summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBen Lindstrom <mouring@eviladmin.org>2002-06-07 03:11:38 +0000
committerBen Lindstrom <mouring@eviladmin.org>2002-06-07 03:11:38 +0000
commitdb41d2390c0f3f47541330b79e45566e3f743535 (patch)
treebdd6a07c835557f66e676b0241a8a56cb64a7d4b
parentb85ab30a6e02800b1a74c493868c80081a3cfb53 (diff)
- (bal) ssh-keysign should build and install correctly now. Phase two
would be to clean out any dead wood and disable ssh setuid on install.
Diffstat
-rw-r--r--ChangeLog4
-rw-r--r--Makefile.in18
-rw-r--r--ssh-keysign.c4
3 files changed, 20 insertions, 6 deletions
diff --git a/ChangeLog b/ChangeLog
index 390ed4d73..776685fa7 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -135,6 +135,8 @@
135 - (bal) monitor_mm.c typos. 135 - (bal) monitor_mm.c typos.
136 - (bal) Refixed auth2.c. It was never fully commited while spliting out 136 - (bal) Refixed auth2.c. It was never fully commited while spliting out
137 authentication to different files. 137 authentication to different files.
138 - (bal) ssh-keysign should build and install correctly now. Phase two
139 would be to clean out any dead wood and disable ssh setuid on install.
138 140
13920020604 14120020604
140 - (stevesk) [channels.c] bug #164 patch from YOSHIFUJI Hideaki (changed 142 - (stevesk) [channels.c] bug #164 patch from YOSHIFUJI Hideaki (changed
@@ -819,4 +821,4 @@
819 - (stevesk) entropy.c: typo in debug message 821 - (stevesk) entropy.c: typo in debug message
820 - (djm) ssh-keygen -i needs seeded RNG; report from markus@ 822 - (djm) ssh-keygen -i needs seeded RNG; report from markus@
821 823
822$Id: ChangeLog,v 1.2183 2002/06/07 02:05:25 mouring Exp $ 824$Id: ChangeLog,v 1.2184 2002/06/07 03:11:38 mouring Exp $
diff --git a/Makefile.in b/Makefile.in
index fdb3eb3e3..fa1265593 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -1,4 +1,4 @@
1# $Id: Makefile.in,v 1.211 2002/06/07 01:53:59 mouring Exp $ 1# $Id: Makefile.in,v 1.212 2002/06/07 03:11:38 mouring Exp $
2 2
3# uncomment if you run a non bourne compatable shell. Ie. csh 3# uncomment if you run a non bourne compatable shell. Ie. csh
4#SHELL = @SH@ 4#SHELL = @SH@
@@ -23,15 +23,18 @@ VPATH=@srcdir@
23SSH_PROGRAM=@bindir@/ssh 23SSH_PROGRAM=@bindir@/ssh
24ASKPASS_PROGRAM=$(libexecdir)/ssh-askpass 24ASKPASS_PROGRAM=$(libexecdir)/ssh-askpass
25SFTP_SERVER=$(libexecdir)/sftp-server 25SFTP_SERVER=$(libexecdir)/sftp-server
26SSH_KEYSIGN=$(libexecdir)/ssh-keysign
27RAND_HELPER=$(libexecdir)/ssh-rand-helper
26PRIVSEP_PATH=@PRIVSEP_PATH@ 28PRIVSEP_PATH=@PRIVSEP_PATH@
27 29
28PATHS= -DSSHDIR=\"$(sysconfdir)\" \ 30PATHS= -DSSHDIR=\"$(sysconfdir)\" \
29 -D_PATH_SSH_PROGRAM=\"$(SSH_PROGRAM)\" \ 31 -D_PATH_SSH_PROGRAM=\"$(SSH_PROGRAM)\" \
30 -D_PATH_SSH_ASKPASS_DEFAULT=\"$(ASKPASS_PROGRAM)\" \ 32 -D_PATH_SSH_ASKPASS_DEFAULT=\"$(ASKPASS_PROGRAM)\" \
31 -D_PATH_SFTP_SERVER=\"$(SFTP_SERVER)\" \ 33 -D_PATH_SFTP_SERVER=\"$(SFTP_SERVER)\" \
34 -D_PATH_SSH_KEY_SIGN=\"$(SSH_KEYSIGN)\" \
32 -D_PATH_SSH_PIDDIR=\"$(piddir)\" \ 35 -D_PATH_SSH_PIDDIR=\"$(piddir)\" \
33 -D_PATH_PRIVSEP_CHROOT_DIR=\"$(PRIVSEP_PATH)\" \ 36 -D_PATH_PRIVSEP_CHROOT_DIR=\"$(PRIVSEP_PATH)\" \
34 -DSSH_RAND_HELPER=\"$(libexecdir)/ssh-rand-helper\" 37 -DSSH_RAND_HELPER=\"$(RAND_HELPER)\"
35 38
36CC=@CC@ 39CC=@CC@
37LD=@LD@ 40LD=@LD@
@@ -55,7 +58,7 @@ INSTALL_SSH_RAND_HELPER=@INSTALL_SSH_RAND_HELPER@
55 58
56@NO_SFTP@SFTP_PROGS=sftp-server$(EXEEXT) sftp$(EXEEXT) 59@NO_SFTP@SFTP_PROGS=sftp-server$(EXEEXT) sftp$(EXEEXT)
57 60
58TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-agent$(EXEEXT) scp$(EXEEXT) ssh-rand-helper${EXEEXT} $(SFTP_PROGS) 61TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-agent$(EXEEXT) scp$(EXEEXT) ssh-rand-helper${EXEEXT} $(SFTP_PROGS)
59 62
60LIBSSH_OBJS=atomicio.o authfd.o authfile.o bufaux.o buffer.o canohost.o channels.o cipher.o compat.o compress.o crc32.o deattack.o dh.o dispatch.o fatal.o mac.o msg.o hostfile.o key.o kex.o kexdh.o kexgex.o log.o match.o misc.o mpaux.o nchan.o packet.o radix.o rijndael.o entropy.o readpass.o rsa.o scard.o scard-opensc.o ssh-dss.o ssh-rsa.o tildexpand.o ttymodes.o uidswap.o uuencode.o xmalloc.o monitor_wrap.o monitor_fdpass.o 63LIBSSH_OBJS=atomicio.o authfd.o authfile.o bufaux.o buffer.o canohost.o channels.o cipher.o compat.o compress.o crc32.o deattack.o dh.o dispatch.o fatal.o mac.o msg.o hostfile.o key.o kex.o kexdh.o kexgex.o log.o match.o misc.o mpaux.o nchan.o packet.o radix.o rijndael.o entropy.o readpass.o rsa.o scard.o scard-opensc.o ssh-dss.o ssh-rsa.o tildexpand.o ttymodes.o uidswap.o uuencode.o xmalloc.o monitor_wrap.o monitor_fdpass.o
61 64
@@ -63,8 +66,8 @@ SSHOBJS= ssh.o sshconnect.o sshconnect1.o sshconnect2.o sshtty.o readconf.o clie
63 66
64SSHDOBJS= sshd.o auth.o auth1.o auth2.o auth2-hostbased.o auth2-kbdint.o auth2-none.o auth2-passwd.o auth2-pubkey.o auth-chall.o auth2-chall.o auth-rhosts.o auth-options.o auth-krb4.o auth-krb5.o auth-pam.o auth2-pam.o auth-passwd.o auth-rsa.o auth-rh-rsa.o auth-sia.o sshpty.o sshlogin.o loginrec.o servconf.o serverloop.o md5crypt.o session.o groupaccess.o auth-skey.o auth-bsdauth.o monitor_mm.o monitor.o 67SSHDOBJS= sshd.o auth.o auth1.o auth2.o auth2-hostbased.o auth2-kbdint.o auth2-none.o auth2-passwd.o auth2-pubkey.o auth-chall.o auth2-chall.o auth-rhosts.o auth-options.o auth-krb4.o auth-krb5.o auth-pam.o auth2-pam.o auth-passwd.o auth-rsa.o auth-rh-rsa.o auth-sia.o sshpty.o sshlogin.o loginrec.o servconf.o serverloop.o md5crypt.o session.o groupaccess.o auth-skey.o auth-bsdauth.o monitor_mm.o monitor.o
65 68
66MANPAGES = scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-rand-helper.8.out 69MANPAGES = scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-rand-helper.8.out ssh-keysign.8.out
67MANPAGES_IN = scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-rand-helper.8 70MANPAGES_IN = scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-rand-helper.8 ssh-keysign.8
68MANTYPE = @MANTYPE@ 71MANTYPE = @MANTYPE@
69 72
70CONFIGFILES=sshd_config.out ssh_config.out moduli.out 73CONFIGFILES=sshd_config.out ssh_config.out moduli.out
@@ -219,6 +222,7 @@ install-files: scard-install
219 if test ! -z "$(INSTALL_SSH_RAND_HELPER)" ; then \ 222 if test ! -z "$(INSTALL_SSH_RAND_HELPER)" ; then \
220 $(INSTALL) -m 0755 -s ssh-rand-helper $(DESTDIR)$(libexecdir)/ssh-rand-helper ; \ 223 $(INSTALL) -m 0755 -s ssh-rand-helper $(DESTDIR)$(libexecdir)/ssh-rand-helper ; \
221 fi 224 fi
225 $(INSTALL) -m 4711 -s ssh-keysign $(DESTDIR)$(SSH_KEYSIGN)
222 @NO_SFTP@$(INSTALL) -m 0755 -s sftp $(DESTDIR)$(bindir)/sftp 226 @NO_SFTP@$(INSTALL) -m 0755 -s sftp $(DESTDIR)$(bindir)/sftp
223 @NO_SFTP@$(INSTALL) -m 0755 -s sftp-server $(DESTDIR)$(SFTP_SERVER) 227 @NO_SFTP@$(INSTALL) -m 0755 -s sftp-server $(DESTDIR)$(SFTP_SERVER)
224 $(INSTALL) -m 644 ssh.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1 228 $(INSTALL) -m 644 ssh.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1
@@ -233,6 +237,7 @@ install-files: scard-install
233 fi 237 fi
234 @NO_SFTP@$(INSTALL) -m 644 sftp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/sftp.1 238 @NO_SFTP@$(INSTALL) -m 644 sftp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/sftp.1
235 @NO_SFTP@$(INSTALL) -m 644 sftp-server.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8 239 @NO_SFTP@$(INSTALL) -m 644 sftp-server.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8
240 $(INSTALL) -m 644 ssh-keysign.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8
236 -rm -f $(DESTDIR)$(bindir)/slogin 241 -rm -f $(DESTDIR)$(bindir)/slogin
237 ln -s ssh$(EXEEXT) $(DESTDIR)$(bindir)/slogin 242 ln -s ssh$(EXEEXT) $(DESTDIR)$(bindir)/slogin
238 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1 243 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1
@@ -316,6 +321,8 @@ uninstall:
316 -rm -f $(DESTDIR)$(bindir)/sftp$(EXEEXT) 321 -rm -f $(DESTDIR)$(bindir)/sftp$(EXEEXT)
317 -rm -f $(DESTDIR)$(sbindir)/sshd$(EXEEXT) 322 -rm -f $(DESTDIR)$(sbindir)/sshd$(EXEEXT)
318 -rm -r $(DESTDIR)$(SFTP_SERVER)$(EXEEXT) 323 -rm -r $(DESTDIR)$(SFTP_SERVER)$(EXEEXT)
324 -rm -f $(DESTDIR)$(SSH_KEYSIGN)$(EXEEXT)
325 -rm -f $(DESTDIR)$(RAND_HELPER)$(EXEEXT)
319 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1 326 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1
320 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1 327 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1
321 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1 328 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1
@@ -326,4 +333,5 @@ uninstall:
326 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8 333 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8
327 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-rand-helper.8 334 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-rand-helper.8
328 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8 335 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8
336 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8
329 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1 337 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1
diff --git a/ssh-keysign.c b/ssh-keysign.c
index da630708d..bb70c7dfb 100644
--- a/ssh-keysign.c
+++ b/ssh-keysign.c
@@ -137,6 +137,10 @@ main(int argc, char **argv)
137 seteuid(getuid()); 137 seteuid(getuid());
138 setuid(getuid()); 138 setuid(getuid());
139 139
140 init_rng();
141 seed_rng();
142 arc4random_stir();
143
140#ifdef DEBUG_SSH_KEYSIGN 144#ifdef DEBUG_SSH_KEYSIGN
141 log_init("ssh-keysign", SYSLOG_LEVEL_DEBUG3, SYSLOG_FACILITY_AUTH, 0); 145 log_init("ssh-keysign", SYSLOG_LEVEL_DEBUG3, SYSLOG_FACILITY_AUTH, 0);
142#endif 146#endif
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-10 06:40:26 +0000