search for: packet_disconnect

Displaying 20 results from an estimated 86 matches for "packet_disconnect".

2007 Aug 22
0
Patch to allow checking of v1 keys on remote host.
...entity. */ debug("Trying RSA authentication via agent with '%.100s'", comment); - xfree(comment); + if (!options.checkey) xfree(comment); /* Tell the server that we are willing to authenticate using this key. */ packet_start(SSH_CMSG_AUTH_RSA); @@ -107,9 +108,17 @@ packet_disconnect("Protocol error during RSA authentication: %d", type); + /*if -u is enabled print a message and then exit*/ + if (options.checkey) { + snprintf(buf, sizeof(buf), "RSA key '%.100s' is Valid",comment); + xfree(comment); +...
2015 Feb 23
2
Call for testing: OpenSSH 6.8
Darren Tucker wrote: > Question is: what to do? > c) make packet_disconnect a real function. I say c. //Peter
2001 Feb 04
1
minor aix patch to auth1.c
...f (authctxt->failures++ > AUTH_FAIL_MAX) { #ifdef WITH_AIXAUTHENTICATE - loginfailed(user,get_canonical_hostname(),"ssh"); + loginfailed(authctxt->user,get_canonical_hostname(),"ssh"); #endif /* WITH_AIXAUTHENTICATE */ packet_disconnect(AUTH_FAIL_MSG, authctxt->user); }
2000 May 15
1
AIX authenticate patches
...hat authentication is needed. */ @@ -408,8 +406,12 @@ client_user = NULL; } - if (attempt > AUTH_FAIL_MAX) + if (attempt > AUTH_FAIL_MAX) { +#ifdef WITH_AIXAUTHENTICATE + loginfailed(pw->pw_name,get_canonical_hostname(),"ssh"); +#endif /* WITH_AIXAUTHENTICATE */ packet_disconnect(AUTH_FAIL_MSG, pw->pw_name); + } /* Send a message indicating that the authentication attempt failed. */ packet_start(SSH_SMSG_FAILURE); @@ -430,7 +432,7 @@ unsigned int ulen; char *user; #ifdef WITH_AIXAUTHENTICATE - char *loginmsg; + extern char *aixloginmsg; #endif /* WITH_AIXA...
2001 May 11
1
Problems with OpenSSH2.9p1 on Linux/Sparc
...ew Fri May 11 16:07:29 2001 *************** *** 2623,2629 **** snprintf(channel_forwarded_auth_socket_name, MAX_SOCKET_NAME, "%s/agent.%d", channel_forwarded_auth_socket_dir, (int) getpid()); ! if (atexit(cleanup_socket) < 0) { int saved = errno; cleanup_socket(); packet_disconnect("socket: %.100s", strerror(saved)); --- 2623,2633 ---- snprintf(channel_forwarded_auth_socket_name, MAX_SOCKET_NAME, "%s/agent.%d", channel_forwarded_auth_socket_dir, (int) getpid()); ! /* This is bad...on_exit requires 2 parameters, whereas ! at_exit only takes on...
2001 Dec 26
3
auth*.c
Folks, During testing, we found a couple of issues with openssh3.0.2p1: 1. In userauth_finish() in auth2.c (as well as in do_authloop in auth1.c), the foll. check: if (authctxt->failures++ > AUTH_FAIL_MAX) is never satisfied and thus packet_disconnect() never gets called. I suspect the code just drops out of the dispatch_run function list instead. This should be an == instead of >. While looking at the debug output when deliberately entering wrong passwords, I noticed one try for none, three for password, and then three for keyboard-interacti...
2001 Feb 08
1
ssh1 keyexchange problem ?
Hi, Has anybody produced diffs for openssh-2.3.0p1 for the rsa keyexchange problem that Core-SDI described ? ( I noticed that fix is already in openbsd tree ). -Jarno -- Jarno Huuskonen - System Administrator | Jarno.Huuskonen at uku.fi University of Kuopio - Computer Center | Work: +358 17 162822 PO BOX 1627, 70211 Kuopio, Finland | Mobile: +358 40 5388169
2000 Jan 07
2
possible clue on tcp forwarding problems
When I encounter the problem with TCP port forwarding locking up, I'll see this on the client window (if I haven't invoked ssh with -q): chan_shutdown_read failed for #1/fd6: Transport endpoint is not connected chan_shutdown_read failed for #1/fd6: Transport endpoint is not connected This is with Blowfish encryption. I have to kill and restart the client when this happens. Phil
1999 Dec 07
1
Serious Bug Report: OpenSSH
...51,24 +1551,41 @@ get_remote_port(), user); -#ifdef HAVE_LIBPAM - do_pam_account_and_session(pw->pw_name, client_user); +#ifndef HAVE_LIBPAM + if (authenticated) + return; - /* Clean up */ - if (client_user != NULL) - xfree(client_user); + if (attempt > AUTH_FAIL_MAX) + packet_disconnect(AUTH_FAIL_MSG, pw->pw_name); +#else /* HAVE_LIBPAM */ + if (authenticated) { + do_pam_account_and_session(pw->pw_name, client_user); - if (password != NULL) { - memset(password, 0, strlen(password)); - xfree(password); - } -#endif /* HAVE_LIBPAM */ + /* Clean up */ + if (client...
2008 Jul 09
2
loginmsg bug
Cf. http://seclists.org/fulldisclosure/2008/Jul/0090.html This Mrdkaaa character claims to have exploited this, but does not say how. The issue is that if do_pam_account() fails, do_authloop() will call packet_disconnect() with loginmsg as the format string (classic printf(foo) instead of printf("%s", foo) bug). The stuff that do_authloop() appends to loginmsg is harmless (the user name is safe, since at this point we know the account exists). The question is, what does loginmsg contain before do_authlo...
2001 Jun 26
1
OpenSSH 2.9p2 with PAMAuthenticationViaKbdInt
...----- next part -------------- --- auth2-pam.c.orig Wed Jun 27 09:43:43 2001 +++ auth2-pam.c Wed Jun 27 09:44:54 2001 @@ -137,8 +137,8 @@ if (authctxt == NULL) fatal("input_userauth_info_response_pam: no authentication context"); - if (authctxt->attempt++ >= AUTH_FAIL_MAX) - packet_disconnect("too many failed userauth_requests"); + if (authctxt->failures >= AUTH_FAIL_MAX) + packet_disconnect(AUTH_FAIL_MSG, authctxt->user); nresp = packet_get_int(); /* Number of responses. */ debug("got %d responses", nresp);
2001 Jun 05
1
OpenSSH tmp cleanup
Hi, I noticed that Markus has fixed the temporary file cleanup problems in OpenSSH cvs. What files need patching for this ? I only noticed changes in: session.c, channels.h and channels.c. -Jarno -- Jarno Huuskonen <Jarno.Huuskonen at uku.fi>
2001 Aug 16
4
Idletimeout patch
...is + * not set */ + if (max_time_seconds>0) { + tv.tv_sec=max_time_seconds; + tv.tv_usec=0; + tvp=&tv; + } else + tvp = NULL; + } else { tv.tv_sec = max_time_milliseconds / 1000; tv.tv_usec = 1000 * (max_time_milliseconds % 1000); tvp = &tv; @@ -301,7 +329,22 @@ packet_disconnect( "No open channels after timeout!"); } - } + } + + if (options.idletimeout>0) { + /* Reset idletimeout if something happened. + * NOTE: events events happening while there is + * active client_alive_timeouts are ignored. This way + * client_alive messages won't re...
2002 Mar 29
1
Two patches for OpenSSH 3.1p1 (fwd)
...verloop.c Fri Feb 8 12:07:17 2002 --- openssh-3.1p1-peter/serverloop.c Mon Mar 18 22:01:02 2002 *************** *** 673,679 **** /* We no longer want our SIGCHLD handler to be called. */ mysignal(SIGCHLD, SIG_DFL); ! wait_pid = waitpid(-1, &wait_status, 0); if (wait_pid == -1) packet_disconnect("wait: %.100s", strerror(errno)); else if (wait_pid != pid) --- 673,681 ---- /* We no longer want our SIGCHLD handler to be called. */ mysignal(SIGCHLD, SIG_DFL); ! while ((wait_pid = waitpid(-1, &wait_status, 0)) < 0 && errno == EINTR) ! ; ! if (wait...
2002 Feb 12
1
openssh + pam errors (fwd)
...--- http://www.monkey.org/~dugsong/ --- old/session.c Sat Dec 1 18:37:08 2001 +++ session.c Tue Feb 12 00:03:37 2002 @@ -437,7 +437,6 @@ session_proctitle(s); #if defined(USE_PAM) - do_pam_session(s->pw->pw_name, NULL); do_pam_setcred(1); if (is_pam_password_change_required()) packet_disconnect("Password change required but no " @@ -494,6 +493,9 @@ #endif /* USE_PIPES */ /* Do processing for the child (exec command etc). */ +#if defined(USE_PAM) + do_pam_session(s->pw->pw_name, NULL); +#endif /* USE_PAM */ do_child(s, command); /* NOTREACHED */ } @@ -555,7 +5...
2001 Jun 09
2
[PATCH] Make "-L" local ports bind to "127.0.0.1" in openssh-2.9p1
...teway_ports ? AI_PASSIVE : 0; hints.ai_socktype = SOCK_STREAM; snprintf(strport, sizeof strport, "%d", listen_port); - if (getaddrinfo(NULL, strport, &hints, &aitop) != 0) + if (getaddrinfo(gateway_ports ? NULL : "127.0.0.1", strport, &hints, &aitop) != 0) packet_disconnect("getaddrinfo: fatal error"); for (ai = aitop; ai; ai = ai->ai_next) {
2002 Mar 21
0
[Bug 178] New: Content of /etc/nologin isn't shown to users, fix triggers probably AIX bug
...1.1.1.7 diff -c -r1.1.1.7 session.c *** session.c 2002/03/08 07:55:51 1.1.1.7 --- session.c 2002/03/19 15:17:52 *************** *** 572,590 **** --- 572,594 ---- if (is_winnt) cygwin_set_impersonation_token(INVALID_HANDLE_VALUE); #endif + debug("parent+"); if (pid < 0) packet_disconnect("fork failed: %.100s", strerror(errno)); s->pid = pid; + debug("parent++"); /* Parent. Close the slave side of the pseudo tty. */ close(ttyfd); + debug("parent+++"); /* * Create another descriptor of the pty master side for use as the * st...
2000 Nov 30
1
Problem and Patch: Multiple keys in ssh.com V2 agent
...fatal("input_userauth_request: no authctxt"); - if (authctxt->attempt++ >= AUTH_FAIL_MAX) { -#ifdef WITH_AIXAUTHENTICATE - loginfailed(authctxt->user?authctxt->user:"NOUSER", - get_canonical_hostname(), "ssh"); -#endif /* WITH_AIXAUTHENTICATE */ - packet_disconnect("too many failed userauth_requests"); - } - user = packet_get_string(NULL); service = packet_get_string(NULL); method = packet_get_string(NULL); debug("userauth-request for user %s service %s method %s", user, service, method); - debug("attempt #%d", authctxt-&...
2000 Aug 15
0
Experimental -R support patch for openssh client
...packet_read(&payload_len); /* Expect reply from server */ + switch (type) { + case SSH2_MSG_REQUEST_SUCCESS: + success = 1; + break; + case SSH2_MSG_REQUEST_FAILURE: + log("Warning: Server doesn't do port forwarding."); + break; + default: + /* Unknown packet */ + packet_disconnect("Protocol error for port forward request: received packet type %d.", type); + } + + } + else { + /* Protocol 1 */ packet_start(SSH_CMSG_PORT_FORWARD_REQUEST); packet_put_int(listen_port); packet_put_cstring(host_to_connect); packet_put_int(port_to_connect); packet_send()...
2000 Jan 19
3
AIX openssh patches
...urns only if *************** *** 1142,1148 **** /* Check if the user is logging in as root and root logins are disallowed. */ if (pw->pw_uid == 0 && !options.permit_root_login) { ! if (forced_command) log("Root login accepted for forced command."); else packet_disconnect("ROOT LOGIN REFUSED FROM %.200s", --- 1155,1161 ---- /* Check if the user is logging in as root and root logins are disallowed. */ if (pw->pw_uid == 0 && !options.permit_root_login) { ! if (forced_command) log("Root login accepted for forced command.&quot...