Hello,
Here's a patch related to changes from CVE-2018-10933:
Kerberos Authentication (GSSAPI) as server always fails (on new packet
filtering) because SSH_AUTH_STATE_GSSAPI_TOKEN is not correctly set on sending
SSH_MSG_USERAUTH_GSSAPI_RESPONSE (containing selected mechanism OID).
After this r
Hi Andreas,
Here's the patch compliant to your coding style.
And I'm glad it helped you Jijo.
Regards,
Meng
De : Andreas Schneider
Envoyé : mercredi 24 octobre 2018 08:51
À : libssh@libssh.org
Cc : Meng Hourk Tan; jijo7tho...@gmail.com
Objet :
Hello,
I had the same issue with some Cisco router:
Some Cisco IOS do not send kex if they send the banner last (libssh as a client
sent it first).
In this situation, both libssh client and Cisco IOS server hang.
Libssh client should send kex init as soon as banners are exchanged.
I attached
: Meng Hourk Tan
Objet : Re: [PATCH] Set correct state after sending INFO_REQUEST (Kbd
Interactive)
On Wednesday, 17 October 2018 15:07:14 CEST Meng Hourk Tan wrote:
> Hello,
Hello Meng,
>
> Here's a patch related to changes from CVE-2018-10933:
>
> Keyboard Interactive Auth
Hello,
Here's a patch related to changes from CVE-2018-10933:
Keyboard Interactive Authentication as server always fails (on new packet
filtering) because SSH_AUTH_STATE_INFO is not correctly set on Keyboard
Interactive request.
This can be tested with samplesshd-kbdint example.
This patch
for a pull request of this patch if it works better.
Regards,
Meng
De : Martín Fernández
Envoyé : lundi 16 avril 2018 22:35:23
À : Meng Hourk Tan; libssh@libssh.org
Objet : RE: Global Request for tcpip reverse forward
Meng,
Any change you can take a look
ds,
Meng
De : Martín Fernández
Envoyé : jeudi 29 mars 2018 18:45:49
À : Meng Hourk Tan; libssh@libssh.org
Objet : RE: Global Request for tcpip reverse forward
Meng,
Thank you very much for your response!
Actually, I have tried that before. After sending the global respons
Hi Martin,
I think your code lacks one step on server side:
After the Server handles the request using callback global_request_function and
responds with ssh_message_global_request_reply_success,
You need to create a new channel and call ssh_channel_open_reverse_forward() on
this channel.
Th
Hello,
Here's a patch to fix an issue when moving pollhandlers from a session to a
ssh_event object.
The issue occurs when session socket has two different pollhandler (for poll_in
and poll_out, when using proxycommand in my case),
only the poll_in was moved and poll_out was still in session
Hello,
Here's a patch to fix some segmentation fault (double free) issues:
A channel requested by remote (can be client or server) will have the flag
SSH_CHANNEL_FLAG_NOT_BOUND always set.
So, if the program free the channel before receiving a close, it will be freed
immediately
and on recei
: Andreas Schneider
Envoyé : jeudi 12 octobre 2017 10:42:12
À : libssh@libssh.org
Objet : Re: [PATCH 0/4] chachapoly: chacha20-poly1...@openssh.com support
On Monday, 18 September 2017 11:47:33 CEST Meng Hourk Tan wrote:
> Here is a patch to support chacha20-poly1...@openssh.com in libssh.
&
From 78b054eae890e36a556d1ed46df73b5f15f5df69 Mon Sep 17 00:00:00 2001
From: Meng Tan
Date: Mon, 18 Sep 2017 11:34:50 +0200
Subject: [PATCH 4/4] chachapoly: add chachapoly structures with compilation
conditions (chacha20-poly1...@openssh.com support)
Signed-off-by: Meng Tan
---
include/libssh
From a991c4af004f7f761a702f3f4a4cb9747068c1f2 Mon Sep 17 00:00:00 2001
From: Meng Tan
Date: Mon, 18 Sep 2017 11:34:50 +0200
Subject: [PATCH 2/4] chachapoly: handle packet encryption with authenticated
encryption mode
Signed-off-by: Meng Tan
---
src/packet.c | 81
From 3ae2f64ce8ff011f26b965322541c60e7d108a0e Mon Sep 17 00:00:00 2001
From: Meng Tan
Date: Mon, 18 Sep 2017 11:34:50 +0200
Subject: [PATCH 3/4] chachapoly: add external files
Signed-off-by: Meng Tan
---
CMakeLists.txt | 2 +-
DefineOptions.cmake | 1 +
config.h.cmake
From c7cd2cf47a632940f6adfa487b7dd6d9a35c4487 Mon Sep 17 00:00:00 2001
From: Meng Tan
Date: Mon, 18 Sep 2017 11:34:50 +0200
Subject: [PATCH 1/4] chachapoly: refactor cipher structs, add no hmac
possibility
Signed-off-by: Meng Tan
---
include/libssh/crypto.h | 18 +++---
include/l
Here is a patch to support chacha20-poly1...@openssh.com in libssh.
First commit changes some cipher structures needed to prepare the field.
Then I tried to the least possible changes in sending and receiving packet
functions
to support authenticated encryption mode.
Some files from openssh have b
Some ssh servers, in cisco IOS, do not send kex if they send the banner last.
In this situation, both libssh client and the cisco IOS server hang.
Libssh client should send kex init as soon as banners are exchanged.
Signed-off-by: Meng Tan
---
src/client.c | 30 +-
17 matches
Mail list logo