search for: 100s

Displaying 20 results from an estimated 558 matches for "100s".

Did you mean: 100
2007 Nov 11
0
Patch to sshd match
...AX_MATCH_GROUPS]; struct passwd *pw; + char* notstr = not ? "!" : ""; /* * Even if we do not have a user yet, we still need to check for @@ -529,12 +537,12 @@ } else if (ga_init(pw->pw_name, pw->pw_gid) == 0) { debug("Can't Match group because user %.100s not in any group " "at line %d", user, line); - } else if (ga_match(grplist, ngrps) != 1) { - debug("user %.100s does not match group %.100s at line %d", - user, arg, line); + } else if (ga_match(grplist, ngrps) == not) { + debug("user %.100s does not mat...
2001 Apr 25
0
NeXT // Broken _POSIX_SAVED_ID patch
...ged = 1; - temporarily_use_uid_effective = 1; + /* Save the current euid, and egroups. */ +#ifdef SAVED_IDS_WORK_WITH_SETEUID + saved_euid = geteuid(); saved_egid = getegid(); - saved_egroupslen = getgroups(NGROUPS_MAX, saved_egroups); - if (saved_egroupslen < 0) - fatal("getgroups: %.100s", strerror(errno)); - - /* set and save the user's groups */ - if (user_groupslen == -1) { - if (initgroups(pw->pw_name, pw->pw_gid) < 0) - fatal("initgroups: %s: %.100s", pw->pw_name, - strerror(errno)); - user_groupslen = getgroups(NGROUPS_MAX, user_...
2001 Jun 18
2
Patch for changing expired passwords
...empty and user isn't listed there */ if (options.num_allow_users > 0) { --- 68,92 ---- shell = (pw->pw_shell[0] == '\0') ? _PATH_BSHELL : pw->pw_shell; /* deny if shell does not exists or is not executable */ ! if (stat(shell, &st) != 0) { ! log("User %.100s not allowed because shell %.100s does not exist", ! pw->pw_name, shell); return 0; ! } ! if (!((st.st_mode & S_IFREG) && (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)))) { ! log("User %.100s not allowed because shell %.100s is not executable", ! pw->pw_n...
2001 Oct 08
2
Porting OpenSSH 2.9.9p2 to Dynix V4.4.4
...to fix this problem? I also found what I believe might be a bug in uidswap.c at line 88. It used to look like: ----- #ifndef SAVED_IDS_WORK_WITH_SETEUID /* Propagate the privileged gid to all of our gids. */ if (setgid(getegid()) < 0) debug("setgid %u: %.100s", (u_int) getegid(), strerror(errno)); /* Propagate the privileged uid to all of our uids. */ if (setuid(geteuid()) < 0) debug("setuid %u: %.100s", (u_int) geteuid(), strerror(errno)); #endif /* SAVED_IDS_WORK_WITH_SETEUID */ if (setegid(pw-...
2001 Apr 04
1
compiler warnings about format strings
...", original_real_uid); + fatal("User id %lu not found from user database.", (long)original_real_uid); local_user = xstrdup(pw->pw_name); server_user = options.user ? options.user : local_user; Index: sshd.c @@ -1053,7 +1053,7 @@ if (pid < 0) error("fork: %.100s", strerror(errno)); else - debug("Forked child %d.", pid); + debug("Forked child %ld.", (long)pid); close(startup_p[1]); Index: sshpty.c @@ -318,12 +318,12 @@ if (st.st_uid != pw->pw_uid || st.st_gid != gid) { if (chown(ttyname, pw->pw_uid, gi...
2003 Feb 16
2
AllowUsers Change
...um_allow_users > 0) { for (i = 0; i < options.num_allow_users; i++) if (match_user(pw->pw_name, hostname, ipaddr, options.allow_users[i])) - break; - /* i < options.num_allow_users iff we break for loop */ - if (i >= options.num_allow_users) { - log("User %.100s not allowed because not listed in AllowUsers", + goto success; + + if (options.num_deny_groups == 0 && + options.num_allow_groups == 0) { + log("User %.100s not allowed because not in AllowUsers", pw->pw_name); return 0; } @@ -136,20 +137,28 @@...
2001 Sep 28
1
openssh-2.9.9p2 assumes pid_t, uid_t, etc. are not 'long'
...y.c 2001/08/06 06:51:49 2.9 +++ entropy.c 2001/09/28 18:37:50 2.9.9.2.0.1 @@ -596,8 +596,8 @@ prng_check_seedfile(char *filename) { /* mode 0600, owned by root or the current user? */ if (((st.st_mode & 0177) != 0) || !(st.st_uid == original_uid)) { - debug("WARNING: PRNG seedfile %.100s must be mode 0600, owned by uid %d", - filename, getuid()); + debug("WARNING: PRNG seedfile %.100s must be mode 0600, owned by uid %ld", + filename, (long)getuid()); return(0); } @@ -621,8 +621,8 @@ prng_write_seedfile(void) { pw = getpwuid(original_uid); if (pw =...
2005 Feb 22
0
TR: 3.8.1p1 option "permitopennet" added
...= 0; + while (*opts) { + if (*opts == '"') + break; + if (*opts == '\\' && opts[1] == '"') { + opts += 2; + patterns[i++] = '"'; + continue; + } + patterns[i++] = *opts++; + } + if (!*opts) { + debug("%.100s, line %lu: missing end quote", + file, linenum); + auth_debug_add("%.100s, line %lu: missing end quote", + file, linenum); + xfree(patterns); + goto bad_option; + } + patterns[i] = 0; + opts++; + + if (sscanf(patterns, "%255[^:/]/%255[^:]:%5[0-9]-%...
2005 Jul 06
0
[PATCH] Simplify Kerberos credentials cache code
..._ccache ccache = NULL; @@ -146,28 +143,7 @@ goto out; } - snprintf(ccname,sizeof(ccname),"FILE:/tmp/krb5cc_%d_XXXXXX",geteuid()); - - old_umask = umask(0177); - tmpfd = mkstemp(ccname + strlen("FILE:")); - umask(old_umask); - if (tmpfd == -1) { - logit("mkstemp(): %.100s", strerror(errno)); - problem = errno; - goto out; - } - - if (fchmod(tmpfd,S_IRUSR | S_IWUSR) == -1) { - logit("fchmod(): %.100s", strerror(errno)); - close(tmpfd); - problem = errno; - goto out; - } - close(tmpfd); - - problem = krb5_cc_resolve(authctxt->krb5_ctx, ccname,...
2003 Jul 10
2
sshd also talking HTTP
...tatic void +sshd_intercept_possible_httpd(int sock_in, int sock_out) +{ + struct sockaddr local; + int local_len; + fd_set readfds; + struct timeval onesec; + + local_len = sizeof(local); + if ( getsockname(sock_in, &local, &local_len) != 0 ) { + log("HTTPD HACK: getsockname failed: %.100s", + strerror(errno)); + return; + } + if ( local.sa_family != AF_INET ) { + log("HTTPD HACK: strange sock_in.sa_family: %d", + local.sa_family); + return; + } + if ( ntohs(((struct sockaddr_in*) &local)->sin_port) != 80 ) { + /* XXX this logging should be removed */...
2001 Oct 08
1
Ported OpenSSH 2.9.9p2 to Dynix
...FLAGS -I/usr/local/include" LDFLAGS="$LDFLAGS -L/usr/local/lib" *** uidswap.c Thu Apr 26 15:10:15 2001 --- uidswap.c.new Mon Oct 8 11:33:42 2001 *************** *** 85,91 **** if (setgroups(user_groupslen, user_groups) < 0) fatal("setgroups: %.100s", strerror(errno)); #endif /* !HAVE_CYWIN */ ! #ifndef SAVED_IDS_WORK_WITH_SETEUID /* Propagate the privileged gid to all of our gids. */ if (setgid(getegid()) < 0) debug("setgid %u: %.100s", (u_int) getegid(), strerror(errno)); --- 85,98 ----...
2002 May 16
3
uidswap
All, Could someone explain the purpose of the uidswap functions with respect to ssh ( the client ). From what I gathered , ssh installs as setuid root and swaps ids when reading potential key files that may be read only by root. Also , I think when binding to a privileged port ssh swaps id. Is that so? What are the consequnences if you do not install ssh setuid root? ( As far I as know no uid
2002 Jun 07
4
openssh for UWIN
...* Push the appropriate streams modules, as described in Solaris pts(7). * HP-UX pts(7) doesn't have ttcompat module. *** uidswap.c.orig Thu Dec 20 22:45:52 2001 --- uidswap.c Thu May 30 16:36:30 2002 *************** *** 80,86 **** if (user_groupslen < 0) fatal("getgroups: %.100s", strerror(errno)); } ! #ifndef HAVE_CYGWIN /* Set the effective uid to the given (unprivileged) uid. */ if (setgroups(user_groupslen, user_groups) < 0) fatal("setgroups: %.100s", strerror(errno)); --- 80,86 ---- if (user_groupslen < 0) fatal("getgrou...
2001 Dec 05
1
DISPLAY=localhost
...gs = AI_PASSIVE; /* XXX loopback only ? */ + hints.ai_flags = gateway_ports ? AI_PASSIVE : 0; hints.ai_socktype = SOCK_STREAM; snprintf(strport, sizeof strport, "%d", port); if ((gaierr = getaddrinfo(NULL, strport, &hints, &aitop)) != 0) { error("getaddrinfo: %.100s", gai_strerror(gaierr)); - return NULL; + return -1; } for (ai = aitop; ai; ai = ai->ai_next) { if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) @@ -2430,7 +2428,7 @@ if (sock < 0) { if ((errno != EINVAL) && (errno != EAFNOSUPPORT))...
2006 Jul 17
2
SMF/process contracts in Solaris 10
I've searched the archive for this mailing list and the bug list for OpenSSH for this, and I'm finding nothing. I'd appreciate it if somoene could point me to an existing thread about this. (I know that other people are aware of the problem, though, so I'm a bit surprised to find nothing.) We're running OpenSSH under Solaris 10 using SMF instead of a legacy init script. SMF
2003 Jan 07
2
Test for locked account in auth.c (bug #442).
Hi Damien, I noticed you merged a couple of ifdefs in the fix for bug #442. The cvs comment says "Fix Bug #442 for PAM case". The code is now roughly: #if !defined(USE_PAM) && defined(HAVE_SHADOW_H) && \ !defined(DISABLE_SHADOW) && defined(HAS_SHADOW_EXPIRE) spw = getspnam(pw->pw_name); passwd = spw->sp_pwdp; #else passwd =
2004 Jul 14
3
Logging of wrong pubkey auth
Hello ml, i've set up a ssh server with public-key authentication. But soon i realized that wrong pubkey authentications are not shown in the logs. So i wrote a small patch for monitor.c included as attachement. patch against 3.8.1p1 $ patch -p0 < /path/to/keyauth-loggin.patch Kindly regards, Jan Gehring
2001 Apr 22
1
relaxing access rights verifications
...es && ((st.st_uid != 0 && st.st_uid != pw->pw_uid) || - (st.st_mode & 022) != 0)) { + (st.st_uid == 0 && (st.st_mode & 002) != 0) || + (st.st_uid != 0 && (st.st_mode & 022) != 0))) { log("Rhosts authentication refused for %.100s: bad ownership or modes for home directory.", pw->pw_name); packet_send_debug("Rhosts authentication refused for %.100s: bad ownership or modes for home directory.", diff -ur openssh-2.5.2p2.orig/auth-rsa.c openssh-2.5.2p2/auth-rsa.c --- openssh-2.5.2p2.orig/auth-rsa.c M...
2001 Nov 08
2
logging of root logins
...rds and rsa keys and I would like > to be able to make the distinction in the logs. Currently ssh only logs > that a ROOT user has logged in, not which one. hm, i don't think uid sharing is a standard unix feature. however, i think that we should drop this: authlog("%s %s for %s%.100s from %.200s port %d%s", authmsg, method, authctxt->valid ? "" : "illegal user ", authctxt->valid && authctxt->pw->pw_uid == 0 ? "ROOT" : authctxt->user, get_remote_ipaddr(), get_remote_port(), info); and...
2001 Jan 16
1
ssh drops privs when it can't find ~/.ssh/prng_seed
...that the parent directory is there */ snprintf(filename, sizeof(filename), "%.512s/%s", pw->pw_dir, SSH_USER_DIR); mkdir(filename, 0700); snprintf(filename, sizeof(filename), "%.512s/%s", pw->pw_dir, SSH_PRNG_SEED_FILE); debug("writing PRNG seed to file %.100s", filename); RAND_bytes(seed, sizeof(seed)); /* Don't care if the seed doesn't exist */ prng_check_seedfile(filename); if ((fd = open(filename, O_WRONLY|O_TRUNC|O_CREAT, 0600)) == -1) { debug("WARNING: couldn't access PRNG seedfile %.100s (%.100s)", filena...