similar to: [Bug 1379] New: memory leak in process_cmdline()

https://bugzilla.mindrot.org/show_bug.cgi?id=1380 Summary: incorrect check for strlen(fwd->connect_host) in parse_forward() Classification: Unclassified Product: Portable OpenSSH Version: 4.7p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P3 Component: ssh

These patches implement a new mux client request to list the currently opened TCP forwardings. It also removes some todos regarding keeping the list of forwardings in the options up-to-date. Bert Wesarg (6): attach the forwarding type to struct Forward merge local and remote forward lists generate unique ids for forwardings to be used for identification remove closed forwardings from

Hi, At the n2k10 OpenBSD network hackathon, I finally got some time to clean up and rewrite the ssh(1) client multiplexing code. The attached diffs (one for portable OpenSSH, one for OpenBSD) are the result, and they need some testing. The revised multiplexing code uses a better protocol between the master and slave processes and I even bothered to write it up :) It tracks the control sockets

Dear openssh developers, has the problem related to remote unix socket forwarding to a local port ever been fixed? (see message below: ssh -L 12345:/tmp/sock) I could not find any code containing the patch (maybe i am looking in the wrong places) I actually had the same problem and the feature is really handy if you are working on a windows machine. Help is apreciated. Thanks! Best

https://bugzilla.mindrot.org/show_bug.cgi?id=1539 Summary: double-free when failing to parse a forwarding specification given using ~C Product: Portable OpenSSH Version: 5.1p1 Platform: ix86 URL: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=50533 0 OS/Version: Linux Status:

https://bugzilla.mindrot.org/show_bug.cgi?id=1390 Summary: RekeyLimit max value is too restrictive Classification: Unclassified Product: Portable OpenSSH Version: 4.7p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: bitbucket at mindrot.org

https://bugzilla.mindrot.org/show_bug.cgi?id=1432 Summary: MaxAuthTries is not used correctly Classification: Unclassified Product: Portable OpenSSH Version: 4.7p1 Platform: All OS/Version: Solaris Status: NEW Severity: normal Priority: P3 Component: sshd AssignedTo: bitbucket at mindrot.org

Hi Everyone, I am using openssh 4.0 in a product, which is affected by CVE-2005-2797 (If DynamicForward option is activated, GatewayPorts is also unconditionally enabled). I am trying to backport the fix for this from 4.2 to 4.0. I have been finding the difference between 4.2 and 4.1 and the only change that looks relevant to this bug, to me is the changes made in the file readconf.c with the

hi, the man page for sshd(1) says about /etc/nologin: "The file should be world-readable". However, nologin has no effect if it's not readable by the connecting user: if (pw->pw_uid) f = fopen(_PATH_NOLOGIN, "r"); if (f) { /* /etc/nologin exists. Print its contents and exit. */ ... ... return(254) if root has a

http://bugzilla.mindrot.org/show_bug.cgi?id=996 Summary: Fatal error in xfree() when scp invokes ssh with a LocalForward config Product: Portable OpenSSH Version: 4.0p1 Platform: All OS/Version: FreeBSD Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo:

hi all, we had quite a few requests recently so that SunSSH allowed to hush a banner on client side when in command-mode only. The argument usually is that the banner is mandatory due to legal reasons so first time login users should see it but that it causes problems when ssh is used from scripts after that. '-q' often seems not an option. RFC 4252 permits hushing banner in section

FINALLY, it's here. You can now tell SSH which address to bind to for every single port forwarding option! This patch allows you to pass the following as ssh command line options: ssh -L 192.168.1.55:1234:localhost:80 -R ::11:22:aa:bb/80/localhost/80 etc. Or as normal config file options: LocalForward ::11:22:33/1234 localhost/80 RemoteForward 1.2.3.4:80 localhost:80 It will also

https://bugzilla.mindrot.org/show_bug.cgi?id=1385 Summary: extra backslashes in RB_PROTOTYPE Classification: Unclassified Product: Portable OpenSSH Version: 4.7p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P3 Component: Miscellaneous AssignedTo: bitbucket at

https://bugzilla.mindrot.org/show_bug.cgi?id=1378 Summary: incorrect port check in parse_forward() Classification: Unclassified Product: Portable OpenSSH Version: 4.7p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P3 Component: ssh AssignedTo: bitbucket at mindrot.org

https://bugzilla.mindrot.org/show_bug.cgi?id=1967 Bug #: 1967 Summary: Potential memory leak Classification: Unclassified Product: Portable OpenSSH Version: 5.9p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: unassigned-bugs at

Hi, I'm not a subscriber to this list so please CC: me in any replies. I found myself in a situation where I was behind a corporate firewall that allowed only web requests to the outside world (and furthermore those requests had to be via their proxy server). Therefore, I couldn't SSH to the outside world. However, the HTTP proxy 'CONNECT' method, which is normally used to

Hi all, I try to receive an ipv6 address for my PPP link via autoconf (against Cisco machine), but there is a problem I'm unable to solve so far. I can see cisco's Router-Advertisement containing prefix etc., but no IP adress is assigned to tun0 interface. Anyone succesful in IPv6 over dial-up PPP connection? When I manually assign IPv6 address, connection works. My system is

http://bugzilla.mindrot.org/show_bug.cgi?id=1366 Summary: atomicio doesn't poll() Product: Portable OpenSSH Version: 4.7p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: Miscellaneous AssignedTo: bitbucket at mindrot.org ReportedBy: ben at psc.edu

I've attached a patch to OpenSSH 3.0.2p1 that will allow the client side of local port forwarding to be bound to a single address. For my purposes, binding to 127.0.0.1 or (via GatewayPorts) all addresses would not work. I overloaded the "-b local_host" option so that it's address will be used when "-L port:remote_host:remote_port" is also specified. Today is the first

I have renamed all of the patch files to .txt, which should be acceptable for the mailer daemon at mindrot, per Angel's suggestion. I am attaching the patch files to the email, with the extra space removed and a minor correction made. Bill Parker (wp02855 at gmail dot com) -------------- next part -------------- --- port-linux.c.orig 2012-12-19 17:40:53.231529475 -0800 +++ port-linux.c