search for: sshbufs

This simple additional check hardens sshbuf against linking an sshbuf into itself as parent/child pair, which could lead to ref counting issues. Purely defensive measure. I am not aware that this could happen somehwere in the code by now. Okay? Index: sshbuf.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/sshbuf.c,v diff -u -p -u -p -r1.19

On Thu, 25 Jun 2015, Michael Felt wrote: > Just running a standard make, and then a make install to a packaging > directory. It seems to be complaining about missing keys - not sure yet if > this is a show stopper For packaging you want the install-nokeys rule not install. -- Tim Rice Multitalents tim at multitalents.net

--- sshbuf.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sshbuf.h b/sshbuf.h index 78e32264..4b71405a 100644 --- a/sshbuf.h +++ b/sshbuf.h @@ -140,7 +140,7 @@ int sshbuf_allocate(struct sshbuf *buf, size_t len); /* * Reserve len bytes in buf. * Returns 0 on success and a pointer to the first reserved byte via the - * optional dpp parameter or a negative * SSH_ERR_*

Hello! I have a minor observation about code in sshbuf.c, not sure if it would be useful, but here it is. sshbuf_reset() is currently implemented like this: void sshbuf_reset(struct sshbuf *buf) { u_char *d; if (buf->readonly || buf->refcount > 1) { /* Nonsensical. Just make buffer appear empty */ buf->off = buf->size; return; } if (sshbuf_check_sanity(buf) != 0)

Reordering calloc arguments silences gcc compiler warnings of latest versions. Spotted with OpenSSH-portable on a Linux system. Okay? Index: cipher.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/cipher.c,v diff -u -p -u -p -r1.121 cipher.c --- cipher.c 17 May 2024 02:39:11 -0000 1.121 +++ cipher.c 13 Aug 2024 16:46:00 -0000 @@ -249,7 +249,7

...please excuse me if something is wrong with this message... I'm pretty interested in the OpenSSH codebase, and a couple of questions arose while I was investigating it, and I guess this is the place where I can find answers. 1. There are a lot of allocations, even for short lived objects like sshbufs and sshkeys. Creating an sshbuf always requires at least one allocation, two allocations if it is created with sshbuf_new(). There are a lot of times when they are allocated and freed within the same function. Same thing with bitmaps. What is the reason behind not allocating them on the stack? 2. A...

This patch fixes two spelling mistakes in code comments, which means no functional change: still-extant -> still-existant the -> then Okay? Index: sshbuf.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/sshbuf.c,v diff -u -p -u -p -r1.19 sshbuf.c --- sshbuf.c 2 Dec 2022 04:40:27 -0000 1.19 +++ sshbuf.c 13 Aug 2024 16:39:12 -0000 @@

https://bugzilla.mindrot.org/show_bug.cgi?id=2371 Bug ID: 2371 Summary: make check fails when using --without-openssl on AIX Product: Portable OpenSSH Version: 6.9p1 Hardware: Other OS: All Status: NEW Severity: normal Priority: P5 Component: Build system Assignee:

https://bugzilla.mindrot.org/show_bug.cgi?id=2371 Bug ID: 2371 Summary: make check fails when using --without-openssl on AIX Product: Portable OpenSSH Version: 6.9p1 Hardware: Other OS: All Status: NEW Severity: normal Priority: P5 Component: Build system Assignee:

https://bugzilla.mindrot.org/show_bug.cgi?id=3539 Bug ID: 3539 Summary: sshbuf memory leak in recv_rexec_state() Product: Portable OpenSSH Version: 9.1p1 Hardware: All OS: All Status: NEW Severity: normal Priority: P5 Component: sshd Assignee: unassigned-bugs at mindrot.org

Good news/Bad News The test race in RHEL 3.4 seems to be gone ... but another ec.h failure ... Using http://www.mindrot.org/openssh_snap/openssh-SNAP-20140827.tar.gz OS Build_Target CC OpenSSL BUILD TEST ============== =========================== ================ ============= ====== ================= *RHEL 3.4 i386-redhat-linux gcc

https://bugzilla.mindrot.org/show_bug.cgi?id=2370 Bug ID: 2370 Summary: make fails with "rmd160.c", line 35.10: 1506-296 (S) #include file <endian.h> not found. when using --without-openssl on AIX Product: Portable OpenSSH Version: 6.9p1 Hardware: Other OS: AIX

From: Sebastian Andrzej Siewior <sebastian at breakpoint.cc> The "zstd at breakpoint.cc" compression algorithm enables ZSTD based compression as defined in RFC8478. The compression is delayed until the server sends the SSH_MSG_USERAUTH_SUCCESS which is the same time as with the "zlib at openssh.com" method. Signed-off-by: Sebastian Andrzej Siewior <sebastian at

Add private key protection information extraction to shh-keygen using -v option on top of -y option which is already parsing the private key. Technically, the passphrase isn't necessary to do this, but it is the most logical thing to do for me. Adding this to -l option is not appropriate because fingerprinting is using the .pub file when available. An other idea is to add a new option, I

I added ZSTD support to OpenSSH roughly three years ago and I've been playing with it ever since. The nice part is that ZSTD achieves reasonable compression (like zlib) but consumes little CPU so it is unlikely that compression becomes the bottle neck of a transfer. The compression overhead (CPU) is negligible even when uncompressed data is tunneled over the SSH connection (SOCKS proxy, port

The freezero call is practically the same as calling explicit_bzero followed by free. Okay? Index: sshbuf.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/sshbuf.c,v diff -u -p -u -p -r1.19 sshbuf.c --- sshbuf.c 2 Dec 2022 04:40:27 -0000 1.19 +++ sshbuf.c 13 Aug 2024 16:54:20 -0000 @@ -183,10 +183,8 @@ sshbuf_free(struct sshbuf *buf)

In sshconnect.c there are two global variables for server_version_string client_version_string. These are used just in a few functions and can easily be passed as parameters. Also, there is a strange construct, where their memory is allocated to the global pointers, then copies of these pointers are assigned to the kex structure. The kex_free finally frees them via cleanup of the kex

On Tue, 23 Jun 2015, Jakub Jelen wrote: > > On 05/29/2015 09:12 AM, Damien Miller wrote: > > Hi, > > > > OpenSSH 6.9 is almost ready for release, so we would appreciate testing > > on as many platforms and systems as possible. This release contains > > some substantial new features and a number of bugfixes. > Tested basic configuration on Fedora 22. With

On Wed, 17 Feb 2016, Tom G. Christensen wrote: > On 12/02/16 04:56, Damien Miller wrote: > > Portable OpenSSH is available via Git at > > https://anongit.mindrot.org/openssh.git/ or via a mirror on Github at > > https://github.com/openssh/openssh-portable > > > > I'm seeing a hang in the testsuite on Solaris: > run test transfer.sh ... > transfer data:

On Mon, 6 May 2024, openssh at tr.id.au wrote: > ... and I guess your next question will be about compilation environment, so: > > ``` > $ gcc --version > gcc (Gentoo 13.2.1_p20240210 p14) 13.2.1 20240210 > Copyright (C) 2023 Free Software Foundation, Inc. > This is free software; see the source for copying conditions. There is NO > warranty; not even for MERCHANTABILITY