Displaying 20 results from an estimated 28 matches for "disable_fd_passing".
2007 Jul 21
5
[Bug 1344] New: DISABLE_FD_PASSING does not work if sshd invoked by inetd
http://bugzilla.mindrot.org/show_bug.cgi?id=1344
Summary: DISABLE_FD_PASSING does not work if sshd invoked by
inetd
Product: Portable OpenSSH
Version: 4.6p1
Platform: Other
OS/Version: Other
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: bitbuc...
2003 Sep 22
3
Fwd: privsep in ssh
...gested to me that I forward this message to you.
---------- Forwarded Message ----------
Subject: privsep in ssh
Date: Fri, 19 Sep 2003 12:22
From: Russell Coker <russell at coker.com.au>
To: SE Linux <selinux at tycho.nsa.gov>
Cc: Colin Watson <cjwatson at debian.org>
#ifdef DISABLE_FD_PASSING
if (1) {
#else
if (authctxt->pw->pw_uid == 0 || options.use_login) {
#endif
/* File descriptor passing is broken or root login */
monitor_apply_keystate(pmonitor);
use_privsep = 0;
return;
}
When browsing...
2002 Sep 04
2
uid transition and post-auth privsep (WAS Re: possible fundamental problem with tru64 patch) (fwd)
...oing depends on what we loose if
we drop post-auth privsep.
> I'd suggest the following patch against openssh-SNAP-20020826. Most of
> it is cleanup patch from a while back that I submitted too late for
> 3.4p1 and didn't resend after that I guess. The other defines
> DISABLE_FD_PASSING when SIA is enabled, which effectively turns off
> post-auth privsep.
So if DISABLE_FD_PASSING turns privsep off, does that mean that
session_setup_sia() will be run directly by do_child(), which
at that point will be effective uid 0?
> Note that I haven't been able to try it with...
2005 Nov 05
5
[Bug 1113] Add Interix authentication support
http://bugzilla.mindrot.org/show_bug.cgi?id=1113
Summary: Add Interix authentication support
Product: Portable OpenSSH
Version: 4.2p1
Platform: Other
OS/Version: other
Status: NEW
Severity: enhancement
Priority: P2
Component: sshd
AssignedTo: bitbucket at mindrot.org
ReportedBy: tv at
2005 Apr 19
1
Patch for UnixWare 7
...ixWare 7.x, OpenUNIX 8
*-*-sysv5*)
+ check_for_libcrypt_later=1
cat >>confdefs.h <<\_ACEOF
#define USE_PIPES 1
_ACEOF
@@ -6021,6 +6022,14 @@
cat >>confdefs.h <<\_ACEOF
#define BROKEN_SETREGID 1
+_ACEOF
+
+ cat >>confdefs.h <<\_ACEOF
+#define DISABLE_FD_PASSING 1
+_ACEOF
+
+ cat >>confdefs.h <<\_ACEOF
+#define PASSWD_NEEDS_USERNAME 1
_ACEOF
;;
2005 Feb 24
1
[PATCH] Drop SETGROUPS_NOOP
...s/configure.ac,v
retrieving revision 1.247
diff -p -u -r1.247 configure.ac
--- configure.ac 24 Feb 2005 01:12:35 -0000 1.247
+++ configure.ac 24 Feb 2005 12:59:53 -0000
@@ -158,7 +158,6 @@ case "$host" in
AC_DEFINE(NO_X11_UNIX_SOCKETS)
AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT)
AC_DEFINE(DISABLE_FD_PASSING)
- AC_DEFINE(SETGROUPS_NOOP)
;;
*-*-dgux*)
AC_DEFINE(IP_TOS_IS_BROKEN)
Index: openbsd-compat/bsd-misc.c
===================================================================
RCS file: /cvs/openssh_cvs/openbsd-compat/bsd-misc.c,v
retrieving revision 1.25
diff -p -u -r1.25 bsd-misc.c
--- openbsd-c...
2016 Jul 22
2
Call for testing: OpenSSH 7.3
...oesn't support AF_UNIX sockets on that system])
- AC_DEFINE([IPPORT_RESERVED], [0],
- [Cygwin has no notion of ports only accessible to superusers])
+ AC_DEFINE([NO_IPPORT_RESERVED_CONCEPT], [1],
+ [Define if the concept of ports only accessible to
+ superusers isn't known])
AC_DEFINE([DISABLE_FD_PASSING], [1],
[Define if your platform needs to skip post auth
file descriptor passing])
diff --git a/defines.h b/defines.h
index a438ddd..c099df6 100644
--- a/defines.h
+++ b/defines.h
@@ -43,6 +43,17 @@ enum
#endif
/*
+ * Cygwin doesn't really have a notion of reserved ports but for backwa...
2007 Jul 21
10
[Bug 1343] New: Privilege separation does not work on QNX
http://bugzilla.mindrot.org/show_bug.cgi?id=1343
Summary: Privilege separation does not work on QNX
Product: Portable OpenSSH
Version: 4.6p1
Platform: Other
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: bitbucket at mindrot.org
ReportedBy: kraai at
2003 Nov 18
5
Testing of recent commits
There have been a few recent commits to portable OpenSSH that require
testing. It would be appreciated if you could grab the 20031118 (or
later) snapshot and give it a try on your platforms of choice.
Ideally, "giving it a try" means running the regress tests, in addition
to casual (non-production) use and reporting your experiences back to
the list. The more platforms and compile-time
2002 Jul 17
13
Testing Call
...ested on
non-solaris platforms (Tim, do you still have Daz's last patch to
buildpkg.sh so you could test under SCO or should I just commit it and we
can play cvs tag?).
Known issues:
1. Tru64 (OSF/1) w/ SIA still is broken under Privsep. (For partial
privsep support change config.h /* #undef DISABLE_FD_PASSING */ to #define
DISABLE_FD_PASSING 1) If we can't come up with a solution by 3.5 release
then I'll just set DISABLE_FD_PASSING for the 3.5 release.
The issue is how the SIA sessioning is getting horked. And without
someone giving me a tru64 box or access (w/ root) for a few days it is
pret...
2013 Oct 31
9
[Bug 2167] New: Connection remains when fork() fails.
https://bugzilla.mindrot.org/show_bug.cgi?id=2167
Bug ID: 2167
Summary: Connection remains when fork() fails.
Product: Portable OpenSSH
Version: 5.3p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
Assignee: unassigned-bugs at
2005 Aug 22
12
Call for release testing
Hi,
We would like to make one of our periodic releases shortly, so once
again we are asking for readers of this list (or anyone else) to
download and test a CVS snapshot of OpenSSH on your favourite
platforms.
The OpenBSD version is available in CVS HEAD:
http://www.openbsd.org/anoncvs.html
Portable snapshots are available the mirrors listed at
http://www.openssh.com/portable.html#ftp in the
2005 Aug 22
12
Call for release testing
Hi,
We would like to make one of our periodic releases shortly, so once
again we are asking for readers of this list (or anyone else) to
download and test a CVS snapshot of OpenSSH on your favourite
platforms.
The OpenBSD version is available in CVS HEAD:
http://www.openbsd.org/anoncvs.html
Portable snapshots are available the mirrors listed at
http://www.openssh.com/portable.html#ftp in the
2004 Mar 02
3
environ problem in 3.8p1
3.8p1 added the following to main() in sshd.c:
#ifndef HAVE_CYGWIN
/* Clear environment */
environ[0] = NULL;
#endif
This breaks the getenv("TZ") in session.c and causes logins to occur in
GMT time. It also causes any sshd syslog messages to be written in GMT
time. I'm on SCO Openserver 5.0.7, but this looks like it should affect
all platforms. Am I missing something? I
2010 Jan 22
1
[PATCH] Cygwin: set SSH_IOBUFSZ to 65535
...=================================================
RCS file: /cvs/openssh/configure.ac,v
retrieving revision 1.438
diff -u -p -r1.438 configure.ac
--- configure.ac 18 Jan 2010 01:05:39 -0000 1.438
+++ configure.ac 22 Jan 2010 09:35:57 -0000
@@ -446,7 +446,7 @@ int main(void) { exit(0); }
AC_DEFINE(DISABLE_FD_PASSING, 1,
[Define if your platform needs to skip post auth
file descriptor passing])
- AC_DEFINE(SSH_IOBUFSZ, 65536, [Windows is sensitive to read buffer size])
+ AC_DEFINE(SSH_IOBUFSZ, 65535, [Windows is sensitive to read buffer size])
;;
*-*-dgux*)
AC_DEFINE(IP_TOS_IS_BROKEN, 1,
--
Corinn...
2005 Apr 07
4
[Bug 1011] Multiple log entries for successful pubkey authentication
...ty: normal
Priority: P2
Component: sshd
AssignedTo: openssh-bugs at mindrot.org
ReportedBy: vinschen at redhat.com
When a successful pubkey authentication took place,
two "Accepted publickey" entries occur in syslog.
This happens on all systems having DISABLE_FD_PASSING set,
or for root logins, if privilege separation is enabled.
The cause is apparently that monitor as well as slave
write a syslog entry.
One of these entries should be suppressed.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assigne...
2003 Sep 16
1
OpenSSH 3.7p1, PrivSep, and Tru64 broken (sorry)
...OF
+
+ cat >>confdefs.h <<\EOF
#define DISABLE_LOGIN 1
EOF
diff -urN openssh-3.7p1-dist/configure.ac openssh-3.7p1/configure.ac
--- openssh-3.7p1-dist/configure.ac Tue Sep 16 00:48:15 2003
+++ openssh-3.7p1/configure.ac Tue Sep 16 14:03:51 2003
@@ -395,6 +395,9 @@
fi
AC_DEFINE(DISABLE_FD_PASSING)
AC_DEFINE(BROKEN_GETADDRINFO)
+ AC_DEFINE(SETEUID_BREAKS_SETUID)
+ AC_DEFINE(BROKEN_SETREUID)
+ AC_DEFINE(BROKEN_SETREGID)
AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin")
;;
2003 Sep 05
2
3.6p1 bug on SCO OpenServer
...rac p24 ttyp24 16191 Wed Sep 3 09:21 1d 23:04 ??
Here's the patch:
--8<-- cut here --8<--
*** configure.orig 2003-03-26 00:12:34.000000000 -0500
--- configure 2003-07-18 17:26:00.000000000 -0400
***************
*** 4588,4593 ****
--- 4588,4597 ----
#define DISABLE_FD_PASSING 1
_ACEOF
+ cat >>confdefs.h <<\_ACEOF
+ #define WITH_ABBREV_NO_TTY 1
+ _ACEOF
+
for ac_func in getluid setluid
--8<-- cut here --8<--
--
Roger Cornelius rac at tenzing.org
2002 Oct 08
2
tru64 unix openssh-3.4p1 problems
Hi,
I'm attempting to get openssh-3.4p1 up and running on our DEC/Compaq
Alpa workstations.
They are running Tru64 Unix 5.1A. I compile the package myself.
Openssh-3.1 worked perfectly, with the default sshd_config file.
Openssh-3.4p1 works, if I set UsePrivilegeSeparation to "no" in the
sshd_config file.
NOTE: I have a secondary issue with the ListenAddress default setting
2009 Jul 07
1
Read buffer size in clientloop.c
Hi,
when trying to optimize socket transfer rates under Cygwin, it turned
out that the underlying WinSock implementation is surprisingly sensitive
to buffer sizes. The latest Cygwin from CVS is now setting the socket
receive/send buffers (SO_RCVBUF/SO_SNDBUF) to 64K, rather than keeping
them at their default values of 8K which thwarts data transfers a lot.
While testing I still had the problem