Displaying 20 results from an estimated 10000 matches similar to: "Snapshots not updating?"
2003 Jan 29
2
PermitRootLogin=yes no longer lets root login
Hi All,
While testing another patch, I found that I could not longer log in as
root, even if PermitRootLogin was yes. It seems to be the following
code in auth_password:
$ cvs diff -r1.48 -r1.49 auth-passwd.c
[snip]
#ifndef HAVE_CYGWIN
- if (pw->pw_uid == 0 && options.permit_root_login != PERMIT_YES)
+ if (pw->pw_uid == 0 && options.permit_root_login !=
2003 Jun 25
1
New regression test: dynamic forwarding
Hi All.
The discussion about SOCKS5 support set me thinking about how you would
test it, and I came up with the attached test. (Again, mostly code stolen
from another test, this time forwarding.sh). It requires "connect" [1]
but will skip the test if it's not found.
-Daz.
[1] http://www.taiyo.co.jp/~gotoh/ssh/connect.html
--
Darren Tucker (dtucker at zip.com.au)
GPG key
2003 Aug 22
1
GSSAPI patch sync from OpenBSD to Portable
Hi All.
Markus has commited the long-awaited GSSAPI patch to OpenBSD's ssh.
There are patches. The first [1] is a straightforward port of the
OpenBSD code to Portable.
The second [2] contains the parts I've stolen from Simon Wilkinson's
portable GSSAPI patch in an attempt to make it build. It is incomplete
and doesn't currently work.
The PAM support is not there and
2003 Apr 07
0
OpenSSH 3.6.1p1 AIX installp/bff packages available.
Hi All.
New AIX packages of OpenSSH 3.6.1p1 are available for download at [1].
There are two tarballs, one for the as-distributed code and one with the
password expiration patch. Each tarball contains binaries for AIX 4.x
and AIX 5.x. The usual caveats apply (see page).
These packages have been more popular than I ever thought they'd be.
They are about to clock up the one thousandth
2003 Jan 08
1
Trivial patch: update README about AIX port status
Hi All.
As of now, openssh on AIX passes all regressions tests (and, yes, I
just checked!), works with privsep, bugzilla has zero open AIX-specific
bugs and IBM ship it essentially unmodified as a supported product.
I think it's beyond "support underway" :-)
-Daz.
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
2003 Jul 03
0
[PATCH] Speed up dynamic-forward regression test
Hi All.
The attached patch speeds up the dynamic forwarding regression test:
* moves starting the test sshd to the outer loop.
* kills the sleep of when it's no longer required.
-Daz.
$ time PATH="`pwd`:$PATH" sh ../regress/test-exec.sh `pwd` \
../regress/dynamic-forward.orig.sh
ok dynamic forwarding
real 0m54.585s
user 0m5.760s
sys 0m0.370s
$ time
2003 Jan 10
0
Core dump from sshd fatal_cleanup()
Hi All.
While working on something I noticed core dumps from sshd. They don't
seem to be related to what I was working on.
It's from the process forked to run the shell. Just after the fork,
fatal_remove_all_cleanups() is called, which looks like:
fatal_remove_all_cleanups(void)
{
struct fatal_cleanup *cu, *next_cu;
for (cu = fatal_cleanups; cu; cu = next_cu) {
2003 Jan 19
1
OpenSSH build failure on NetBSD 1.5.2
Hi All.
The recent setproctitle changes don't seem to work on NetBSD. Some of
the variables are still used when the definitions are #ifdef'ed out.
Attached patch fixes it, but I'm not sure it does it the right way.
-Daz.
gcc -g -O2 -Wall -Wpointer-arith -Wno-uninitialized -I. -I..
-I../../openbsd-compat -I../../openbsd-compat/.. -DHAVE_CONFIG_H -c
2003 May 04
1
Bugzilla bugs: close ones waiting for feedback >3 months?
Hi All,
I've been going through the bug queue and there's a number that have been
waiting for reporter feedback for a long time (in one case 7+ months).
Would anyone consider it unduly harsh if I took an axe to the queue and
closed any bugs (ie the unconfirmed or WORKSFORME type) that have been
waiting for reporter feedback for more than, say, 3 months? (Unless
there's a documented
2003 Jun 21
0
[PATCH] Use $SUDO for reconfigure.sh regression test.
Hi.
I just noticed that the new reconfigure regression test does not work
properly (the test passes but it doesn't actually test anything) when
SUDO=sudo is used, because the kill -HUP is run as a normal user. This is
fixed in the attached patch.
-Daz.
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes
2003 Dec 18
1
PAM, chauthtok and keyboard-interactive
Hi All.
Today a patch was commited to OpenSSH that performs PAM password
changes via SSH2 keyboard-interactive authentication. I should work
fine with privsep, which some of the other solutions have problems with.
While the patch itself is relatively small, it's bigger than it should
have been due to differences in PAM implementations.
I encourage anyone with a interest in this to try
2004 Feb 11
0
OpenSSH 3.8 and password expiry.
Hi All.
I'm pleased to report that as of yesterday, OpenSSH -current now
supports forced changes of expired passwords on most platforms, and bug
#14 is now closed.
Specifically, AIX's native authentication, BSD Authentication and
shadow passwords with the expiry field are supported. The password is
changed by exec'ing /usr/bin/passwd in the session. Interested parties
should
2002 Jun 22
2
AIX Package build update.
Hello All,
I've updated the AIX package builder (contrib/aix/buildbff.sh). The
changes are below. Please review and commit if OK.
First, a question: Does anyone want SRC (System Resource Controller)
support in the packages? I don't use it but I've been sent an example of
how do do it without modifying sshd itself.
Onto the changes:
* Supports PrivSep. Postinstall will create
2002 Jun 22
2
ssh-agent build failure on AIX
Hello All,
I've just attempted to build from -cvs on AIX and get the following:
$ gcc [snip] -c ssh-agent.c
ssh-agent.c: In function `main':
ssh-agent.c:975: `BSDoptarg' undeclared (first use in this function)
ssh-agent.c:975: (Each undeclared identifier is reported only once
ssh-agent.c:975: for each function it appears in.)
make: 1254-004 The error code from the last command is 1.
2002 Jul 15
1
Patch: remove unused tty variable from session.c
Hi.
This was added just before 3.4p1 for passing to aix_usrinfo and is now
unused.
-Daz.
Index: session.c
===================================================================
RCS file: /cvs/openssh/session.c,v
retrieving revision 1.210
diff -u -r1.210 session.c
--- session.c 4 Jul 2002 03:08:41 -0000 1.210
+++ session.c 15 Jul 2002 11:50:14 -0000
@@ -1159,8 +1159,6 @@
void
2002 Jul 27
1
[Patch] Improve diags for "OpenSSL headers match library" configure test
Hello All,
After seeing what is probably the zillionth "OpenSSL headers don't
match library" bug report I made the following mod to configure.ac. It
always writes the versions of the library and headers to config.log and
prints them to stdout if they don't match.
Hopefully this will help diagnose these problems in future. Example
output below.
-Daz.
$ ./configure
[snip]
2003 Feb 24
0
Compile errors on Solaris, early AIX and PAM platforms
Hi All.
Damien merged a bunch of changes today which caused compile errors on a
few platforms (which you can see live and in colour at [0]).
a) Solaris, early AIX:
../crc32.c:100: `u_int32_t? undeclared (first use in this function)
On these platforms u_int32_t is defined in defines.h which is not
included by crc32.c. Fixed by attached patch.
b) PAM platforms (Redhat, Solaris once a) is
2003 May 18
1
OpenSSH -current segfaults on HP-UX+gcc
Hi All.
As of last night, sshd now segfaults on HP-UX (11.00, gcc 3.2.2) on
startup.
I've single-stepped through the code in freeaddrinfo and it's called with
a valid *addrinfo, follows ai_next once then for some reason attempts to
deref the second pointer which is NULL.
Suspecting a compiler/optimization bug I recompiled fake-getaddrinfo.c
without optimization but that made no
2004 Jan 01
1
Syncing sshd/krb GetAFSToken change to Portable: help wanted
Hi All.
Recently a change was merged from OpenBSD's sshd into Portable that
implements a KerberosGetAFSToken option (patchset attached).
This change causes compile errors with both MIT Kerberos and Heimdal
(errors when compiled with MIT Kerberos below).
I've figured out that the functions called in the new code are in
Heimdal's libkafs, so adding -lkafs to the start for the
2003 May 15
2
Resolver changes broke AIX & HPUX
Hi All.
Haven't looked at this yet but it looks like the resolver changes broke
AIX and HP-UX.
-Daz.
AIX 4.3.3.11:
gcc -g -O2 -Wall -Wpointer-arith -Wno-uninitialized -I. -I..
-I../../openbsd-compat -I../../openbsd-compat/.. -I/usr/local/ssl/include
-I/usr/local/include -DHAVE_CONFIG_H -c
../../openbsd-compat/getrrsetbyname.c
../../openbsd-compat/getrrsetbyname.c:133: warning: static