similar to: scp problem on OS X

http://bugzilla.mindrot.org/show_bug.cgi?id=996 Summary: Fatal error in xfree() when scp invokes ssh with a LocalForward config Product: Portable OpenSSH Version: 4.0p1 Platform: All OS/Version: FreeBSD Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo:

Hi there, I've written some enhancements to scp.c and pathnames.h to enable the scp to arbitrarily set the remote scp path. (eg $ scp -e /usr/bin/scp foo user at bar:foo) I did read the "scp: command not found" FAQ entry but I'm not quite sure why we can't do this, unless it's because enhancements to scp are no longer a priority. Any other reason why it "is the

On Sun, 2004-08-08 at 14:10, Dr Mike Waters wrote: snip > Thanks for the responses guys. > > I used to have RH9 installed on this machine and I found out about the > separate developer packages then. I thought that I had got the relevant > XFree devel package installed, but although it showed up in the rpm database > as being present, the required files were not present. I did

OpenSSH 5.1p1 I can't grasp why, when connecting with 'ssh -Y' to this test host, I am not tickling the verbose() call below that I have added. I am logging as auth + verbose in sshd_config The X11 forward for the session works fine as tested with xterm. At any rate, I am looking for some guidance on where to log X11 forwards that are established, ideally with a username and remote

Guests other than domain 0 using the console output have previously been controlled by the VERBOSE define, but with no designation of which guest''s output was on the console. This patch converts the HVM output buffering to be used by all domains, line buffering their output and prefixing it with the domain ID. This is especially useful for debugging stub domains. Signed-off-by: Daniel De

This fixes an actual bug (failure to exit from a function after an allocation failure), an inconsistency (not removing the cpufreq_dom list member upon failure), and a latent bug (not clearing the current governor upon governor initialization failure when there was no old one; latent because the only current code path leading to this situation frees the policy upon failure and hence the governor

The variable local_user was allocated by xstrdup and is not freed or pointed to in this branch. This patch adds the xfree. This entire set of patches passed the regression tests on my system. Bug found by Coverity. Signed-off-by: Kylene Hall <kjhall at us.ibm.com> --- sshconnect.c | 1 + 1 files changed, 1 insertion(+) diff -uprN openssh-4.3p2/sshconnect.c

Hi ! Here's a patch to add remote port forwarding support (protocol 2) for openssh. I have tried to test that it works like it should but a more thorough testing is needed. This patch adds both client/server support. The patch should be applied to openssh-2.1.1p4 source tree. Also included is a PortForwarding sshd_config option, new ./configure option --disable-forwarding that should make it

--- mux.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/mux.c b/mux.c index d90605e..fa796bd 100644 --- a/mux.c +++ b/mux.c @@ -1195,6 +1195,7 @@ muxserver_listen(void) close(muxserver_sock); muxserver_sock = -1; } + xfree(orig_control_path); xfree(options.control_path); options.control_path = NULL; options.control_master = SSHCTL_MASTER_NO;

Hi, the following patch fixes a potential security hole in the Cygwin version of sshd. If you're logging in to a Cygwin sshd with version 2 protocol using an arbitrary user name which is not in /etc/passwd, the forked sshd which is handling this connection crashes with a segmentation violation. The client side encounters an immediate disconnect ("Connection reset by peer").

Jan, This patch just used to stick all 1''s to MCi_CTL, it should not involve much argue, so I sent it separately. Thanks, Jinsong ==================== Xen/MCE: stick all 1''s to MCi_CTL of vMCE This patch is a middle-work patch, prepare for future new vMCE model. It remove mci_ctl array, and keep MCi_CTL all 1''s. Signed-off-by: Liu, Jinsong

As far as I know this patch has no security implications -- I don't believe that allowing sshd to use get_local_name() (in canohost.c) on a connected socket to determine it's own fqdn will allow a malicious client (or router or dns server) to make it come to the wrong conclusion. But please let me know if you think I'm wrong. Please also let me know if you're just not interested

And while we are at it, can you please comment on these patches as well, originally submitted around one year ago. Oh, and I think we can agree, that the secsh-filexfer standardization is dead, so there's not much point in trying to support newer protocol versions, which don't have statfs anyway. Thanks, Miklos ----- This is needed to be able to support statfs operation on an SSH

This patch (to OpenSSH 3.0.2p1) adds support for using krb4, krb5 and other principal names in authorized_keys entries. It's a sort of replacement for .klogin and .k5login, but it's much more general than .k*login as it applies to any authentication mechanism where a name is associated with the ssh client and it supports name patterns and all the normal authorized_keys entry options

Hi! With current git version of xorg-server when I try to compile xf86-video-nouveau I got these errors: nouveau_exa.lo nouveau_exa.c: In function 'nouveau_exa_create_pixmap': nouveau_exa.c:325:3: warning: 'Xcalloc' is deprecated (declared at /usr/include/xorg/os.h:225) nouveau_exa.c:331:2: warning: 'Xcalloc' is deprecated (declared at /usr/include/xorg/os.h:225)

The primary purpose of the attached patches is for portable OpenSSH to support changing expired passwords as specified in shadow password files. To support that, I did a couple enhancements to the base OpenBSD OpenSSH code. They are: 1. Consolidated the handling of "forced_command" into a do_exec() function in session.c. These were being handled inconsistently and allocated

My keys are secured with a passphrase. That's good for security, but having to type the passphrase either at every login or at every invocation of ssh(1) is annoying. I know I could invoke ssh-add(1) just before invoking ssh(1), if I keep track of whether I invoked it already, or write some hacky scripts; but the rest of OpenSSH is wonderfully usable without any hacks. Hence, this patch.

Hi, I have found an serious problem when using 'scp -rp'. The usage of the static buffer "namebuf" together with calling `sink()' recursively results in overwriting the buffer np points to. This in turn results in a broken call to `ulimits()' and `chmod'. This patch solves the problem: Index: scp.c ===================================================================

There are 2 bugs here. The first is pipe's return code is not checked in this instance and it can return a negative value. The purpose of the call is to make sure 0 and 1 are not assigned to the pin and pout descriptors because those values won't work for later calls. If the pipe call fails the correct behavior cannot be ensured. This patch adds an error case consistent with the rest

The following is a patch (based on FreeBSD code) which gets kbd-int working with privsep. It moves the kbd-int PAM conversation to a child process and communicates with it over a socket. The patch has a limitation: it does not handle multiple prompts - I have no idea how common these are in real-life. Furthermore it is not well tested at all (despite my many requests on openssh-unix-dev@). -d