Displaying 20 results from an estimated 2000 matches similar to: "[Bug 445] User DCE Credentials do not get forwarded to child session"
2003 Jan 07
1
[Bug 445] User DCE Credentials do not get forwarded to child session
http://bugzilla.mindrot.org/show_bug.cgi?id=445
------- Additional Comments From djm at mindrot.org 2003-01-07 12:20 -------
The attached patch has been corrupted - please attach it (in "diff -u" format)
to the bug using the "Create Attachment" link
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2000 Oct 15
1
Patch for Digital Unix SIA authentication
A while back, I sent in a patch that added Digital Unix SIA
authentication to OpenSSH. Well, I just figured out that it didn't
handle everything correctly (locked accounts could still log in). I
thought I had checked that, but I guess I missed it.
Anyway, here is a patch against OpenSSH 2.2.0p1 that fixes this.
--
Chris Adams <cmadams at hiwaay.net>
Systems and Network Administrator
2002 Sep 04
2
uid transition and post-auth privsep (WAS Re: possible fundamental problem with tru64 patch) (fwd)
What do we loose by not having post-auth privsep?
What code is executed between authorization and actual setting of the
effective uid?
On Tue, 3 Sep 2002, Chris Adams wrote:
> Once upon a time, Toni L. Harbaugh-Blackford <harbaugh at nciaxp.ncifcrf.gov> said:
> > It appears that the integration of the sia session setup will either
> > have to be rethought or abandoned
2001 Feb 12
2
OSF_SIA bug in 2.3.0p1
Is anyone maintaining the OSF_SIA support in openssh? This seems to be an
obvious bug triggered if you try to connect as a non-existant user.
>From auth1.c line 459
#elif defined(HAVE_OSF_SIA)
(sia_validate_user(NULL, saved_argc, saved_argv,
get_canonical_hostname(), pw->pw_name, NULL, 0,
NULL, "") == SIASUCCESS)) {
#else /*
2002 Nov 26
0
[Bug 445] New: User DCE Credentials do not get forwarded to child session
http://bugzilla.mindrot.org/show_bug.cgi?id=445
Summary: User DCE Credentials do not get forwarded to child
session
Product: Portable OpenSSH
Version: 3.4p1
Platform: Alpha
OS/Version: OSF/1
Status: NEW
Severity: normal
Priority: P2
Component: ssh
AssignedTo: openssh-unix-dev at
2003 Sep 24
1
Patches for compatibility with Heimdal's libsia_krb5 SIA module
I have found the following patches to be desirable for using sshd on a
Tru64 UNIX system with the Kerberos 5 SIA module (libsia_krb5.so) from
Heimdal.
These patches do the following:
1) preserve context between the password authentication and the session
setup phases. This is necessary because the Heimdal SIA module stores
Kerberos context information as mechanism-specific data in
2003 May 15
1
[Bug 445] User DCE Credentials do not get forwarded to child session
http://bugzilla.mindrot.org/show_bug.cgi?id=445
------- Additional Comments From djm at mindrot.org 2003-05-15 21:39 -------
I am not sure I understand (my Kerberos knowledge isn't so great):
We already set this for Krb5 auth:
#ifdef KRB5
if (s->authctxt->krb5_ticket_file)
child_set_env(&env, &envsize, "KRB5CCNAME",
s->authctxt->krb5_ticket_file);
2005 Feb 01
1
[Bug 445] User DCE Credentials do not get forwarded to child session
http://bugzilla.mindrot.org/show_bug.cgi?id=445
------- Additional Comments From dtucker at zip.com.au 2005-02-01 19:54 -------
I tested this with a fake KRB5CCNAME and it worked as expected. Since
essentially the same code is already enabled for AIX, I'm going to commit #628
unless someone objects.
------- You are receiving this mail because: -------
You are the assignee for the
2001 Dec 19
0
Patch for DU SIA auth
Hello. The following is a patch against OpenSSH 3.0.2p1 to fix OpenSSH's
handling of Tru64 SIA authentication. The main changes are to make the
SIAENTITY a global variable (so that it remains persistent across function
calls), initialization only happens once, the session is only released
once. This makes SIA modules that require authentication in order to
perform certain actions during the
2003 Feb 27
0
Update for Tru64 Unix
Here is a long-overdue (sorry about that) patch for Tru64. It is pretty
minor mostly (minor formatting and removal of a couple of unneeded
calls), and it disables post-auth privsep (so that OpenSSH will work
"out of the box" on Tru64, avoiding the many questions).
I'm also looking at getting setproctitle working. For Tru64 4.x, it
isn't a big deal (normal PS_USE_CLOBBER_ARGV
2001 Nov 08
0
openssh-3.0p1 + Tru64 4.0G: sia_ses_authent() always returns 0 (failure)
Hi-
I built openssh-3.0p1 on a Tru64 4.0G without any problem. The system uses
enhanced security, so the sia_* routines are used by sshd.
Unfortunately, password authentication fails because sia_ses_authent() returns 0
in auth-sia.c. The thing is, the password is CORRECT; I verified this by
inserting debugging statements before the call to sia_ses_authent().
The call to sia_ses_init()
2001 Mar 21
1
Tru64 UNIX SIA in 2.5.2p1 is hosed (still)
The recent patch posted by Steve VanDevender <stevev at darkwing.uoregon.edu>
for fixing the session code on Tru64 isn't quite right -- it still fails
in the case of NO tty being allocated.
The problem is that s->tty is a char[TTYSZ] rather than a char *, and
hence can't hold a NULL. Calling sia_ses_init() with the tty being an
empty string doesn't signify no tty, and
2001 Apr 13
0
Fixed patch for Digital Unix SIA
Okay, here is a fixed version of the patch I sent before for fixing the
problems I know about with Digital Unix SIA: displaying too much info
(MOTD, last login, etc.) when access is denied, and the loss of the
error message sometimes when access is denied.
It does break some code out of do_login into a couple of separate
functions. I did this to avoid duplicating the code in a couple of
places.
2006 Sep 14
3
[PATCH] PermitRootLogin woes
Hi all,
among other things, we provide shell access to various unix based
platforms for our students and university staff. Recently, there has been
increasing number of root login attacks on one particular Tru64 machine
running OpenSSH.
The host is configured with "PermitRootLogin no" but every once in a while
SIA auth with TCB enhanced security locks the root account.
I suppose
2005 Nov 08
1
R-2.2.0: malloc probelm in regex code (PR#8287)
Full_Name: Gordon Lack
Version: 2.2.0
OS: OSF1/Tur64
Submission from: (NULL) (193.128.25.20)
R-2.2.0 fails to build on OSF1 systems.
.....
make[4]: Leaving directory `..../R-2.2.0/src/library/tools/src
Error in list.files(path, pattern, all.files, full.names, recursive) :
invalid 'pattern' regular expression
Execution halted
make[3]: *** [all] Error 1
.....
I've tracked
2004 Oct 01
1
bzip2 directory won't build on OSF1 due to C99 code and -std1 option (PR#7257)
Full_Name: Michael Hoffman
Version: 2.0.0-beta-20041001
OS: OSF1 V5.1
Submission from: (NULL) (193.62.199.8)
Hello. Building R 2.0.0-beta-20041001 on OSF1 V5.1 failed because the default
configure sets R_XTRA_CFLAGS to "-std1 -ieee_with_inexact." The bzip2 directory
includes C99 code that requires -std1 to not be set in order to compile. This
halts the overall build process.
2003 Oct 28
4
simple compile
I could not find this question anywhere, but I apologize if it is and I
just missed it.
Running an Alpha, OSF1 V5.1 1885
configure went fine.
compile failed:
cc -I. -I. -g -DHAVE_CONFIG_H -I./popt -c lib/getaddrinfo.c -o
lib/getaddrinfo.o
cc: Error: lib/getaddrinfo.c, line 182: In this statement, "EAI_MAX" is
not declared. (undeclared)
if (ecode < 0 || ecode > EAI_MAX)
2001 Sep 20
1
rsync via ssh
Hi,
We have 2 problems with rsync over ssh that we
haven't been able to replicate all the time.
Basically, we have a developement server running
Solaris 2.5.1 and another running Solaris 2.6, the
development tree is shared via nfs. When minor
changes are made they are distibuted to various
mirror sites via a perl script which does some
checks (path, etc) and runs 'rsync -e ssh ....'
2002 Jun 29
0
Privsep for osf/1 .. still need a bit of help
This privsepifies OSF/1 SIA, but I'm still being told the same error
occurs. I'm stumped.
Without an OSF/1 box near me I can't do too much more help unless someone
can either tell me what is wrong or show me why SIA is failing in their
logs.
(And tell me if it's different w/ or w/out this patch)
- Ben
Index: auth-sia.c
2002 Jun 28
0
Newer OSF patch.
It still is not right, but thanks to Steve we have gotten this far..
The issue seems to be here:
debug3: entering: type 26
debug3: entering
debug1: session_new: init
debug1: session_new: session 0
debug3: entering: type 26
: sendmsg(12): Invalid argument
debug1: Calling cleanup 0x1200365c0(0x14000d9d8)
debug1: session_pty_cleanup: session 0 release /dev/ttyp4
debug1: Calling cleanup