search for: do_authentication

...p2 there was a change to auth2.c that removed the userauth_reply() function. There were a few lines of code in that function, #ifdef'd with WITH_AIXAUTHENTICATE, that handled the AIX method of lastlog type stuff (specifically, a loginsuccess() call). There is a similar call in auth1.c, down in do_authentication(), which is still there in 2.9.9p2. So with 2.9.9p2, the lastlog stuff is handled properly if you connect with protocol version 1, but not with protocol version 2. Looking at the code a little, maybe this can be moved into do_authenticated() in session.c covering both the protocol versions. Ther...

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Greetings, I am not sure if this is the correct place to ask these question, if I am at the wrong place please advise. I am currently working on some modifications to openssh which record the users rsa/dsa identity comment file to a log file when the user logs in (password authentication is disabled). The ssh1 portion of the modification works

Hi :-) i have try a hang on exit patch that i found in the web for an old openssh version, but it dosent help :-( in a german gdb howto i found a tip that the backtrace output can help to analyse the problem.... is it a solaris problem ? Greetings Frank sshd: #0 0xff19d618 in _poll () from /usr/lib/libc.so.1 #1 0xff14d53c in select () from /usr/lib/libc.so.1 #2 0x000339a0 in

I would like to put a patch in OpenSSH start lbxproxy on the server if both ends of the connection support LBX. I'm having difficulty figuring out where to put this code, specifically I can't seem to find where the X11 handshaking happens. Could someone help me out on this?? -Carl

...b8 00034d74 server_loop (fb000, 0, 104000, fb000, 104000, effff240) + 20c 00036c7c do_exec_pty (10bbcc, 11, 36634, fb400, 8a, 0) + 260 00036704 do_authenticated1 (0, 36400, fac00, 106800, ef623700, 36014) + 60c 00036074 do_authenticated (110fa8, efffefbc, d0710, 400, efffefc8, 0) + 80 0002d720 do_authentication (effff418, 3, fac00, cfc00, fb000, 10e400) + 174 0002c17c main (1eb4, f, 1, fac00, 1eb4, 10c498) + 1418 0002a27c _start (0, 0, 0, 0, 0, 0) + 5c # truss -p 3296 poll(0xEFFFD160, 2, 100) = 0 poll(0xEFFFD160, 2, 100) = 0 poll(0xEFFFD160, 2, 100)...

...5:36 ? 0:01 /opt/openssh/sbin/sshd So, I looked at the source code for sshd. Why are there no setuid() and setgid() calls in the code to change to the user, after the child process is forked off to process the new connection? It looks like the uid and gid of the user should be known after do_authentication() or do_authentication2() has been called, so the ownership of the forked daemon could be changed after this point. Why isn't it? --- Jeff Earickson, Colby College

...sewhere (as they are not related to interactivity). The problem: Function set_packet_set_interactive is never called for protocol 2 connections -- only for protocol 1. This is the case for both ssh and sshd. Specifically, for sshd protocol 1 connections, function calls are made: main to do_authentication to do_authenticated to packet_set_interactive For sshd protocol 2 connections, function calls are made: main to do_authentication2 to do_authenticated2 which does not call packet_set_interactive. For ssh protocol 1 connections, packet_set_interactive is called from ssh_se...

Greetings, I have a problem with OpenSSH -current and SCO 3.2v4.2, when I execute a remote command or exit from a session, the connection hangs, ( line 326 of serverloop.c). This problem only exists when using ssh2. server side debug (-d -d -d ): debug1: Received SIGCHLD. debug2: channel 0: read failed debug2: channel 0: close_read debug2: channel 0: input open -> drain debug2: channel 0:

...COOKIE-1", auth_data=0x8075000 "cdf4b6cb730310be3d51a8abf77303fc") at /usr/src/secure/usr.sbin/sshd/../../../crypto/openssh/sshd.c:2211 #4 0x805386c in do_authenticated (pw=0xbfbfef80) at /usr/src/secure/usr.sbin/sshd/../../../crypto/openssh/sshd.c:2037 #5 0x80527b4 in do_authentication () at /usr/src/secure/usr.sbin/sshd/../../../crypto/openssh/sshd.c:1408 #6 0x8051b43 in main (ac=1, av=0xbfbff624) at /usr/src/secure/usr.sbin/sshd/../../../crypto/openssh/sshd.c:970 #7 0x804aae1 in _start () The code around frame #1 was 361 { 362 int len; 363 364...

...AC_DEFINE(BROKEN_GETADDRINFO) ;; *-*-hpux10*) --- login.c.orig Tue May 9 13:11:36 2000 +++ login.c Tue May 9 13:10:40 2000 @@ -53,6 +53,10 @@ get_last_login_time(uid_t uid, const char *logname, char *buf, unsigned int bufsize) { +#if defined(WITH_AIXAUTHENTICATE) + /* This is done in do_authentication */ + return (unsigned long) 0; +#else #if defined(_PATH_LASTLOG) && !defined(DISABLE_LASTLOG) struct lastlog ll; char *lastlog; @@ -128,6 +132,7 @@ return t; #endif /* defined(_PATH_LASTLOG) && !defined(DISABLE_LASTLOG) */ +#endif /* defined(WITH_AIXAUTHENTICATE) */ }...

....c:71 #10 0x30e1c in process_buffered_input_packets () at serverloop.c:423 #11 0x314b8 in server_loop2 (authctxt=0xffbef408) at serverloop.c:705 #12 0x348d8 in do_authenticated2 (authctxt=0x1170f0) at session.c:2063 #13 0x31eb4 in do_authenticated (authctxt=0x1170f0) at session.c:199 #14 0x29c68 in do_authentication2 () at auth2.c:134 #15 0x280d4 in main (ac=6, av=0x8) at sshd.c:1204 I do not claim to know what the correct fix is, however I can avoid the segfault by removing the do_pam_session() call. This is how the same code looks in 2.9p2 (which doesn't segfault). I'll happily provide any inform...

...-r1.58 auth.h --- usr.bin/ssh/auth.h 18 Aug 2006 09:15:20 -0000 1.58 +++ usr.bin/ssh/auth.h 18 Sep 2006 09:32:23 -0000 @@ -123,6 +123,10 @@ void krb5_cleanup_proc(Authctxt *authctxt); #endif /* KRB5 */ +#ifdef BSD_AUTH +void bsdauth_child_set_env(char ***envp, u_int *envsizep); +#endif + void do_authentication(Authctxt *); void do_authentication2(Authctxt *); Index: usr.bin/ssh/session.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/session.c,v retrieving revision 1.219 diff -u -r1.219 session.c --- usr.bin/ssh/session.c 29 Aug 2006 10:40:19 -0000 1...

Hello, We've found some undesirable behavior with respect to LoginGraceTime. A minor code change in session.c seems to clear it up, but now I'm asking for help in better understanding the problem and determining if there any unexpected side effects of the change. First, the code change: $ diff orig_session.c session.c 216c216,218 < alarm(0); --- >

Hi! as I just noted, after scp the connection does not shut down properly. When I do a "scp file targethost:path", on targethost a "sshd" process is left running. I do use --with-default-path="/usr/local/openssh/bin:/usr/bin:/usr/local/bin" to assure, that the corrensponding openssh-scp is used. It also seems, that normal sessions are not always closed properly.

Yes, this is a patch against an older version of OpenSSH with other stuff anyways, BUT, it's so TRIVIAL(*), that you can see how it would apply to newer versions (which I've not tried). Here's the gist: server_loop2() has a race condition with respect to reception of SIGCHLD and checking/setting child_terminated. This patch does two things: wait_until_can_do_something() adds a 1

I set sshd to deny root login. But I still get a password prompt! So if I get the password right, I get one error message: Received disconnect: ROOT LOGIN REFUSED FROM example.com while if I simply put in a wrong password three times I get Permission denied. If this means I set it up wrong please mail me directly - I'm not subscribed to the list. Otherwise please fix this. -- The

Howdy coders, in openssh-2.5.2p2, auth1.c, do_authentication() you folks do a call to getpwnam(user) If this fails, you NULL out 'pw' Unfortunately, this stops start_pam() from being called at all. I'm not a PAM API expert, but I was under the impression that there are pam API calls you should be making for account verification, in PARALLEL t...

...Version: -current Platform: ix86 OS/Version: Linux Status: NEW Severity: critical Priority: P2 Component: Miscellaneous AssignedTo: openssh-unix-dev at mindrot.org ReportedBy: kent at lysator.liu.se auth1.c: In function `do_authentication': auth1.c:392: `pw' undeclared (first use in this function) auth1.c:392: (Each undeclared identifier is reported only once auth1.c:392: for each function it appears in.) Perhaps "pw" should be "authctxt->pw"? ------- You are receiving this mail because: ------- Yo...

Hi All. While working on something I noticed core dumps from sshd. They don't seem to be related to what I was working on. It's from the process forked to run the shell. Just after the fork, fatal_remove_all_cleanups() is called, which looks like: fatal_remove_all_cleanups(void) { struct fatal_cleanup *cu, *next_cu; for (cu = fatal_cleanups; cu; cu = next_cu) {

> -----Original Message----- > From: Ben Lindstrom > Sent: 15 September 2003 08:53 > To: Vikash Badal - PCS > Cc: 'openssh-unix-dev at mindrot.org' > Subject: Re: SCO 3.2v4.2 and OpenSSH -current --> connection hangs and > does no t close > > go into bsd-misc.c and comment out the define and try it > again. We should > be using mysignal by default