Displaying 20 results from an estimated 800 matches similar to: "[PATCH]: Workaround a security leak on Windows"
2023 Jun 17
2
[PATCH] ssh-agent: add systemd socket-based activation
This adds support for systemd socket-based activation in the ssh-agent.
When using socket activation, the -a flag value must match the socket
path provided by systemd, as a sanity check. Support for this feature is
enabled by the --with-systemd configure flag.
---
Something tells me upstream would not be interested in this patch, but
as it may be useful on linux, I'm submitting it here.
2003 Sep 10
3
[PATCH] No extern declarations of optarg & co if getopt.h is available
Hi,
I have a problem with the extern declarations of optarg, optind, etc.
We're currently moving getopt from being a statically linked function
to a dynamically linked function as part of the Cygwin DLL. On Windows,
this requires to generate special symbols (__imp__optarg, etc.), which
is done by marking the exported variables in the corresponding header.
Instead of
extern char *optarg;
2015 Sep 26
5
[RFC][PATCH v2] Support a list of sockets on SSH_AUTH_SOCK
The idea behind this change is to add support for different "ssh-agents"
being able to run at the same time. It does not change the current
behaviour of the ssh-agent (which will set SSH_AUTH_SOCK just for
itself). Neither does it change the behaviour of SSH_AGENT_PID (which
still supports only one pid).
The new implementation will go through the list of sockets (which are
separated by a
2000 Sep 02
2
[PATCH]: Cygwin port of 2.2.0p1
Attached is the patch for the Cygwin port of 2.2.0p1. As usual I didn't
attach the patch to `configure' but only the patch to `configure.in'.
BTW: I have attached a gzip'd version of the patch since it's size
is > 20K and I thought that it might be too big. The gzip'd diff is
< 8K.
What are "Small attachments (such as diff files) within the bounds
of common
2002 Jun 07
4
openssh for UWIN
I am enclosing a context diff of the changes that I made to get
openssh working on UWIN. UWIN is a UNIX operating system layer
that runs on Win32 systems. For more information on UWIN
go to http://www.research.att.com/sw/tools/uwin/.
I also ran configure using -with-cppflags=-D_BSDCOMP=2. I don't
know where that information would go with the source code.
Let me know if you need more
2019 May 19
4
most robust way to call R API functions from a secondary thread
Hi,
As the subject suggests, I am looking for the most robust way to call an (arbitrary) function from the R API from another but the main POSIX thread in a package's code.
I know that, "[c]alling any of the R API from threaded code is ?for experts only? and strongly discouraged. Many functions in the R API modify internal R data structures and might corrupt these data structures if
2019 May 20
1
most robust way to call R API functions from a secondary thread
Stepan,
Andreas gave a lot more thought into what you question in your reply. His question was how you can avoid what you where proposing and have proper threading under safe conditions. Having dealt with this before, I think Andreas' write up is pretty much the most complete analysis I have seen. I'd wait for Luke to chime in as the ultimate authority if he gets to it.
The
2000 Feb 14
0
[openssh-1.2.2] some porting notes for SunOS 4.1.4
Hi.
Here are the relevant details about the setup:
SunOS 4.1.4
gcc 2.7.2.2
tcp wrappers 7.5
egd 0.6 (doesn't really come into play at compile time)
The following only pertains to the compilation (and linking) stage.
Code and patches are SunOS specific.
-- The following functions are missing in SunOS: strerror, atexit,
memmove. I wrote simple replacements in term of on_exit and bcopy
2003 Jan 09
1
[PATCH] Allow multiple accounts on Windows 9x/Me
Hi,
the following patch by Pierre A. Humblet <Pierre.Humblet at ieee.org>
allows to use more than one uid on 9x/Me boxes which is currently
blocked due to the behaviour of Cygwin's security code. After this
patch is applied to sshd, we can safely change the affected code in
Cygwin.
Thanks,
Corinna
Index: session.c
===================================================================
2016 Apr 23
2
StreamLocal forwarding
Hi folks,
(3rd time I am sending this message, none of the other appear to have
made it through!)
Using "OpenSSH_6.9p1 Ubuntu-2ubuntu0.1, OpenSSL 1.0.2d 9 Jul 2015" on
the server, "OpenSSH_7.2p2, OpenSSL 1.0.2g 1 Mar 2016" on the client.
I am trying to use sshtunnel with StreamLocal forwarding to enable me
to connect back to the client's ssh port, without having to
2002 Jun 25
3
BSD/OS with privsep
I need this for BSD/OS 4.2 + privsep
perhaps we should not call do_setusercontext() after
chroot().
--- sshd.c.orig Fri Jun 21 03:09:47 2002
+++ sshd.c Tue Jun 25 13:11:03 2002
@@ -548,21 +548,35 @@
/* Change our root directory*/
if (chroot(_PATH_PRIVSEP_CHROOT_DIR) == -1)
fatal("chroot(\"%s\"): %s", _PATH_PRIVSEP_CHROOT_DIR,
strerror(errno));
if
2000 May 12
0
SunOS 4.x port
This is based on openssh-2.0.0beta1. There are a few rough spots:
1) SunOS doesn't have ut_type in struct utmp so I just whacked
in the old login() from openssh-1.2.3.
2) There is a SUNOS4 section added to defines.h -- this could probably
be a bit cleaner.
3) sigaction on SunOS is implemented via #defines to sigvec, thus there
is no SA_RESTART (this is the default behavior).
2002 Jul 04
1
[PATCH]: Remove HAVE_CYGWIN in favor of NO_IPPORT_RESERVED_CONCEPT
Hi,
I've sent that patch once already but it seems more or less forgotten
in the tumultuous days of the latest vulnerability.
It adds a new define NO_IPPORT_RESERVED_CONCEPT which can be defined
on platforms not supporting the concept of "privileged" ports only
accessible by privileged users but which allow everyone to use these
ports.
This patch removes some Cygwin dependencies
2001 Dec 18
2
[PATCH]: Fix potential security hole in Cygwin version
Hi,
the following patch fixes a potential security hole in the Cygwin
version of sshd.
If you're logging in to a Cygwin sshd with version 2 protocol using an
arbitrary user name which is not in /etc/passwd, the forked sshd which
is handling this connection crashes with a segmentation violation. The
client side encounters an immediate disconnect ("Connection reset by
peer").
2001 Apr 02
1
[PATCH]: scp could hang in Cygwin
Hi,
attached is a patch which solves the following problem:
Sometimes scp could hang in Cygwin when used as remote end using
the -t option. This is due to a binmode/textmode problem which
could be raised by the login shell which is used by the user and
it's setting of textmode on stdin. The patch solves that problem
by explicitly setting binmode on stdin.
Besides solving the hanging
2001 Jun 04
1
[PATCH]: Add check_ntsec to ownership/mode tests
Hi,
I have added calls to `check_ntsec()' to the code which checks
for the ownership and modes of identity files and directories.
As you might know, check_ntsec() tests if owner/modes are
supported by the OS (9x/ME=no, NT/W2K=yes), the filesystem
(FAT/FAT32=no, NTFS=yes) and the current Cygwin settings
(ntea/ntsec).
Corinna
Index: auth-rhosts.c
2003 Aug 03
2
[PATCH] Fix minor breakage on Cygwin: auth-passwd.c and session.c
Hi All.
I tried building -current on Cygwin but got a couple of minor errors.
The first is in auth-passwd.c where it appears Ben got a bit
over-enthusiastic cleaning up :-). The patch restores the relevant
"#ifdef HAVE_CYGWIN" fragment.
The second is in the send-break code in session.c, which won't compile
because Cygwin apparently doesn't have TIOCSBRK and TIOCCBRK ioctls.
2002 Jul 15
1
Patch: remove unused tty variable from session.c
Hi.
This was added just before 3.4p1 for passing to aix_usrinfo and is now
unused.
-Daz.
Index: session.c
===================================================================
RCS file: /cvs/openssh/session.c,v
retrieving revision 1.210
diff -u -r1.210 session.c
--- session.c 4 Jul 2002 03:08:41 -0000 1.210
+++ session.c 15 Jul 2002 11:50:14 -0000
@@ -1159,8 +1159,6 @@
void
2004 Mar 02
3
environ problem in 3.8p1
3.8p1 added the following to main() in sshd.c:
#ifndef HAVE_CYGWIN
/* Clear environment */
environ[0] = NULL;
#endif
This breaks the getenv("TZ") in session.c and causes logins to occur in
GMT time. It also causes any sshd syslog messages to be written in GMT
time. I'm on SCO Openserver 5.0.7, but this looks like it should affect
all platforms. Am I missing something? I
2016 May 03
2
StreamLocal forwarding
Hi,
The code definitely attempts to unlink any old listener
beforehand (see misc.c:unix_listener()) so I don't understand why
that isn't being called. You might try simulating your configuration
using sshd's -T and -C to make sure the flag is correctly being set.
Could chroot be interfering? Some platforms implement additional
restrictions on devices and sockets inside chroot.
-d