Displaying 17 results from an estimated 17 matches for "sanitise_stdfd".
2011 Feb 07
1
[PATCH] ssh: set proctitle for mux master
...+++++++---
1 files changed, 17 insertions(+), 3 deletions(-)
diff --git a/ssh.c b/ssh.c
index d32ef78..8ebcc88 100644
--- a/ssh.c
+++ b/ssh.c
@@ -230,12 +230,25 @@ main(int ac, char **av)
struct servent *sp;
Forward fwd;
- /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
- sanitise_stdfd();
-
__progname = ssh_get_progname(av[0]);
init_rng();
+#ifndef HAVE_SETPROCTITLE
+ /* Prepare for later setproctitle emulation */
+ {
+ /* Save argv. Duplicate so setproctitle emulation doesn't clobber it */
+ char **saved_argv = xcalloc(ac + 1, sizeof(*saved_argv));
+ for (i = 0; i &...
2018 Nov 19
2
[PATCH] openssl-compat: Test for OpenSSL_add_all_algorithms before using.
OpenSSL 1.1.0 has deprecated this function.
---
configure.ac | 1 +
openbsd-compat/openssl-compat.c | 2 ++
openbsd-compat/openssl-compat.h | 4 ++++
3 files changed, 7 insertions(+)
diff --git a/configure.ac b/configure.ac
index 3f7fe2cd..db2aade8 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2710,6 +2710,7 @@ if test "x$openssl" = "xyes" ; then
])
2011 Mar 28
15
[Bug 1883] New: use setproctitle for persistent mux master
https://bugzilla.mindrot.org/show_bug.cgi?id=1883
Summary: use setproctitle for persistent mux master
Product: Portable OpenSSH
Version: 5.8p1
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: ssh
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy:
2010 Nov 19
3
File Offsets for SCP (patch)
..._inset;
#define CMDNEEDS 64
char cmd[CMDNEEDS]; /* must hold "rcp -r -p -d\0" */
@@ -324,6 +325,9 @@ main(int argc, char **argv)
extern char *optarg;
extern int optind;
+ fd_inset = 0;
+ fd_offset = 0;
+
/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
sanitise_stdfd();
@@ -344,7 +348,7 @@ main(int argc, char **argv)
addargs(&args, "-oClearAllForwardings yes");
fflag = tflag = 0;
- while ((ch = getopt(argc, argv, "dfl:prtvBCc:i:P:q1246S:o:F:")) != -1)
+ while ((ch = getopt(argc, argv, "dfl:prtvBCc:i:P:q1246S:o:F:A:Z:"))...
2015 Aug 17
3
[PATCH] Expand tilde for UNIX domain socket forwards.
On Mon, 17 Aug 2015, Todd C. Miller wrote:
> I like the idea but tilde_expand_filename() calls fatal() if it
> cannot resolve ~foo. This is not terrible when using -L and -R on
> the normal command line but it seems pretty harsh to exit when -L
> or -R are used via the ~C escape or the streamlocal-forward at openssh.com
> request.
> Message-Id: <aea6cdc1d1b42d07 at
2007 Jun 18
0
[PATCH] sftp-server argument error handling
...log_init() then prints a less useful message to stderr and exits. The
following patch tidies this up by only printing the more useful error to
stderr and not blundering on afterwards.
--- sftp-server.c.orig Mon Jun 18 16:37:46 2007
+++ sftp-server.c Mon Jun 18 16:39:14 2007
@@ -1220,7 +1220,8 @@
sanitise_stdfd();
__progname = ssh_get_progname(argv[0]);
- log_init(__progname, log_level, log_facility, log_stderr);
+ /* Send any argument errors to stderr */
+ log_init(__progname, log_level, log_facility, 1);
while (!skipargs && (ch = getopt(argc, argv, "C:f:l:che")) != -1) {
switc...
2008 Apr 21
3
FIPS 140-2 OpenSSL(2007) patches
Hi,
I am happy to (re)send a set of patches for compiling OpenSSH 4.7p1 with
FIPS 140-2 OpenSSL.
These are based on previously reported patches by Steve Marquess
<marquess at ieee.org> and Ben Laurie <ben at algroup.co.uk>,
for ver. OpenSSH 3.8.
Note that these patches are NOT OFFICIAL, and MAY be used freely by
anyone.
Issues [partially] handled:
SSL FIPS Self test.
RC4,
2006 Jan 03
2
Bug ? on ssh-agent
Hi,
I fell on this using openssh on cygwin. Though it may be a cygwin
related issue, I think it's may be a bug on the main openssh tree. Thus
my posting here. I'm CC'ing to the public list for information.
The part of code I'm refering to is :
/* XXX might close listen socket */
(void)dup2(fd, STDIN_FILENO);
(void)dup2(fd, STDOUT_FILENO);
2012 May 08
1
About bug 640857
Hi, Dear OpenSSH support,
I'm writing to ask whether this bug is fixed in your openSSH 6.0. If no, do you have any plan?
https://bugzilla.redhat.com/show_bug.cgi?id=640857
Regards,
Carol
2009 Sep 21
2
[patch] RFC: put server tunnel name in environment
If an ssh server receives a tun/tap tunnel request and sets up the tunnel
concerned, as far as I can see there is currently no way for the server
to configure the tunnel in a manner dependent upon (e.g) the key used to
set up the ssh session. Whilst an id based on the key can be passed to
the ssh child process, where the tunnel is dynamically allocated, its
tunnel name is lost.
This patch
2007 Feb 23
1
ssh-agent does not immediately clean timeouted keys from memory
during my seminar of advanced exploitation techniques (SEAT, [1]) i
developed some methods to crack into system via DMA (e.g. via firewire).
as part of this i developed a program that steals loaded ssh private
keys from ssh-agents. i was astonished to find that the keys are not
immediately removed from the agent when a timeout occurs, but only the
next time the agent is queried via its socket. i
2023 Jun 17
2
[PATCH] ssh-agent: add systemd socket-based activation
...dstr, *agentsocket = NULL;
#ifdef HAVE_SETRLIMIT
struct rlimit rlim;
@@ -2015,6 +2027,9 @@ main(int ac, char **av)
struct pollfd *pfd = NULL;
size_t npfd = 0;
u_int maxfds;
+#ifdef WITH_SYSTEMD
+ int nfds = 0;
+#endif
/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
sanitise_stdfd();
@@ -2142,6 +2157,25 @@ main(int ac, char **av)
parent_pid = getpid();
+#ifdef WITH_SYSTEMD
+ nfds = sd_listen_fds(1);
+ if (nfds > 0) {
+ sock = SD_LISTEN_FDS_START;
+ if (agentsocket == NULL) {
+ fprintf(stderr, "%s not set, cannot use socket-activation",
+ SSH_AUTHSOC...
2010 Nov 28
2
[PATCH] Use canonical hostname for DNS SSHFP lookup
...sh-sshfp/ssh.c
--- openssh/ssh.c 2010-11-20 05:19:38.000000000 +0100
+++ openssh-sshfp/ssh.c 2010-11-27 23:43:12.843314405 +0100
@@ -229,6 +229,7 @@
extern char *optarg;
struct servent *sp;
Forward fwd;
+ char *canohost;
/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
sanitise_stdfd();
@@ -760,7 +761,7 @@
#else
original_effective_uid == 0 && options.use_privileged_port,
#endif
- options.proxy_command) != 0)
+ options.proxy_command, &canohost) != 0)
exit(255);
if (timeout_ms > 0)
@@ -880,7 +881,7 @@
/* Log into the remote system. Never...
2009 Jul 08
4
Feature request: "SetupCommand" invoked before connecting
Hi,
(I'm not subscribed to the list, so please CC me on reply.)
I'd like to request adding a feature to OpenSSH:
Task:
~~~~~
It is quite sometime useful to invoke a program prior to connecting to
an ssh server. The most common use case will probably be port knocking.
That is a small program sends certain packets to a server and the server
reacts to this by unlocking the ssh port, which
2023 Jun 23
15
[Bug 3584] New: Segfault when built with optimisations on macOS 13 (x86_64) with Xcode 14.3
...ue = 'com.apple.main-thread', stop reason =
EXC_BAD_ACCESS (code=1, address=0x0)
frame #0: 0x000000010000300e ssh-keygen`main(argc=0,
argv=0x0000000000000000) at ssh-keygen.c:3355:32 [opt]
3352 /* Ensure that fds 0, 1 and 2 are open or directed to
/dev/null */
3353 sanitise_stdfd();
3354
-> 3355 __progname = ssh_get_progname(argv[0]);
3356
3357 seed_rng();
3358
Target 0: (ssh-keygen) stopped.
warning: ssh-keygen was compiled with optimization - stepping may
behave oddly; variables may not be available.
(lldb) bt
* thread #1, queue = 'com.a...
2013 Oct 07
4
Feature request: FQDN Host match
Hello!
I'm hoping that Gmail won't HTML format this mail so that I'll get flamed :)
Anyway, my question relates to ssh_config. The problem I find is that
the Host pattern is only applied to the argument given on the command
line, as outlined in the man page:
"The host is the hostname argument given on the command line (i.e. the
name is not converted to a canonicalized host name
2012 Mar 11
2
[patch] Threading support in ssh-agent
...0 - do not use separate threads.\n");
+#endif
exit(1);
}
@@ -1142,6 +1443,9 @@
char pidstrbuf[1 + 3 * sizeof pid];
struct timeval *tvp = NULL;
size_t len;
+#ifdef HAVE_LIBPTHREAD
+ int numthreads = -1;
+#endif
/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
sanitise_stdfd();
@@ -1160,7 +1464,7 @@
__progname = ssh_get_progname(av[0]);
seed_rng();
- while ((ch = getopt(ac, av, "cdksa:t:")) != -1) {
+ while ((ch = getopt(ac, av, "cdksa:t:p:")) != -1) {
switch (ch) {
case 'c':
if (s_flag)
@@ -1189,6 +1493,22 @@
usage();...