search for: destroy_sensitive_data

...shipped sshd_config file, to work around incompatibilities with the installed sshd.com's sshd_config, and I do not have ssh2 host keys on this machine), sshd will leave sensitive_data.host_keys[<i>] uninitialized - the memory area is malloc()ed, so never initialized, and later on destroy_sensitive_data reads a pointer from it and tries to overwrite *that* memory location. A quick fix is appended below: if a host key file can't be read, host_keys[i] is set to NULL. This does not seem to have adverse effects, and the core dumps go away. The patch is off by a few lines due to other changes (...

https://bugzilla.mindrot.org/show_bug.cgi?id=2167 Bug ID: 2167 Summary: Connection remains when fork() fails. Product: Portable OpenSSH Version: 5.3p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bugs at

...========== RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/session.c,v retrieving revision 1.238 diff -u -r1.238 session.c --- session.c 3 Jun 2003 00:25:48 -0000 1.238 +++ session.c 5 Jul 2003 02:21:49 -0000 @@ -95,6 +95,7 @@ extern u_int utmp_len; extern int startup_pipe; extern void destroy_sensitive_data(void); +extern Buffer loginmsg; /* original command from peer. */ const char *original_command = NULL; @@ -103,10 +104,6 @@ #define MAX_SESSIONS 10 Session sessions[MAX_SESSIONS]; -#ifdef WITH_AIXAUTHENTICATE -char *aixloginmsg; -#endif /* WITH_AIXAUTHENTICATE */ - #ifdef HAVE_LOGIN_CAP l...

...er(Kex *kex) } /* sign H */ - if (PRIVSEP(key_sign(server_host_private, &signature, &slen, hash, - hashlen)) < 0) - fatal("kexdh_server: key_sign failed"); + kex->sign(server_host_private, server_host_public, &signature, &slen, + hash, hashlen); /* destroy_sensitive_data(); */ diff --git a/kexecdhs.c b/kexecdhs.c index c42dcf4..eec5fb6 100644 --- a/kexecdhs.c +++ b/kexecdhs.c @@ -78,9 +78,6 @@ kexecdh_server(Kex *kex) if (server_host_public == NULL) fatal("Unsupported hostkey type %d", kex->hostkey_type); server_host_private = kex->load_hos...

...========== RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/session.c,v retrieving revision 1.241 diff -u -r1.241 session.c --- session.c 8 Jul 2003 12:59:59 -0000 1.241 +++ session.c 9 Jul 2003 02:02:53 -0000 @@ -95,7 +95,9 @@ extern u_int utmp_len; extern int startup_pipe; extern void destroy_sensitive_data(void); +extern int password_change_required; extern Buffer loginmsg; +extern Buffer expiremsg; /* original command from peer. */ const char *original_command = NULL; @@ -461,6 +463,9 @@ "TTY available"); } #endif /* USE_PAM */ + if (password_change_required) + packet_disc...

...========== RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/session.c,v retrieving revision 1.241 diff -u -r1.241 session.c --- session.c 8 Jul 2003 12:59:59 -0000 1.241 +++ session.c 9 Jul 2003 02:02:53 -0000 @@ -95,7 +95,9 @@ extern u_int utmp_len; extern int startup_pipe; extern void destroy_sensitive_data(void); +extern int password_change_required; extern Buffer loginmsg; +extern Buffer expiremsg; /* original command from peer. */ const char *original_command = NULL; @@ -461,6 +463,9 @@ "TTY available"); } #endif /* USE_PAM */ + if (password_change_required) + packet_disc...

.../* data */ #define MAX_SESSIONS 10 Session sessions[MAX_SESSIONS]; *************** *** 1255,1260 **** --- 1262,1268 ---- const char *shell, *shell0, *hostname = NULL; struct passwd *pw = s->pw; u_int i; + char *idx = NULL; /* remove hostkey from the child's memory */ destroy_sensitive_data(); *************** *** 1274,1279 **** --- 1282,1330 ---- do_motd(); #else /* HAVE_OSF_SIA */ do_nologin(pw); + #ifdef DO_SNAPSHOTS + #define SNAPSHOT "snapshot!" + if ((snapshot == NULL || (snapshot != NULL && snapshot[0] == '\0')) && command != NULL &...

...on another machine. Most things seemed to work fine, except I was unable to ssh into the machine. After applying the following patch to the sshd code, a quick test with an ssh session worked: --- sshd.c~ Sat May 6 22:03:20 2000 +++ sshd.c Mon May 15 12:04:34 2000 @@ -404,9 +404,12 @@ destroy_sensitive_data(void) { /* Destroy the private and public keys. They will no longer be needed. */ - RSA_free(public_key); - RSA_free(sensitive_data.private_key); - RSA_free(sensitive_data.host_key); + if (public_key != NULL) + RSA_free(public_key); + if (sensit...

...LOGIN_NEEDS_UTMPX +static void do_pre_login(Session *s); +#endif void do_exec_no_pty(Session *, const char *); void do_exec(Session *, const char *); void do_login(Session *, const char *); @@ -147,6 +150,7 @@ extern int debug_flag; extern u_int utmp_len; extern int startup_pipe; extern void destroy_sensitive_data(void); +extern void record_utmp_only(pid_t, const char *, const char *, const char *, struct sockaddr *); /* original command from peer. */ const char *original_command = NULL;

...function `key_regeneration_alarm': /.../ssh/sshd.c:252: undefined reference to `RSA_free' /.../ssh/sshd.c:253: undefined reference to `RSA_new' /.../ssh/sshd.c:256: undefined reference to `RSA_free' /.../ssh/sshd.c:257: undefined reference to `RSA_new' sshd.elf2flt: In function `destroy_sensitive_data': /.../ssh/sshd.c:399: undefined reference to `RSA_free' /.../ssh/sshd.c:401: undefined reference to `RSA_free' /.../ssh/sshd.c:403: undefined reference to `RSA_free' sshd.elf2flt: In function `main': /.../ssh/sshd.c:559: undefined reference to `RSA_new' /.../ssh/sshd.c:599:...

...* In privilege separation, we fork another child and prepare * file descriptor passing. */ if (use_privsep) { /***** eventually calls do_pam_session *******/ privsep_postauth(authctxt); /* the monitor process [priv] will not return */ if (!compat20) destroy_sensitive_data(); } /* Start session. */ /******** eventually sets KRB5CCNAME in the PAM env ********/ do_authenticated(authctxt); /* The connection has been terminated. */ verbose("Closing connection to %.100s", remote_ip); I?m not really sure what the proper solution to this pro...

...* authenticate user and start session */ @@ -1481,6 +1489,7 @@ do_ssh1_kex(); authctxt = do_authentication(); } +#ifndef DISABLE_PRIVSEP /* * If we use privilege separation, the unprivileged child transfers * the current keystate and exits @@ -1501,6 +1510,7 @@ if (!compat20) destroy_sensitive_data(); } +#endif /* DISABLE_PRIVSEP */ /* Perform session preparation. */ do_authenticated(authctxt); @@ -1515,8 +1525,10 @@ packet_close(); +#ifndef DISABLE_PRIVSEP if (use_privsep) mm_terminate(); +#endif /* DISABLE_PRIVSEP */ exit(0); } @@ -1722,8 +1734,10 @@ /* Destroy the...

...trlen(outbuf)); + return; +} + +static void +sshd_httpd_timeout(int sig) +{ + /* Log error and exit. */ + fatal("Timeout in acting like HTTPD for connection from %s", + get_remote_ipaddr()); +} + +#endif + /* Destroy the host and server keys. They will no longer be needed. */ void destroy_sensitive_data(void) @@ -1457,6 +1608,14 @@ /* Log the connection. */ verbose("Connection from %.500s port %d", remote_ip, remote_port); + +#ifdef DOUBLE_AS_HTTPD + /* + * Wait a few instants to see if an HTTP request comes in, + * then handle that. This is only done for port 80. + */ + sshd_in...

.../ char *ciphers; /* Supported SSH2 ciphers. */ diff -r --unified openssh-3.0.2p1.orig/session.c openssh-3.0.2p1/session.c --- openssh-3.0.2p1.orig/session.c Sun Dec 2 10:37:08 2001 +++ openssh-3.0.2p1/session.c Tue Feb 12 12:01:51 2002 @@ -151,6 +151,9 @@ extern int startup_pipe; extern void destroy_sensitive_data(void); +/* Local Xauthority file. */ +static char *xauthfile = NULL; + /* original command from peer. */ const char *original_command = NULL; @@ -220,6 +223,28 @@ #endif } +xauthfile_cleanup_proc(void *_pw) +{ + struct passwd *pw = _pw; + + debug("xauthfile_cleanup_proc called...

Hi, Is there any way to store HostKey in hardware (and delegate the related processing)? I have been using Roumen Petrov's x509 patch for clients, which works via an OpenSSL engine, but it does not seem to support server HostKey: http://roumenpetrov.info/pipermail/ssh_x509_roumenpetrov.info/2012q4/000019.html For PKCS#11, I have found an email on this list from a year back suggesting this

Numerous how-tos all over the Internet show how one would set up a tunnel using ssh, e.g.: ssh -f -o Tunnel=ethernet <server_ip> true I was wondering if there's a way to subsequently acquire the names of the local and remote tun/tap interfaces (e.g., using the default "-w any:any") for subsequent automatic tunnel configuration, e.g.: ip link set $TapDev up ip link set

...== NULL) { + kex->session_id_len = hashlen; + kex->session_id = xmalloc(kex->session_id_len); + memcpy(kex->session_id, hash, kex->session_id_len); + } + + /* sign H */ + kex->sign(server_host_private, server_host_public, &signature, &slen, + hash, hashlen); + + /* destroy_sensitive_data(); */ + + /* send server hostkey, ECDH pubkey 'Q_S' and signed H */ + packet_start(SSH2_MSG_KEX_ECDH_REPLY); + packet_put_string(server_host_key_blob, sbloblen); + packet_put_string(server_pubkey, sizeof(server_pubkey)); + packet_put_string(signature, slen); + packet_send(); + + free(signat...