search for: packet_get_connection_in

...nf.h" #include "uidswap.h" @@ -71,12 +72,23 @@ #endif krb5_error_code problem; krb5_ccache ccache = NULL; + char localname[MAXHOSTNAMELEN]; + char *socketname; if (authctxt->pw == NULL) return (0); temporarily_use_uid(authctxt->pw); + socketname = get_local_name(packet_get_connection_in()); + if (socketname) { + strlcpy(localname, socketname, MAXHOSTNAMELEN); + xfree(socketname); + } else if (gethostname(localname, MAXHOSTNAMELEN)) { + problem = -1; + goto out; + } + problem = krb5_init(authctxt); if (problem) goto out; @@ -123,7 +135,7 @@ if (problem) goto out; -...

...+ + /* + * Get IP address of client. If the connection is not a socket, let + * the address be 0.0.0.0. + */ + memset(&from, 0, sizeof(from)); + if (packet_connection_is_on_socket()) { + fromlen = sizeof(from); + if (getpeername(packet_get_connection_in(), + (struct sockaddr *) & from, &fromlen) < 0) { + debug("getpeername: %.100s", strerror(errno)); + fatal_cleanup(); + } + } + + record_utmp_only(pid, s->tty, s->pw->pw_name, +...

...* If we have buffered packet data going to the client, mark that @@ -278,6 +319,8 @@ error("select: %.100s", strerror(errno)); } else if (ret == 0 && client_alive_scheduled) client_alive_check(); + + notify_done(*readsetp); } /* @@ -467,6 +510,8 @@ connection_in = packet_get_connection_in(); connection_out = packet_get_connection_out(); + notify_setup(); + previous_stdout_buffer_bytes = 0; /* Set approximate I/O buffer size. */ @@ -572,6 +617,7 @@ max_fd = MAX(max_fd, fdin); max_fd = MAX(max_fd, fdout); max_fd = MAX(max_fd, fderr); + max_fd = MAX(max_fd, notify_p...

...EW Severity: normal Priority: P2 Component: ssh AssignedTo: openssh-bugs at mindrot.org ReportedBy: stuart at kaloram.com I believe I've discovered a problem with proxycommand and hostbased authentication. userauth_hostbased() calls get_local_name(packet_get_connection_in()) to figure out the name for the client host. get_local_name() calls getsockname(2), but when using a proxycommand, packet_get_connection_in() is returning a pipe, not a socket. -stuart ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the...

Hi, ssh clients shows "closed by UNKNOWN" message when a socket is closed by a remote side while ssh is waiting for user's password: $ ssh user at localhost user at localhost's password: Connection closed by UNKNOWN When the packet_read_seqnr() calls get_remote_ipaddr(), a connection's socket is already closed and there's not been any other call of this function yet

...ted to. I've looked at the sourcecode and maybe the following could do something I described : session.c:871 RCSID("$OpenBSD: session.c,v 1.142 2002/06/26 13:49:26 deraadt Exp $"); do_setup_env child_set_env(&env, &envsize, "SSH_LOCAL_IP", get_local_ipaddr(packet_get_connection_in()); what do you think of it ? thanx, mario

...d/regress/ssh_proxy 999.999.999.999 true The server reports: sshd[20529]: Disconnecting: Command terminated on signal 11. The culprit seems to be session.c line 1019 or so: snprintf(buf, sizeof buf, "%.50s %d %.50s %d", get_remote_ipaddr(), get_remote_port(), get_local_ipaddr(packet_get_connection_in()), get_local_port()); After poking around, it seems that: 1) get_local_ipaddr returns NULL 2) this NULL is passed to snprintf 3) which dereferences the NULL causing a SEGV (get_local_ipaddr returns NULL because it calls get_socket_address which calls getpeername on a non-socket.) The NULL doesn...

...SE_SENT|CHAN_CLOSE_RCVD)) && c->local_window < c->local_window_max/2 && c->local_consumed > 0) { + u_int32_t tcpwinsz = 0; + socklen_t optsz = sizeof(tcpwinsz); + int ret = -1; + u_int32_t addition = 0; + if (c->dynamic_window) + ret = getsockopt(packet_get_connection_in(), + SOL_SOCKET, SO_RCVBUF, &tcpwinsz, &optsz); + if (c->dynamic_window && (ret == 0) && + (tcpwinsz > c->local_window_max)) { + addition = 2 * tcpwinsz - c->local_window_max; + c->local_window_max += addition; + } packet_start(SSH2_MSG_CHAN...

...ra descriptor for the pseudo tty. */ close(ttyfd); + + /* + * Get IP address of client. If the connection is not a socket, let + * the address be 0.0.0.0. + */ + memset(&from, 0, sizeof(from)); + if (packet_connection_is_on_socket()) { + fromlen = sizeof(from); + if (getpeername(packet_get_connection_in(), + (struct sockaddr *) & from, &fromlen) < 0) { + debug("getpeername: %.100s", strerror(errno)); + fatal_cleanup(); + } + } - /* record login, etc. similar to login(1) */ - if (!(options.use_login && command == NULL)) + /* print motd, etc. similar...

...>>> on a multihomed server please ? There have been several proposals >>> in the past to fix this in ssh_gssapi_acquire_cred . . - >>> if (gethostname(lname, MAXHOSTNAMELEN)) - return (-1); >>> + lname = get_local_hostname(packet_get_connection_in()); >> >> >> Won't that break Kerberos authenticaton for sshd in inetd mode? > > >It might break more then that. This change would appear to get the name of >the interface, rather then the name of the host. It would then require the >Kerberos to have a princi...

...ou guys can give would be greatly appreciated. Regards, Paul Tiemann //------------- Here's a code snip from the sshconnect.c file below void ssh_exchange_identification() { char buf[256], remote_version[256]; /* must be same size! */ int remote_major, remote_minor, i; int connection_in = packet_get_connection_in(); int connection_out = packet_get_connection_out(); /* Read other side\'s version identification. */ for (i = 0; i < sizeof(buf) - 1; i++) { buf[i + 1] = 0; if (read(connection_in, &buf[i], 1) != 1) fatal("ssh_exchange_identification: read: %.100s", strerror(errno)...

Hi folks, I'm currently trying to connect to version 1.2.16 of the commercial server. The server says it supports protocol version 1.4 and that that is incompatible with protocol version 1.5. Is that actually true? The complete output from "ssh -v xxxxxxx" is: $ ./ssh -v xxxxxxx SSH Version OpenSSH_2.3.0p1, protocol versions 1.5/2.0. Compiled with SSL (0x0090581f). debug:

...-26 02:38:50.000000000 +0200 +++ openssh-3.5p1/session.c 2002-11-05 13:11:30.000000000 +0100 @@ -730,8 +730,8 @@ * the address be 0.0.0.0. */ memset(&from, 0, sizeof(from)); + fromlen = sizeof(from); if (packet_connection_is_on_socket()) { - fromlen = sizeof(from); if (getpeername(packet_get_connection_in(), (struct sockaddr *) & from, &fromlen) < 0) { debug("getpeername: %.100s", strerror(errno)); diff -ruN t/openssh-3.5p1/sshlogin.c openssh-3.5p1/sshlogin.c --- t/openssh-3.5p1/sshlogin.c 2002-09-04 08:45:11.000000000 +0200 +++ openssh-3.5p1/sshlogin.c 2002-11-05 13:...

Hello, I've been trying to get openssh working at our site recently, but have been running into these problems. In using the "release" version (openssh-2.3.0p1) we kept getting these broken pipe errors: zcat: stdout: Broken pipe Damien suggested we try out the snapshot versions, so I've been trying out the daily versions since last week. With the snapshots, the pipe problem

...real connection, so we have to swallow some lines before getting + the SSH-%d.%d identification string */ + #define FIREWALL_CHATTER_LINES 10 + /* Session id for the current session. */ unsigned char session_id[16]; *************** *** 896,902 **** --- 902,910 ---- int connection_in = packet_get_connection_in(); int connection_out = packet_get_connection_out(); extern Options options; + int chatter; + for (chatter = 0; chatter < FIREWALL_CHATTER_LINES; chatter++) { /* Read other side\'s version identification. */ for (i = 0; i < sizeof(buf)...

..._SENT|CHAN_CLOSE_RCVD)) && c->local_window < c->local_window_max/2 && c->local_consumed > 0) { + u_int32_t tcpwinsz = 0; + socklen_t optsz = sizeof(tcpwinsz); + int ret = -1; + u_int32_t addition = 0; + if (c->dynamic_window) { + ret = getsockopt(packet_get_connection_in(), + SOL_SOCKET, SO_RCVBUF, &tcpwinsz, &optsz); + if ((ret == 0) && tcpwinsz/2 > MAXBUFSZ) + tcpwinsz = MAXBUFSZ/2; + } + if (c->dynamic_window && (ret == 0) && + (2*tcpwinsz > c->local_window_max)) { + addition = 2 * tcpwinsz - c->...

...*** --- 2034,2070 ---- display_number, screen_number); #endif /* IPADDR_IN_DISPLAY */ + #else + /* and now something completely different:-) <appro at fy.chalmers.se> */ + { + struct sockaddr_in me; + socklen_t melen = sizeof(me); + struct hostent *he; + + if (getsockname(packet_get_connection_in(), + (struct sockaddr *)&me, &melen) != 0 + || me.sin_family != AF_INET) { + error("[X11-broken-fwd] Unable to getsockname or unsupported protocol family"); + packet_send_debug("[X11-broken-fwd] Unable to getsockname or unsupported protocol family"); + +...

...mlen; + struct sockaddr_storage from; + pid_t pid = getpid(); + + /* + * Get IP address of client. If the connection is not a socket, let + * the address be 0.0.0.0. + */ + memset(&from, 0, sizeof(from)); + if (packet_connection_is_on_socket()) { + fromlen = sizeof(from); + if (getpeername(packet_get_connection_in(), + (struct sockaddr *) & from, &fromlen) < 0) { + debug("getpeername: %.100s", strerror(errno)); + fatal_cleanup(); + } + } + + record_utmp_only(pid, s->tty, s->pw->pw_name, + get_remote_name_or_ip(utmp_len, options.reverse_mapping_check), + (struc...

Hi All. OpenSSH is getting ready for a release soon, so we are asking for all interested parties to test a snapshot. Changes include: * sshd will now re-exec itself for each new connection (the "-e" option is required when running sshd in debug mode). * PAM password authentication has been (re)added. * Interface improvements to sftp(1) * Many bug fixes and improvements, for

Dear OpenSSH Portable sshd developers, I'm having a problem where sshd login sessions are occasionally (as often as once a day) getting stuck indefinitely. I enabled debug messages and got a backtrace of a stuck sshd, and I think I've found the bug. I wanted to run it by the list once before filing. sshd version: OpenSSH_4.2p1 FreeBSD-20050903, OpenSSL 0.9.7e-p1 25 Oct 2004