search for: clear_forward

....9.9p2.orig/readconf.c openssh-2.9.9p2.httpsproxy/readconf.c --- openssh-2.9.9p2.orig/readconf.c Thu Oct 18 11:53:43 2001 +++ openssh-2.9.9p2.httpsproxy/readconf.c Thu Oct 18 11:55:48 2001 @@ -789,6 +789,7 @@ options->num_local_forwards = 0; options->num_remote_forwards = 0; options->clear_forwardings = -1; + options->https_proxy = NULL; options->log_level = (LogLevel) - 1; options->preferred_authentications = NULL; options->bind_address = NULL; diff --unified --recursive openssh-2.9.9p2.orig/readconf.h openssh-2.9.9p2.httpsproxy/readconf.h --- openssh-2.9.9p2.orig/readconf...

I'd like a feature whereby ssh puts itself in the background after the first successful X11 (or other port) forwarding. The reason for this is simple: error handling. If the application fails to open the X display and exits, then the client can still exit with the application's exit code. But if the application opens the X display successfully, then it can just display any errors by

...ptions * options) options->bind_address = NULL; options->smartcard_device = NULL; options->no_host_authentication_for_localhost = - 1; +#ifdef HASH_KNOWN_HOSTS + options->hash_known_hosts = -1; +#endif } /* @@ -907,6 +922,10 @@ fill_default_options(Options * options) clear_forwardings(options); if (options->no_host_authentication_for_localhost == - 1) options->no_host_authentication_for_localhost = 0; +#ifdef HASH_KNOWN_HOSTS + if (options->hash_known_hosts == -1) + options->hash_known_hosts = 0; +#endif /* options->proxy_command s...

...can set the timeout to say 3 seconds (-z switch). -- Larry Cashdollar -------------- next part -------------- --- readconf.h Sun Jun 9 16:04:03 2002 +++ ../openssh-3.5p1.modlwc/readconf.h Wed Oct 30 08:50:52 2002 @@ -100,6 +100,7 @@ Forward remote_forwards[SSH_MAX_FORWARDS_PER_DIRECTION]; int clear_forwardings; int no_host_authentication_for_localhost; + int time_out; } Options; --- readconf.c Tue Jul 9 10:06:40 2002 +++ ../openssh-3.5p1.modlwc/readconf.c Wed Oct 30 09:32:51 2002 @@ -793,6 +793,7 @@ options->bind_address = NULL; options->smartcard_device = NULL; options-&gt...

...t: Portable OpenSSH Version: 4.0p1 Platform: All OS/Version: FreeBSD Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: openssh-bugs at mindrot.org ReportedBy: mindrot at ee.lbl.gov The routine clear_forwardings() can call xfree() with a nil pointer if you have a .ssh/config similar to this: Host mindrot.org LocalForward 12345 localhost:54321 This seems to happen with ssh when scp invokes it to connect to the remote host, for example: % scp mindrot.org:.cshrc /dev/null xfree: NUL...

For systems where the local hostname is obtained as a short name without domain, there should be a ssh_config option "DefaultDomain" as in ssh-3.x from ssh.com. For the server, there might be a corresponding option in order to strip the domain name from the remote client name (if it matches the server's DefaultDomain) for use in auth_rhost2, since netgroups usually contain short

...efault: fatal("process_config_line: Unimplemented opcode %d", opcode); } @@ -799,6 +805,7 @@ options->bind_address = NULL; options->smartcard_device = NULL; options->no_host_authentication_for_localhost = - 1; + options->nodelay = -1; } /* @@ -919,6 +926,8 @@ clear_forwardings(options); if (options->no_host_authentication_for_localhost == - 1) options->no_host_authentication_for_localhost = 0; + if (options->nodelay == -1) + options->nodelay = 0; /* options->proxy_command should not be set by default */ /* options->user will be set in the...

https://bugzilla.mindrot.org/show_bug.cgi?id=2577 Bug ID: 2577 Summary: Port Forwarding on Proxy with ProxyCommand ssh -W does not work / bad file descriptor Product: Portable OpenSSH Version: 7.2p1 Hardware: amd64 OS: Linux Status: NEW Severity: major Priority: P5

...1; + options->sleep = -1; } /* diff -ur openssh-3.0.2p1/readconf.h openssh-3.0.2p1S/readconf.h --- openssh-3.0.2p1/readconf.h Wed Oct 3 11:39:39 2001 +++ openssh-3.0.2p1S/readconf.h Sat Jan 19 14:49:50 2002 @@ -102,6 +102,7 @@ Forward remote_forwards[SSH_MAX_FORWARDS_PER_DIRECTION]; int clear_forwardings; int no_host_authentication_for_localhost; + int sleep; /* Exit delay in seconds */ } Options; diff -ur openssh-3.0.2p1/ssh.c openssh-3.0.2p1S/ssh.c --- openssh-3.0.2p1/ssh.c Sun Nov 11 16:52:04 2001 +++ openssh-3.0.2p1S/ssh.c Sat Jan 19 14:49:51 2002 @@ -187,6 +187,7 @...

...char**)&options->bind_addresses; + uintptr = &options->num_bind_address; + max_entries =SSH_MAX_BIND_ADDRESSES; + goto parse_char_array; case oPKCS11Provider: charptr = &options->pkcs11_provider; @@ -1176,7 +1178,7 @@ initialize_options(Options * options) options->clear_forwardings = -1; options->log_level = SYSLOG_LEVEL_NOT_SET; options->preferred_authentications = NULL; - options->bind_address = NULL; + options->num_bind_address = 0; options->pkcs11_provider = NULL; options->enable_ssh_keysign = - 1; options->no_host_authentication_for_loc...

...} /* diff -u openssh-2.9.9p2/readconf.h openssh-2.9.9p2J/readconf.h --- openssh-2.9.9p2/readconf.h Wed Sep 19 18:57:56 2001 +++ openssh-2.9.9p2J/readconf.h Thu Sep 27 22:01:07 2001 @@ -101,6 +101,7 @@ int num_remote_forwards; Forward remote_forwards[SSH_MAX_FORWARDS_PER_DIRECTION]; int clear_forwardings; + int sleep; /* Exit delay in seconds */ } Options; diff -u openssh-2.9.9p2/session.c openssh-2.9.9p2J/session.c --- openssh-2.9.9p2/session.c Sun Sep 16 16:17:15 2001 +++ openssh-2.9.9p2J/session.c Thu Sep 27 22:01:07 2001 @@ -1906,6 +1906,9 @@ */ if (c->ostate...

I'm reading this fine article on O'Reilly: http://linux.oreillynet.com/lpt/a//linux/2001/11/08/ssh_keystroke.html <quote> The paper concludes that the keystroke timing data observable from today's SSH implementations reveals a dangerously significant amount of information about user terminal sessions--enough to locate typed passwords in the session data stream and reduce the

...ost = - 1; + options->sleep = -1; } /* diff -ur openssh-3.0p1/readconf.h openssh-3.0p1J/readconf.h --- openssh-3.0p1/readconf.h Wed Oct 3 11:39:39 2001 +++ openssh-3.0p1J/readconf.h Tue Nov 13 16:10:26 2001 @@ -102,6 +102,7 @@ Forward remote_forwards[SSH_MAX_FORWARDS_PER_DIRECTION]; int clear_forwardings; int no_host_authentication_for_localhost; + int sleep; /* Exit delay in seconds */ } Options; diff -ur openssh-3.0p1/session.c openssh-3.0p1J/session.c --- openssh-3.0p1/session.c Sun Oct 28 04:34:53 2001 +++ openssh-3.0p1J/session.c Tue Nov 13 15:55:52 2001 @@ -1919,6...

...rted, oLocalEnvMod } OpCodes; /* Textual representations of the tokens. */ @@ -245,6 +245,7 @@ static struct { #endif { "kexalgorithms", oKexAlgorithms }, { "ipqos", oIPQoS }, + { "localenvmod", oLocalEnvMod }, { NULL, oBadOption } }; @@ -325,6 +326,45 @@ clear_forwardings(Options *options) } /* + * Adds a command to modify the local environment. Never returns if there is an + * error. + */ + +void +add_local_env_mod(Options *options, const EnvMod *newmod) +{ + EnvMod *mod; + + options->local_env_mods = xrealloc(options->local_env_mods, + options-&g...

...", oIdentityFile }, /* obsolete */ { "identitiesonly", oIdentitiesOnly }, + { "certificatefile", oCertificateFile }, { "hostname", oHostName }, { "hostkeyalias", oHostKeyAlias }, { "proxycommand", oProxyCommand }, @@ -366,6 +368,37 @@ clear_forwardings(Options *options) } void +add_certificate_file(Options *options, const char *dir, const char *filename, + int userprovided) +{ + char *path; + int i; + + if (options->num_certificate_files >= SSH_MAX_CERTIFICATE_FILES) + fatal("Too many certificate files specified (max %d)&qu...

These patches implement a new mux client request to list the currently opened TCP forwardings. It also removes some todos regarding keeping the list of forwardings in the options up-to-date. Bert Wesarg (6): attach the forwarding type to struct Forward merge local and remote forward lists generate unique ids for forwardings to be used for identification remove closed forwardings from

...*************************************************************** */ /* RCSID("$OpenBSD: readconf.h,v 1.39 2001/09/19 19:24:18 stevesk Exp $"); */ @@ -101,6 +127,14 @@ int num_remote_forwards; Forward remote_forwards[SSH_MAX_FORWARDS_PER_DIRECTION]; int clear_forwardings; + + /* + * SD Mod: Added option to use steno timing manipulation. + * By default, timing analysis evasion is used. The -S flag + * must be used to turn off this feature. + */ + int use_steno_timing_manipulation; + } Options; --- servcon...

Hello, In response to the timing analysis attacks presented by Dawn Song et. al. in her paper http://paris.cs.berkeley.edu/~dawnsong/ssh-timing.html we at Silicon Defense developed a patch for openssh to avoid such measures. Timing Analysis Evasion changes were developed by C. Jason Coit and Roel Jonkman of Silicon Defense. These changes cause SSH to send packets unless request not to,