similar to: [PATCH] No extern declarations of optarg & co if getopt.h is available

Any ideas of the best way around this problem? Should I just hack the source code, or is there a magic switch somewhere I'm missing? I'm assuming I can't just dismiss that function as OpenSSH is probably based on the OpenBSD semantics. ============================================================================= gcc -g -O2 -Wall -Wno-uninitialized -I. -I.

Hi, I am happy to (re)send a set of patches for compiling OpenSSH 4.7p1 with FIPS 140-2 OpenSSL. These are based on previously reported patches by Steve Marquess <marquess at ieee.org> and Ben Laurie <ben at algroup.co.uk>, for ver. OpenSSH 3.8. Note that these patches are NOT OFFICIAL, and MAY be used freely by anyone. Issues [partially] handled: SSL FIPS Self test. RC4,

Hi! I hope this is the right list for sending tftpd-patches - if not, please point me in the right direction... I experienced quite strange problems when trying to use tftp-hpa in newer Cygwin versions. It simply isn't able to parse its command line correctly because it seems to use another optind variable than getopt(). When you try to start it with something like tftpd.exe -s /mypath

Patch to guarantee __optptr initialization and to correctly increment optind for missing arguments. --- klibc-0.194/klibc/getopt.c.orig 2005-01-04 23:18:50.229222640 -0700 +++ klibc-0.194/klibc/getopt.c 2005-01-04 23:17:05.236184008 -0700 @@ -11,7 +11,7 @@ char *optarg; int optind = 1; int opterr, optopt; -static const char *__optptr; +static const char *__optptr = NULL; int getopt(int

On Wed, Feb 25, 2015 at 09:04:57AM +1100, Darren Tucker wrote: > On Tue, Feb 24, 2015 at 12:11:16PM -0800, Kevin Brott wrote: > > ld: Unsatisfied symbol "xstrdup" in file > > openbsd-compat//libopenbsd-compat.a[bsd-misc.o] > > How about removing the dependency on xmalloc? eg (untested): Shoulda tested it. Now one that will compile: diff --git

On 11/13/18 4:51 PM, Richard W.M. Jones wrote: > There are advantages to having the same code parse the options in the > ./nbdkit wrapper as in the real nbdkit: > > - We can parse options in exactly the same way as the real program. > > - Use the more accurate ‘is_short_name’ test for unadorned > plugin/filter names on the command line. > > - Fixes the FreeBSD

Hi all. I got sick of getting a lame error message when I typed the wrong thing in for a -p argument, so I wrote up this patch. Bad: % ssh -p L4501 localhost Secure connection to localhost refused. Good: ./ssh -p L4501 localhost Bad port specification 'L4501'. Mo DeJong Red Hat Inc Index: ssh.c =================================================================== RCS file:

I redid my previous OPIE patch for the current ssh tree. It seems to work fine here, and I'ld love to see it merged before the 3.0 release. Wichert. diff -x CVS -wNur ../cvs/other/openssh_cvs/Makefile.in openssh_cvs/Makefile.in --- ../cvs/other/openssh_cvs/Makefile.in Mon Oct 22 02:53:59 2001 +++ openssh_cvs/Makefile.in Sun Nov 4 01:18:19 2001 @@ -50,7 +50,7 @@ SSHOBJS= ssh.o

The attached patch should solve the following problem: ssh-agent creates a temporary directory under /tmp with '600' permissions. The actual socket file is created in that dir using the default umask. That's no problem in U*X systems since nobody but the owner of the directory can read the socket file. Unfortunately, Windows has a user privilege called "Bypass traverse

I've got an issue using Sun's compilers on Solaris 10 - it appears that dovecot is trying to use the getopt function, that's part of GNU's glibc, and, therefore, not present when using Sun's compilers. Any ideas on how to resolve? cc -DHAVE_CONFIG_H -I. -I../.. -I../../src/lib -I../../src/lib-auth -I../../src/lib-mail -I../../src/lib-imap -I../../src/lib-index

Hi, I just installed OpenSSH 3.3p1 on a SunOS 4.1.4 system (actually a 3-year old Auspex file server) as a replacement for an older, probably vulnerable ssh version. I used gcc, openssl 0.9.6d, zlib 1.1.4 and the configure incantation ./configure --with-tcp-wrappers --with-privsep-user=privsep (the latter option obviously being the default value). There were two problems: (a) memmove seems

This patch allows DSA identities to be specified on the command line. Previously, only RSA identities were allowed. ------------------------------------------------------------------------ diff -U2 openssh-2.2.0p1/ssh.0 openssh-2.2.0p1.nigelw/ssh.0 --- openssh-2.2.0p1/ssh.0 Sat Sep 2 10:08:46 2000 +++ openssh-2.2.0p1.nigelw/ssh.0 Thu Dec 21 10:53:07 2000 @@ -224,5 +224,5 @@ -g Allows

A long-time missing feature (or bug, depending on how you look at it) is that a Ctrl-C at the password prompt in scp does not restore the terminal settings, thus dropping you to the command prompt without any keyboard echo. (A "reset" command will fix it.) This is a pretty regular occurance for me, and some others I've talked to - usually when you realize that the scp command you

Wherever we had code which did: if (something_bad) { perror (...); exit (EXIT_FAILURE); } replace this with use of the error(3) function: if (something_bad) error (EXIT_FAILURE, errno, ...); The error(3) function is supplied by glibc, or by gnulib on platforms which don't have it, and is much more flexible than perror(3). Since we already use error(3), there seems to be

I don't know if anyone would be interested in this but I'm including a patch to allow for offsets when transferring files with SCP. It's pretty simple and assumes the user knows what they are doing (for example, if transferring with a wild card the offset would apply to all files). -A is the number of bytes offset from the beginning of the files. -Z is the number of bytes inset

initramfs-tools wants to validate the real init program before running it, as there is no way out once it has exec'd run-init. This is complicated by the increasing use of symlinks for /sbin/init and for /sbin itself. We can't simply resolve them with 'readlink -f' because any absolute symlinks will be resolved using the wrong root. Add a dry-run mode (-n option) to run-init

On Wed, Feb 25, 2015 at 09:20:01AM +1100, Darren Tucker wrote: [...] > Sigh. And now the right patch from the tree that compiled. > (djm: I get the idea :-) Tim: is this sufficient to back out the "Work around finicky USL linker" change? https://anongit.mindrot.org/openssh.git/commit/?id=d1db656021d0cd8c001a6692f772f1de29b67c8b > diff --git a/openbsd-compat/bsd-misc.c

Preserving the command line from the invoking ssh command doesn't make much sense, so use setproctitle() to hide the arguments. --- ssh.c | 20 +++++++++++++++++--- 1 files changed, 17 insertions(+), 3 deletions(-) diff --git a/ssh.c b/ssh.c index d32ef78..8ebcc88 100644 --- a/ssh.c +++ b/ssh.c @@ -230,12 +230,25 @@ main(int ac, char **av) struct servent *sp; Forward fwd; - /* Ensure

ssh-keyscan may, under very specific circumstances, be vulnerable to something akin to a buffer overflow. It's probably impossible to exploit, though, if only because ssh-keyscan is not usually run on very large untrusted input files. ssh-keyscan uses an fgets() wrapper that uses an unsigned int to keep track of the length of a buffer holding the current line. On machines with sufficient

systemd supports switching back to the initramfs during shutdown in order to make it easier to clean up the root file system. This is desirable in order to allow us to remove keys from RAM before rebooting, making it harder to obtain confidential information by rebooting into an environment that scrapes RAM contents. --- debian/changelog | 4 +