search for: ssh_login

...m.com> --- sshconnect.c | 1 + 1 files changed, 1 insertion(+) diff -uprN openssh-4.3p2/sshconnect.c openssh-4.3p2-kylie/sshconnect.c --- openssh-4.3p2/sshconnect.c 2005-12-13 02:29:03.000000000 -0600 +++ openssh-4.3p2-kylie/sshconnect.c 2006-05-04 10:07:57.000000000 -0500 @@ -937,6 +937,7 @@ ssh_login(Sensitive *sensitive, const ch } else { ssh_kex(host, hostaddr); ssh_userauth1(local_user, server_user, host, sensitive); + xfree(local_user); } }

...original_effective_uid == 0 && options.use_privileged_port, #endif - options.proxy_command) != 0) + options.proxy_command, &canohost) != 0) exit(255); if (timeout_ms > 0) @@ -880,7 +881,7 @@ /* Log into the remote system. Never returns if the login fails. */ ssh_login(&sensitive_data, host, (struct sockaddr *)&hostaddr, - pw, timeout_ms); + pw, timeout_ms, canohost); if (packet_connection_is_on_socket()) { verbose("Authenticated to %s ([%s]:%d).", host, @@ -889,6 +890,8 @@ verbose("Authenticated to %s (via proxy).",...

...ers, then copies of these pointers are assigned to the kex structure. The kex_free finally frees them via cleanup of the kex structure while the global pointers remain. This can easily be rearranged so that is clearer who owns which memory and who is thus responsible for freeing. Also, the the ssh_login function leaks the memory allocated to the host variable. Also, there is another global variable (previous_host_key) which could be removed by placing it into the ssh/active_state structure, but which, for now, could at least be made module-static. Proposal: ssh-connect allocates the initial...

...e): Argument to macro isupper() should be unsigned. * clientloop.c (process_cmdlin): Argument to macro isspace() should be unsigned. * match.c (match_pattern_list): Argument to macro isupper() should be unsigned. * scp.c (sink): Argument to macro isdigit() should be unsigned. * sshconnect.c (ssh_login): Argument to macro isupper() should be unsigned. * openbsd-compat/inet_aton.c (inet_aton): Arguments to the isdigit(), isxdigit(), islower() and isspace() macros should be unsigned. * openbsd-compat/mktemp.c (_gettemp): The isdigit() macro argument should be unsigned. * openbsd-compat/readp...

...p1/sshconnect.h.ORIG Wed Oct 10 07:07:45 2001 +++ openssh-3.2.2p1/sshconnect.h Tue May 21 15:40:06 2002 @@ -28,7 +28,7 @@ int ssh_connect(const char *, struct sockaddr_storage *, u_short, int, int, - int, struct passwd *, const char *); + int, int, struct passwd *, const char *); void ssh_login(Key **, int, const char *, struct sockaddr *, struct passwd *); -------------- next part -------------- --- openssh-3.2.3p1/readconf.c.ORIG Tue Feb 5 02:26:35 2002 +++ openssh-3.2.3p1/readconf.c Wed May 22 19:45:13 2002 @@ -115,7 +115,8 @@ oKbdInteractiveAuthentication, oKbdInteractiveDevices, o...

...x=0x105d90) at kex.c:243 #11 0x3fac4 in kex_input_kexinit (type=20, seq=0, ctxt=0x105d90) at kex.c:209 #12 0x3ba64 in dispatch_run (mode=0, done=0x105dd4, ctxt=0x105d90) at dispatch.c:93 #13 0x24698 in ssh_kex2 (host=0xfa790 "pf-i400", hostaddr=0xf3560) at sshconnect2.c:119 #14 0x21778 in ssh_login (sensitive=0xf433c, orighost=0xeffffab1 "pf-i400", hostaddr=0xf3560, pw=0xf4d28) at sshconnect.c:846 #15 0x1dd4c in main (ac=0, av=0xeffff9c8) at ssh.c:701 (gdb) $ ./ssh -v pf-i400 -1 OpenSSH_3.5p1, SSH protocols 1.5/2.0, OpenSSL 0x00906080 debug1: Reading configuration data /usr/l...

...user connects to another server as a different user. The auditing trail is broken for tracing access. userA> ssh userB at hostB A simple syslog addition (for example) to ssh.c closes that gap. /* Log into the remote system. This never returns if the login fails. */ ssh_login(&sensitive_data, host, (struct sockaddr *)&hostaddr, pw); /* added for NERC logging and auditing */ syslog(LOG_NOTICE, "ssh: user %s connected to host %s as %s", pw->pw_name, host, options.user); Thanks

...00s\" uses unsafe RSA signature " "scheme; disabling use of RSA keys", remote_version); if (!client_banner_sent) - send_client_banner(connection_out, minor1); + send_client_banner(connection_out, minor1, host); chop(server_version_string); } @@ -1286,7 +1287,7 @@ ssh_login(Sensitive *sensitive, const ch lowercase(host); /* Exchange protocol version identification strings with the server. */ - ssh_exchange_identification(timeout_ms); + ssh_exchange_identification(timeout_ms, host); /* Put the connection into non-blocking mode. */ packet_set_nonblocking();...

...restore_uid(); --- sshconnect.h.OK Wed Oct 10 07:07:45 2001 +++ sshconnect.h Sat Jan 26 21:44:35 2002 @@ -28,7 +28,7 @@ int ssh_connect(const char *, struct sockaddr_storage *, u_short, int, int, - int, struct passwd *, const char *); + int, int, struct passwd *, const char *); void ssh_login(Key **, int, const char *, struct sockaddr *, struct passwd *);

.../* Filled in ssh_connect. */ if (options->connection_attempts == -1) options->connection_attempts = 4; + if (options->retry_delay == -1) + options->retry_delay = 1; if (options->number_of_password_prompts == -1) options->number_of_password_prompts = 3; /* Selected in ssh_login(). */ diff -u --recursive openssh-2.3.0p1/readconf.h openssh-2.3.0p1-new/readconf.h --- openssh-2.3.0p1/readconf.h Sat Oct 14 01:23:12 2000 +++ openssh-2.3.0p1-new/readconf.h Tue Nov 14 08:01:33 2000 @@ -61,8 +61,10 @@ LogLevel log_level; /* Level for logging. */ int port; /* Port to con...

...4 packet_read_poll_seqnr (ffbfe474, 62000, 62000, 620f0,61800, 62400) + 258 00033f94 packet_read_seqnr (0, 6, ffbfe510, 628a8, f0, 3c) + 40 00038bbc dispatch_run (0, ffbfe524, ffbfe510, ffbfe4f0, 624ac, ff) +1c 00025988 ssh_userauth2 (64568, 65250, 72e08, 628a8, 1, 0) + 52c 00021a20 ssh_login (72e08, 4, 45400, 14, 45400, a) + 3a4 000196b4 main (62b14, 647e4, 42a60, 42a58, 42800, 62800) + 8a4 00017e48 _start (0, 0, 0, 0, 0, 0) + 5 Around the coredump, many "Bad packet length" errors can be seen in /var/adm/message, like: Disconnecting: Bad packet length 2298694...

https://bugzilla.mindrot.org/show_bug.cgi?id=2642 Bug ID: 2642 Summary: [sshconnect2] publickey authentication only properly works if used first: pubkey_prepare doesn't work after pubkey_cleanup Product: Portable OpenSSH Version: 7.3p1 Hardware: amd64 OS: Linux Status:

...eived encrypted confirmation. Segmentation fault A backtrace in GDB gives: #0 0x00006bd4 in ssh_userauth (local_user=0x339d0 "", server_user=0xbffffc0c "cjm", host=0xe00c0 "sun4", host_key_valid=211808, own_host_key=0xdff50) at sshconnect1.c:1020 #1 0x000058fc in ssh_login (host_key_valid=0, own_host_key=0xdff50, orighost=0xbffffc10 "sun4", hostaddr=0x338b0, original_real_uid=917696) at sshconnect.c:774 #2 0x00003574 in main (ac=4, av=0xbffffb44) at ssh.c:698 #3 0x00002060 in _start () #4 0x00001ea0 in start () #5 0x00000000 in ?? () It seems that op...

...ssh\" -D_PATH_SSH_PROGRAM =\"/usr/ssh/bin/ssh\" -D_PATH_SSH_ASKPASS_DEFAULT =\"/usr/ssh/libexec/ssh-askpass\" -D_PATH_SFTP_SERVER =\"/usr/ssh/libexec/sftp-server\" -D_PATH_SSH_PIDDIR=\"/etc/ssh\" -DHAVE_CONFIG_H -c sshconnect.c sshconnect.c: In function `ssh_login': sshconnect.c:868: warning: subscript has type `char' ..... gcc -o ssh ssh.o sshconnect.o sshconnect1.o sshconnect2.o sshtty.o readconf.o clientloop.o -L. -Lopenbsd-compat/ -L/usr/local/lib -R/usr/local/lib -lssh -lopenbsd-compat -lz -lsocket -lcrypto Undefined firs...

http://bugzilla.mindrot.org/show_bug.cgi?id=1085 Summary: Intermittent ssh core dumps Product: Portable OpenSSH Version: 4.2p1 Platform: Sparc OS/Version: Solaris Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: bitbucket at mindrot.org ReportedBy: js at phil.uu.nl I

...p1/sshconnect.h.ORIG Sat Nov 17 22:49:09 2001 +++ openssh-3.0.1p1/sshconnect.h Sat Nov 17 22:49:47 2001 @@ -28,7 +28,7 @@ int ssh_connect(const char *, struct sockaddr_storage *, u_short, int, int, - int, struct passwd *, const char *); + int, int, struct passwd *, const char *); void ssh_login(Key **, int, const char *, struct sockaddr *, struct passwd *);

...en); break; --- openssh-3.6.1p1/sshconnect.h.ORIG Tue Apr 15 23:06:30 2003 +++ openssh-3.6.1p1/sshconnect.h Tue Apr 15 23:08:28 2003 @@ -35,7 +35,7 @@ int ssh_connect(const char *, struct sockaddr_storage *, u_short, int, int, - int, const char *); + int, int, const char *); void ssh_login(Sensitive *, const char *, struct sockaddr *, struct passwd *);

....1p1/sshconnect.h.ORIG Wed Oct 10 07:07:45 2001 +++ openssh-3.1p1/sshconnect.h Wed Apr 3 23:33:48 2002 @@ -28,7 +28,7 @@ int ssh_connect(const char *, struct sockaddr_storage *, u_short, int, int, - int, struct passwd *, const char *); + int, int, struct passwd *, const char *); void ssh_login(Key **, int, const char *, struct sockaddr *, struct passwd *);

...at it would be simpler on our end to only maintain one kerberos entry per machine, instead of 3 or 4, depending on how many additional interfaces we're testing at once. A somewhat simpler solution is a modification to the openssh code. Prior to doing key exchange and user authentication in ssh_login(), a check could be performed to determine whether the destination hostname corresponds to a public or private IP address. If private IP, then change it to the hostname corresponding to the public IP. Now the client code will use kerberos credentials for the public IP/domain name, and everyt...

...=================================================================== RCS file: sshconnect.c,v retrieving revision 2.9.9.2 retrieving revision 2.9.9.2.0.1 diff -pu -r2.9.9.2 -r2.9.9.2.0.1 --- sshconnect.c 2001/08/07 22:29:09 2.9.9.2 +++ sshconnect.c 2001/09/28 18:48:11 2.9.9.2.0.1 @@ -881,8 +881,8 @@ ssh_login(Key **keys, int nkeys, const c /* Convert the user-supplied hostname into all lowercase. */ host = xstrdup(orighost); for (cp = host; *cp; cp++) - if (isupper(*cp)) - *cp = tolower(*cp); + if (isupper((unsigned char)*cp)) + *cp = tolower((unsigned char)*cp); /* Exchange protocol ver...