Displaying 18 results from an estimated 18 matches for "server_version_str".
2018 Dec 10
2
[PATCH] cleanup of global variables server/client_version_string in sshconnect.c
In sshconnect.c there are two global variables for server_version_string
client_version_string.
These are used just in a few functions and can easily be passed as
parameters.
Also, there is a strange construct, where their memory is allocated to
the global pointers, then copies of these pointers are assigned to the
kex structure. The kex_free finally frees the...
2013 Sep 24
9
[PATCH] curve25519-sha256@libssh.org key exchange proposal
...e "cipher.h"
+#include "kex.h"
+#include "log.h"
+
+#include <nacl/crypto_scalarmult_curve25519.h>
+#define CURVE25519_PUBKEY_SIZE crypto_scalarmult_curve25519_BYTES
+
+void
+kex_c25519_hash(
+ const EVP_MD *evp_md,
+ char *client_version_string,
+ char *server_version_string,
+ char *ckexinit, int ckexinitlen,
+ char *skexinit, int skexinitlen,
+ u_char *serverhostkeyblob, int sbloblen,
+ const unsigned char client_dh_pub[CURVE25519_PUBKEY_SIZE],
+ const unsigned char server_dh_pub[CURVE25519_PUBKEY_SIZE],
+ const BIGNUM *shared_secret,
+ u_char...
2014 Jul 16
1
ssh - Connection closed by UNKNOWN
...or
there could be set_remote_ipaddr() in canonhost.c for that.
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -62,6 +62,7 @@
#include "monitor_fdpass.h"
#include "ssh2.h"
#include "version.h"
+#include "canohost.h"
char *client_version_string = NULL;
char *server_version_string = NULL;
@@ -171,6 +172,8 @@ ssh_proxy_fdpass_connect(const char *host, u_short port,
/* Set the connection file descriptors. */
packet_set_connection(sock, sock);
+ debug("Connected to %.200s [%.100s] port %d.",
+ host, get_remote_ipaddr(), get_remote_...
2003 Oct 08
4
OS/390 openssh
...);
+#ifdef CHARSET_EBCDIC
+ __etoa(buf);
+#endif
if (atomicio(vwrite, connection_out, buf, strlen(buf)) != strlen(buf))
fatal("write: %.100s", strerror(errno));
+#ifdef CHARSET_EBCDIC
+ __atoe(buf);
+#endif
client_version_string = xstrdup(buf);
chop(client_version_string);
chop(server_version_string);
@@ -955,6 +964,11 @@
char *server_user, *local_user;
local_user = xstrdup(pw->pw_name);
+#if #system(bs2000)
+ /* Convert the UPPERCASE USER into all lowercase to ease connectivity with unix. */
+ /* IMO that is legitimate, as BS2000's user names are case insensitive */
+ strlower...
2014 Jul 15
3
GSSAPI
If I am trying to build OpenSSH 6.6 with Kerberos GSSAPI support, do I still need to get Simon Wilkinson's patches?
---
Scott Neugroschl | XYPRO Technology Corporation
4100 Guardian Street | Suite 100 |Simi Valley, CA 93063 | Phone 805 583-2874|Fax 805 583-0124 |
2004 Mar 26
2
Patch for login exchange timeout
...ions.connection_timeout > 0) {
+ signal(SIGALRM, grace_alarm_handler);
+ alarm(options.connection_timeout);
+ }
+
/* Read other side\'s version identification. */
for (;;) {
for (i = 0; i < sizeof(buf) - 1; i++) {
***************
*** 466,471 ****
--- 482,494 ----
}
server_version_string = xstrdup(buf);
+ /* Clear the alarm */
+ if (options.connection_timeout > 0) {
+ alarm(0);
+ signal(SIGALRM,SIG_DFL);
+ }
+
+
/*
* Check that the versions match. In future this
might accept
* several versions and set appropriate flags to
handle them.
___________...
2005 Jun 09
0
Disconnects from Cisco router ssh sessions.
...cal/src/security/openssh/cvs/openssh_cvs/sshconnect.c,v
retrieving revision 1.130
diff -u -p -r1.130 sshconnect.c
--- sshconnect.c 26 May 2005 02:23:44 -0000 1.130
+++ sshconnect.c 9 Jun 2005 07:55:14 -0000
@@ -514,6 +514,11 @@ ssh_exchange_identification(void)
chop(client_version_string);
chop(server_version_string);
debug("Local version string %.100s", client_version_string);
+
+ if (datafellows & SSH_BUG_BIGV1PACKET) {
+ debug("Found big SSHv1 packet bug, limiting packet size");
+ packet_set_maxsize(4 * 1024);
+ }
}
/* defaults to 'no' */
--
Darren Tucker (dtucke...
2012 Aug 29
1
second FIPS patch for openssh 6.0p1, fix pubkey
...hconnect2.c Wed Aug 29 14:59:19 2012
***************
*** 77,82 ****
--- 77,88 ----
#include "ssh-gss.h"
#endif
+ #include <openssl/sha.h>
+ #ifdef OPENSSL_FIPS
+ #include <openssl/fips.h>
+ #endif
+
+
/* import */
extern char *client_version_string;
extern char *server_version_string;
***************
*** 591,597 ****
key->type, pktype);
goto done;
}
! fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX);
debug2("input_userauth_pk_ok: fp %s", fp);
xfree(fp);
--- 604,611 ----
key->type, pktype);
goto done;
}
! fp = key_fing...
2002 Apr 23
0
[Bug 225] New: Supression of login warning banner for noninteractive commands
...; i++) {
if (i)
buffer_append(&command, " ", 1);
--- sshconnect2.c_orig Mon Apr 22 16:18:50 2002
+++ sshconnect2.c Mon Apr 22 16:18:58 2002
@@ -57,6 +57,7 @@
/* import */
extern char *client_version_string;
extern char *server_version_string;
+extern int supress_banner;
extern Options options;
/*
@@ -320,7 +321,10 @@
debug3("input_userauth_banner");
msg = packet_get_string(NULL);
lang = packet_get_string(NULL);
- fprintf(stderr, "%s", msg);
+ if (supress_banner == 1)
+...
2013 Nov 01
1
[PATCH] curve25519-sha256@libssh.org key exchange proposal
...but we don't. (-donna also has the disadvantage of being slower, but were
> quibbling over single-digit milliseconds here so IMO it doesn't matter at
> all.)
>
> +void
> +kex_c25519_hash(
> + const EVP_MD *evp_md,
> + char *client_version_string,
> + char *server_version_string,
> + char *ckexinit, int ckexinitlen,
> + char *skexinit, int skexinitlen,
> + u_char *serverhostkeyblob, int sbloblen,
> + const unsigned char client_dh_pub[CURVE25519_PUBKEY_SIZE],
> + const unsigned char server_dh_pub[CURVE25519_PUBKEY_SIZE],
> + const BIGN...
2015 Jun 22
2
Small issue with DNSSEC / SSHFP
...05eac098e462838
Author: Philip Homburg <philip at f-src.phicoh.com>
Date: Mon Jun 22 12:52:45 2015 +0200
Better diagnostic when DNSSEC validation fails.
diff --git a/sshconnect.c b/sshconnect.c
index f41960c..9f1eafa 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -71,6 +71,7 @@ char *server_version_string = NULL;
Key *previous_host_key = NULL;
static int matching_host_key_dns = 0;
+static int dns_secure = 0;
static pid_t proxy_command_pid = 0;
@@ -972,13 +973,18 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port,
fatal("%s: sshkey_fingerprint fail",...
2001 Nov 17
0
[PATCH] Connect timeout
...tion_timeout,
original_effective_uid != 0 || !options.use_privileged_port,
pw, options.proxy_command);
--- openssh-3.0.1p1/sshconnect.c.ORIG Sat Nov 17 22:49:09 2001
+++ openssh-3.0.1p1/sshconnect.c Sat Nov 17 23:02:27 2001
@@ -35,6 +35,8 @@
char *client_version_string = NULL;
char *server_version_string = NULL;
+static jmp_buf jmpenv;
+
extern Options options;
extern char *__progname;
@@ -221,6 +223,43 @@
return sock;
}
+/* for alarm() */
+static void
+timeout_sigh(int dummy)
+{
+ errno = ETIMEDOUT;
+ longjmp(jmpenv, !0);
+}
+
+int
+timeout_connect(int sockfd, const struct sockaddr *...
2008 Apr 21
3
FIPS 140-2 OpenSSL(2007) patches
Hi,
I am happy to (re)send a set of patches for compiling OpenSSH 4.7p1 with
FIPS 140-2 OpenSSL.
These are based on previously reported patches by Steve Marquess
<marquess at ieee.org> and Ben Laurie <ben at algroup.co.uk>,
for ver. OpenSSH 3.8.
Note that these patches are NOT OFFICIAL, and MAY be used freely by
anyone.
Issues [partially] handled:
SSL FIPS Self test.
RC4,
2006 Nov 15
11
OpenSSH Certkey (PKI)
...+#include <openssl/objects.h>
#include <ctype.h>
#include <errno.h>
#include <netdb.h>
@@ -48,6 +49,7 @@
#include "misc.h"
#include "dns.h"
#include "version.h"
+#include "authfile.h"
char *client_version_string = NULL;
char *server_version_string = NULL;
@@ -884,6 +886,19 @@
{
struct stat st;
int flags = 0;
+
+ if (options.certkey_authentication && host_key->cert != NULL) {
+ Key *ca_key;
+ int verified;
+
+ ca_key = key_load_public(options.ca_key_file, NULL);
+ if (ca_key != NULL) {
+ verified = cert_verify(host_ke...
2015 May 23
5
Name based SSH proxy
...t timeout_
logit("Server version \"%.100s\" uses unsafe RSA signature "
"scheme; disabling use of RSA keys", remote_version);
if (!client_banner_sent)
- send_client_banner(connection_out, minor1);
+ send_client_banner(connection_out, minor1, host);
chop(server_version_string);
}
@@ -1286,7 +1287,7 @@ ssh_login(Sensitive *sensitive, const ch
lowercase(host);
/* Exchange protocol version identification strings with the server. */
- ssh_exchange_identification(timeout_ms);
+ ssh_exchange_identification(timeout_ms, host);
/* Put the connection into non-bloc...
2002 Jan 26
5
[PATCH] Connect timeout
...onnection_attempts, options.connection_timeout,
original_effective_uid != 0 || !options.use_privileged_port,
pw, options.proxy_command);
--- sshconnect.c.OK Wed Oct 10 07:07:45 2001
+++ sshconnect.c Sat Jan 26 21:44:35 2002
@@ -35,6 +35,8 @@
char *client_version_string = NULL;
char *server_version_string = NULL;
+static jmp_buf jmpenv;
+
extern Options options;
extern char *__progname;
@@ -221,6 +223,43 @@
return sock;
}
+/* for alarm() */
+static void
+timeout_sigh(int dummy)
+{
+ errno = ETIMEDOUT;
+ longjmp(jmpenv, !0);
+}
+
+int
+timeout_connect(int sockfd, const struct sockaddr *...
2013 Jun 25
1
RFC: encrypted hostkeys patch
...788b 100644
--- a/sshd.c
+++ b/sshd.c
@@ -106,6 +106,7 @@
#include "canohost.h"
#include "hostfile.h"
#include "auth.h"
+#include "authfd.h"
#include "misc.h"
#include "msg.h"
#include "dispatch.h"
@@ -194,6 +195,9 @@ char *server_version_string = NULL;
/* for rekeying XXX fixme */
Kex *xxx_kex;
+/* Daemon's agent connection */
+AuthenticationConnection *auth_conn = NULL;
+
/*
* Any really sensitive data in the application is contained in this
* structure. The idea is that this structure could be locked into memory so
@@ -2...
2003 Aug 10
9
updated gssapi diff
...connect2.c 10 Aug 2003 14:06:59 -0000 1.1.1.2
+++ sshconnect2.c 10 Aug 2003 14:25:01 -0000 1.10
@@ -52,6 +52,10 @@
#include "msg.h"
#include "pathnames.h"
+#ifdef GSSAPI
+#include "ssh-gss.h"
+#endif
+
/* import */
extern char *client_version_string;
extern char *server_version_string;
@@ -173,6 +177,8 @@
Sensitive *sensitive;
/* kbd-interactive */
int info_req_seen;
+ /* generic */
+ void *methoddata;
};
struct Authmethod {
char *name; /* string to compare against server's list */
@@ -196,6 +202,15 @@
int userauth_hostbased(Authctxt *);
int userauth_kerberos...