search for: parse_str

...f --git a/tools/misc/xen-tmem-list-parse.c b/tools/misc/xen-tmem-list-parse.c index 977e4d3..f32b107 100644 --- a/tools/misc/xen-tmem-list-parse.c +++ b/tools/misc/xen-tmem-list-parse.c @@ -243,6 +243,7 @@ void parse_pool(char *s) unsigned long long flush_objs = parse(s,"ot"); parse_string(s,"PT",pool_type,2); + pool_type[2] = ''\0''; if (pool_type[1] == ''S'') return; /* no need to repeat print data for shared pools */ printf("domid%lu,id%lu[%s]:pgp=%llu(max=%llu) obj=%llu(%llu) " @@ -286,6 +287,7 @@ void p...

...tications }, { "hostkeyalgorithms", oHostKeyAlgorithms }, { "bindaddress", oBindAddress }, + { "bindport", oBindPort }, #ifdef ENABLE_PKCS11 { "smartcarddevice", oPKCS11Provider }, { "pkcs11provider", oPKCS11Provider }, @@ -634,6 +635,10 @@ parse_string: charptr = &options->bind_address; goto parse_string; + case oBindPort: + charptr = &options->bind_port; + goto parse_string; + case oPKCS11Provider: charptr = &options->pkcs11_provider; goto parse_string; @@ -1133,6 +1138,7 @@ initialize_options(Options * o...

...ions }, { "hostkeyalgorithms", oHostKeyAlgorithms }, { "bindaddress", oBindAddress }, + { "bindport", oBindPort }, #ifdef SMARTCARD { "smartcarddevice", oSmartcardDevice }, #else @@ -608,6 +609,10 @@ charptr = &options->bind_address; goto parse_string; + case oBindPort: + charptr = &options->bind_port; + goto parse_string; + case oSmartcardDevice: charptr = &options->smartcard_device; goto parse_string; @@ -1046,6 +1051,7 @@ options->log_level = SYSLOG_LEVEL_NOT_SET; options->preferred_authentications = NULL...

https://bugzilla.redhat.com/show_bug.cgi?id=1441197

For systems where the local hostname is obtained as a short name without domain, there should be a ssh_config option "DefaultDomain" as in ssh-3.x from ssh.com. For the server, there might be a corresponding option in order to strip the domain name from the remote client name (if it matches the server's DefaultDomain) for use in auth_rhost2, since netgroups usually contain short

...-- This patch is made on openssh-5.9p1 version -- diff -rupN orig/openssh-5.9p1/readconf.c openssh-5.9p1/readconf.c --- orig/openssh-5.9p1/readconf.c 2011-05-29 14:42:31.000000000 +0300 +++ openssh-5.9p1/readconf.c 2012-02-12 15:43:43.302048950 +0200 @@ -641,8 +641,10 @@ parse_char_array: goto parse_string; case oBindAddress: - charptr = &options->bind_address; - goto parse_string; + cpptr = (char**)&options->bind_addresses; + uintptr = &options->num_bind_address; + max_entries =SSH_MAX_BIND_ADDRESSES; + goto parse_char_array; case oPKCS11Provider: charptr = &am...

...5,7 @@ goto parse_int; case oIdentityFile: - cp = strtok(NULL, WHITESPACE); + cp = strtok(NULL, WHITESPACE_EQ); if (!cp) fatal("%.200s line %d: Missing argument.", filename, linenum); if (*activep) { @@ -378,7 +379,7 @@ case oUser: charptr = &options->user; parse_string: - cp = strtok(NULL, WHITESPACE); + cp = strtok(NULL, WHITESPACE_EQ); if (!cp) fatal("%.200s line %d: Missing argument.", filename, linenum); if (*activep && *charptr == NULL) @@ -400,7 +401,7 @@ case oProxyCommand: charptr = &options->proxy_command;...

...ynamicforward", oDynamicForward }, { "preferredauthentications", oPreferredAuthentications }, @@ -1629,6 +1630,10 @@ parse_pubkey_algos: } break; + case oLogPath: + charptr = &options->log_path; + goto parse_string; + case oLocalForward: case oRemoteForward: case oDynamicForward: @@ -2585,6 +2590,7 @@ initialize_options(Options * options) options->num_permitted_remote_opens = 0; options->log_facility = SYSLOG_FACILITY_NOT_SET; options->log_level = SY...

...namicforward", oDynamicForward }, { "preferredauthentications", oPreferredAuthentications }, { "hostkeyalgorithms", oHostKeyAlgorithms }, + { "SNKFile", oSNKFile }, { NULL, 0 } }; @@ -435,6 +436,10 @@ charptr = &options->system_hostfile; goto parse_string; + case oSNKFile: + charptr = &options->snk_keyfile; + goto parse_string; + case oUserKnownHostsFile: charptr = &options->user_hostfile; goto parse_string; @@ -761,6 +766,7 @@ options->num_remote_forwards = 0; options->log_level = (LogLevel) - 1; options-...

...tos/attachments/20051101/653d6426/attachment.html> -------------- next part -------------- An embedded message was scrubbed... From: "Stefan Esser" <sesser at hardened-php.net> Subject: [security] [Full-disclosure] Advisory 19/2005: PHP register_globalsActivation Vulnerability in parse_str() Date: Mon, 31 Oct 2005 07:34:23 -0600 Size: 16668 URL: <http://lists.centos.org/pipermail/centos/attachments/20051101/653d6426/attachment.mht> -------------- next part -------------- An embedded message was scrubbed... From: "Stefan Esser" <sesser at hardened-php.net> Subjec...

...ge. (PHP: Hypertext Preprocessor) ------------------ Update Information: This update is considered moderate by the CentOS Development Team. This update includes several security fixes: - fixes for prevent malicious requests from overwriting the GLOBALS array (CVE-2005-3390) - a fix to stop the parse_str() function from enabling the register_globals setting (CVE-2005-3389) - fixes for Cross-Site Scripting flaws in the phpinfo() output (CVE-2005-3388) - a fix for a denial of service (process crash) in EXIF image parsing (CVE-2005-3353) All Users of PHP-5 from the CentOSPlus Repo should upgrade to...

...ge. (PHP: Hypertext Preprocessor) ------------------ Update Information: This update is considered moderate by the CentOS Development Team. This update includes several security fixes: - fixes for prevent malicious requests from overwriting the GLOBALS array (CVE-2005-3390) - a fix to stop the parse_str() function from enabling the register_globals setting (CVE-2005-3389) - fixes for Cross-Site Scripting flaws in the phpinfo() output (CVE-2005-3388) - a fix for a denial of service (process crash) in EXIF image parsing (CVE-2005-3353) All Users of PHP-5 from the CentOSPlus Repo should upgrade to...

...ge. (PHP: Hypertext Preprocessor) ------------------ Update Information: This update is considered moderate by the CentOS Development Team. This update includes several security fixes: - fixes for prevent malicious requests from overwriting the GLOBALS array (CVE-2005-3390) - a fix to stop the parse_str() function from enabling the register_globals setting (CVE-2005-3389) - fixes for Cross-Site Scripting flaws in the phpinfo() output (CVE-2005-3388) - a fix for a denial of service (process crash) in EXIF image parsing (CVE-2005-3353) All Users of PHP-5 from the CentOSPlus Repo should upgrade to...

...n", oTISAuthentication }, { "loglevel", oLogLevel }, + { "prngcommandfile", oPrngCommandFile }, { NULL, 0 } }; @@ -583,6 +586,10 @@ *intptr = value; break; + case oPrngCommandFile: + charptr = &ssh_prng_command_file; /* globally def in ssh.h */ + goto parse_string; + default: fatal("process_config_line: Unimplemented opcode %d", opcode); } @@ -788,6 +795,8 @@ options->user_hostfile2 = SSH_USER_HOSTFILE2; if (options->log_level == (LogLevel) - 1) options->log_level = SYSLOG_LEVEL_INFO; + if (ssh_prng_command_file == NULL)...

...rver", oProxyServer }, + { "proxyport", oProxyPort }, { "port", oPort }, { "cipher", oCipher }, { "ciphers", oCiphers }, @@ -484,6 +487,14 @@ xfree(string); return 0; + case oProxyServer: + charptr = &options->proxy_server; + goto parse_string; + + case oProxyPort: + intptr = &options->proxy_port; + goto parse_int; + case oPort: intptr = &options->port; parse_int: @@ -765,6 +776,8 @@ options->hostname = NULL; options->host_key_alias = NULL; options->proxy_command = NULL; + options->proxy_server...

Hello, My usage of ProxyCommand just calls the nc utility with various parameters. That in turn after the initial setup just copies copies the data from the network socket to stdin/stdout. This useless coping can be avoided if ssh has an option to receive the socket from the proxy command. I suppose it can improve network error reporting as ssh would talk directly to the network socket rather

...rtol(arg, &endofnumber, 0); + if (*endofnumber != '\0' || value < 0 || value > 0777) + fatal("%.200s line %d: Bad mask.", filename, linenum); + options->control_bind_mask = value; + break; + case oControlPath: charptr = &options->control_path; goto parse_string; @@ -818,6 +835,46 @@ *intptr = value; break; + case oControlAllowUsers: + while ((arg = strdelim(&s)) && *arg != '\0') { + if (options->num_control_allow_users >= MAX_CONTROL_ALLOW_USERS) + fatal("%s line %d: too many control allow users.", +...

...oHostKeyAlias }, + { "opencommand", oOpenCommand }, + { "closecommand", oCloseCommand }, { "proxycommand", oProxyCommand }, { "port", oPort }, { "cipher", oCipher }, @@ -537,10 +540,21 @@ charptr = &options->smartcard_device; goto parse_string; + case oOpenCommand: + case oCloseCommand: case oProxyCommand: if (s == NULL) fatal("%.200s line %d: Missing argument.", filename, linenum); - charptr = &options->proxy_command; + switch (opcode) { + case oOpenCommand: + charptr = &options->open_command;...

https://bugzilla.mindrot.org/show_bug.cgi?id=2332 Bug ID: 2332 Summary: Show more secure fingerprints than MD5 (e.g. SHA256) in ssh and ssh-keygen Product: Portable OpenSSH Version: 6.6p1 Hardware: Other OS: All Status: NEW Severity: enhancement Priority: P5

Hi, (I'm not subscribed to the list, so please CC me on reply.) I'd like to request adding a feature to OpenSSH: Task: ~~~~~ It is quite sometime useful to invoke a program prior to connecting to an ssh server. The most common use case will probably be port knocking. That is a small program sends certain packets to a server and the server reacts to this by unlocking the ssh port, which