search for: local_maxpacket

...openssh-3.8.1p1/channels.c openssh-3.8.1p1-dynwindow/channels.c --- openssh-3.8.1p1/channels.c 2004-01-20 19:02:09.000000000 -0500 +++ openssh-3.8.1p1-dynwindow/channels.c 2004-07-13 09:46:58.000000000 -0400 @@ -255,6 +255,7 @@ c->local_window_max = window; c->local_consumed = 0; c->local_maxpacket = maxpack; + c->dynamic_window = 0; c->remote_id = -1; c->remote_name = xstrdup(remote_name); c->remote_window = 0; @@ -702,6 +703,10 @@ channel_pre_open(Channel *c, fd_set * readset, fd_set * writeset) { u_int limit = compat20 ? c->remote_window : packet_get_maxsize(); + i...

...er *); void buffer_free(Buffer *); diff -u src/usr.bin/ssh/channels.c ssh/channels.c --- src/usr.bin/ssh/channels.c 2004-06-13 21:44:38.000000000 -0400 +++ ssh/channels.c 2004-07-07 10:02:24.000000000 -0400 @@ -255,6 +255,7 @@ c->local_window_max = window; c->local_consumed = 0; c->local_maxpacket = maxpack; + c->dynamic_window = 0; c->remote_id = -1; c->remote_name = xstrdup(remote_name); c->remote_window = 0; @@ -1520,14 +1521,26 @@ !(c->flags & (CHAN_CLOSE_SENT|CHAN_CLOSE_RCVD)) && c->local_window < c->local_window_max/2 &&...

...t local_consumed reset to 0 whenever a window adjust packet is sent (I am looking at this from the point of view of the client), and incremented afterwards? In the latest OpenSSH release the condition is changed to ((c->local_window_max - c->local_window > c->local_maxpacket*3) || c->local_window < c->local_window_max/2) && c->local_consumed > 0 Why the new conditional? What issues does it address that are not addressed by the older, simpler version? My apologies if these are trivial questions. I am trying to understan...

...remote_hostname, remote_port); - newch = channel_new("direct-tcpip", + newch = channel_new((c->type == SSH2_CHANNEL_PORT_LISTENER) ? + "forwarded-tcpip" : "direct-tcpip", SSH_CHANNEL_OPENING, newsock, newsock, -1, c->local_window_max, c->local_maxpacket, 0, xstrdup(buf), 1); if (compat20) { packet_start(SSH2_MSG_CHANNEL_OPEN); - packet_put_cstring("direct-tcpip"); + if (c->type == SSH2_CHANNEL_PORT_LISTENER) + packet_put_cstring("forwarded-tcpip"); + else + packet_put_cstring("direct-tcpip&quot...

...H2 port listener (server) then send + * forwarded-tcpip message. + */ + newch = channel_new( (c->type == SSH2_CHANNEL_PORT_LISTENER) ? + "forwarded-tcpip" : "direct-tcpip", SSH_CHANNEL_OPENING, newsock, newsock, -1, c->local_window_max, c->local_maxpacket, 0, xstrdup(buf)); if (compat20) { packet_start(SSH2_MSG_CHANNEL_OPEN); - packet_put_cstring("direct-tcpip"); + if (c->type == SSH2_CHANNEL_PORT_LISTENER) + packet_put_cstring("forwarded-tcpip"); + else + packet_put_cstring("direct-tcpip");...

...turn; + (void) dup2(fd, STDIN_FILENO); + (void) dup2(fd, STDOUT_FILENO); + (void) dup2(fd, STDERR_FILENO); + if (fd > 2) + (void) close(fd); + (void) setsid(); + } +} + static void client_input_stdout_data(int type, int plen, void *ctxt) { @@ -1187,6 +1264,8 @@ packet_put_int(c->local_maxpacket); packet_send(); } + if (fork_after_authentication_flag && wait_for_port_open_before_fork) + forkoff(0, 1); } else { debug("failure %s", ctype); packet_start(SSH2_MSG_CHANNEL_OPEN_FAILURE); Index: 3_0_2p1.1/channels.h --- 3_0_2p1.1/channels.h Wed, 21 Nov 2001 10:...

...owever, the implementation tacks some additional data to the end: packet_start(SSH2_MSG_CHANNEL_OPEN); packet_put_cstring(rtype); packet_put_int(c->self); packet_put_int(c->local_window_max); packet_put_int(c->local_maxpacket); if (strcmp(rtype, "direct-tcpip") == 0) { /* target host, port */ packet_put_cstring(c->path); packet_put_int(c->host_port); } else if (strcmp(rtype, "direct-streamlocal at...

I'd like a feature whereby ssh puts itself in the background after the first successful X11 (or other port) forwarding. The reason for this is simple: error handling. If the application fails to open the X display and exits, then the client can still exit with the application's exit code. But if the application opens the X display successfully, then it can just display any errors by

Greetings, I've been doing a little testing with the stdio forwarding support added in recent snapshots and have encountered one possible issue. First, I should say that this feature generally seems to work. However, I haven't been able to get it to work when connecting to a server running SSH.COM's product. The config file I am using is fairly simple: Host sfe1 LogLevel debug3

I'm reading this fine article on O'Reilly: http://linux.oreillynet.com/lpt/a//linux/2001/11/08/ssh_keystroke.html <quote> The paper concludes that the keystroke timing data observable from today's SSH implementations reveals a dangerously significant amount of information about user terminal sessions--enough to locate typed passwords in the session data stream and reduce the

...xfree(writeset); + xfree(writeset); mysignal(SIGCHLD, SIG_DFL); - + while ((pid = waitpid(-1, &status, WNOHANG)) > 0) session_close_by_pid(pid, status); /* @@ -894,6 +998,17 @@ packet_put_int(c->local_maxpacket); packet_send(); } + /* + * SD Mod: if -S option is used, request + * client to not use stenographic timing manipulation as well. + */ + if(!options.use_steno_timing_manipulation) +...

Hello, In response to the timing analysis attacks presented by Dawn Song et. al. in her paper http://paris.cs.berkeley.edu/~dawnsong/ssh-timing.html we at Silicon Defense developed a patch for openssh to avoid such measures. Timing Analysis Evasion changes were developed by C. Jason Coit and Roel Jonkman of Silicon Defense. These changes cause SSH to send packets unless request not to,

...en; @@ -1823,7 +1831,11 @@ return; /* Get the data. */ + /*if (strcmp(c->ctype, "session") == 0)*/ + if (c->ctype[0] == 's') data = packet_get_string(&data_len); + else + data = packet_get_binary(&data_len); if (compat20) { if (data_len > c->local_maxpacket) { @@ -1875,7 +1887,11 @@ logit("channel %d: bad ext data", c->self); return; } + /*if (strcmp(c->ctype, "session") == 0)*/ + if (c->ctype[0] == 's') data = packet_get_string(&data_len); + else + data = packet_get_binary(&data_len); packe...

...) != euid)) { + error("multiplex uid mismatch: peer euid %u != uid %u", + (u_int)euid, (u_int)getuid()); + close(newsock); + return; + } + nc = channel_new("multiplex client", SSH_CHANNEL_MUX_CLIENT, + newsock, newsock, -1, c->local_window_max, + c->local_maxpacket, 0, "mux-control", 1); + nc->mux_rcb = c->mux_rcb; + debug3("%s: new mux channel %d fd %d", __func__, + nc->self, nc->sock); + /* establish state */ + nc->mux_rcb(nc, NULL); + /* mux state transitions must not elicit protocol messages */ + nc->flags...