Compiled 4.0p1 on AIX 5.3 with OpenSSL 0.9.7g. When I login, I get garbage before "Last unsuccessful login" and the terminal type displayed before and after the shell prompt (see output below). I've tried with a different client, but get the same results. /ò&HF($$³< Last unsuccessful login: Wed May 25 11:27:14 EDT 2005 on ssh from hos t.company.net Last login: Thu May 26 13:29:44 EDT 2005 on /dev/pts/3 from 127.0.0.1 ******************************************************************************* * * * * * Welcome to AIX Version 5.3! * * * * * * Please see the README file in /usr/lpp/bos for information pertinent to * * this release of the AIX Operating System. * * * * * ******************************************************************************* PuTTY/home/town: PuTTY
I believe this is bug #1006, which has been fixed in the just-released openssh-4.1p1. Could you please try that version and see if the problem persists?
(In reply to comment #1) > I believe this is bug #1006, which has been fixed in the just-released > openssh-4.1p1. Could you please try that version and see if the problem persists? I compiled 4.1p1 and the problem is the same.
OK, could you please run the server in debug mode and attach to the bug? (note: use "create attachment" rather than pasting into the comment field.) An easy way to do this is to run something like this on your server: /path/to/sshd -ddd -p 2022 then connect with "ssh -p 2022 yourserver".
Created attachment 923 [details] Debug output from sshd
Created attachment 924 [details] Output from PuTTY when I logged in while attachement #923 was being generated
Installed the latest maintenance level (AIX ML2), but that didn't help.
Do you see the same problem if you use the openssh client? Have you tried a current version of Putty?
(In reply to comment #7) > Do you see the same problem if you use the openssh client? > Have you tried a current version of Putty? Yes, same problem. It doesn't matter that client I try, I get the same behaviour. I don't think it's a client issue. If you look at the debug output from sshd that I've attached, you will see the following line -- the garbage after "msg" is almost identical to what I'm seeing on the first line whenever I login: debug3: AIX/passwdexpired returned 0 msg /ò%XJ($$\020\005³\\
I believe I've found the problem. It's a coding issue. In the file "port-aix.c", line number 156, "msg" is declared, but doesn't point to anything. As a test, I changed *msg to *msg = malloc(1024), rebuilt, and it solved the issues I was having.
Try changing the *msg in line 156 of port-aix.c to *msg = NULL
(In reply to comment #9) > It's a coding issue. In the file "port-aix.c", line number 156, "msg" is > declared, but doesn't point to anything. As a test, I changed *msg to *msg = > malloc(1024), rebuilt, and it solved the issues I was having. msg is not initialized, but a pointer to msg is passed to passwdexpired(). On AIX 5.2 and below, passwdexpired allocates memory itself. From the passwdexpired man page: "Message Points to a pointer that the passwdexpired subroutine allocates memory for and fills in. This string is suitable for printing and issues messages, such as in how many days the password will expire." What does the man page say on 5.3? mallocing msg unconditionally will result in a memory leak on AIXes <= 5.2. Tim's suggestion on initializing to NULL will be OK, provided it resolves the problem.
(In reply to comment #11) You are correct. passwdexpired() does it's own malloc(). I tried Tim's suggestion and it worked, so I guess we've put this bug to rest. :)
I have changed the code so msg is initialized to NULL, in both the 4.1 branch and -HEAD, so it will be in the next release. Thanks for the report.
Change all RESOLVED bug to CLOSED with the exception of the ones fixed post-4.4.