summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--CREDITS3
-rw-r--r--ChangeLog10
-rw-r--r--LICENCE1
-rw-r--r--Makefile.in7
-rw-r--r--configure.ac22
-rw-r--r--includes.h1
-rw-r--r--openbsd-compat/Makefile.in4
-rw-r--r--openbsd-compat/openbsd-compat.h8
-rw-r--r--openbsd-compat/port-solaris.c189
-rw-r--r--openbsd-compat/port-solaris.h27
-rw-r--r--platform.c46
-rw-r--r--platform.h23
-rw-r--r--sshd.c3
13 files changed, 332 insertions, 12 deletions
diff --git a/CREDITS b/CREDITS
index 82b9f2210..eaf105a91 100644
--- a/CREDITS
+++ b/CREDITS
@@ -25,6 +25,7 @@ Chris, the Young One <cky@pobox.com> - Password auth fixes
25Christos Zoulas <christos@zoulas.com> - Autoconf fixes 25Christos Zoulas <christos@zoulas.com> - Autoconf fixes
26Chun-Chung Chen <cjj@u.washington.edu> - RPM fixes 26Chun-Chung Chen <cjj@u.washington.edu> - RPM fixes
27Corinna Vinschen <vinschen@redhat.com> - Cygwin support 27Corinna Vinschen <vinschen@redhat.com> - Cygwin support
28Chad Mynhier <mynhier@interstel.net> - Solaris Process Contract support
28Dan Brosemer <odin@linuxfreak.com> - Autoconf support, build fixes 29Dan Brosemer <odin@linuxfreak.com> - Autoconf support, build fixes
29Darren Hall <dhall@virage.org> - AIX patches 30Darren Hall <dhall@virage.org> - AIX patches
30Darren Tucker <dtucker@zip.com.au> - AIX BFF package scripts 31Darren Tucker <dtucker@zip.com.au> - AIX BFF package scripts
@@ -100,5 +101,5 @@ Apologies to anyone I have missed.
100 101
101Damien Miller <djm@mindrot.org> 102Damien Miller <djm@mindrot.org>
102 103
103$Id: CREDITS,v 1.80 2005/08/26 20:15:20 tim Exp $ 104$Id: CREDITS,v 1.81 2006/08/30 17:24:41 djm Exp $
104 105
diff --git a/ChangeLog b/ChangeLog
index d9aa6f6d5..0a702d3fb 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,11 @@
120060831
2 - (djm) [CREDITS LICENCE Makefile.in auth.c configure.ac includes.h ]
3 [platform.c platform.h sshd.c openbsd-compat/Makefile.in]
4 [openbsd-compat/openbsd-compat.h openbsd-compat/port-solaris.c]
5 [openbsd-compat/port-solaris.h] Add support for Solaris process
6 contracts, enabled with --use-solaris-contracts. Patch from Chad
7 Mynhier, tweaked by dtucker@ and myself; ok dtucker@
8
120060830 920060830
2 - (djm) OpenBSD CVS Sync 10 - (djm) OpenBSD CVS Sync
3 - dtucker@cvs.openbsd.org 2006/08/21 08:14:01 11 - dtucker@cvs.openbsd.org 2006/08/21 08:14:01
@@ -5338,4 +5346,4 @@
5338 - (djm) Trim deprecated options from INSTALL. Mention UsePAM 5346 - (djm) Trim deprecated options from INSTALL. Mention UsePAM
5339 - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu 5347 - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
5340 5348
5341$Id: ChangeLog,v 1.4518 2006/08/30 12:33:09 dtucker Exp $ 5349$Id: ChangeLog,v 1.4519 2006/08/30 17:24:41 djm Exp $
diff --git a/LICENCE b/LICENCE
index 17d94aef5..0c2ff067a 100644
--- a/LICENCE
+++ b/LICENCE
@@ -288,6 +288,7 @@ OpenSSH contains no GPL code.
288 Internet Software Consortium. 288 Internet Software Consortium.
289 Todd C. Miller 289 Todd C. Miller
290 Reyk Floeter 290 Reyk Floeter
291 Chad Mynhier
291 292
292 * Permission to use, copy, modify, and distribute this software for any 293 * Permission to use, copy, modify, and distribute this software for any
293 * purpose with or without fee is hereby granted, provided that the above 294 * purpose with or without fee is hereby granted, provided that the above
diff --git a/Makefile.in b/Makefile.in
index e1f86dbef..525b08eba 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -1,4 +1,4 @@
1# $Id: Makefile.in,v 1.280 2006/08/22 12:24:11 dtucker Exp $ 1# $Id: Makefile.in,v 1.281 2006/08/30 17:24:41 djm Exp $
2 2
3# uncomment if you run a non bourne compatable shell. Ie. csh 3# uncomment if you run a non bourne compatable shell. Ie. csh
4#SHELL = @SH@ 4#SHELL = @SH@
@@ -44,6 +44,7 @@ CFLAGS=@CFLAGS@
44CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@ 44CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@
45LIBS=@LIBS@ 45LIBS=@LIBS@
46LIBSELINUX=@LIBSELINUX@ 46LIBSELINUX=@LIBSELINUX@
47SSHDLIBS=@SSHDLIBS@
47LIBEDIT=@LIBEDIT@ 48LIBEDIT=@LIBEDIT@
48LIBPAM=@LIBPAM@ 49LIBPAM=@LIBPAM@
49LIBWRAP=@LIBWRAP@ 50LIBWRAP=@LIBWRAP@
@@ -87,7 +88,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \
87 auth-krb5.o \ 88 auth-krb5.o \
88 auth2-gss.o gss-serv.o gss-serv-krb5.o \ 89 auth2-gss.o gss-serv.o gss-serv-krb5.o \
89 loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \ 90 loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \
90 audit.o audit-bsm.o 91 audit.o audit-bsm.o platform.o
91 92
92MANPAGES = scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-rand-helper.8.out ssh-keysign.8.out sshd_config.5.out ssh_config.5.out 93MANPAGES = scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-rand-helper.8.out ssh-keysign.8.out sshd_config.5.out ssh_config.5.out
93MANPAGES_IN = scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-rand-helper.8 ssh-keysign.8 sshd_config.5 ssh_config.5 94MANPAGES_IN = scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-rand-helper.8 ssh-keysign.8 sshd_config.5 ssh_config.5
@@ -137,7 +138,7 @@ ssh$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHOBJS)
137 $(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) 138 $(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
138 139
139sshd$(EXEEXT): libssh.a $(LIBCOMPAT) $(SSHDOBJS) 140sshd$(EXEEXT): libssh.a $(LIBCOMPAT) $(SSHDOBJS)
140 $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBWRAP) $(LIBPAM) $(LIBSELINUX) $(LIBS) 141 $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBWRAP) $(LIBPAM) $(LIBSELINUX) $(SSHDLIBS) $(LIBS)
141 142
142scp$(EXEEXT): $(LIBCOMPAT) libssh.a scp.o progressmeter.o 143scp$(EXEEXT): $(LIBCOMPAT) libssh.a scp.o progressmeter.o
143 $(LD) -o $@ scp.o progressmeter.o bufaux.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) 144 $(LD) -o $@ scp.o progressmeter.o bufaux.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
diff --git a/configure.ac b/configure.ac
index 90cfbea9a..3aba414a2 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,4 +1,4 @@
1# $Id: configure.ac,v 1.355 2006/08/20 11:43:19 dtucker Exp $ 1# $Id: configure.ac,v 1.356 2006/08/30 17:24:41 djm Exp $
2# 2#
3# Copyright (c) 1999-2004 Damien Miller 3# Copyright (c) 1999-2004 Damien Miller
4# 4#
@@ -15,7 +15,7 @@
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 16
17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org) 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
18AC_REVISION($Revision: 1.355 $) 18AC_REVISION($Revision: 1.356 $)
19AC_CONFIG_SRCDIR([ssh.c]) 19AC_CONFIG_SRCDIR([ssh.c])
20 20
21AC_CONFIG_HEADER(config.h) 21AC_CONFIG_HEADER(config.h)
@@ -127,6 +127,10 @@ AC_ARG_WITH(rpath,
127 ] 127 ]
128) 128)
129 129
130# Messages for features tested for in target-specific section
131SIA_MSG="no"
132SPC_MSG="no"
133
130# Check for some target-specific stuff 134# Check for some target-specific stuff
131case "$host" in 135case "$host" in
132*-*-aix*) 136*-*-aix*)
@@ -438,6 +442,17 @@ mips-sony-bsd|mips-sony-newsos4)
438 else 442 else
439 AC_MSG_RESULT(no) 443 AC_MSG_RESULT(no)
440 fi 444 fi
445 AC_ARG_WITH(solaris-contracts,
446 [ --with-solaris-contracts Enable Solaris process contracts (experimental)],
447 [
448 AC_CHECK_LIB(contract, ct_tmpl_activate,
449 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1,
450 [Define if you have Solaris process contracts])
451 SSHDLIBS="$SSHDLIBS -lcontract"
452 AC_SUBST(SSHDLIBS)
453 SPC_MSG="yes" ], )
454 ],
455 )
441 ;; 456 ;;
442*-*-sunos4*) 457*-*-sunos4*)
443 CPPFLAGS="$CPPFLAGS -DSUNOS4" 458 CPPFLAGS="$CPPFLAGS -DSUNOS4"
@@ -586,6 +601,7 @@ mips-sony-bsd|mips-sony-newsos4)
586 system's login() call]) 601 system's login() call])
587 AC_DEFINE(DISABLE_FD_PASSING) 602 AC_DEFINE(DISABLE_FD_PASSING)
588 LIBS="$LIBS -lsecurity -ldb -lm -laud" 603 LIBS="$LIBS -lsecurity -ldb -lm -laud"
604 SIA_MSG="yes"
589 else 605 else
590 AC_MSG_RESULT(no) 606 AC_MSG_RESULT(no)
591 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin", 607 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
@@ -3905,6 +3921,7 @@ echo " sshd superuser user PATH: $J"
3905fi 3921fi
3906echo " Manpage format: $MANTYPE" 3922echo " Manpage format: $MANTYPE"
3907echo " PAM support: $PAM_MSG" 3923echo " PAM support: $PAM_MSG"
3924echo " OSF SIA support: $SIA_MSG"
3908echo " KerberosV support: $KRB5_MSG" 3925echo " KerberosV support: $KRB5_MSG"
3909echo " SELinux support: $SELINUX_MSG" 3926echo " SELinux support: $SELINUX_MSG"
3910echo " Smartcard support: $SCARD_MSG" 3927echo " Smartcard support: $SCARD_MSG"
@@ -3912,6 +3929,7 @@ echo " S/KEY support: $SKEY_MSG"
3912echo " TCP Wrappers support: $TCPW_MSG" 3929echo " TCP Wrappers support: $TCPW_MSG"
3913echo " MD5 password support: $MD5_MSG" 3930echo " MD5 password support: $MD5_MSG"
3914echo " libedit support: $LIBEDIT_MSG" 3931echo " libedit support: $LIBEDIT_MSG"
3932echo " Solaris process contract support: $SPC_MSG"
3915echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG" 3933echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
3916echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" 3934echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
3917echo " BSD Auth support: $BSD_AUTH_MSG" 3935echo " BSD Auth support: $BSD_AUTH_MSG"
diff --git a/includes.h b/includes.h
index 8e600567d..03665a3d3 100644
--- a/includes.h
+++ b/includes.h
@@ -160,6 +160,7 @@
160 160
161#include "defines.h" 161#include "defines.h"
162 162
163#include "platform.h"
163#include "openbsd-compat/openbsd-compat.h" 164#include "openbsd-compat/openbsd-compat.h"
164#include "openbsd-compat/bsd-nextstep.h" 165#include "openbsd-compat/bsd-nextstep.h"
165 166
diff --git a/openbsd-compat/Makefile.in b/openbsd-compat/Makefile.in
index 67e521bfe..9f06605d7 100644
--- a/openbsd-compat/Makefile.in
+++ b/openbsd-compat/Makefile.in
@@ -1,4 +1,4 @@
1# $Id: Makefile.in,v 1.39 2006/04/22 11:26:08 djm Exp $ 1# $Id: Makefile.in,v 1.40 2006/08/30 17:24:41 djm Exp $
2 2
3sysconfdir=@sysconfdir@ 3sysconfdir=@sysconfdir@
4piddir=@piddir@ 4piddir=@piddir@
@@ -20,7 +20,7 @@ OPENBSD=base64.o basename.o bindresvport.o daemon.o dirname.o getcwd.o getgroupl
20 20
21COMPAT=bsd-arc4random.o bsd-asprintf.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-snprintf.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xmmap.o xcrypt.o 21COMPAT=bsd-arc4random.o bsd-asprintf.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-snprintf.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xmmap.o xcrypt.o
22 22
23PORTS=port-irix.o port-linux.o port-aix.o port-uw.o port-tun.o 23PORTS=port-aix.o port-irix.o port-linux.o port-solaris.o port-tun.o port-uw.o
24 24
25.c.o: 25.c.o:
26 $(CC) $(CFLAGS) $(CPPFLAGS) -c $< 26 $(CC) $(CFLAGS) $(CPPFLAGS) -c $<
diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h
index 18249d81e..278ac71d9 100644
--- a/openbsd-compat/openbsd-compat.h
+++ b/openbsd-compat/openbsd-compat.h
@@ -1,4 +1,4 @@
1/* $Id: openbsd-compat.h,v 1.40 2006/07/12 13:10:34 dtucker Exp $ */ 1/* $Id: openbsd-compat.h,v 1.41 2006/08/30 17:24:42 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 1999-2003 Damien Miller. All rights reserved. 4 * Copyright (c) 1999-2003 Damien Miller. All rights reserved.
@@ -190,10 +190,12 @@ char *shadow_pw(struct passwd *pw);
190/* Routines for a single OS platform */ 190/* Routines for a single OS platform */
191#include "bsd-cray.h" 191#include "bsd-cray.h"
192#include "bsd-cygwin_util.h" 192#include "bsd-cygwin_util.h"
193
194#include "port-aix.h"
193#include "port-irix.h" 195#include "port-irix.h"
194#include "port-linux.h" 196#include "port-linux.h"
195#include "port-aix.h" 197#include "port-solaris.h"
196#include "port-uw.h"
197#include "port-tun.h" 198#include "port-tun.h"
199#include "port-uw.h"
198 200
199#endif /* _OPENBSD_COMPAT_H */ 201#endif /* _OPENBSD_COMPAT_H */
diff --git a/openbsd-compat/port-solaris.c b/openbsd-compat/port-solaris.c
new file mode 100644
index 000000000..f31f0c6ea
--- /dev/null
+++ b/openbsd-compat/port-solaris.c
@@ -0,0 +1,189 @@
1/* $Id: port-solaris.c,v 1.1 2006/08/30 17:24:42 djm Exp $ */
2
3/*
4 * Copyright (c) 2006 Chad Mynhier.
5 *
6 * Permission to use, copy, modify, and distribute this software for any
7 * purpose with or without fee is hereby granted, provided that the above
8 * copyright notice and this permission notice appear in all copies.
9 *
10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 */
18
19#include "config.h"
20#include "includes.h"
21
22#ifdef USE_SOLARIS_PROCESS_CONTRACTS
23
24#include <sys/types.h>
25#include <sys/stat.h>
26#include <sys/param.h>
27
28#include <errno.h>
29#ifdef HAVE_FCNTL_H
30# include <fcntl.h>
31#endif
32#include <string.h>
33#include <unistd.h>
34
35#include <libcontract.h>
36#include <sys/contract/process.h>
37#include <sys/ctfs.h>
38
39#include "log.h"
40
41#define CT_TEMPLATE CTFS_ROOT "/process/template"
42#define CT_LATEST CTFS_ROOT "/process/latest"
43
44static int tmpl_fd = -1;
45
46/* Lookup the latest process contract */
47static ctid_t
48get_active_process_contract_id(void)
49{
50 int stat_fd;
51 ctid_t ctid = -1;
52 ct_stathdl_t stathdl;
53
54 if ((stat_fd = open64(CT_LATEST, O_RDONLY)) == -1) {
55 error("%s: Error opening 'latest' process "
56 "contract: %s", __func__, strerror(errno));
57 return -1;
58 }
59 if (ct_status_read(stat_fd, CTD_COMMON, &stathdl) != 0) {
60 error("%s: Error reading process contract "
61 "status: %s", __func__, strerror(errno));
62 goto out;
63 }
64 if ((ctid = ct_status_get_id(stathdl)) < 0) {
65 error("%s: Error getting process contract id: %s",
66 __func__, strerror(errno));
67 goto out;
68 }
69
70 ct_status_free(stathdl);
71 out:
72 close(stat_fd);
73 return ctid;
74}
75
76void
77solaris_contract_pre_fork(void)
78{
79 if ((tmpl_fd = open64(CT_TEMPLATE, O_RDWR)) == -1) {
80 error("%s: open %s: %s", __func__,
81 CT_TEMPLATE, strerror(errno));
82 return;
83 }
84
85 debug2("%s: setting up process contract template on fd %d",
86 __func__, tmpl_fd);
87
88 /* We have to set certain attributes before activating the template */
89 if (ct_pr_tmpl_set_fatal(tmpl_fd,
90 CT_PR_EV_HWERR|CT_PR_EV_SIGNAL|CT_PR_EV_CORE) != 0) {
91 error("%s: Error setting process contract template "
92 "fatal events: %s", __func__, strerror(errno));
93 goto fail;
94 }
95 if (ct_tmpl_set_critical(tmpl_fd, CT_PR_EV_HWERR) != 0) {
96 error("%s: Error setting process contract template "
97 "critical events: %s", __func__, strerror(errno));
98 goto fail;
99 }
100
101 /* Now make this the active template for this process. */
102 if (ct_tmpl_activate(tmpl_fd) != 0) {
103 error("%s: Error activating process contract "
104 "template: %s", __func__, strerror(errno));
105 goto fail;
106 }
107 return;
108
109 fail:
110 if (tmpl_fd != -1) {
111 close(tmpl_fd);
112 tmpl_fd = -1;
113 }
114}
115
116void
117solaris_contract_post_fork_child()
118{
119 debug2("%s: clearing process contract template on fd %d",
120 __func__, tmpl_fd);
121
122 /* Clear the active template. */
123 if (ct_tmpl_clear(tmpl_fd) != 0)
124 error("%s: Error clearing active process contract "
125 "template: %s", __func__, strerror(errno));
126
127 close(tmpl_fd);
128 tmpl_fd = -1;
129}
130
131void
132solaris_contract_post_fork_parent(pid_t pid)
133{
134 ctid_t ctid;
135 char ctl_path[256];
136 int r, ctl_fd = -1, stat_fd = -1;
137
138 debug2("%s: clearing template (fd %d)", __func__, tmpl_fd);
139
140 if (tmpl_fd == -1)
141 return;
142
143 /* First clear the active template. */
144 if ((r = ct_tmpl_clear(tmpl_fd)) != 0)
145 error("%s: Error clearing active process contract "
146 "template: %s", __func__, strerror(errno));
147
148 close(tmpl_fd);
149 tmpl_fd = -1;
150
151 /*
152 * If either the fork didn't succeed (pid < 0), or clearing
153 * th active contract failed (r != 0), then we have nothing
154 * more do.
155 */
156 if (r != 0 || pid <= 0)
157 return;
158
159 /* Now lookup and abandon the contract we've created. */
160 ctid = get_active_process_contract_id();
161
162 debug2("%s: abandoning contract id %ld", __func__, ctid);
163
164 snprintf(ctl_path, sizeof(ctl_path),
165 CTFS_ROOT "/process/%ld/ctl", ctid);
166 if ((ctl_fd = open64(ctl_path, O_WRONLY)) < 0) {
167 error("%s: Error opening process contract "
168 "ctl file: %s", __func__, strerror(errno));
169 goto fail;
170 }
171 if (ct_ctl_abandon(ctl_fd) < 0) {
172 error("%s: Error abandoning process contract: %s",
173 __func__, strerror(errno));
174 goto fail;
175 }
176 close(ctl_fd);
177 return;
178
179 fail:
180 if (tmpl_fd != -1) {
181 close(tmpl_fd);
182 tmpl_fd = -1;
183 }
184 if (stat_fd != -1)
185 close(stat_fd);
186 if (ctl_fd != -1)
187 close(ctl_fd);
188}
189#endif
diff --git a/openbsd-compat/port-solaris.h b/openbsd-compat/port-solaris.h
new file mode 100644
index 000000000..4c324871e
--- /dev/null
+++ b/openbsd-compat/port-solaris.h
@@ -0,0 +1,27 @@
1/* $Id: port-solaris.h,v 1.1 2006/08/30 17:24:42 djm Exp $ */
2
3/*
4 * Copyright (c) 2006 Chad Mynhier.
5 *
6 * Permission to use, copy, modify, and distribute this software for any
7 * purpose with or without fee is hereby granted, provided that the above
8 * copyright notice and this permission notice appear in all copies.
9 *
10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 */
18
19#ifndef _PORT_SOLARIS_H
20
21#include <sys/types.h>
22
23void solaris_contract_pre_fork(void);
24void solaris_contract_post_fork_child(void);
25void solaris_contract_post_fork_parent(pid_t pid);
26
27#endif
diff --git a/platform.c b/platform.c
new file mode 100644
index 000000000..aee4b01e7
--- /dev/null
+++ b/platform.c
@@ -0,0 +1,46 @@
1/* $Id: platform.c,v 1.1 2006/08/30 17:24:41 djm Exp $ */
2
3/*
4 * Copyright (c) 2006 Darren Tucker. All rights reserved.
5 *
6 * Permission to use, copy, modify, and distribute this software for any
7 * purpose with or without fee is hereby granted, provided that the above
8 * copyright notice and this permission notice appear in all copies.
9 *
10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 */
18
19#include "config.h"
20#include "platform.h"
21
22#include "openbsd-compat/openbsd-compat.h"
23
24void
25platform_pre_fork(void)
26{
27#ifdef USE_SOLARIS_PROCESS_CONTRACTS
28 solaris_contract_pre_fork();
29#endif
30}
31
32void
33platform_post_fork_parent(pid_t child_pid)
34{
35#ifdef USE_SOLARIS_PROCESS_CONTRACTS
36 solaris_contract_post_fork_parent(child_pid);
37#endif
38}
39
40void
41platform_post_fork_child(void)
42{
43#ifdef USE_SOLARIS_PROCESS_CONTRACTS
44 solaris_contract_post_fork_child();
45#endif
46}
diff --git a/platform.h b/platform.h
new file mode 100644
index 000000000..cf93bc57c
--- /dev/null
+++ b/platform.h
@@ -0,0 +1,23 @@
1/* $Id: platform.h,v 1.1 2006/08/30 17:24:41 djm Exp $ */
2
3/*
4 * Copyright (c) 2006 Darren Tucker. All rights reserved.
5 *
6 * Permission to use, copy, modify, and distribute this software for any
7 * purpose with or without fee is hereby granted, provided that the above
8 * copyright notice and this permission notice appear in all copies.
9 *
10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 */
18
19#include <sys/types.h>
20
21void platform_pre_fork(void);
22void platform_post_fork_parent(pid_t child_pid);
23void platform_post_fork_child(void);
diff --git a/sshd.c b/sshd.c
index dcc626589..ee588ff8a 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1154,6 +1154,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
1154 * the child process the connection. The 1154 * the child process the connection. The
1155 * parent continues listening. 1155 * parent continues listening.
1156 */ 1156 */
1157 platform_pre_fork();
1157 if ((pid = fork()) == 0) { 1158 if ((pid = fork()) == 0) {
1158 /* 1159 /*
1159 * Child. Close the listening and 1160 * Child. Close the listening and
@@ -1163,6 +1164,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
1163 * We break out of the loop to handle 1164 * We break out of the loop to handle
1164 * the connection. 1165 * the connection.
1165 */ 1166 */
1167 platform_post_fork_child();
1166 startup_pipe = startup_p[1]; 1168 startup_pipe = startup_p[1];
1167 close_startup_pipes(); 1169 close_startup_pipes();
1168 close_listen_socks(); 1170 close_listen_socks();
@@ -1178,6 +1180,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
1178 } 1180 }
1179 1181
1180 /* Parent. Stay in the loop. */ 1182 /* Parent. Stay in the loop. */
1183 platform_post_fork_parent(pid);
1181 if (pid < 0) 1184 if (pid < 0)
1182 error("fork: %.100s", strerror(errno)); 1185 error("fork: %.100s", strerror(errno));
1183 else 1186 else