search for: auth_display

.../var/cvs/openssh/session.c,v retrieving revision 1.156 diff -u -r1.156 session.c --- session.c 2001/11/13 12:46:19 1.156 +++ session.c 2001/12/05 20:52:38 @@ -108,8 +108,10 @@ int row, col, xpixel, ypixel; char tty[TTYSZ]; /* X11 */ + int display_number; char *display; int screen; + char *auth_display[2]; char *auth_proto; char *auth_data; int single_connection; @@ -1415,32 +1417,28 @@ _PATH_SSH_SYSTEM_RC); } else if (do_xauth && options.xauth_location != NULL) { /* Add authority data to .Xauthority if appropriate. */ - char *screen = strchr(s->display, ':&...

Hi! Here is the patch to support tcp wrappers with x11-forwarded connections. The patch is for openssh-3.0.1p1 but it works fine with 2.9.9p2 too. I've understood that this will not be included in the official version because it adds complexity (?!) to openssh. Binding the forwarded port to localhost doesn't solve all problems. I've understood that you should also implement

...mp;envsize, "TMPDIR", cray_tmpdir); +#endif /* _CRAY */ #ifdef _AIX if ((cp = getenv("AUTHSTATE")) != NULL) @@ -1392,11 +1419,13 @@ "%.100s %.100s %.100s\n", options.xauth_location, s->auth_display[0], s->auth_proto, s->auth_data); +#ifndef _CRAY if (s->auth_display[1]) fprintf(stderr, "add %.100s %.100s %.100s\n",...

...(lname, MAXHOSTNAMELEN)) { + return (-1); + } if (gethostname(lname, MAXHOSTNAMELEN)) return (-1); diff -u -r src.old/session.c src/session.c --- src.old/session.c Thu Oct 30 15:02:46 2003 +++ src/session.c Thu Oct 30 15:02:44 2003 @@ -2060,6 +2060,7 @@ struct stat st; char display[512], auth_display[512]; char hostname[MAXHOSTNAMELEN]; + char *pname; if (no_x11_forwarding_flag) { packet_send_debug("X11 forwarding disabled in user configuration file."); @@ -2091,8 +2092,13 @@ } /* Set up a suitable value for the DISPLAY variable. */ - if (gethostname(hostname, sizeof(host...

...11fwd(s); if (!success) { xfree(s->auth_proto); xfree(s->auth_data); s->auth_proto = NULL; s->auth_data = NULL; } else { verbose("jblaine testing : w00t? : %s", s->auth_display); }

...0; + if (strcmp(hostname, "") == 0) + printf("Last login: %s\r\n", time_string); + else + printf("Last login: %s from %s\r\n", time_string, hostname); + } + xfree(hostname); } do_motd(); @@ -1849,7 +1851,7 @@ { struct stat st; char display[512], auth_display[512]; - char hostname[MAXHOSTNAMELEN]; + char *hostname; if (no_x11_forwarding_flag) { packet_send_debug("X11 forwarding disabled in user configuration file."); @@ -1881,7 +1883,7 @@ } /* Set up a suitable value for the DISPLAY variable. */ - if (gethostname(hostname, sizeof(...

Hi all, After the memory leaks (bug 1967 <https://bugzilla.mindrot.org/show_bug.cgi?id=1967>) I reported in bugzilla are fixed, I also applied melton(http://lcs.ios.ac.cn/~xuzb/melton.html) to detect the potential bugs in sshd (openssh-5.9p1). The url below is the index of bug reports that are checked as real bugs manually.

...o_agent_forwarding_flag) { - debug("session_auth_agent_req: no_agent_forwarding_flag"); + if (auth_restricted(RESTRICT_AGENT, s->pw)) { + debug("session_auth_agent_req: agent forwarding disabled"); return 0; } if (called) { @@ -2019,12 +2022,8 @@ char display[512], auth_display[512]; char hostname[MAXHOSTNAMELEN]; - if (no_x11_forwarding_flag) { - packet_send_debug("X11 forwarding disabled in user configuration file."); - return 0; - } - if (!options.x11_forwarding) { - debug("X11 forwarding disabled in server configuration file."); + if (auth_r...

Hi, sorry if it is the wrong approuch to suggest improvments to OpenSSH, but here comes my suggestion: I recently stumbled upon the scponly shell which in it's chroot:ed form is an ideal solution when you want to share some files with people you trust more or less. The problem is, if you use the scponlyc as shell, port forwarding is still allowed. This can of course be dissallowed in