search for: next_opt

...mmand = NULL; +/* "shell=" option. */ +char *forced_shell = NULL; /* "environment=" options. */ struct envstring *custom_environment = NULL; @@ -98,6 +100,35 @@ packet_send_debug("Pty allocation disabled."); no_pty_flag = 1; opts += strlen(cp); + goto next_option; + } + cp = "shell=\""; + if (strncasecmp(opts, cp, strlen(cp)) == 0) { + opts += strlen(cp); + forced_shell = xmalloc(strlen(opts) + 1); + i = 0; + while (*opts) { + if (*opts == '"') + break; + if (*opts == '\\' && opts[1] == ...

Patch is below : diff -nru openssh-3.8.1p1/auth-options.c openssh-3.8.1p1-devs//auth-options.c --- openssh-3.8.1p1/auth-options.c Tue Jun 3 02:25:48 2003 +++ openssh-3.8.1p1-devs//auth-options.c Mon Feb 21 16:56:49 2005 @@ -265,6 +265,81 @@ xfree(patterns); goto next_option; } + +/* e.g: permitopenned="158.156.0.0/255.255.255.0:25[-1024]" + * note that part between [] is optionnal for 1 port specification + */ + cp = "permitopennet=\""; + if (strncasecmp(opts, cp, strlen(cp)) == 0) { + char netblock[256], netmask[256], + sporta[6]...

Attached is a patch which adds a log= directive to authorized_keys. The text in the log="text" directive is appended to the log line, so you can easily tell which key is matched. For instance the line: log="hello world!",no-agent-forwarding,command="/bin/true",no-pty, no-user-rc,no-X11-forwarding,permitopen="127.0.0.1:7" ssh-rsa AAAAB3Nza....xcgaK9xXoU=

...p;options->permit_empty_passwd; + goto parse_flag; + + case sPermitUserEnvironment: + intptr = &options->permit_user_env; goto parse_flag; case sUseLogin: --- auth-options.c 21 Jul 2002 18:32:20 -0000 1.25 +++ auth-options.c 24 Jul 2002 16:55:25 -0000 @@ -133,7 +133,8 @@ goto next_option; } cp = "environment=\""; - if (strncasecmp(opts, cp, strlen(cp)) == 0) { + if (options.permit_user_env && + strncasecmp(opts, cp, strlen(cp)) == 0) { char *s; struct envstring *new_envstring; --- session.c 22 Jul 2002 11:03:06 -0000 1.145 +++ sessio...

...t;dot at dotat.at> http://dotat.at/ FISHER GERMAN BIGHT: NORTHWESTERLY 6 OR 7, OCCASIONALLY GALE 8 IN WEST, VEERING NORTHEASTERLY 5 LATER. WINTRY SHOWERS. GOOD. --- auth-options.c 28 Jan 2003 18:06:50 -0000 1.1.1.2 +++ auth-options.c 29 Jan 2003 20:39:19 -0000 1.7 @@ -133,7 +135,7 @@ goto next_option; } cp = "environment=\""; - if (options.permit_user_env && + if (!auth_restricted(RESTRICT_ENV, pw) && strncasecmp(opts, cp, strlen(cp)) == 0) { char *s; struct envstring *new_envstring; @@ -217,8 +219,6 @@ } cp = "permitopen=\&quo...

...file, linenum, sport); - auth_debug_add("%.100s, line %lu: " - "Bad permitopen port", file, linenum); - xfree(patterns); - goto bad_option; - } - if (options.allow_tcp_forwarding) - channel_add_permitted_opens(host, port); xfree(patterns); goto next_option; } --- channels.c 24 Jul 2002 11:04:17 -0000 1.1.1.1 +++ channels.c 13 Aug 2002 19:17:08 -0000 @@ -96,6 +96,10 @@ /* Number of permitted host/port pairs in the array. */ static int num_permitted_opens = 0; + +/* Don't allow any more to be added. */ +static int fix_permitted_opens = 0;...

...CH_FLAG_RANGE> > + > +If this flag is included then the C<range_offset> and C<range_length> > +parameters are used, so only extents overlapping > +C<[range_offset...range_offset+range_length-1]> are returned. Must range_offset+range_length-1 lie within the reported next_opts->get_size(), or can range extend beyond the end of the plugin (that is, can I pass range == -1 to get from a given offset to the end of the file, or do I have to compute the end range to avoid internal errors)? > +++ b/docs/nbdkit-plugin.pod > +The callback should detect and return the...

Hi, sorry if it is the wrong approuch to suggest improvments to OpenSSH, but here comes my suggestion: I recently stumbled upon the scponly shell which in it's chroot:ed form is an ideal solution when you want to share some files with people you trust more or less. The problem is, if you use the scponlyc as shell, port forwarding is still allowed. This can of course be dissallowed in

...> +If this flag is included then the C<range_offset> and C<range_length> > > +parameters are used, so only extents overlapping > > +C<[range_offset...range_offset+range_length-1]> are returned. > > Must range_offset+range_length-1 lie within the reported > next_opts->get_size(), or can range extend beyond the end of the plugin > (that is, can I pass range == -1 to get from a given offset to the end > of the file, or do I have to compute the end range to avoid internal > errors)? Extent maps themselves are independent of the size of the plugin, an...

On Thu, May 04, 2017 at 09:37:59AM +1000, Adam Eijdenberg wrote: > Hi Devin, have you looked at using openssh certificates to help manage [...] > While the feature has been around for a while now (and is really > useful), there doesn't seem to be huge amount of documentation around > it. I found the following useful when getting a client of my running Yeah, when I wrote about it

...nd = NULL; } +#ifdef WITH_TCPFWD channel_clear_permitted_opens(); +#endif } /* @@ -257,8 +259,10 @@ xfree(patterns); goto bad_option; } +#ifdef WITH_TCPFWD if (options.allow_tcp_forwarding) channel_add_permitted_opens(host, port); +#endif xfree(patterns); goto next_option; } Index: channels.c =================================================================== RCS file: /home/markus/cvs/ssh/channels.c,v retrieving revision 1.140 diff -u -r1.140 channels.c --- channels.c 10 Oct 2001 22:18:47 -0000 1.140 +++ channels.c 22 Oct 2001 18:25:31 -0000 @@ -76,7 +76,7 @@...

I want to post this but mainly for discussion and early review. It's not safe for these patches to all go upstream yet (because not all filters have been checked/adjusted), but if any patches were to go upstream then probably 1 & 2 only are safe. File, VDDK, memory and data plugins all work, although I have only done minimal testing on them. The current tests, such as they are, all