Displaying 20 results from an estimated 90 matches similar to: "[PATCH] Expand tilde for UNIX domain socket forwards."
2017 Jun 16
2
[PATCH] allow relative path in streamlocal forwarding
When forwarding a Unix-domain socket, the remote socket path must be
absolute (otherwise the forwarding fails later). However, guessing
absolute path on the remote end is sometimes not straightforward,
because the file system location may vary for many reasons, including
the system installation, the choices of NFS mount points, or the
remote user ID.
To allow ssh clients to request remote socket
2016 Jul 21
7
[Bug 2601] New: StreamLocalBindUnlink not working
https://bugzilla.mindrot.org/show_bug.cgi?id=2601
Bug ID: 2601
Summary: StreamLocalBindUnlink not working
Product: Portable OpenSSH
Version: 7.2p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh
Assignee: unassigned-bugs at mindrot.org
2019 Mar 29
2
Call for testing: OpenSSH 8.0
Thanks for testing - are you able to see if there's anything in
the server logs?
I've just committed some extra verbosity in the client's log messages that
might clarify where it is exiting (patch attached).
-d
On Fri, 29 Mar 2019, Adam Eijdenberg wrote:
> On Wed, Mar 27, 2019 at 10:04 PM Damien Miller <djm at mindrot.org> wrote:
> >
> > OpenSSH 8.0p1 is almost
2015 Aug 17
3
[PATCH] Expand tilde for UNIX domain socket forwards.
On Mon, 17 Aug 2015, Todd C. Miller wrote:
> I like the idea but tilde_expand_filename() calls fatal() if it
> cannot resolve ~foo. This is not terrible when using -L and -R on
> the normal command line but it seems pretty harsh to exit when -L
> or -R are used via the ~C escape or the streamlocal-forward at openssh.com
> request.
> Message-Id: <aea6cdc1d1b42d07 at
2005 Feb 26
1
[Fwd: [Xen-changelog] Move xcs to unix domain sockets.]
Just forwarding this changelog from yesterday. xcs now uses Unix domain
sockets in unstable. This was a hot thread a couple months back with strong
opinions on both sides and no clear resolution on the list, so I thought
some people might like to know the developers'' resolution. This should be
good news for those seeking tighter dom0''s, particularly those who
2007 Dec 28
6
Arbitrary system files readable in 1.0.4 - 1.1.2
I just found a vulnerability in one of my web apps that was running
Mongrel 1.1.2 where I could go to URIs like
/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/etc/passwd and it
would serve the actual /etc/passwd file.
The issue seems to be in lib/mongrel/handlers.rb in the change from
1.0.3 to 1.0.4
req_path = HttpRequest.unescape(path_info)
- if @path
- req_path =
2023 Jun 17
2
[PATCH] ssh-agent: add systemd socket-based activation
This adds support for systemd socket-based activation in the ssh-agent.
When using socket activation, the -a flag value must match the socket
path provided by systemd, as a sanity check. Support for this feature is
enabled by the --with-systemd configure flag.
---
Something tells me upstream would not be interested in this patch, but
as it may be useful on linux, I'm submitting it here.
2002 Jun 07
2
SIGCHLD may be inherited blocked
So, we just found some ugly behaviour of OpenSSH on Solaris.
Sometimes, it seems, sshd gets started with SIGCHLD blocked, this,
apparently, being the setting of sshd's parent (a shell no doubt);
signal blocking is inherited across exec*(). I don't know exactly which
shell, or what really is at fault, but it happens.
The problem is that the code in collect_children() first blocks SIGCHLD
2016 May 03
3
StreamLocal forwarding
On Tue, 3 May 2016, Rogan Dawes wrote:
> Hi Damien,
> Thanks for the response!
>
> I tried moving the StreamLocalBindUnlink directive outside of the Match
> rule, and it worked. But that doesn't explain why the Match was not
> correctly setting the directive:
>
> This is running on an alternate port with -ddd:
>
> debug3: checking match for 'User
2016 Dec 16
0
Wine release 2.0-rc2
The Wine development release 2.0-rc2 is now available.
What's new in this release (see below for details):
- Bug fixes only, we are in code freeze.
The source is available from the following locations:
http://dl.winehq.org/wine/source/2.0/wine-2.0-rc2.tar.bz2
http://mirrors.ibiblio.org/wine/source/2.0/wine-2.0-rc2.tar.bz2
Binary packages for various distributions will be available
2018 May 25
0
Wine release 3.9
The Wine development release 3.9 is now available.
What's new in this release (see below for details):
- OpenGL core contexts enabled by default in Direct 3D.
- Beginnings of Direct 3D 12 implementation using vkd3d.
- More support for the Task Scheduler.
- Some more Task Dialog support.
- Better arrow support in GdiPlus.
- Various bug fixes.
The source is available from the
2016 Jun 02
2
MaxDisplays configuration option
Hello,
I manage OpenSSH on a dozen or so servers that act as gateways for a large
amount of developers and system administrators. On these servers it is
common for there to be more than 1000 active X11 forwards active at peak
usage. Beyond ~1000 active X11 forwards, sshd will fail to bind additional
ports due to a hard coded range check in channels.c that limits the port
range that sshd will
2004 Aug 25
2
Default path to identity file
Hi,
The name of the identity file defaults to what fill_default_options() in
readconf.c does:
SSH_PROTO_1:
"~/%.100s", _PATH_SSH_CLIENT_IDENTITY
SSH_PROTO_2:
"~/%.100s", _PATH_SSH_CLIENT_ID_RSA
"~/%.100s", _PATH_SSH_CLIENT_ID_DSA
Identity files are always expanded by tilde_expand_filename() which gets
the name of the home directory from
2015 Oct 21
7
[Bug 2481] New: Tilde expansion in -i option inconsistent
https://bugzilla.mindrot.org/show_bug.cgi?id=2481
Bug ID: 2481
Summary: Tilde expansion in -i option inconsistent
Product: Portable OpenSSH
Version: 6.6p1
Hardware: All
OS: Linux
Status: NEW
Severity: trivial
Priority: P5
Component: ssh
Assignee: unassigned-bugs at mindrot.org
2019 Mar 27
26
Call for testing: OpenSSH 8.0
Hi,
OpenSSH 8.0p1 is almost ready for release, so we would appreciate testing
on as many platforms and systems as possible.
Snapshot releases for portable OpenSSH are available from
http://www.mindrot.org/openssh_snap/
The OpenBSD version is available in CVS HEAD:
http://www.openbsd.org/anoncvs.html
Portable OpenSSH is also available via git using the
instructions at
2007 Oct 17
2
[patch] ssh.c load_public_identity_files calls getpwuid twice without copy
Hi,
getpwuid is called as seen in the patch, and is then called again
indirectly by tilde_expand_filename without first copying off the
results from the first call.
This is fatal on MacOSX (and it would seem it should be fatal elsewhere, too).
Please CC me in replies; I'm not a subscriber.
--- openssh-4.4p1/ssh.c 2006-09-01 22:32:40.000000000 -0700
+++ openssh-4.4p1-fix/ssh.c
2003 Aug 09
2
[Bug 623] ssh, ssh-keygen and possibly others do not honour $HOME
http://bugzilla.mindrot.org/show_bug.cgi?id=623
Summary: ssh, ssh-keygen and possibly others do not honour $HOME
Product: Portable OpenSSH
Version: 3.6.1p2
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: ssh
AssignedTo: openssh-bugs at mindrot.org
2007 Oct 20
5
[Bug 1377] New: getpwuid called twice without pwcopy (percent_expand: NULL replacement)
https://bugzilla.mindrot.org/show_bug.cgi?id=1377
Summary: getpwuid called twice without pwcopy (percent_expand:
NULL replacement)
Classification: Unclassified
Product: Portable OpenSSH
Version: 4.4p1
Platform: ix86
OS/Version: Mac OS X
Status: NEW
Severity: major
Priority: P2
2014 Sep 08
1
possible deadcodes in sources
Hello,
we've run a coverity scan on the openssh sources and it found several
issues. Although the scan was run on patched rhel sources, some results are applicable to vanilla sources
too.
* servconf.c:1458:dead_error_line ? Execution cannot reach this statement "*intptr = *intptr + 1;"
--- a/servconf.c
+++ b/servconf.c
@@ -1451,12 +1451,8 @@
2006 Oct 09
1
About sftp-server root path
Hi,
I saw in archive that some people made a patch to sftp-server, and that patch
sets a root path.
I'd like to know if there's an ideia to apply that patch in main tree of
openssh?
With the use of SSHFS [wich uses sftp-server], it would be interesting to
have someting like that, because as we have netboot workstations, the access
to devices [such as, floppy, cdrom and usb data] are