Displaying 20 results from an estimated 120 matches similar to: "PAM patch for openssh 3.7.1p2"
2004 Apr 30
0
buildpkg.sh enhancements
I've made some changes to buildpkg.sh to make it easier for package
builders to add their local changes.
I'd like people that use buildpkg.sh to test and comment on these
changes before I commit them to CVS.
None of the defaults have changed.
Some of the patch is is just moving chunks of code to a different
location to make some of the enhancements work.
Some things you may find
2002 Jun 18
0
Solaris packaging of rsync - script comes here
Hello everybody,
I have written a shell script that makes the building
of a Solaris package of rsync easier. Because I think it is useful
for other Solaris user, I wold be very happy, if somebody
would include it to the source tree.
There is one little things to do:
- include it in the auto-configuration process, so that the
version number will be set correctly.
So far,
Jens
----- Script
2001 Oct 17
3
Again: bugs in contrib/solaris/opensshd.in and buildpkg.sh
(Shame on me: wrong filename in last posting, now here are correct
diffs)
in contrib/solaris/ (openssh-SNAP-20011017.tar.gz)
1) buildpkg.sh makes wrong link for /etc/init.d/opensshd
2) /etc/init.d/opensshd has not-working killproc
here my version tested on Solaris 2.4 and 8
(no pgrep with solaris 2.4, XARGS was undefined, simpler
syntax)
J?rg
--- contrib/solaris/buildpkg.sh Fri Oct 12
2002 Feb 28
4
Update to solaris package creation
Can someone else from the Solaris realm that uses our package system
verify that this should be done? It looks right, but I want
another opinion before commiting.
- Ben
> On Wed, 27 Feb 2002, Antonio Navarro wrote:
>
>> Hi Ben,
>>
>> I have made some modifications to the buildpkg.sh script that is
>> distributed with openssh.
>>
>> I am sending it to
2002 Jul 02
3
New PAM kbd-int diff
Below is a new PAM kbd-int diff based on FreeBSD's code. This code makes
PAM kbd-int work with privilege separation.
Contrary to what I have previously stated - it *does* handle multiple
prompts. What it does not handle is multiple passes through the PAM
conversation function, which would be required for expired password
changing.
I would really appreciate some additional eyes over the
2002 Jun 25
4
PAM kbd-int with privsep
The following is a patch (based on FreeBSD code) which gets kbd-int
working with privsep. It moves the kbd-int PAM conversation to a child
process and communicates with it over a socket.
The patch has a limitation: it does not handle multiple prompts - I have
no idea how common these are in real-life. Furthermore it is not well
tested at all (despite my many requests on openssh-unix-dev@).
-d
2010 Jul 13
5
[Bug 1795] New: An integer variable "num" in mm_answer_pam_query() is not initialized before used
https://bugzilla.mindrot.org/show_bug.cgi?id=1795
Summary: An integer variable "num" in mm_answer_pam_query() is
not initialized before used
Product: Portable OpenSSH
Version: 5.5p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: PAM support
2003 Dec 05
1
OpenSSH Contrib/solaris buildpkg.sh
Hi,
thanks for this great work. Just a minor point - maybe
you should mention the
rm -rf $FAKE_ROOT
command within your README file:
It caught me unexpected and I was looking a couple
of minutes for the package artifact before I actually
read the last line.
Regards,
Burkhard Kohl
Lead Engineer Content Management
burkhard.kohl at intershop.de
INTERSHOP?
http://www.intershop.de
INTERSHOP
2004 Jul 02
0
Problem locating stream files
Hi *,
I have set up a very simple asterisk configuration where I intend to be redirected to the
voicemail whenever I dial 100 with my kphone SIP client. The problem is that asterisk can not find
the stream 'vm-theperson'. I have made a non-standard installation (since I am just testing), and
that file is located in /mnt/tr2/fake_root/installed/usr/local/var/lib/asterisk/sounds.
1. How
2002 Mar 09
0
OpenSSH-3.1p1 AIX buildbff.sh patch
Hello All,
Attached is a patch makes the following changes to contrib/aix
relative to 3.1p1:
* Gets version number from ssh -V as suggested by Tim Rice.
* Does a better job of generating valid AIX package version numbers
(fixes inutoc "format of the toc file is invalid" and "invalid level"
errors reported by Mandar Mirashi).
* Tests for "make install" failure and
2006 Feb 12
1
sshd double-logging
Hi all.
As Corinna pointed out, there are some cases where sshd will log some
authentications twice when privsep=yes.
This can happen on any platform although it seems most obvious on the
ones that don't do post-auth privsep. It also occurs when sshd logs
to stderr (eg running under daemontools) or when you have a /dev/log in
the privsep chroot.
The patch below attempts to solve this for
2003 Oct 29
4
Fix for USE_POSIX_THREADS in auth-pam.c
As many of you know, OpenSSH 3.7.X, unlike previous versions, makes
PAM authentication take place in a separate process or thread
(launched from sshpam_init_ctx() in auth-pam.c). By default (if you
don't define USE_POSIX_THREADS) the code "fork"s a separate process.
Or if you define USE_POSIX_THREADS it will create a new thread (a
second one, in addition to the primary thread).
The
2002 Mar 17
1
[patch] AIX package build fixes, please commit
Hello All,
This is a resend of a patch I posted nearly two weeks ago. As
of a few minutes ago, it hasn't been committed and thus the AIX package
builds from CVS fail. (I know because I now have a cron job that tells
me :-)
Could someone please review and commit the attached patch and
chmod a+x contrib/aix/*.sh, or let me know what needs to be changed?
It makes the following changes
2003 Aug 24
12
[Bug 423] Workaround for pw change in privsep mode (3.5.p1)
http://bugzilla.mindrot.org/show_bug.cgi?id=423
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
OtherBugsDependingO| |627
nThis| |
Status|NEW |ASSIGNED
------- Additional
2006 May 04
2
xmalloc(foo*bar) -> xcalloc(foo, bar) for Portable
Hi All.
While wandering in auth-pam.c I noticed that there's a few Portable-specific
escapees from the xmalloc(foo * bar) cleanup.
There's also a "probably can't happen" integer overflow in
ssh-rand-helper.c with the memset:
num_cmds = 64;
- entcmd = xmalloc(num_cmds * sizeof(entropy_cmd_t));
+ entcmd = xcalloc(num_cmds, sizeof(entropy_cmd_t));
2001 Mar 03
0
[PATCH] PrintLastLog option
Some time ago, Ben wrote about a PrintLastLog patch:
> If the person who originally submitted it wants to write a complete
> patch and submit it. Then we would be happy to debate if it will be
> included.
Well, here it is, because: "You Asked For It!"
PS: I'm tired of maintaining my own version of Debian's ssh just to
have this option available, so I hope you find
2013 Jan 31
2
OpenSSH NoPty patch
Hey everyone,
I wanted to add support for denying PTY allocation through OpenSSH. I'm
not certain if this is quite thorough enough for all cases, but for me
it might work for the moment.
I know that you can currently do this through authorized_keys, but as
far as I know that only works for an actual key. In my use case, I
wanted a user with no password which is forced to run a specific
2001 Apr 30
0
Warning messages compiling --with-pam - pampass.c and pass_check.c
I'm using Samba 220, Solaris 2.8/Sparc, Sun Forte C Compiler.
I ran ./configure using --with-pam so I could use winbind.
During compilation, I get the following warning messages:
............
Compiling passdb/secrets.c
Compiling passdb/pass_check.c
"passdb/pass_check.c", line 671: warning: statement not reached
Compiling passdb/ldap.c
Compiling passdb/nispass.c
Compiling
2002 Jul 15
10
Patch: Solaris packages don't create privsep user or group
Hi.
Solaris packages created by buildpkg.sh don't create privsep user or
group and sshd won't start until they are created (or privsep is
disabled):
## Executing postinstall script.
starting /usr/local/sbin/sshd... Privilege separation user sshd does not
exist
/etc/init.d/opensshd: Error 255 starting /usr/local/sbin/sshd...
bailing.
The attached patch (against -cvs) ports the relevant
2003 Jan 29
0
[PATCH] features for restricted shell environments
The patch below implements a couple of features which are useful
in an environment where users do not have a regular shell login.
It allows you to selectively disable certain features on a
system-wide level for users with a certain shell; it also allows
you to control and audit TCP forwarding in more detail.
Our system is an email server with a menu for the login shell;
we selectively allow port