[Bug 616] proxycommand breaks hostbased authentication.

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Fri May 18 01:54:50 EST 2007


http://bugzilla.mindrot.org/show_bug.cgi?id=616


stuart at kaloram.com changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |stuart at kaloram.com




--- Comment #5 from stuart at kaloram.com  2007-05-18 01:54:46 ---
This bug is for SSH2 hostbased, and has nothing to do with SSH1 or with
kerberos.

I think the suggested patch has a bug: if
package_connection_is_on_socket()
is false and

        if (gethostname(myname, sizeof(myname)) == -1) {
                    verbose("userauth_hostbased: gethostname: %s", 
                    strerror(errno));
        } else
                p = myname;

gets executed,  p does not point to malloc-ed memory.   The subsequent
code still calls xfree(p) in this case.

-stuart


-- 
Configure bugmail: http://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.


More information about the openssh-bugs mailing list