diff options
-rw-r--r-- | ChangeLog | 13 | ||||
-rw-r--r-- | Makefile.in | 47 | ||||
-rw-r--r-- | acconfig.h | 14 | ||||
-rw-r--r-- | bsd-login.c | 5 | ||||
-rw-r--r-- | bsd-snprintf.c | 48 | ||||
-rw-r--r-- | cipher.c | 4 | ||||
-rw-r--r-- | configure.in | 4 | ||||
-rw-r--r-- | includes.h | 1 | ||||
-rw-r--r-- | packages/redhat/sshd.pam | 1 | ||||
-rw-r--r-- | sshd.pam.generic | 1 |
10 files changed, 87 insertions, 51 deletions
@@ -1,3 +1,16 @@ | |||
1 | 19991211 | ||
2 | - Fix compilation on systems with AFS. Reported by | ||
3 | aloomis@glue.umd.edu | ||
4 | - Fix installation on Solaris. Reported by | ||
5 | Gordon Rowell <gordonr@gormand.com.au> | ||
6 | - Fix gccisms (__attribute__ and inline). Report by edgy@us.ibm.com, | ||
7 | patch from Markus Friedl <markus.friedl@informatik.uni-erlangen.de> | ||
8 | - Auto-locate xauth. Patch from David Agraz <dagraz@jahoopa.com> | ||
9 | - Compile fix from David Agraz <dagraz@jahoopa.com> | ||
10 | - Avoid compiler warning in bsd-snprintf.c | ||
11 | - Added pam_limits.so to default PAM config. Suggested by | ||
12 | Jim Knoble <jmknoble@pobox.com> | ||
13 | |||
1 | 19991209 | 14 | 19991209 |
2 | - Import of patch from Ben Taylor <bent@clark.net>: | 15 | - Import of patch from Ben Taylor <bent@clark.net>: |
3 | - Improved PAM support | 16 | - Improved PAM support |
diff --git a/Makefile.in b/Makefile.in index 7148c50cd..f72867470 100644 --- a/Makefile.in +++ b/Makefile.in | |||
@@ -24,14 +24,15 @@ LFLAGS=@LDFLAGS@ | |||
24 | GNOME_CFLAGS=`gnome-config --cflags gnome gnomeui` | 24 | GNOME_CFLAGS=`gnome-config --cflags gnome gnomeui` |
25 | GNOME_LIBS=`gnome-config --libs gnome gnomeui` | 25 | GNOME_LIBS=`gnome-config --libs gnome gnomeui` |
26 | 26 | ||
27 | OBJS= atomicio.o authfd.o authfile.o auth-passwd.o auth-rhosts.o \ | 27 | OBJS= atomicio.o authfd.o authfile.o auth-krb4.o auth-passwd.o \ |
28 | auth-rh-rsa.o auth-rsa.o auth-skey.o bsd-daemon.o bsd-login.o \ | 28 | auth-rhosts.o auth-rh-rsa.o auth-rsa.o auth-skey.o bsd-daemon.o \ |
29 | bsd-mktemp.o bsd-snprintf.o bsd-strlcat.o bsd-strlcpy.o bufaux.o \ | 29 | bsd-login.o bsd-mktemp.o bsd-snprintf.o bsd-strlcat.o bsd-strlcpy.o |
30 | buffer.o canohost.o channels.o cipher.o clientloop.o compress.o \ | 30 | bufaux.o buffer.o canohost.o channels.o cipher.o clientloop.o \ |
31 | crc32.o deattack.o helper.o helper.o hostfile.o log-client.o \ | 31 | compress.o crc32.o deattack.o helper.o helper.o hostfile.o \ |
32 | login.o log-server.o match.o md5crypt.o mpaux.o packet.o pty.o \ | 32 | log-client.o login.o log-server.o match.o md5crypt.o mpaux.o \ |
33 | readconf.o readpass.o rsa.o servconf.o serverloop.o \ | 33 | packet.o pty.o radix.o readconf.o readpass.o rsa.o servconf.o \ |
34 | sshconnect.o tildexpand.o ttymodes.o uidswap.o xmalloc.o | 34 | serverloop.o sshconnect.o tildexpand.o ttymodes.o uidswap.o \ |
35 | xmalloc.o | ||
35 | all: $(OBJS) $(TARGETS) | 36 | all: $(OBJS) $(TARGETS) |
36 | 37 | ||
37 | libssh.a: atomicio.o authfd.o authfile.o bsd-daemon.o bsd-mktemp.o \ | 38 | libssh.a: atomicio.o authfd.o authfile.o bsd-daemon.o bsd-mktemp.o \ |
@@ -39,16 +40,17 @@ libssh.a: atomicio.o authfd.o authfile.o bsd-daemon.o bsd-mktemp.o \ | |||
39 | buffer.o canohost.o channels.o cipher.o compat.o \ | 40 | buffer.o canohost.o channels.o cipher.o compat.o \ |
40 | compress.o crc32.o deattack.o fingerprint.o helper.o \ | 41 | compress.o crc32.o deattack.o fingerprint.o helper.o \ |
41 | hostfile.o log.o match.o mpaux.o nchan.o packet.o \ | 42 | hostfile.o log.o match.o mpaux.o nchan.o packet.o \ |
42 | readpass.o rsa.o tildexpand.o ttymodes.o uidswap.o xmalloc.o | 43 | radix.o readpass.o rsa.o tildexpand.o ttymodes.o uidswap.o \ |
44 | xmalloc.o | ||
43 | $(AR) rv $@ $^ | 45 | $(AR) rv $@ $^ |
44 | $(RANLIB) $@ | 46 | $(RANLIB) $@ |
45 | 47 | ||
46 | ssh: ssh.o sshconnect.o log-client.o readconf.o clientloop.o libssh.a | 48 | ssh: ssh.o sshconnect.o log-client.o readconf.o clientloop.o libssh.a |
47 | $(CC) -o $@ $^ $(LFLAGS) $(LIBS) | 49 | $(CC) -o $@ $^ $(LFLAGS) $(LIBS) |
48 | 50 | ||
49 | sshd: sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \ | 51 | sshd: sshd.o auth-rhosts.o auth-krb4.o auth-passwd.o auth-rsa.o \ |
50 | pty.o log-server.o login.o servconf.o serverloop.o bsd-login.o \ | 52 | auth-rh-rsa.o pty.o log-server.o login.o servconf.o serverloop.o \ |
51 | md5crypt.o libssh.a | 53 | bsd-login.o md5crypt.o libssh.a |
52 | $(CC) -o $@ $^ $(LFLAGS) $(LIBS) $(LIBWRAP) | 54 | $(CC) -o $@ $^ $(LFLAGS) $(LIBS) $(LIBWRAP) |
53 | 55 | ||
54 | scp: scp.o libssh.a | 56 | scp: scp.o libssh.a |
@@ -81,27 +83,27 @@ install: all | |||
81 | $(INSTALL) -s ssh-agent $(bindir)/ssh-agent | 83 | $(INSTALL) -s ssh-agent $(bindir)/ssh-agent |
82 | $(INSTALL) -s ssh-keygen $(bindir)/ssh-keygen | 84 | $(INSTALL) -s ssh-keygen $(bindir)/ssh-keygen |
83 | $(INSTALL) -s sshd $(sbindir)/sshd | 85 | $(INSTALL) -s sshd $(sbindir)/sshd |
84 | $(INSTALL) -m644 ssh.1 $(mandir)/man1/ssh.1 | 86 | $(INSTALL) -m 644 ssh.1 $(mandir)/man1/ssh.1 |
85 | $(INSTALL) -m644 scp.1 $(mandir)/man1/scp.1 | 87 | $(INSTALL) -m 644 scp.1 $(mandir)/man1/scp.1 |
86 | $(INSTALL) -m644 ssh-add.1 $(mandir)/man1/ssh-add.1 | 88 | $(INSTALL) -m 644 ssh-add.1 $(mandir)/man1/ssh-add.1 |
87 | $(INSTALL) -m644 ssh-agent.1 $(mandir)/man1/ssh-agent.1 | 89 | $(INSTALL) -m 644 ssh-agent.1 $(mandir)/man1/ssh-agent.1 |
88 | $(INSTALL) -m644 ssh-keygen.1 $(mandir)/man1/ssh-keygen.1 | 90 | $(INSTALL) -m 644 ssh-keygen.1 $(mandir)/man1/ssh-keygen.1 |
89 | $(INSTALL) -m644 sshd.8 $(mandir)/man8/sshd.8 | 91 | $(INSTALL) -m 644 sshd.8 $(mandir)/man8/sshd.8 |
90 | -rm -f $(bindir)/slogin | 92 | -rm -f $(bindir)/slogin |
91 | ln -s ssh $(bindir)/slogin | 93 | ln -s ssh $(bindir)/slogin |
92 | -rm -f $(mandir)/man1/slogin.1 | 94 | -rm -f $(mandir)/man1/slogin.1 |
93 | ln -s ssh.1 $(mandir)/man1/slogin.1 | 95 | ln -s ssh.1 $(mandir)/man1/slogin.1 |
94 | 96 | ||
95 | $(INSTALL) -d $(libexecdir) ; | ||
96 | $(INSTALL) -d $(libexecdir)/ssh ; | ||
97 | if [ ! -z "@GNOME_ASKPASS@" ] ; then \ | 97 | if [ ! -z "@GNOME_ASKPASS@" ] ; then \ |
98 | $(INSTALL) -d $(libexecdir) ; | ||
99 | $(INSTALL) -d $(libexecdir)/ssh ; | ||
98 | $(INSTALL) -s @GNOME_ASKPASS@ ${ASKPASS_PROGRAM} ; \ | 100 | $(INSTALL) -s @GNOME_ASKPASS@ ${ASKPASS_PROGRAM} ; \ |
99 | fi | 101 | fi |
100 | 102 | ||
101 | if [ ! -f $(sysconfdir)/ssh_config -a ! -f $(sysconfdir)/sshd_config ]; then \ | 103 | if [ ! -f $(sysconfdir)/ssh_config -a ! -f $(sysconfdir)/sshd_config ]; then \ |
102 | $(INSTALL) -d $(sysconfdir); \ | 104 | $(INSTALL) -d $(sysconfdir); \ |
103 | $(INSTALL) -m644 ssh_config $(sysconfdir)/ssh_config; \ | 105 | $(INSTALL) -m 644 ssh_config $(sysconfdir)/ssh_config; \ |
104 | $(INSTALL) -m644 sshd_config $(sysconfdir)/sshd_config; \ | 106 | $(INSTALL) -m 644 sshd_config $(sysconfdir)/sshd_config; \ |
105 | fi | 107 | fi |
106 | 108 | ||
107 | uninstallall: uninstall | 109 | uninstallall: uninstall |
@@ -130,7 +132,6 @@ uninstall: | |||
130 | -rm -f $(mandir)/man8/sshd.8 | 132 | -rm -f $(mandir)/man8/sshd.8 |
131 | -rm -f $(bindir)/slogin | 133 | -rm -f $(bindir)/slogin |
132 | -rm -f $(mandir)/man1/slogin.1 | 134 | -rm -f $(mandir)/man1/slogin.1 |
133 | -rm -f $(mandir)/man1/slogin.1 | ||
134 | -rm -f ${ASKPASS_PROGRAM} | 135 | -rm -f ${ASKPASS_PROGRAM} |
135 | -rmdir $(libexecdir)/ssh ; | 136 | -rmdir $(libexecdir)/ssh ; |
136 | 137 | ||
diff --git a/acconfig.h b/acconfig.h index 811c00d47..324f45dbe 100644 --- a/acconfig.h +++ b/acconfig.h | |||
@@ -73,6 +73,9 @@ | |||
73 | /* Define if you have /dev/ptc */ | 73 | /* Define if you have /dev/ptc */ |
74 | #undef HAVE_DEV_PTS_AND_PTC | 74 | #undef HAVE_DEV_PTS_AND_PTC |
75 | 75 | ||
76 | /* Path to xauth binary */ | ||
77 | #undef XAUTH_PATH | ||
78 | |||
76 | @BOTTOM@ | 79 | @BOTTOM@ |
77 | 80 | ||
78 | /* ******************* Shouldn't need to edit below this line ************** */ | 81 | /* ******************* Shouldn't need to edit below this line ************** */ |
@@ -258,3 +261,14 @@ enum | |||
258 | # define __P(x) x | 261 | # define __P(x) x |
259 | #endif | 262 | #endif |
260 | 263 | ||
264 | #ifdef __GNUC__ | ||
265 | # if __GNUC__ < 2 | ||
266 | # define INLINE inline | ||
267 | # define __attribute__(x) | ||
268 | # else | ||
269 | # define INLINE __inline__ | ||
270 | # endif /* __GNUC__ < 2 */ | ||
271 | #else | ||
272 | # define __attribute__(x) | ||
273 | # define INLINE | ||
274 | #endif /* __GNUC__ */ | ||
diff --git a/bsd-login.c b/bsd-login.c index 9c1206547..a2ec74142 100644 --- a/bsd-login.c +++ b/bsd-login.c | |||
@@ -52,6 +52,7 @@ static char *rcsid = "$OpenBSD: login.c,v 1.5 1998/07/13 02:11:12 millert Exp $" | |||
52 | # include <utmp.h> | 52 | # include <utmp.h> |
53 | #endif | 53 | #endif |
54 | #include <stdio.h> | 54 | #include <stdio.h> |
55 | #include <string.h> | ||
55 | 56 | ||
56 | void | 57 | void |
57 | login(utp) | 58 | login(utp) |
@@ -78,7 +79,7 @@ login(utp) | |||
78 | 79 | ||
79 | tty = ttyslot(); | 80 | tty = ttyslot(); |
80 | if (tty > 0 && (fd = open(_PATH_UTMP, O_RDWR|O_CREAT, 0644)) >= 0) { | 81 | if (tty > 0 && (fd = open(_PATH_UTMP, O_RDWR|O_CREAT, 0644)) >= 0) { |
81 | #ifdef HAVE_HOST_IN_UTMP || HAVE_HOST_IN_UTMPX | 82 | #if defined(HAVE_HOST_IN_UTMP) || defined(HAVE_HOST_IN_UTMPX) |
82 | (void)lseek(fd, (off_t)(tty * sizeof(struct UTMP_STR)), SEEK_SET); | 83 | (void)lseek(fd, (off_t)(tty * sizeof(struct UTMP_STR)), SEEK_SET); |
83 | /* | 84 | /* |
84 | * Prevent luser from zero'ing out ut_host. | 85 | * Prevent luser from zero'ing out ut_host. |
@@ -91,7 +92,7 @@ login(utp) | |||
91 | strncmp(old_ut.ut_line, utp->ut_line, UT_LINESIZE) == 0 && | 92 | strncmp(old_ut.ut_line, utp->ut_line, UT_LINESIZE) == 0 && |
92 | strncmp(old_ut.ut_name, utp->ut_name, UT_NAMESIZE) == 0) | 93 | strncmp(old_ut.ut_name, utp->ut_name, UT_NAMESIZE) == 0) |
93 | (void)memcpy(utp->ut_host, old_ut.ut_host, UT_HOSTSIZE); | 94 | (void)memcpy(utp->ut_host, old_ut.ut_host, UT_HOSTSIZE); |
94 | #endif /* HAVE_HOST_IN_UTMP || HAVE_HOST_IN_UTMPX */ | 95 | #endif /* defined(HAVE_HOST_IN_UTMP) || defined(HAVE_HOST_IN_UTMPX) */ |
95 | (void)lseek(fd, (off_t)(tty * sizeof(struct UTMP_STR)), SEEK_SET); | 96 | (void)lseek(fd, (off_t)(tty * sizeof(struct UTMP_STR)), SEEK_SET); |
96 | (void)write(fd, utp, sizeof(struct UTMP_STR)); | 97 | (void)write(fd, utp, sizeof(struct UTMP_STR)); |
97 | (void)close(fd); | 98 | (void)close(fd); |
diff --git a/bsd-snprintf.c b/bsd-snprintf.c index 11c4ff39c..e85d9296a 100644 --- a/bsd-snprintf.c +++ b/bsd-snprintf.c | |||
@@ -101,30 +101,6 @@ mcleanup(str, n, p) | |||
101 | free(curobj); | 101 | free(curobj); |
102 | } | 102 | } |
103 | 103 | ||
104 | #if !defined(HAVE_SNPRINTF) | ||
105 | int | ||
106 | #if __STDC__ | ||
107 | snprintf(char *str, size_t n, char const *fmt, ...) | ||
108 | #else | ||
109 | snprintf(str, n, fmt, va_alist) | ||
110 | char *str; | ||
111 | size_t n; | ||
112 | char *fmt; | ||
113 | va_dcl | ||
114 | #endif | ||
115 | { | ||
116 | va_list ap; | ||
117 | #if __STDC__ | ||
118 | va_start(ap, fmt); | ||
119 | #else | ||
120 | va_start(ap); | ||
121 | #endif | ||
122 | |||
123 | return (vsnprintf(str, n, fmt, ap)); | ||
124 | va_end(ap); | ||
125 | } | ||
126 | #endif /* !defined(HAVE_SNPRINTF) */ | ||
127 | |||
128 | #if !defined(HAVE_VSNPRINTF) | 104 | #if !defined(HAVE_VSNPRINTF) |
129 | int | 105 | int |
130 | vsnprintf(str, n, fmt, ap) | 106 | vsnprintf(str, n, fmt, ap) |
@@ -159,4 +135,28 @@ vsnprintf(str, n, fmt, ap) | |||
159 | } | 135 | } |
160 | #endif /* !defined(HAVE_VSNPRINTF) */ | 136 | #endif /* !defined(HAVE_VSNPRINTF) */ |
161 | 137 | ||
138 | #if !defined(HAVE_SNPRINTF) | ||
139 | int | ||
140 | #if __STDC__ | ||
141 | snprintf(char *str, size_t n, char const *fmt, ...) | ||
142 | #else | ||
143 | snprintf(str, n, fmt, va_alist) | ||
144 | char *str; | ||
145 | size_t n; | ||
146 | char *fmt; | ||
147 | va_dcl | ||
148 | #endif | ||
149 | { | ||
150 | va_list ap; | ||
151 | #if __STDC__ | ||
152 | va_start(ap, fmt); | ||
153 | #else | ||
154 | va_start(ap); | ||
155 | #endif | ||
156 | |||
157 | return (vsnprintf(str, n, fmt, ap)); | ||
158 | va_end(ap); | ||
159 | } | ||
160 | #endif /* !defined(HAVE_SNPRINTF) */ | ||
161 | |||
162 | #endif /* !defined(HAVE_SNPRINTF) || !defined(HAVE_VSNPRINTF) */ | 162 | #endif /* !defined(HAVE_SNPRINTF) || !defined(HAVE_VSNPRINTF) */ |
@@ -12,7 +12,7 @@ | |||
12 | */ | 12 | */ |
13 | 13 | ||
14 | #include "includes.h" | 14 | #include "includes.h" |
15 | RCSID("$Id: cipher.c,v 1.8 1999/11/25 00:54:58 damien Exp $"); | 15 | RCSID("$Id: cipher.c,v 1.9 1999/12/12 21:27:33 damien Exp $"); |
16 | 16 | ||
17 | #include "ssh.h" | 17 | #include "ssh.h" |
18 | #include "cipher.h" | 18 | #include "cipher.h" |
@@ -111,7 +111,7 @@ swap_bytes(const unsigned char *src, unsigned char *dst_, int n) | |||
111 | 111 | ||
112 | void (*cipher_attack_detected) (const char *fmt,...) = fatal; | 112 | void (*cipher_attack_detected) (const char *fmt,...) = fatal; |
113 | 113 | ||
114 | static inline void | 114 | static INLINE void |
115 | detect_cbc_attack(const unsigned char *src, | 115 | detect_cbc_attack(const unsigned char *src, |
116 | unsigned int len) | 116 | unsigned int len) |
117 | { | 117 | { |
diff --git a/configure.in b/configure.in index 2e7623bb4..c4894c071 100644 --- a/configure.in +++ b/configure.in | |||
@@ -287,4 +287,8 @@ AC_ARG_WITH(md5-passwords, | |||
287 | [AC_DEFINE(HAVE_MD5_PASSWORDS)] | 287 | [AC_DEFINE(HAVE_MD5_PASSWORDS)] |
288 | ) | 288 | ) |
289 | 289 | ||
290 | dnl Check for the path to xauth | ||
291 | AC_PATH_PROG(xauth_path, xauth) | ||
292 | AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path") | ||
293 | |||
290 | AC_OUTPUT(Makefile) | 294 | AC_OUTPUT(Makefile) |
diff --git a/includes.h b/includes.h index 6afe88d54..c14ab6b3d 100644 --- a/includes.h +++ b/includes.h | |||
@@ -77,6 +77,7 @@ static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg } | |||
77 | #include "bsd-strlcat.h" | 77 | #include "bsd-strlcat.h" |
78 | #include "bsd-mktemp.h" | 78 | #include "bsd-mktemp.h" |
79 | #include "bsd-snprintf.h" | 79 | #include "bsd-snprintf.h" |
80 | #include "bsd-daemon.h" | ||
80 | 81 | ||
81 | /* Define this to be the path of the xauth program. */ | 82 | /* Define this to be the path of the xauth program. */ |
82 | #ifndef XAUTH_PATH | 83 | #ifndef XAUTH_PATH |
diff --git a/packages/redhat/sshd.pam b/packages/redhat/sshd.pam index 2a7d1fbd7..f466f9ba3 100644 --- a/packages/redhat/sshd.pam +++ b/packages/redhat/sshd.pam | |||
@@ -5,3 +5,4 @@ account required /lib/security/pam_pwdb.so | |||
5 | password required /lib/security/pam_cracklib.so | 5 | password required /lib/security/pam_cracklib.so |
6 | password required /lib/security/pam_pwdb.so shadow nullok use_authtok | 6 | password required /lib/security/pam_pwdb.so shadow nullok use_authtok |
7 | session required /lib/security/pam_pwdb.so | 7 | session required /lib/security/pam_pwdb.so |
8 | session required /lib/security/pam_limits.so | ||
diff --git a/sshd.pam.generic b/sshd.pam.generic index c67e7b637..4ec2a2a00 100644 --- a/sshd.pam.generic +++ b/sshd.pam.generic | |||
@@ -5,3 +5,4 @@ account required /lib/security/pam_unix.so | |||
5 | password required /lib/security/pam_cracklib.so | 5 | password required /lib/security/pam_cracklib.so |
6 | password required /lib/security/pam_unix.so shadow nullok use_authtok | 6 | password required /lib/security/pam_unix.so shadow nullok use_authtok |
7 | session required /lib/security/pam_unix.so | 7 | session required /lib/security/pam_unix.so |
8 | session required /lib/security/pam_limits.so | ||