Displaying 20 results from an estimated 300 matches similar to: "Minor Thread Bug In OpenSSH 3.8p1"
2003 Dec 07
0
[PATCH] Do PAM chauthtok via keyboard-interactive.
Hi All.
Attached is another patch that attempts to do pam_chauthtok() via SSH2
keyboard-interactive authentication. It now passes the results from the
authentication thread back to the monitor (based on a suggestion from
djm).
Because of this, it doesn't call do_pam_account twice and consequently
now works on AIX 5.2, which the previous version didn't. I haven't tested
it on any
2004 May 04
3
Error with USE_POSIX_THREADS and OpenSSH-3.8p1
Hello,
I am using OpenSSH-3.8p1 on HP-UX machine with USE_POSIX_THREADS option.
This is for making the kerberos credentials file to be created in the system
with PAM. In OpenSSH versions 3.5 when authentication is done with pam
kerberos, a /tmp/krb5cc_X_Y file is created on the server side. But the
KRB5CCNAME variable is not set by default. So, after we manually set this
environment variable, the
2004 Feb 27
3
Change request For OpenSSH 3.8p1
NOTE: This patch requires a previously sent patch fixing a small problem in
OpenSSH PAM support when POSIX threads are used.
This is a small patch to the OpenSSH portable configuration process that
I'd like to have considered for inclusion in the distributed version. It
will set the use of (native) POSIX threads in Solaris if the header and
library files are present on the system. At
2004 May 27
1
Solaris/PAM/AFS: can't make it work
Greetings,
I know this has been discussed (pretty much since 3.7.1) and I have
been going through the archives trying to make sense of it but I am
still having problems getting 3.8.1p1 to work with PAM and AFS on
Solaris 8.
The problem (for those who may have missed it):
When I try and log in as an AFS user to a Solaris 8 box running
3.8.1p1, I can authenticate to the machine but do not
2006 May 04
2
xmalloc(foo*bar) -> xcalloc(foo, bar) for Portable
Hi All.
While wandering in auth-pam.c I noticed that there's a few Portable-specific
escapees from the xmalloc(foo * bar) cleanup.
There's also a "probably can't happen" integer overflow in
ssh-rand-helper.c with the memset:
num_cmds = 64;
- entcmd = xmalloc(num_cmds * sizeof(entropy_cmd_t));
+ entcmd = xcalloc(num_cmds, sizeof(entropy_cmd_t));
2004 May 18
2
pam_setcred fails for "USE_POSIX_THREADS + non-root users + PrivSep yes"
Hello,
We use USE_POSIX_THREADS in our HP-UX build of OpenSSH. When we connect a
non-root user with PAM [pam-kerberos] then I get the following error.
debug3: PAM: opening session
debug1: PAM: reinitializing credentials
PAM: pam_setcred(): Failure setting user credentials
This is particularly for non-root users with PrivSep YES. When I connect to
a root user with PrivSep YES or to a non-root
2003 Oct 29
4
Fix for USE_POSIX_THREADS in auth-pam.c
As many of you know, OpenSSH 3.7.X, unlike previous versions, makes
PAM authentication take place in a separate process or thread
(launched from sshpam_init_ctx() in auth-pam.c). By default (if you
don't define USE_POSIX_THREADS) the code "fork"s a separate process.
Or if you define USE_POSIX_THREADS it will create a new thread (a
second one, in addition to the primary thread).
The
2004 Mar 29
2
Flags in pam_password_change_required() (auth-pam.c)
Hi
I just "stumbled" over the flags settings in
pam_password_change_required().
As far as I looked over the OpenSSH code, setting/resetting the 2nd bit
in those flags from auth-options.c whould only make sense if the flags
are checked to be 0/1 in the remaining OpenSSH code.
Frank
2009 Feb 12
2
[patch 1/3] add protocol extension to ATTR message
This patch adds all the missing commonly used UNIX attributes: st_dev,
st_ino, st_nlink, st_rdev, st_blocks, st_blksize, st_ctime. In
addition it extends st_atime and st_mtime to 64bits, and adds
nanosecond resolution to all three timestamps.
This is implemented as an extension to the ATTR message. This patch
alone is sufficient for SSHFS to be able to use these attributes. The
following two
2003 Nov 17
1
Problem with DIGEST-MD5 authentication and plainte xt passwords
Maikel Verheijen wrote:
> For what it's worth:
>
> We use postgres userlookups, and use an older version of dovecot (an old
> cvs version of around 0.99.9.1), and we DO use digest-md5 password
> encryption in the database and realms. It seems to work flawlessly in
> our situation, I used kmail, evolution, apple-mail, entourage, outlook,
> outlook-express and mutt.
2003 Sep 30
2
auth-pam.c, USE_POSIX_THREADS
OpenSSH 3.7.1p2 contains an #ifdef USE_POSIX_THREADS and simulates threads
by processes if this is not defined. However, configure and config.h do not
provide any means to define this. Is this already included for future
releases but does not function properly if defined? Or could it be set
manually in config.h and would work in Solaris?
2018 Jun 08
4
vanilla build of 7.7p1 release on linux/4.17 fails with gcc8 @ "/usr/bin/ld: unrecognized option '-Wl,-z,retpolineplt'"
On 8 June 2018 at 11:21, PGNet Dev <pgnet.dev at gmail.com> wrote:
> fyi
>
> add'l -- and looks unrelated -- issue
> /usr/include/pthread.h:251:12: note: previous declaration of ?pthread_join? was here
> extern int pthread_join (pthread_t __th, void **__thread_return);
What included pthread.h? That's explicitly not supported by sshd:
$ grep THREAD
2004 Sep 14
1
PATCH: Public key authentication defeats passwd age warning.
All,
I tried to sign up for this list a few weeks ago, but I don't think
it worked. After I confirmed my intention to be on the list, I only
got one single message from someone on the list, and that was it.
So, either this is a particularly quiet list, or my subscription
was dropped somehow just after it was made. So, if you could kindly
CC me directly on any responses to this, I sure would
2005 May 19
1
ssh-keygen private keys export - new feature
Hello,
I had some difficulties in order to convert private keys between different
implementations of SSH.
So, I wrote the following patch to allow export of SSH2 RSA and DSA private
keys into IETF SECSH format.
Note that I also slightly revised the IETF SECSH key import code.
Usage: use of the "-e" option on a private key file generates an unencrypted
private key file in IETF SECSH
2003 Nov 13
0
[PATCH] Perform do_pam_chauthtok via SSH2 keyboard-interactive.
Hi All.
Attached is a patch to perform pam_chauthtok via SSH2
keyboard-interactive. It should be simpler, but since Solaris seems to
ignore the CHANGE_EXPIRED_AUTHTOK flag, it calls do_pam_account to check
if it's expired. To minimise the change in behaviour, it also caches the
result so pam_acct_mgmt still only gets called once.
This doesn't seem to work on AIX 5.2, I don't know
2003 Oct 12
4
[PATCH]: Call pam_chauthtok from keyboard-interactive.
Hi All.
This patch calls pam_chauthtok() to change an expired password via PAM
during keyboard-interactive authentication (SSHv2 only). It is tested on
Redhat 8 and Solaris 8.
In theory, it should have simply been a matter of calling pam_chauthtok
with the PAM_CHANGE_EXPIRED_AUTHTOK flag, it'd only change the password is
if it's expired, right? From the Solaris pam_chauthtok man page:
2003 Jul 25
0
FW: Is dovecot NFS safe?
This was ment for the list :)
Sorry Stuart, for the double email...
Regards,
Maikel.
> -----Original Message-----
> From: Maikel Verheijen
> Sent: Friday, July 25, 2003 3:40 PM
> To: 'Stuart Henderson'
> Subject: RE: [Dovecot] Is dovecot NFS safe?
>
>
> Hi,
>
> Be aware that also your .subscriptions file and .customflags
> are not nfs safe (yet)
2001 Jan 30
1
PAM namespace.
auth-pam.c declares some new functions in the pam_ namespace that are not
part of PAM.
pam_password_change_required()
pam_msg_cat()
pam_cleanup_proc()
Purely to avoid any possible future problems I would suggest changing
these so they do not being with pam_, suggestions include:
__ssh_pam_msg_cat()
ssh_pam_msg_cat()
do_pam_msg_cat()
cat_pam_msg()
Please don't take this as a hint that
2003 May 27
1
Postgres "issue"
Dear list,
I have a small issue with dovecot talking to a postgresql server:
If my postgres server get restarted, dovecot fails to reconnect to the
postgres server.
I run dovecot 0.99.9.1 (which is actually a cvs version of dovecot, of may 9
2003)
I have the same postgres version for the server as I use for the libraries.
Is it hard to get auto-reconnect to work?
Kind regards,
Maikel
2004 Mar 04
3
[Bug 808] segfault if not using pam/keyboard-interactive mech and password's expired
http://bugzilla.mindrot.org/show_bug.cgi?id=808
Summary: segfault if not using pam/keyboard-interactive mech and
password's expired
Product: Portable OpenSSH
Version: 3.8p1
Platform: Sparc
OS/Version: Solaris
Status: NEW
Severity: normal
Priority: P2
Component: PAM support