search for: dlen

...en 5 > HCI Event: Command Status (0x0f) plen 4 < HCI Command: Remote Name Request (0x01|0x0019) plen 10 > HCI Event: Command Status (0x0f) plen 4 < HCI Command: Remote Name Request (0x01|0x0019) plen 10 > HCI Event: Command Status (0x0f) plen 4 > ACL data: handle 11 flags 0x02 dlen 12 L2CAP(s): Connect req: psm 1 scid 0x0040 < ACL data: handle 11 flags 0x02 dlen 16 L2CAP(s): Connect rsp: dcid 0x0040 scid 0x0040 result 0 status 0 Connection successful > HCI Event: Max Slots Change (0x1b) plen 3 > ACL data: handle 11 flags 0x02 dlen 12 L2CAP(s): Con...

...nel key %d (%s) removed\n", ret, filename); + return 0; + } +#endif public = key_load_public(filename, &comment); if (public == NULL) { printf("Bad key file %s\n", filename); @@ -108,6 +134,65 @@ { int ret = -1; +#ifdef HAVE_LIBKEYUTIL + if (inkernel) { + int count, dlen; + char *buf; + key_serial_t key, *keylist, *pk; + + count = keyctl_read_alloc(KEY_SPEC_USER_SESSION_KEYRING, (void **) &keylist); + if (count < 0) { + printf("Error in keyctl_read_alloc\n"); + return -1; + } + + count /= sizeof(key_serial_t); + pk = keylist; + ret =...

...the client's remote window count to go to zero. As an aside the remote window count has to be exactly 0 for the stall to occur. Initially the following line of code in channel_output_poll that decrements the remote window count for datagram channels looked suspicious: c->remote_window -= dlen + 4; However, the code that updates Channel.local_window and Channel.local_consumed for a datagram channel also includes the +4 in the calculation. Does anybody know why the datagram calculation includes a +4? Anybody know what would cause the 4 byte discrepancy I am seeing? A complicating facto...

Since we upgraded OpenSSH from 5.0p1 to 5.1p1 on our Solaris 8 boxes (I know, I know, we should upgrade or retire them...), we've started experiencing problems with slogin'ing into these boxes, running vi, and pasting text into the vi session. As long as we are pasting in less that 1024 characters it's fine. With >= 1024 characters, the session hangs. If you run

...ceived, it is appended into a buffer that has not been cleared first. This could lead to problems - in particular, if that buffer already contains an old peer proposal, the new one will be appended but the old one will be silently used instead. The code is currently: ptr = packet_get_raw(&dlen); buffer_append(&kex->peer, ptr, dlen); but should be: ptr = packet_get_raw(&dlen); buffer_clear(&kex->peer); buffer_append(&kex->peer, ptr, dlen); -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this...

...am that causes the hang to occur. However, a simple hack to channels.c does seem to fix the problem: --- channels.c.orig Tue Jul 2 14:34:32 2002 +++ channels.c Tue Jul 2 14:35:39 2002 @@ -1278,6 +1278,9 @@ buffer_len(&c->output) > 0) { data = buffer_ptr(&c->output); dlen = buffer_len(&c->output); + /* XXX - hack - do not apply - LBB */ + if (dlen > 8192) + dlen = 8192; len = write(c->wfd, data, dlen); if (len < 0 && (errno == EINTR || errno == EAGAIN)) return 1; I've not tried all possible combinations for the magic number...

...ket_get_string((unsigned int *)&ulen); /* Get the client host key. */ client_host_key_e = BN_new(); *************** *** 1326,1332 **** * transmitted over the encrypted channel so it is * not visible to an outside observer. */ ! password = packet_get_string(&dlen); packet_integrity_check(plen, 4 + dlen, type); #ifdef USE_PAM --- 1343,1349 ---- * transmitted over the encrypted channel so it is * not visible to an outside observer. */ ! password = packet_get_string((unsigned int *)&dlen); packet_integrity_check(plen, 4...

I have a couple of 64-Bit Xeon's with CentOS 4.2 x86_64 installed on them. They don't all have the same motherboards. I've having a difficult time getting CentOS 4.2 x86_64 to boot on some of them in SMP mode (UP works fine). After the installation of CD, it boots up but kernel panics with the following error: Badness in i8042_panic_blink at drivers/input/serio/i8042.c:992 This is

...t;mtime; } + if (a->flags & SSH2_FILEXFER_ATTR_EXTENDED) { + if (a->has_nlink) { + st->st_nlink = a->nlink; + } + } } /* Decode attributes in buffer */ @@ -138,6 +148,15 @@ return r; debug3("Got file attribute \"%.100s\" len %zu", type, dlen); + if (strcmp(type, SFTP_EXT_ATTR_LINK_COUNT) == 0) { + if (dlen < 8) { + return SSH_ERR_MESSAGE_INCOMPLETE; + free(type); + free(data); + } + a->has_nlink = 1; + a->nlink = PEEK_U64(data); + } free(type); free(data); } @@ -170,6 +189,24 @@ if ((r...

...ed before key_sign is run on it, which results in a bogus signature, at least under Linux. (Solaris and IRIX don't seem to mind.) --- ssh-keysign.c~ Wed Jun 26 17:01:42 2002 +++ ssh-keysign.c Wed Jun 26 17:01:49 2002 @@ -192,7 +192,6 @@ data = buffer_get_string(&b, &dlen); if (valid_request(pw, host, &key, data, dlen) < 0) fatal("not a valid request"); - xfree(data); xfree(host); found = 0; @@ -208,6 +207,7 @@ if (key_sign(keys[i], &signature, &slen, data, dlen) != 0) f...

...rig/digest-openssl.c openssh-6.6p1/digest-openssl.c --- openssh-6.6p1.orig/digest-openssl.c 2014-02-04 02:25:45.000000000 +0200 +++ openssh-6.6p1/digest-openssl.c 2014-04-04 17:00:29.548457919 +0300 @@ -148,14 +148,11 @@ int ssh_digest_memory(int alg, const void *m, size_t mlen, u_char *d, size_t dlen) { - struct ssh_digest_ctx *ctx = ssh_digest_start(alg); + const struct ssh_digest *digest = ssh_digest_by_alg(alg); - if (ctx == NULL) + if (!EVP_Digest(m, mlen, d, dlen, digest->mdfunc(), NULL)) return -1; - if (ssh_digest_update(ctx, m, mlen) != 0 || - ssh_digest_final(ctx, d, dlen)...

...nels.c 5 Aug 2008 01:08:22 -0000 > @@ -1578,11 +1578,10 @@ channel_handle_wfd(Channel *c, fd_set *r > } > return 1; > } > -#ifdef _AIX > + > /* XXX: Later AIX versions can't push as much data to tty */ > if (compat20 && c->wfd_isatty) > - dlen = MIN(dlen, 8*1024); > -#endif > + dlen = MIN(dlen, 1024); > > len = write(c->wfd, buf, dlen); > if (len < 0 && > OK -- I can try this too. But it isn't necessary with the 5.0p1 sshd, so I'm thinking that something changed w.r.t. OpenSSH. --

...to the agent was well-formed, though. It was only the key blob that was not recognizable. Looking more closely at the code, the 7.5p1 code looked like: if ((r = sshbuf_get_string(e->request, &blob, &blen)) != 0 || (r = sshbuf_get_string(e->request, &data, &dlen)) != 0 || (r = sshbuf_get_u32(e->request, &flags)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); if (flags & SSH_AGENT_OLD_SIGNATURE) compat = SSH_BUG_SIGBLOB; if ((r = sshkey_from_blob(blob, blen, &ke...

...02:48:58.000000000 +0200 +++ openssh/session.c 2002-09-04 08:45:10.000000000 +0200 [...] @@ -165,8 +252,8 @@ Session *s; char *command; int success, type, screen_flag; - int compression_level = 0, enable_compression_after_reply = 0; - u_int proto_len, data_len, dlen; + int enable_compression_after_reply = 0; + u_int proto_len, data_len, dlen, compression_level = 0; s = session_new(); s->authctxt = authctxt; @@ -192,6 +279,10 @@ compression_level); break;...

Hello, I came across an interoperability problem in OpenSSH 3.0p1 and 3.0.1p1 concerning the AFS token forwarding. That means that the new versions are not able to exchange AFS tokens (and Kerberos TGTs) with older OpenSSH releases (including 2.9p2) and with the old SSH 1.2.2x. In my opinion this problem already existed in Openssh 2.9.9p1, but I have never used this version (I only looked at the

...rsync comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. See the GNU General Public Licence for details. (gdb) c Continuing. Breakpoint 6, change_local_filter_dir ( dname=0xfffd3c5c "rsync.include.drive_b", dlen=21, dir_depth=3695) at exclude.c:532 532 assert(dir_depth < MAXPATHLEN/2+1); (gdb) bt #0 change_local_filter_dir (dname=0xfffd3c5c "rsync.include.drive_b", dlen=21, dir_depth=3695) at exclude.c:532 #1 0x080544c3 in do_delete_pass () at generator.c:548 #2 0x08059...

Hi, SSH brute force attacks seem to enjoy increasing popularity. Call me an optimist or a misrouted kind of contributer to the community, but on our company server I actually go through the logs and report extreme cases to the providers of the originating IP's. With the increasing number of these attacks, however, I have now decided that it's better to move the SSHd to a different

Hi, I don't see any way to view the details of a certificate once it is generated. Having such a capability would be very handy for debugging purposes to check what constraints, principals, and validity interval are associated with a given cert. -- Iain Morgan

All, Here is a RFC patch for converting the highmem.inc to C code, which doesn't touch the core part. please help to review, thanks Thanks, Feng

Here is a patch that does TIS auth via PAM. It's controlled by a switch in the sshd_config. You'd use it by having a PAM module that sets PAM_PROMPT_ECHO_ON. eg, you could use it with pam_skey or pam_smxs. The patch is against the 2.9.9p2 distribution. I'm not on the list, a reply if this patch is accepted would be great. (But not required, I know some folks have a distaste for