Displaying 20 results from an estimated 24 matches for "seqnr".
Did you mean:
seqno
2020 Jan 16
3
[patch 1/2] use chacha20 from openssl (1.1.0+) when possible
...ay to
test my changes, but I believe something like this should address the
difference:
diff --git a/cipher-chachapoly.c b/cipher-chachapoly.c
index a58616fb..7e6995f6 100644
--- a/cipher-chachapoly.c
+++ b/cipher-chachapoly.c
@@ -109,7 +109,14 @@ chachapoly_crypt(struct chachapoly_ctx *ctx, u_int
seqnr, u_char *dest,
const u_char *src, u_int len, u_int aadlen, u_int authlen, int
do_encrypt)
{
#if defined(WITH_OPENSSL) && defined(HAVE_EVP_CHACHA20)
+#if defined(LIBRESSL_VERSION_NUMBER)
+#define CHACHA_IV_OFFSET 4
+ u_char seqbuf[12];
+#else
+#define CHACHA_IV_OFFSET 8
+ /* OpenSSL I...
2019 Jan 17
3
[patch 1/2] use chacha20 from openssl (1.1.0+) when possible
On some cpu's optimized chacha implementation in openssl (1.1.0+) is
notably faster (and on others it is just faster) than generic C
implementation in openssh.
Sadly, openssl's chacha20-poly1305 (EVP_chacha20_poly1305) uses
different scheme (with padding/etc - see rfc8439) and it looks it is not
possible to use in openssh.
OpenSSL 1.1.1+ also exports "raw" poly1305 primitive,
2013 May 07
0
Some potential bugs in Openssh-6.2p1
Hi,
I'm a developer of a static analysis tool canalyze.
Recently I applied it to Openssh-6.2p1.
It seems some reports are real after by manually checking:
1. Use undefined value
file: dispatch.c
function: dispatch_run
At line 93: type = packet_read_poll_seqnr(&seqnr);
seqnr may not be override at
file: packet.c
function: packet_read_poll_seqnr
line 1442
where compat20 is 0.
2. Null Pointer
file: session.c
function: child_set_env
At line 962: if (*envp == NULL && *envsizep == 0)
Is it possible that *envp == NULL while *envsizep != 0?
If it i...
2008 Aug 11
3
[Bug 1501] New: p_read, p_send not intialized
...plicitly
initialized in either the declaration or in the code.
In an environment (i.e. VxWorks) where spawning a second copy (thread)
does not zero-fill memory, this causes the second (and subsequent)
copies to use the values left behind by previous copies. The result is
that the sequence number (seqnr field) is out of synch with the server
and MAC checksum verification fails.
Recommend setting seqnr, packets, and blocks fields to zero at
process/thread start. Testing with concurrent threads also
recommended.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- Y...
2007 Apr 17
9
[Bug 1307] client disconnects if ServerAlive enabled but not implemented
http://bugzilla.mindrot.org/show_bug.cgi?id=1307
Summary: client disconnects if ServerAlive enabled but not
implemented
Product: Portable OpenSSH
Version: 4.3p2
Platform: Other
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: ssh
AssignedTo: bitbucket at
2002 Jun 27
1
[PATCH] kbdintctxt->nreq test
If the info_response code is going to test that the # of responses is < 100,
then the info_request code should check that < 100 prompts are sent. It
would be rude to send 101 prompts and then fail when the responses come
back.
I actually think the test should be removed altogether, the limit seems
quite arbitrary, but here is a patch to not send > 100 prompts. With
this patch, the test
2024 May 16
2
[Bug 3691] New: Connection to localhost succeeds with disabled MAC
...nown_hosts: No such file or
directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or
directory
debug1: Host 'localhost' is known and matches the ED25519 host key.
debug1: Found key in /home/bsradmin/.ssh/known_hosts:4
debug1: ssh_packet_send2_wrapped: resetting send seqnr 3
debug2: ssh_set_newkeys: mode 1
debug1: rekey out after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: Sending SSH2_MSG_EXT_INFO
debug1: expecting SSH2_MSG_NEWKEYS
debug1: ssh_packet_read_poll2: resetting read seqnr 3
debug1: SSH2_MSG_NEWKEYS received
debug2: ssh_set_newkeys: mode 0
debu...
2002 Apr 26
0
PAM keyboard-interactive
...#include "dispatch.h"
#include "log.h"
+#include "monitor_wrap.h"
-static int do_pam_conversation_kbd_int(int num_msg,
- const struct pam_message **msg, struct pam_response **resp,
- void *appdata_ptr);
-void input_userauth_info_response_pam(int type, u_int32_t seqnr, void *ctxt);
-
-struct {
- int finished, num_received, num_expected;
- int *prompts;
- struct pam_response *responses;
-} context_pam2 = {0, 0, 0, NULL};
-
-static struct pam_conv conv2 = {
- do_pam_conversation_kbd_int,
- NULL,
+struct pam_ctxt {
+ char *pam_user;
+ pid_t pam_pid;
+ int pam_...
2003 Jan 08
2
OPENSSH REMOTE ROOT COMPROMISE ALL VERSIONS (fwd)
...39;A' characters here and hit enter>
After that, the xfree() breakpoint is reached, and the next call to
free() should therefore be intercepted in order to comply with the
technique developed by Global InterSec LLC:
Breakpoint 1, 0x080531bd in input_userauth_info_response_pam (type=61,
seqnr=7, ctxt=0x809c050) at auth2-pam.c:158
158 xfree(resp);
(gdb) disassemble xfree
[...]
0x807308e <xfree+34>: call 0x804ba14 <free>
[...]
(gdb) break *0x807308e
Breakpoint 2 at 0x807308e: file xmalloc.c, line 55.
(gdb) continue
Continuing.
Breakpoint 2, 0x0807308e...
2010 Aug 25
12
implementation of IEEE 802.1Qbg in lldpad
Hi,
this set of patches contains the initial implementation of the IEEE 802.1Qbg
standard: code for the exchange of EVB TLVs in LLDP frames to negotiate VSI
capabalities as well as VDP VSI TLVs between a host with virtual machines
and an adjacent switch.
It supports setting the parameters of the TLV exchange from the command
line using lldptool.
VDP profiles consisting of
2010 Aug 25
12
implementation of IEEE 802.1Qbg in lldpad
Hi,
this set of patches contains the initial implementation of the IEEE 802.1Qbg
standard: code for the exchange of EVB TLVs in LLDP frames to negotiate VSI
capabalities as well as VDP VSI TLVs between a host with virtual machines
and an adjacent switch.
It supports setting the parameters of the TLV exchange from the command
line using lldptool.
VDP profiles consisting of
2024 Jul 28
1
SSH time increased significantly after upgrade to OpenSSH 9.6p1
...23 17:42:50.150435 ifav87-apic2 sshd[1090464]: debug1: expecting
SSH2_MSG_KEX_ECDH_INIT [preauth]
Jul 23 17:42:50.336221 ifav87-apic2 sshd[1090464]: debug1:
SSH2_MSG_KEX_ECDH_INIT received [preauth]
Jul 23 17:42:50.387724 ifav87-apic2 sshd[1090464]: debug1:
ssh_packet_send2_wrapped: resetting send seqnr 3 [preauth]
//OpenSSH 8.6p1
Jul 23 17:32:24.910905 apic2 sshd[338663]: debug1: Forked child 342983.
Jul 23 17:32:24.911310 apic2 sshd[342983]: debug1: Set
/proc/self/oom_score_adj to 0
Jul 23 17:32:24.911493 apic2 sshd[342983]: debug1: rexec start in 4
out 4 newsock 4 pipe 6 sock 7
Jul 23 17:32:24...
2002 Jul 02
3
New PAM kbd-int diff
...#include "log.h"
+#include "monitor_wrap.h"
+
+extern char *__progname;
-static int do_pam_conversation_kbd_int(int num_msg,
- const struct pam_message **msg, struct pam_response **resp,
- void *appdata_ptr);
-void input_userauth_info_response_pam(int type, u_int32_t seqnr, void *ctxt);
-
-struct {
- int finished, num_received, num_expected;
- int *prompts;
- struct pam_response *responses;
-} context_pam2 = {0, 0, 0, NULL};
-
-static struct pam_conv conv2 = {
- do_pam_conversation_kbd_int,
- NULL,
+struct sshpam_ctxt {
+ char *user;
+ pid_t pid;
+ int sock;
+ i...
2010 Jun 17
3
implementation of IEEE 802.1Qbg in lldpad, part2
Hi,
This series of patches contains the second part of an initial implementation of
the IEEE 802.1Qbg standard: code for the exchange of VDP VSI TLVs between a
host with virtual machines and an adjacent switch.
VDP profiles consisting of mode,mgrid,typeid,typeidversion,instanceid,mac,vlan
can be given to lldpad with lldptool.
A way to deliver profiles to lldpad from libvirt using netlink
2010 Jun 17
3
implementation of IEEE 802.1Qbg in lldpad, part2
Hi,
This series of patches contains the second part of an initial implementation of
the IEEE 802.1Qbg standard: code for the exchange of VDP VSI TLVs between a
host with virtual machines and an adjacent switch.
VDP profiles consisting of mode,mgrid,typeid,typeidversion,instanceid,mac,vlan
can be given to lldpad with lldptool.
A way to deliver profiles to lldpad from libvirt using netlink
2002 Jun 25
4
PAM kbd-int with privsep
...#include "log.h"
+#include "monitor_wrap.h"
+
+extern char *__progname;
-static int do_pam_conversation_kbd_int(int num_msg,
- const struct pam_message **msg, struct pam_response **resp,
- void *appdata_ptr);
-void input_userauth_info_response_pam(int type, u_int32_t seqnr, void *ctxt);
-
-struct {
- int finished, num_received, num_expected;
- int *prompts;
- struct pam_response *responses;
-} context_pam2 = {0, 0, 0, NULL};
-
-static struct pam_conv conv2 = {
- do_pam_conversation_kbd_int,
- NULL,
+struct sshpam_ctxt {
+ char *user;
+ pid_t pid;
+ int sock;
+ i...
2010 Jul 23
19
implementation of IEEE 802.1Qbg in lldpad
Hi,
This set of patches contains the initial implementation of the IEEE 802.1Qbg
standard: code for the exchange of EVB TLVs in LLDP frames to negotiate VSI
capabalities as well as VDP VSI TLVs between a host with virtual machines
and an adjacent switch.
It supports setting the parameters of the TLV exchange from the command
line using lldptool.
VDP profiles consisting of
2010 Jul 23
19
implementation of IEEE 802.1Qbg in lldpad
Hi,
This set of patches contains the initial implementation of the IEEE 802.1Qbg
standard: code for the exchange of EVB TLVs in LLDP frames to negotiate VSI
capabalities as well as VDP VSI TLVs between a host with virtual machines
and an adjacent switch.
It supports setting the parameters of the TLV exchange from the command
line using lldptool.
VDP profiles consisting of
2001 Nov 09
4
keystroke timing attack
I'm reading this fine article on O'Reilly:
http://linux.oreillynet.com/lpt/a//linux/2001/11/08/ssh_keystroke.html
<quote>
The paper concludes that the keystroke timing data observable from
today's SSH implementations reveals a dangerously significant amount of
information about user terminal sessions--enough to locate typed
passwords in the session data stream and reduce the
2010 Nov 08
18
implementation of IEEE 802.1Qbg in lldpad
Hi,
this set of patches contains the initial implementation of the IEEE 802.1Qbg
standard: code for the exchange of EVB TLVs in LLDP frames to negotiate VSI
capabalities as well as VDP VSI TLVs between a host with virtual machines
and an adjacent switch.
It supports setting the parameters of the TLV exchange from the command
line using lldptool.
VDP profiles consisting of