search for: buffer_put_char

On Sun, Feb 11, 2018 at 11:27 PM, Darren Tucker <dtucker at dtucker.net> wrote: > Sigh. If you could provide the server's identity string (eg from "ssh > -v yourthing") we could add a bug bit to stop it from being sent. $ ssh -v nathan at 10.0.0.1 OpenSSH_7.4p1, LibreSSL 2.5.0 [snip] debug1: Local version string SSH-2.0-OpenSSH_7.4 debug1: Remote protocol version

...: - blob = buffer_get_string(&auth->identities, &blen); + blob = buffer_get_binary(&auth->identities, &blen); *comment = buffer_get_string(&auth->identities, NULL); key = key_from_blob(blob, blen); xfree(blob); @@ -430,8 +430,8 @@ buffer_init(&msg); buffer_put_char(&msg, SSH2_AGENTC_SIGN_REQUEST); - buffer_put_string(&msg, blob, blen); - buffer_put_string(&msg, data, datalen); + buffer_put_binary(&msg, blob, blen); + buffer_put_binary(&msg, data, datalen); buffer_put_int(&msg, flags); xfree(blob); @@ -446,7 +446,7 @@ fatal(&qu...

...if (!(c->flags & SSH_SOCKS5_AUTHDONE)) { /* format: ver | nmethods | methods */ if (have < 2) @@ -1170,10 +1193,11 @@ channel_decode_socks5(Channel *c, fd_set *readset, fd_set *writeset) c->self); return -1; } - buffer_consume(&c->input, nmethods + 2); - buffer_put_char(&c->output, 0x05); /* version */ - buffer_put_char(&c->output, SSH_SOCKS5_NOAUTH); /* method */ - FD_SET(c->sock, writeset); + buffer_consume(input, nmethods + 2); + buffer_put_char(output, 0x05); /* version */ + buffer_put_char(output, SSH_SOCKS5_NOAUTH); /* method */ + if...

Folks, I've noticed poor performance using sftp. If anyone has any advice on how to improve performance, I'd like to hear it. Test simply involved transferring a single 143MB MP3 file using defaults for all the program configs. The opensshd 3.0.2p1 server is used in all tests. Software: openssh suite 3.0.2p1 psftp (putty sftp client) latest dev snapshot pscp (putty scp client) latest

...= 0, i = 2 ; i < nmethods + 2; i++) { + if (p[i] == SSH_SOCKS5_NOAUTH ) { + found = 1; + break; + } + } + if (!found) { + debug("channel %d: method SSH_SOCKS5_NOAUTH not found", + c->self); + return -1; + } + buffer_consume(&c->input, nmethods + 2); + buffer_put_char(&c->output, 0x05); /* version */ + buffer_put_char(&c->output, SSH_SOCKS5_NOAUTH); /* method */ + FD_SET(c->sock, writeset); + c->flags |= SSH_SOCKS5_AUTHDONE; + debug2("channel %d: socks5 auth done", c->self); + return 0; /* need more */ + } + debug2(&quot...

...+remove_request(struct request *rq, int *num, int i) +{ + memmove(rq + i, rq + i + 1, (*num - i - 1) * sizeof(struct request)); + --*num; +} + +static void +send_request(int fd, const char *handle, u_int handle_len, int type, + const struct request *rq, Buffer *m) +{ + buffer_clear(m); + buffer_put_char(m, SSH2_FXP_READ); + buffer_put_int(m, rq->id); + buffer_put_string(m, handle, handle_len); + buffer_put_int64(m, rq->offset); + buffer_put_int(m, rq->len); + send_msg(fd, m); + debug3("Sent message SSH2_FXP_READ I:%d O:%llu S:%u", + rq->id, rq->offset,...

..._sign_request2(SocketEntry *e) Identity *id = lookup_identity(key, 2); if (id != NULL && (!id->confirm || confirm_key(id) == 0)) ok = key_sign(id->key, &signature, &slen, data, dlen); + key_free(key); } - key_free(key); buffer_init(&msg); if (ok == 0) { buffer_put_char(&msg, SSH2_AGENT_SIGN_RESPONSE);

...+463,35 @@ buffer_free(&msg); } +static void +send_statvfs(u_int32_t id, struct statvfs *st) +{ + Buffer msg; + int flag = 0; + + if (st->f_flag & ST_RDONLY) + flag |= SSH2_FX_ST_RDONLY; + if (st->f_flag & ST_NOSUID) + flag |= SSH2_FX_ST_NOSUID; + + buffer_init(&msg); + buffer_put_char(&msg, SSH2_FXP_EXTENDED_REPLY); + buffer_put_int(&msg, id); + buffer_put_int(&msg, st->f_bsize); + buffer_put_int(&msg, st->f_frsize); + buffer_put_int64(&msg, st->f_blocks); + buffer_put_int64(&msg, st->f_bfree); + buffer_put_int64(&msg, st->f_bavail); +...

...t;sys/param.h> +#include <sys/mount.h> #include <dirent.h> #include <errno.h> @@ -462,6 +463,24 @@ send_attrib(u_int32_t id, const Attrib * buffer_free(&msg); } +static void +send_statfs(u_int32_t id, struct statfs *st) +{ + Buffer msg; + + buffer_init(&msg); + buffer_put_char(&msg, SSH2_FXP_EXTENDED_REPLY); + buffer_put_int(&msg, id); + buffer_put_int(&msg, st->f_bsize); + buffer_put_int64(&msg, st->f_blocks); + buffer_put_int64(&msg, st->f_bfree); + buffer_put_int64(&msg, st->f_bavail); + buffer_put_int64(&msg, st->f_files); +...

...Reporter: loganaden at gmail.com Created attachment 2377 --> https://bugzilla.mindrot.org/attachment.cgi?id=2377&action=edit use_after_free fix blob() might be freed on subsequent loop iterations. if ((nkeys = pkcs11_add_provider(name, pin, &keys)) > 0) { buffer_put_char(&msg, SSH2_AGENT_IDENTITIES_ANSWER); buffer_put_int(&msg, nkeys); for (i = 0; i < nkeys; i++) { key_to_blob(keys[i], &blob, &blen) buffer_put_string(&msg, blob, blen); buff...

...return 0; + } + /* data to be signed */ + buffer_init(&b); + if (datafellows & SSH_OLD_SESSIONID) { + buffer_append(&b, session_id2, session_id2_len); + skip = session_id2_len; + } else { + buffer_put_string(&b, session_id2, session_id2_len); + skip = buffer_len(&b); + } + buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); + buffer_put_cstring(&b, authctxt->server_user); + buffer_put_cstring(&b, + datafellows & SSH_BUG_PKSERVICE ? + "ssh-userauth" : + authctxt->service); + if (datafellows & SSH_BUG_PKAUTH) { + buffer_put_char(&b, hav...

...TRACE("symlink id %u old %s new %s", id, oldpath, newpath); 876: /* this will fail if 'newpath' exists */ 877: ret = symlink(oldpath, newpath); The same bug is obviously even in OpenSSH SFTP client: The latest (CVS) sftp-client.c: 647: id = conn->msg_id++; 648: buffer_put_char(&msg, SSH2_FXP_SYMLINK); 649: buffer_put_int(&msg, id); 650: buffer_put_cstring(&msg, oldpath); 651: buffer_put_cstring(&msg, newpath); Have a nice day. Martin Prikryl http://www.prikryl.cz/ http://winscp.sourceforge.net/ ------- You are receiving this mail because: --...

...t;sys/param.h> +#include <sys/mount.h> #include <dirent.h> #include <errno.h> @@ -462,6 +463,24 @@ send_attrib(u_int32_t id, const Attrib * buffer_free(&msg); } +static void +send_statfs(u_int32_t id, struct statfs *st) +{ + Buffer msg; + + buffer_init(&msg); + buffer_put_char(&msg, SSH2_FXP_EXTENDED_REPLY); + buffer_put_int(&msg, id); + buffer_put_int(&msg, st->f_bsize); + buffer_put_int64(&msg, st->f_blocks); + buffer_put_int64(&msg, st->f_bfree); + buffer_put_int64(&msg, st->f_bavail); + buffer_put_int64(&msg, st->f_files); +...

I'm not on the mailing list, so I'd appreciate it if you could cc: me, though I will keep an eye on the archives. I am running openssh 2.2.0p1 on Debian GNU/Linux. I was pleased to see that 2.2.0p1 had support for DSA keys in the agent, and I have successfully used the v2 protocol to another openssh server with the agent providing authentication. I am also able to successfully connect

...n, char *oldpath, char *newpath) +{ + Buffer msg; + u_int status, id; + + buffer_init(&msg); + + /* Send link request */ + id = conn->msg_id++; + if ((conn->exts & SFTP_EXT_LINK) == 0) { + error("Server does not support link at openssh.com extension"); + return -1; + } + + buffer_put_char(&msg, SSH2_FXP_EXTENDED); + buffer_put_int(&msg, id); + buffer_put_cstring(&msg, "link at openssh.com"); + buffer_put_cstring(&msg, oldpath); + buffer_put_cstring(&msg, newpath); + send_msg(conn->fd_out, &msg); + debug3("Sent message link at openssh.com \&q...

...amp; SSH2_FXF_EXCL) + *psflags = 'e'; +} + Attrib * get_attrib(void) { @@ -370,6 +398,7 @@ version = buffer_get_int(&iqueue); TRACE("client version %d", version); + log("(%d/%d/%s) Client version %d", ppid, cuid, CUNAME, version); buffer_init(&msg); buffer_put_char(&msg, SSH2_FXP_VERSION); buffer_put_int(&msg, SSH2_FILEXFER_VERSION); @@ -382,7 +411,7 @@ { u_int32_t id, pflags; Attrib *a; - char *name; + char *name, sflags[7] = "------"; int handle, fd, flags, mode, status = SSH2_FX_FAILURE; id = get_int(); @@ -390,8 +419,10 @@...

Yo All! I have been playing with SSH 2.2.0 from www.ssh.com. I can not connect to openssh 2.2.1p1 using Ver 2 protocol from ssh Ver 2.2.0. Ver 1 works fine. See below for the debug output from both ends If I force hmac-md5 (-m hmac-md5) from the sender it works! The other 3 choices fail: hmac-sha1; hmac-md5-96; and none. I have no problem connecting to this openssh host (hobbes) from

...t +#ifdef REGET +do_upload(struct sftp_conn *conn, char *local_path, char *remote_path, + int pflag, int rflag) +#else do_upload(struct sftp_conn *conn, char *local_path, char *remote_path, int pflag) +#endif { int local_fd, status; u_int handle_len, id, type; @@ -1023,6 +1049,13 @@ buffer_put_char(&msg, SSH2_FXP_OPEN); buffer_put_int(&msg, id); buffer_put_cstring(&msg, remote_path); + +#ifdef REGET + if(rflag) + buffer_put_int(&msg, SSH2_FXF_WRITE); + else +#endif + buffer_put_int(&msg, SSH2_FXF_WRITE|SSH2_FXF_CREAT|SSH2_FXF_TRUNC); encode_attrib(&msg, &a...

...er b; + EVP_MD_CTX md; + static u_char digest[EVP_MAX_MD_SIZE]; + + buffer_init(&b); + buffer_put_cstring(&b, client_version_string); + buffer_put_cstring(&b, server_version_string); + + /* kexinit messages: fake header: len+SSH2_MSG_KEXINIT */ + buffer_put_int(&b, ckexinitlen+1); + buffer_put_char(&b, SSH2_MSG_KEXINIT); + buffer_append(&b, ckexinit, ckexinitlen); + buffer_put_int(&b, skexinitlen+1); + buffer_put_char(&b, SSH2_MSG_KEXINIT); + buffer_append(&b, skexinit, skexinitlen); + + buffer_put_string(&b, serverhostkeyblob, sbloblen); + buffer_put_string(&b, cl...

This patch adds all the missing commonly used UNIX attributes: st_dev, st_ino, st_nlink, st_rdev, st_blocks, st_blksize, st_ctime. In addition it extends st_atime and st_mtime to 64bits, and adds nanosecond resolution to all three timestamps. This is implemented as an extension to the ATTR message. This patch alone is sufficient for SSHFS to be able to use these attributes. The following two