diff options
author | Darren Tucker <dtucker@zip.com.au> | 2003-11-22 14:25:15 +1100 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2003-11-22 14:25:15 +1100 |
commit | 4e06a1d75d0f692c84f21347d4e1c4242dc1a96e (patch) | |
tree | 7ebbb2d480891d9bf751fa1f5f6fb03e8aad365f | |
parent | d76341616dfebd4addc9c9594767ab1832ccb100 (diff) |
- (dtucker) [auth-sia.c configure.ac] Tru64 update from cmadams at hiwaay.net.
Use permanently_set_uid for SIA, only define DISABLE_FD_PASSING when SIA
is enabled, rely on SIA to check for locked accounts if enabled. ok djm@
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | auth-sia.c | 5 | ||||
-rw-r--r-- | configure.ac | 5 |
3 files changed, 9 insertions, 6 deletions
@@ -3,6 +3,9 @@ | |||
3 | - (dtucker) [auth-passwd.c openbsd-compat/port-aix.c openbsd-compat/port-aix.h] | 3 | - (dtucker) [auth-passwd.c openbsd-compat/port-aix.c openbsd-compat/port-aix.h] |
4 | Move AIX specific password authentication code to port-aix.c, call | 4 | Move AIX specific password authentication code to port-aix.c, call |
5 | authenticate() until reenter flag is clear. | 5 | authenticate() until reenter flag is clear. |
6 | - (dtucker) [auth-sia.c configure.ac] Tru64 update from cmadams at hiwaay.net. | ||
7 | Use permanently_set_uid for SIA, only define DISABLE_FD_PASSING when SIA | ||
8 | is enabled, rely on SIA to check for locked accounts if enabled. ok djm@ | ||
6 | 9 | ||
7 | 20031121 | 10 | 20031121 |
8 | - (djm) OpenBSD CVS Sync | 11 | - (djm) OpenBSD CVS Sync |
@@ -1504,4 +1507,4 @@ | |||
1504 | - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo. | 1507 | - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo. |
1505 | Report from murple@murple.net, diagnosis from dtucker@zip.com.au | 1508 | Report from murple@murple.net, diagnosis from dtucker@zip.com.au |
1506 | 1509 | ||
1507 | $Id: ChangeLog,v 1.3121 2003/11/22 03:16:56 dtucker Exp $ | 1510 | $Id: ChangeLog,v 1.3122 2003/11/22 03:25:15 dtucker Exp $ |
diff --git a/auth-sia.c b/auth-sia.c index cdd39d670..cd2dcb840 100644 --- a/auth-sia.c +++ b/auth-sia.c | |||
@@ -31,6 +31,7 @@ | |||
31 | #include "log.h" | 31 | #include "log.h" |
32 | #include "servconf.h" | 32 | #include "servconf.h" |
33 | #include "canohost.h" | 33 | #include "canohost.h" |
34 | #include "uidswap.h" | ||
34 | 35 | ||
35 | #include <sia.h> | 36 | #include <sia.h> |
36 | #include <siad.h> | 37 | #include <siad.h> |
@@ -103,8 +104,8 @@ session_setup_sia(struct passwd *pw, char *tty) | |||
103 | 104 | ||
104 | sia_ses_release(&ent); | 105 | sia_ses_release(&ent); |
105 | 106 | ||
106 | if (setreuid(geteuid(), geteuid()) < 0) | 107 | setuid(0); |
107 | fatal("setreuid: %s", strerror(errno)); | 108 | permanently_set_uid(pw); |
108 | } | 109 | } |
109 | 110 | ||
110 | #endif /* HAVE_OSF_SIA */ | 111 | #endif /* HAVE_OSF_SIA */ |
diff --git a/configure.ac b/configure.ac index 5f302f5e5..b56d37f4d 100644 --- a/configure.ac +++ b/configure.ac | |||
@@ -1,4 +1,4 @@ | |||
1 | # $Id: configure.ac,v 1.174 2003/11/21 12:48:55 djm Exp $ | 1 | # $Id: configure.ac,v 1.175 2003/11/22 03:25:16 dtucker Exp $ |
2 | 2 | ||
3 | AC_INIT | 3 | AC_INIT |
4 | AC_CONFIG_SRCDIR([ssh.c]) | 4 | AC_CONFIG_SRCDIR([ssh.c]) |
@@ -409,14 +409,13 @@ mips-sony-bsd|mips-sony-newsos4) | |||
409 | LIBS="$LIBS -lsecurity -ldb -lm -laud" | 409 | LIBS="$LIBS -lsecurity -ldb -lm -laud" |
410 | else | 410 | else |
411 | AC_MSG_RESULT(no) | 411 | AC_MSG_RESULT(no) |
412 | AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin") | ||
412 | fi | 413 | fi |
413 | fi | 414 | fi |
414 | AC_DEFINE(DISABLE_FD_PASSING) | ||
415 | AC_DEFINE(BROKEN_GETADDRINFO) | 415 | AC_DEFINE(BROKEN_GETADDRINFO) |
416 | AC_DEFINE(SETEUID_BREAKS_SETUID) | 416 | AC_DEFINE(SETEUID_BREAKS_SETUID) |
417 | AC_DEFINE(BROKEN_SETREUID) | 417 | AC_DEFINE(BROKEN_SETREUID) |
418 | AC_DEFINE(BROKEN_SETREGID) | 418 | AC_DEFINE(BROKEN_SETREGID) |
419 | AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin") | ||
420 | ;; | 419 | ;; |
421 | 420 | ||
422 | *-*-nto-qnx) | 421 | *-*-nto-qnx) |