similar to: Patch for stdout/stderr buffer flush write() handling

Bug: all .out files get rebuilt every make. This is silly, and breaks make install if root cannot write to your build dir. Fix: add dependancy check sop .out files only get rebuilt if the source file changes FixBug: if any source file gets changed, all .out files get rebuilt. This is because man pages and config files both get .out extensions but get created differently. It's

channels.h from today's CVS has MS-DOS ^M end-of-line chars. -- Carson Gaspar - carson at taltos.org Queen trapped in a butch body

auth.c:auth_log contains the following code: authlog("%s %s for %s%.100s from %.200s port %d%s", authmsg, method, authctxt->valid ? "" : "illegal user ", ---> authctxt->valid && authctxt->pw->pw_uid == 0 ? "ROOT" : authctxt->user, get_remote_ipaddr(),

The attached unified diff fixes configure so that all --with-libfoo options are allowed to be --with-libfoo=PATH. If the option is specified with a PATH, only that PATH is searched for the library. If it is specified as =yes or with no argument, it tries without modifying anything, and then tries looking in /usr/local. The SunOS5 targets no longer add /usr/local to include or library paths

Here is a new version of my partial auth patch against the April 24, 2001 CVS image. It fixes a couple of things (thanks to Karl M <karlm30 at hotmail.com>), and includes support for hostbased auth. It's still not pretty, but it works. 2 things Karl mentioned aren't fixed: - auth methods are still hard-coded into servconf.c. Fixing this would require a lot of work, and all the

The attached unified diff fixes configure so that all --with-libfoo options are allowed to be --with-libfoo=PATH. If the option is specified with a PATH, only that PATH is searched for the library. If it is specified as =yes or with no argument, it tries without modifying anything, and then tries looking in /usr/local. The SunOS5 targets no longer add /usr/local to include or library paths

I attached a broken diff to my last mail. This one actually works. Sorry for the brain-o's tonight... -- Carson Gaspar - carson at taltos.org Queen trapped in a butch body -------------- next part -------------- A non-text attachment was scrubbed... Name: makediff Type: application/octet-stream Size: 3569 bytes Desc: not available Url :

When using "HostbasedUsesNameFromPacketOnly yes", the ssh client sends the hostname with a trailing dot, but the server does not strip off the trailing dot when matching against .shosts et. al., or when looking up keys in ssh_known_hosts2. This causes the host to not be found. Adding the hostname with trailing dot to the config files "fixes" this, but I think sshd should

Finally all the pieces are in place to allow strong user and host authentication with SSH2 and the latest OpenSSH code (plus my partial auth patch). Herein I describe one problem case, and a possible solution thereof. Target: Allow user logins from host charles to host steve using passwords Previously, you would have had to trust the IP headers to authenticate charles. If charles had a

We recently tried upgrading openssh from 2.5.2p2 to 2.9p1 and discovered that it no longer worked to feed the output from a remote command into a pipe, unless the output was short and the pipe was very fast at processing its input. Example 1: ssh remote_machine some_command | less (where "some_command" generates a lot of output) now fails after the first screenful, with a

On 2/17/16 6:02 PM, Darren Tucker wrote: > On Thu, Feb 18, 2016 at 12:43 PM, Carson Gaspar <carson at taltos.org> wrote: > [...] >> Is there a sane way to run just one test script? LTESTS can't be overridden >> AFAIK... > > make t-exec LTESTS=testname > > where testname is the name of the specific test script without the .sh > extension. Nope, that runs

Hi! I am use SuSe 7.2 x86 and openssh-2.9p1-7.rpm I got a problem using bitkeeper on my laptop where bitkeeper reported an I/O error while reading data from 'ssh'. After much debugging, and some help from the bitkeeper people, I found out that that clientloop.c doesn't handle interrupts gracefully. (It died when it got an EAGAIN error when writing to the application) After applying

I finally got around to looking at a bunch of patchs to configure.in, some of them from back in March. One from Carson Gaspar <carson at taltos.org> looked promissing at first glance but after many hours I just couldn't get it to work. Due to much demand, I have added optional PATH to --with-pcre, --with-zlib, and --with-tcp-wrappers. I have done extensive testin on --with-zlib, and

Hi ! According to http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=98577747029227&w=2 [...snip...] List: openssh-unix-dev Subject: Updated configure.in patch for 2.5.2p2 From: Carson Gaspar <carson at taltos.org> Date: 2001-03-28 11:03:29 [...snip...] there exists a patch to add --with-zlib (needed when zlib isn't installed in the standard path. Happens on Solaris

Hi, I'm interested in the ability to block ssh logins (or alternatively, not have sshd answer client requests) for certain hostnames that are DNS CNAME aliases to the canonical name for a given IP address. To tell you the truth, I don't think this is currently possible through this setup, and may look further to try to block it at the firewall, but that's a different discussion... :)

On 2/17/16 3:02 PM, Carson Gaspar wrote: > > Sadly I'm hitting a different autoconf bug :-( I was being an idiot - configure was bombing out & I didn't notice (boy that openssl version error message is loooooong...) With Mr. Wilson's patch, I still get: "sandbox-solaris.c", line 22: #error: "--with-solaris-privs must be used with the Solaris sandbox"

We have been using OpenSSH version 2.3.0p1 for a couple of months now with out problems. The same goes for several previous versions we have used over the last year. However, I have just installed version 2.5.2p2 and it is giving me some problems. If it were not for the latest security bulletins strongly suggesting we upgrade, I would reinstall the 2.3.0p1 version. I am running on a SGI

http://bugzilla.mindrot.org/show_bug.cgi?id=152 carson at taltos.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |WORKSFORME ------- Additional Comments From carson at taltos.org 2002-03-10

HI! I would like to introduce new patch which adds new config option "AuthOrder2" to sshd_config. I would like to say that I only modyfied the patch made by Carson Gaspar. If you want to know more about this patch see thread at: http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=98577021011067&w=2 I will appreciate any feedback from you. This patch is against 3.1p1. BTW:

But the main question hasn't been answered: Why is /usr/local placed before user-specified paths? Hypothetical example: You want to link against OpenSSL 0.96 for OpenSSH, but /usr/local contains 0.95, which is needed for something else. (Assume it comes binary only on Solaris for the sake of argument...) --Matt > -----Original Message----- > From: Damien Miller [mailto:djm at