto parse_flag;
@@ -2701,7 +2696,6 @@ initialize_options(Options * options)
 	options->metrics_path = NULL;
 	options->metrics_interval = -1;
 	options->hpn_disabled = -1;
-	options->hpn_buffer_limit = -1;
 	options->fallback = -1;
 	options->fallback_port = -1;
 	options->tcp_rcv_buf_poll = -1;
@@ -2880,8 +2874,6 @@ fill_default_options(Options * options)
 		options->server_alive_count_max = 3;
 	if (options->hpn_disabled == -1)
 		options->hpn_disabled = 0;
-	if (options->hpn_buffer_limit == -1)
-		options->hpn_buffer_limit = 0;
 	if (options->tcp_rcv_buf_poll == -1)
 		options->tcp_rcv_buf_poll = 1;
 	if (options->none_switch == -1)

readconf.h

@@ -52,7 +52,6 @@ typedef struct {
 	int     tcp_keep_alive;	/* Set SO_KEEPALIVE. */
 	int     tcp_rcv_buf_poll; /* Option to poll recv buf every window transfer */
 	int     hpn_disabled;     /* Switch to disable HPN buffer management */
-	int     hpn_buffer_limit; /* limit local_window_max to 1/2 receive buffer */
 	int	ip_qos_interactive;	/* IP ToS/DSCP/class for interactive */
 	int	ip_qos_bulk;		/* IP ToS/DSCP/class for bulk traffic */
 	SyslogFacility log_facility;	/* Facility for system logging. */

servconf.c

@@ -192,7 +192,6 @@ initialize_server_options(ServerOptions *options)
 	options->hpn_disabled = -1;
 	options->none_enabled = -1;
 	options->nonemac_enabled = -1;
-	options->hpn_buffer_limit = -1;
 	options->ip_qos_interactive = -1;
 	options->ip_qos_bulk = -1;
 	options->version_addendum = NULL;
@@ -441,8 +440,6 @@ fill_default_server_options(ServerOptions *options)
 	}
 	if (options->hpn_disabled == -1)
 		options->hpn_disabled = 0;
-	if (options->hpn_buffer_limit == -1)
-		options->hpn_buffer_limit = 0;
 	if (options->ip_qos_interactive == -1)
 		options->ip_qos_interactive = IPTOS_DSCP_AF21;
 	if (options->ip_qos_bulk == -1)
@@ -524,8 +521,7 @@ typedef enum {
 	sKerberosGetAFSToken, sPasswordAuthentication,
 	sKbdInteractiveAuthentication, sListenAddress, sAddressFamily,
 	sPrintMotd, sPrintLastLog, sIgnoreRhosts,
-	sNoneEnabled, sNoneMacEnabled, sHPNBufferLimit,
-	sTcpRcvBufPoll, sHPNDisabled,
+	sNoneEnabled, sNoneMacEnabled, sTcpRcvBufPoll, sHPNDisabled,
 	sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost,
 	sPermitTTY, sStrictModes, sEmptyPasswd, sTCPKeepAlive,
 	sPermitUserEnvironment, sAllowTcpForwarding, sCompression,
@@ -696,7 +692,6 @@ static struct {
 	{ "tcprcvbufpoll", sTcpRcvBufPoll, SSHCFG_ALL },
 	{ "noneenabled", sNoneEnabled, SSHCFG_ALL },
 	{ "nonemacenabled", sNoneMacEnabled, SSHCFG_ALL },
-	{ "hpnbufferlimit", sHPNBufferLimit, SSHCFG_ALL },
 	{ "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL },
 	{ "include", sInclude, SSHCFG_ALL },
 	{ "ipqos", sIPQoS, SSHCFG_ALL },
@@ -1576,10 +1571,6 @@ process_server_config_line_depth(ServerOptions *options, char *line,
 		intptr = &options->nonemac_enabled;
 		goto parse_flag;
 
-	case sHPNBufferLimit:
-		intptr = &options->hpn_buffer_limit;
-		goto parse_flag;		
-
 	case sHostbasedAuthentication:
 		intptr = &options->hostbased_authentication;
 		goto parse_flag;

servconf.h

@@ -202,7 +202,6 @@ typedef struct {
 	int	hpn_disabled;		/* disable hpn functionality. false by default */
 	int	none_enabled;		/* Enable NONE cipher switch */
 	int     nonemac_enabled;        /* Enable NONE MAC switch */
-	int     hpn_buffer_limit;       /* limit local_window_max to 1/2 receive buffer */
 
 	int	permit_tun;
 

serverloop.c

@@ -620,8 +620,6 @@ server_request_session(struct ssh *ssh)
 	    0, "server-session", 1);
 	if ((options.tcp_rcv_buf_poll) && (!options.hpn_disabled))
 		c->dynamic_window = 1;
-	if (options.hpn_buffer_limit)
-		c->hpn_buffer_limit = 1;
 	if (session_open(the_authctxt, c->self) != 1) {
 		debug("session open failed, free channel %d", c->self);
 		channel_free(ssh, c);

ssh.c

@@ -2238,10 +2238,6 @@ ssh_session2_open(struct ssh *ssh)
 		debug("Enabled Dynamic Window Scaling");
 	}
 
-	if (options.hpn_buffer_limit)
-		c->hpn_buffer_limit = 1;
-
-
 	debug3_f("channel_new: %d", c->self);
 
 	channel_send_open(ssh, c->self);