search for: client_version_string

In sshconnect.c there are two global variables for server_version_string client_version_string. These are used just in a few functions and can easily be passed as parameters. Also, there is a strange construct, where their memory is allocated to the global pointers, then copies of these pointers are assigned to the kex structure. The kex_free finally frees them via cleanup of the kex...

...200 @@ -515,12 +515,13 @@ ssh_connect(const char *host, struct add } static void -send_client_banner(int connection_out, int minor1) +send_client_banner(int connection_out, int minor1, const char *host) { /* Send our own protocol version identification. */ if (compat20) { - xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n", - PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION); + xasprintf(&client_version_string, + "SSH-%d.%d-%.100s {\"SNI\": \"%.133s\"}\r\n", + PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION, host); } else { xaspri...

...include "key.h" +#include "cipher.h" +#include "kex.h" +#include "log.h" + +#include <nacl/crypto_scalarmult_curve25519.h> +#define CURVE25519_PUBKEY_SIZE crypto_scalarmult_curve25519_BYTES + +void +kex_c25519_hash( + const EVP_MD *evp_md, + char *client_version_string, + char *server_version_string, + char *ckexinit, int ckexinitlen, + char *skexinit, int skexinitlen, + u_char *serverhostkeyblob, int sbloblen, + const unsigned char client_dh_pub[CURVE25519_PUBKEY_SIZE], + const unsigned char server_dh_pub[CURVE25519_PUBKEY_SIZE], + const BIG...

...============= RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/sshconnect.c,v retrieving revision 1.130 diff -u -p -r1.130 sshconnect.c --- sshconnect.c 26 May 2005 02:23:44 -0000 1.130 +++ sshconnect.c 9 Jun 2005 07:55:14 -0000 @@ -514,6 +514,11 @@ ssh_exchange_identification(void) chop(client_version_string); chop(server_version_string); debug("Local version string %.100s", client_version_string); + + if (datafellows & SSH_BUG_BIGV1PACKET) { + debug("Found big SSHv1 packet bug, limiting packet size"); + packet_set_maxsize(4 * 1024); + } } /* defaults to 'no' *...

...ng another debug message, see bellow, or there could be set_remote_ipaddr() in canonhost.c for that. --- a/sshconnect.c +++ b/sshconnect.c @@ -62,6 +62,7 @@ #include "monitor_fdpass.h" #include "ssh2.h" #include "version.h" +#include "canohost.h" char *client_version_string = NULL; char *server_version_string = NULL; @@ -171,6 +172,8 @@ ssh_proxy_fdpass_connect(const char *host, u_short port, /* Set the connection file descriptors. */ packet_set_connection(sock, sock); + debug("Connected to %.200s [%.100s] port %d.", + host...

If I am trying to build OpenSSH 6.6 with Kerberos GSSAPI support, do I still need to get Simon Wilkinson's patches? --- Scott Neugroschl | XYPRO Technology Corporation 4100 Guardian Street | Suite 100 |Simi Valley, CA 93063 | Phone 805 583-2874|Fax 805 583-0124 |

...case 'h': options.host_key_file = optarg; break; + case 'H': + options.host_dsa_key_file = optarg; + break; case 'V': client_version_string = optarg; /* only makes sense with inetd_flag, i.e. no listen() */ @@ -578,8 +581,9 @@ fprintf(stderr, " -k seconds Regenerate server key every this many seconds (default: 3600)\n"); fprintf(stderr, " -g second...

...2:34 2011 --- openssh-6.0p1-patched/sshconnect2.c Wed Aug 29 14:59:19 2012 *************** *** 77,82 **** --- 77,88 ---- #include "ssh-gss.h" #endif + #include <openssl/sha.h> + #ifdef OPENSSL_FIPS + #include <openssl/fips.h> + #endif + + /* import */ extern char *client_version_string; extern char *server_version_string; *************** *** 591,597 **** key->type, pktype); goto done; } ! fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX); debug2("input_userauth_pk_ok: fp %s", fp); xfree(fp); --- 604,611 ---- key->type, pktype);...

...for (i = 0; i < ac; i++) { if (i) buffer_append(&command, " ", 1); --- sshconnect2.c_orig Mon Apr 22 16:18:50 2002 +++ sshconnect2.c Mon Apr 22 16:18:58 2002 @@ -57,6 +57,7 @@ /* import */ extern char *client_version_string; extern char *server_version_string; +extern int supress_banner; extern Options options; /* @@ -320,7 +321,10 @@ debug3("input_userauth_banner"); msg = packet_get_string(NULL); lang = packet_get_string(NULL); - fprintf(stderr, "%s", msg); +...

...TOCOL_MAJOR_1, compat20 ? PROTOCOL_MINOR_2 : minor1, SSH_VERSION); +#ifdef CHARSET_EBCDIC + __etoa(buf); +#endif if (atomicio(vwrite, connection_out, buf, strlen(buf)) != strlen(buf)) fatal("write: %.100s", strerror(errno)); +#ifdef CHARSET_EBCDIC + __atoe(buf); +#endif client_version_string = xstrdup(buf); chop(client_version_string); chop(server_version_string); @@ -955,6 +964,11 @@ char *server_user, *local_user; local_user = xstrdup(pw->pw_name); +#if #system(bs2000) + /* Convert the UPPERCASE USER into all lowercase to ease connectivity with unix. */ + /* IMO that is...

...d be worse if we reused DH values, > but we don't. (-donna also has the disadvantage of being slower, but were > quibbling over single-digit milliseconds here so IMO it doesn't matter at > all.) > > +void > +kex_c25519_hash( > + const EVP_MD *evp_md, > + char *client_version_string, > + char *server_version_string, > + char *ckexinit, int ckexinitlen, > + char *skexinit, int skexinitlen, > + u_char *serverhostkeyblob, int sbloblen, > + const unsigned char client_dh_pub[CURVE25519_PUBKEY_SIZE], > + const unsigned char server_dh_pub[CURVE2551...

Hello, I am testing ssh with occasional network disconnection between server and client during these days. I found ssh sometimes hangs if the disconnection happens after the connection is established but before ssh_exchange_identification completes. The ssh configuration files show that both client and server alive options are set. In /etc/ssh/ssh_config: # Send keepalive messages to the server.

https://bugzilla.mindrot.org/show_bug.cgi?id=2162 Bug ID: 2162 Summary: Log needs to contain the port on which connection is made Product: Portable OpenSSH Version: 6.2p1 Hardware: All OS: FreeBSD Status: NEW Severity: normal Priority: P5 Component: sshd

...s.connection_attempts, options.connection_timeout, original_effective_uid != 0 || !options.use_privileged_port, pw, options.proxy_command); --- openssh-3.0.1p1/sshconnect.c.ORIG Sat Nov 17 22:49:09 2001 +++ openssh-3.0.1p1/sshconnect.c Sat Nov 17 23:02:27 2001 @@ -35,6 +35,8 @@ char *client_version_string = NULL; char *server_version_string = NULL; +static jmp_buf jmpenv; + extern Options options; extern char *__progname; @@ -221,6 +223,43 @@ return sock; } +/* for alarm() */ +static void +timeout_sigh(int dummy) +{ + errno = ETIMEDOUT; + longjmp(jmpenv, !0); +} + +int +timeout_connect(i...

...@ #include <netinet/in.h> +#include <openssl/objects.h> #include <ctype.h> #include <errno.h> #include <netdb.h> @@ -48,6 +49,7 @@ #include "misc.h" #include "dns.h" #include "version.h" +#include "authfile.h" char *client_version_string = NULL; char *server_version_string = NULL; @@ -884,6 +886,19 @@ { struct stat st; int flags = 0; + + if (options.certkey_authentication && host_key->cert != NULL) { + Key *ca_key; + int verified; + + ca_key = key_load_public(options.ca_key_file, NULL); + if (ca_key != NULL) {...

....connection_attempts, + options.connection_attempts, options.connection_timeout, original_effective_uid != 0 || !options.use_privileged_port, pw, options.proxy_command); --- sshconnect.c.OK Wed Oct 10 07:07:45 2001 +++ sshconnect.c Sat Jan 26 21:44:35 2002 @@ -35,6 +35,8 @@ char *client_version_string = NULL; char *server_version_string = NULL; +static jmp_buf jmpenv; + extern Options options; extern char *__progname; @@ -221,6 +223,43 @@ return sock; } +/* for alarm() */ +static void +timeout_sigh(int dummy) +{ + errno = ETIMEDOUT; + longjmp(jmpenv, !0); +} + +int +timeout_connect(i...

Hi, I am happy to (re)send a set of patches for compiling OpenSSH 4.7p1 with FIPS 140-2 OpenSSL. These are based on previously reported patches by Steve Marquess <marquess at ieee.org> and Ben Laurie <ben at algroup.co.uk>, for ver. OpenSSH 3.8. Note that these patches are NOT OFFICIAL, and MAY be used freely by anyone. Issues [partially] handled: SSL FIPS Self test. RC4,

...1.10 diff -u -r1.1.1.2 -r1.10 --- sshconnect2.c 10 Aug 2003 14:06:59 -0000 1.1.1.2 +++ sshconnect2.c 10 Aug 2003 14:25:01 -0000 1.10 @@ -52,6 +52,10 @@ #include "msg.h" #include "pathnames.h" +#ifdef GSSAPI +#include "ssh-gss.h" +#endif + /* import */ extern char *client_version_string; extern char *server_version_string; @@ -173,6 +177,8 @@ Sensitive *sensitive; /* kbd-interactive */ int info_req_seen; + /* generic */ + void *methoddata; }; struct Authmethod { char *name; /* string to compare against server's list */ @@ -196,6 +202,15 @@ int userauth_hostbased(A...