similar to: [PATCH]: scp could hang in Cygwin

Hi, the following patch fixes a potential security hole in the Cygwin version of sshd. If you're logging in to a Cygwin sshd with version 2 protocol using an arbitrary user name which is not in /etc/passwd, the forked sshd which is handling this connection crashes with a segmentation violation. The client side encounters an immediate disconnect ("Connection reset by peer").

Hi, the following patch is a (hopefully least intrusive) extension when sshd is started so that it daemonizes itself. In that case Windows 9x/Me has a slight problem with sshd as soon as the current user logs off. The sshd daemon will be killed as well. Since installing services is very different between NT and 9x, the way used for NT boxes isn't working well for 9x. For that reason

Attached is the patch for the Cygwin port of 2.2.0p1. As usual I didn't attach the patch to `configure' but only the patch to `configure.in'. BTW: I have attached a gzip'd version of the patch since it's size is > 20K and I thought that it might be too big. The gzip'd diff is < 8K. What are "Small attachments (such as diff files) within the bounds of common

Hi, the following patch removes some of the Cygwin specific code from OpenSSH. Since Cygwin is able to change the user context on NT/W2K even without a password since the new Cygwin version 1.3.2, there's no need anymore to allow changing the user context only if the sshd user is the same user as the one which logs in or when a password is given. For that reason the whole function

Hi, OpenSSH 5.9 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This release contains a couple of new features and changes and bug fixes. Testing of the new sandboxed privilege separation mode (see below) would be particularly appreciated. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The

I had to update the Cygwin port for two reasons: - scp could fail because of another textmode/binmode problem. - Privileged ports are not privileged on Windows and there's no coherence between privileged user and uid 0. So I send the complete patch again with the above changes. ChangeLog: ========== - Makefile.in: Changed to support $EXEEXT transparently. Added `cygwin_util.o' to

Hi, the following patch checks if OpenSSH is running under a Cygwin version >= 1.3.2 which allows switching user context without password. Otherwise sshd allows changing the user context only if password authentication is used as it was before. Corinna Index: openbsd-compat/bsd-cygwin_util.c =================================================================== RCS file:

Hi, the attached patch file contains two patches in one: - contrib/cygwin/ssh-host-config: Create sshd_config according to latest changes. - openbsd-compat/bsd-cygwin_util.c: Rewrite a bit to allow easier retrieval of Cygwin capabilities from version number (uname). For Cygwin versions beginning with API minor version 56 assume ntsec being on by default. Thanks in advance for applying

Hi, the following patch rearranges some checkings in bsd-cygwin-util.c to keep in sync with Cygwin versions. I moved the uname() check into it's own function so that it's easier to add further checks when necessary. Corinna Index: openbsd-compat/bsd-cygwin_util.c =================================================================== RCS file:

Hi, I have left this slip through already too long. When compiling openbsd-compat/bsd-cygwin_util.c, the following warnings appear: openbsd-compat/bsd-cygwin_util.c: In function `binary_open': openbsd-compat/bsd-cygwin_util.c:67: warning: implicit declaration of function `open' openbsd-compat/bsd-cygwin_util.c: In function `binary_pipe': openbsd-compat/bsd-cygwin_util.c:73:

On Wed, 20 Feb 2019 at 23:54, Corinna Vinschen <vinschen at redhat.com> wrote: > The previous revert enabled case-insensitive user names again. This > patch implements the case-insensitive user and group name matching. > To allow Unicode chars, implement the matcher using wchar_t chars in > Cygwin-specific code. Keep the generic code changes as small as possible. > Cygwin:

On Feb 22 16:02, Darren Tucker wrote: > On Fri, Feb 22, 2019 at 03:32:43PM +1100, Darren Tucker wrote: > > On Wed, 20 Feb 2019 at 23:54, Corinna Vinschen <vinschen at redhat.com> wrote: > > > The previous revert enabled case-insensitive user names again. This > > > patch implements the case-insensitive user and group name matching. > > > To allow Unicode

Hi All. While wandering in auth-pam.c I noticed that there's a few Portable-specific escapees from the xmalloc(foo * bar) cleanup. There's also a "probably can't happen" integer overflow in ssh-rand-helper.c with the memset: num_cmds = 64; - entcmd = xmalloc(num_cmds * sizeof(entropy_cmd_t)); + entcmd = xcalloc(num_cmds, sizeof(entropy_cmd_t));

Windows usernames are case-insensitive and almost any Unicode character is allowed in a username. The user should be able to login with her username given in any case and not be refused. However, this opens up a security problem in terms of the sshd_config Match rules. The match rules for user and group names have to operate case-insensitive as well, otherwise the user can override her settings

Hi, is it possible to apply the below patch before 3.8.1p1 comes out? Due to a posting on the Cygwin mailing list it turned out, that the prerequisites to allow public key authentication where to tight. Since Cygwin version 1.5.x the so called `ntsec' setting isn't require anymore to allow switching user context without password. The below patch to bsd-cygwin_util.c fixes the test for

Hi All. I tried building -current on Cygwin but got a couple of minor errors. The first is in auth-passwd.c where it appears Ben got a bit over-enthusiastic cleaning up :-). The patch restores the relevant "#ifdef HAVE_CYGWIN" fragment. The second is in the send-break code in session.c, which won't compile because Cygwin apparently doesn't have TIOCSBRK and TIOCCBRK ioctls.

I don't know if anyone would be interested in this but I'm including a patch to allow for offsets when transferring files with SCP. It's pretty simple and assumes the user knows what they are doing (for example, if transferring with a wild card the offset would apply to all files). -A is the number of bytes offset from the beginning of the files. -Z is the number of bytes inset

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Here goes the announcement of the 2.6.2-3 package for cygwin (available from cygwin's setup itself). If you wonder what "2.6.2-3" means, it's basically the third "cygwin package" that uses rsync-2.6.2 sources. This third attempt solves both the august security fix and the textmode bug that 2.6.2-2 had. follows the

The second rsync-2.5.6 pre-release version is now available at: http://rsync.samba.org/ftp/rsync/preview/rsync-2.5.6pre2.tar.gz ftp://rsync.samba.org/pub/rsync/preview/rsync-2.5.6pre2.tar.gz rsync://rsync.samba.org/ftp/rsync/preview/rsync-2.5.6pre2.tar.gz There's also a corresponding '.sig' file that contains a gpg signature of the file; the public key is available on the

Hi, could somebody apply the below patch, please? It removes a couple of environment variables which are propagated to the child process so far, but which not really necessary to keep child processes running. What's left now is the bare minimum which is requested by scripts, typically. Thanks, Corinna Index: openbsd-compat/bsd-cygwin_util.c