diff options
-rw-r--r-- | CREDITS | 1 | ||||
-rw-r--r-- | ChangeLog | 2 | ||||
-rw-r--r-- | Makefile.in | 37 | ||||
-rw-r--r-- | acconfig.h | 6 | ||||
-rw-r--r-- | auth-passwd.c | 27 | ||||
-rw-r--r-- | auth1.c | 25 | ||||
-rw-r--r-- | authfile.c | 8 | ||||
-rw-r--r-- | bsd-daemon.c | 7 | ||||
-rw-r--r-- | bsd-mktemp.c | 5 | ||||
-rw-r--r-- | channels.c | 2 | ||||
-rw-r--r-- | configure.in | 14 | ||||
-rw-r--r-- | cygwin_util.c | 35 | ||||
-rw-r--r-- | defines.h | 4 | ||||
-rw-r--r-- | includes.h | 12 | ||||
-rw-r--r-- | loginrec.c | 4 | ||||
-rw-r--r-- | pty.c | 16 | ||||
-rw-r--r-- | readconf.c | 2 | ||||
-rw-r--r-- | scp.c | 9 | ||||
-rw-r--r-- | session.c | 49 | ||||
-rw-r--r-- | ssh.c | 16 | ||||
-rw-r--r-- | sshconnect.c | 4 | ||||
-rw-r--r-- | sshd.c | 2 |
22 files changed, 259 insertions, 28 deletions
@@ -21,6 +21,7 @@ Chris Saia <csaia@wtower.com> - SuSE packaging | |||
21 | Chris, the Young One <cky@pobox.com> - Password auth fixes | 21 | Chris, the Young One <cky@pobox.com> - Password auth fixes |
22 | Christos Zoulas <christos@zoulas.com> - Autoconf fixes | 22 | Christos Zoulas <christos@zoulas.com> - Autoconf fixes |
23 | Chun-Chung Chen <cjj@u.washington.edu> - RPM fixes | 23 | Chun-Chung Chen <cjj@u.washington.edu> - RPM fixes |
24 | Corinna Vinschen <vinschen@cygnus.com> - Cygwin support | ||
24 | Dan Brosemer <odin@linuxfreak.com> - Autoconf support, build fixes | 25 | Dan Brosemer <odin@linuxfreak.com> - Autoconf support, build fixes |
25 | Darren Hall <dhall@virage.org> - AIX patches | 26 | Darren Hall <dhall@virage.org> - AIX patches |
26 | David Agraz <dagraz@jahoopa.com> - Build fixes | 27 | David Agraz <dagraz@jahoopa.com> - Build fixes |
@@ -38,6 +38,8 @@ | |||
38 | [session.c] | 38 | [session.c] |
39 | set SSH_ORIGINAL_COMMAND; from Leakin@dfw.nostrum.com, bet@rahul.net | 39 | set SSH_ORIGINAL_COMMAND; from Leakin@dfw.nostrum.com, bet@rahul.net |
40 | - (djm) Cleanup after import. Fix sftp-server compilation, Makefile | 40 | - (djm) Cleanup after import. Fix sftp-server compilation, Makefile |
41 | - (djm) Merge cygwin support from Corinna Vinschen <vinschen@cygnus.com> | ||
42 | |||
41 | 20000903 | 43 | 20000903 |
42 | - (djm) Fix Redhat init script | 44 | - (djm) Fix Redhat init script |
43 | 45 | ||
diff --git a/Makefile.in b/Makefile.in index 7eb84ce63..f8a0ee291 100644 --- a/Makefile.in +++ b/Makefile.in | |||
@@ -29,12 +29,13 @@ INSTALL=@INSTALL@ | |||
29 | PERL=@PERL@ | 29 | PERL=@PERL@ |
30 | ENT=@ENT@ | 30 | ENT=@ENT@ |
31 | LDFLAGS=-L. @LDFLAGS@ | 31 | LDFLAGS=-L. @LDFLAGS@ |
32 | EXEEXT=@EXEEXT@ | ||
32 | 33 | ||
33 | INSTALL_SSH_PRNG_CMDS=@INSTALL_SSH_PRNG_CMDS@ | 34 | INSTALL_SSH_PRNG_CMDS=@INSTALL_SSH_PRNG_CMDS@ |
34 | 35 | ||
35 | TARGETS=ssh sshd ssh-add ssh-keygen ssh-agent scp sftp-server $(EXTRA_TARGETS) | 36 | TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) $(EXTRA_TARGETS) |
36 | 37 | ||
37 | LIBSSH_OBJS=atomicio.o authfd.o authfile.o bufaux.o buffer.o canohost.o channels.o cipher.o compat.o compress.o crc32.o deattack.o dispatch.o dsa.o hmac.o hostfile.o key.o kex.o log.o match.o mpaux.o nchan.o packet.o radix.o entropy.o readpass.o rsa.o tildexpand.o ttymodes.o uidswap.o util.o uuencode.o xmalloc.o | 38 | LIBSSH_OBJS=atomicio.o authfd.o authfile.o bufaux.o buffer.o canohost.o channels.o cipher.o compat.o compress.o crc32.o cygwin_util.o deattack.o dispatch.o dsa.o hmac.o hostfile.o key.o kex.o log.o match.o mpaux.o nchan.o packet.o radix.o entropy.o readpass.o rsa.o tildexpand.o ttymodes.o uidswap.o util.o uuencode.o xmalloc.o |
38 | 39 | ||
39 | LIBOPENBSD_COMPAT_OBJS=bsd-arc4random.o bsd-base64.o bsd-bindresvport.o bsd-daemon.o bsd-inet_aton.o bsd-inet_ntoa.o bsd-misc.o bsd-mktemp.o bsd-rresvport.o bsd-setenv.o bsd-sigaction.o bsd-snprintf.o bsd-strlcat.o bsd-strlcpy.o bsd-strsep.o fake-getaddrinfo.o fake-getnameinfo.o next-posix.o | 40 | LIBOPENBSD_COMPAT_OBJS=bsd-arc4random.o bsd-base64.o bsd-bindresvport.o bsd-daemon.o bsd-inet_aton.o bsd-inet_ntoa.o bsd-misc.o bsd-mktemp.o bsd-rresvport.o bsd-setenv.o bsd-sigaction.o bsd-snprintf.o bsd-strlcat.o bsd-strlcpy.o bsd-strsep.o fake-getaddrinfo.o fake-getnameinfo.o next-posix.o |
40 | 41 | ||
@@ -68,25 +69,25 @@ libssh.a: $(LIBSSH_OBJS) | |||
68 | $(AR) rv $@ $(LIBSSH_OBJS) | 69 | $(AR) rv $@ $(LIBSSH_OBJS) |
69 | $(RANLIB) $@ | 70 | $(RANLIB) $@ |
70 | 71 | ||
71 | ssh: libopenbsd-compat.a libssh.a $(SSHOBJS) | 72 | ssh$(EXEEXT): libopenbsd-compat.a libssh.a $(SSHOBJS) |
72 | $(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) | 73 | $(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) |
73 | 74 | ||
74 | sshd: libssh.a libopenbsd-compat.a $(SSHDOBJS) | 75 | sshd$(EXEEXT): libssh.a libopenbsd-compat.a $(SSHDOBJS) |
75 | $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) | 76 | $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) |
76 | 77 | ||
77 | scp: libopenbsd-compat.a libssh.a scp.o | 78 | scp$(EXEEXT): libopenbsd-compat.a libssh.a scp.o |
78 | $(LD) -o $@ scp.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) | 79 | $(LD) -o $@ scp.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) |
79 | 80 | ||
80 | ssh-add: libopenbsd-compat.a libssh.a ssh-add.o log-client.o | 81 | ssh-add$(EXEEXT): libopenbsd-compat.a libssh.a ssh-add.o log-client.o |
81 | $(LD) -o $@ ssh-add.o log-client.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) | 82 | $(LD) -o $@ ssh-add.o log-client.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) |
82 | 83 | ||
83 | ssh-agent: libopenbsd-compat.a libssh.a ssh-agent.o log-client.o | 84 | ssh-agent$(EXEEXT): libopenbsd-compat.a libssh.a ssh-agent.o log-client.o |
84 | $(LD) -o $@ ssh-agent.o log-client.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) | 85 | $(LD) -o $@ ssh-agent.o log-client.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) |
85 | 86 | ||
86 | ssh-keygen: libopenbsd-compat.a libssh.a ssh-keygen.o log-client.o | 87 | ssh-keygen$(EXEEXT): libopenbsd-compat.a libssh.a ssh-keygen.o log-client.o |
87 | $(LD) -o $@ ssh-keygen.o log-client.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) | 88 | $(LD) -o $@ ssh-keygen.o log-client.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) |
88 | 89 | ||
89 | sftp-server: libopenbsd-compat.a libssh.a sftp-server.o log-server.o | 90 | sftp-server$(EXEEXT): libopenbsd-compat.a libssh.a sftp-server.o log-server.o |
90 | $(LD) -o $@ sftp-server.o log-server.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) | 91 | $(LD) -o $@ sftp-server.o log-server.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) |
91 | 92 | ||
92 | # test driver for the loginrec code - not built by default | 93 | # test driver for the loginrec code - not built by default |
@@ -142,7 +143,7 @@ install-files: | |||
142 | $(INSTALL) -m 644 sshd.[08].out $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8 | 143 | $(INSTALL) -m 644 sshd.[08].out $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8 |
143 | $(INSTALL) -m 644 sftp-server.[08].out $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8 | 144 | $(INSTALL) -m 644 sftp-server.[08].out $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8 |
144 | -rm -f $(DESTDIR)$(bindir)/slogin | 145 | -rm -f $(DESTDIR)$(bindir)/slogin |
145 | ln -s ssh $(DESTDIR)$(bindir)/slogin | 146 | ln -s ssh$(EXEEXT) $(DESTDIR)$(bindir)/slogin |
146 | -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1 | 147 | -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1 |
147 | ln -s ssh.1 $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1 | 148 | ln -s ssh.1 $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1 |
148 | if [ ! -f $(DESTDIR)$(sysconfdir)/ssh_config -a ! -f $(DESTDIR)$(sysconfdir)/sshd_config ]; then \ | 149 | if [ ! -f $(DESTDIR)$(sysconfdir)/ssh_config -a ! -f $(DESTDIR)$(sysconfdir)/sshd_config ]; then \ |
@@ -155,7 +156,7 @@ install-files: | |||
155 | $(INSTALL) -m 644 ssh_prng_cmds.out $(DESTDIR)$(sysconfdir)/ssh_prng_cmds; \ | 156 | $(INSTALL) -m 644 ssh_prng_cmds.out $(DESTDIR)$(sysconfdir)/ssh_prng_cmds; \ |
156 | fi | 157 | fi |
157 | 158 | ||
158 | host-key: ssh-keygen | 159 | host-key: ssh-keygen$(EXEEXT) |
159 | if [ -z "$(DESTDIR)" ] ; then \ | 160 | if [ -z "$(DESTDIR)" ] ; then \ |
160 | if [ -f "$(DESTDIR)$(sysconfdir)/ssh_host_key" ] ; then \ | 161 | if [ -f "$(DESTDIR)$(sysconfdir)/ssh_host_key" ] ; then \ |
161 | echo "$(DESTDIR)$(sysconfdir)/ssh_host_key already exists, skipping." ; \ | 162 | echo "$(DESTDIR)$(sysconfdir)/ssh_host_key already exists, skipping." ; \ |
@@ -169,7 +170,7 @@ host-key: ssh-keygen | |||
169 | fi ; \ | 170 | fi ; \ |
170 | fi ; | 171 | fi ; |
171 | 172 | ||
172 | host-key-force: ssh-keygen | 173 | host-key-force: ssh-keygen$(EXEEXT) |
173 | ./ssh-keygen -b 1024 -f $(DESTDIR)$(sysconfdir)/ssh_host_key -N "" | 174 | ./ssh-keygen -b 1024 -f $(DESTDIR)$(sysconfdir)/ssh_host_key -N "" |
174 | ./ssh-keygen -d -f $(DESTDIR)$(sysconfdir)/ssh_host_dsa_key -N "" | 175 | ./ssh-keygen -d -f $(DESTDIR)$(sysconfdir)/ssh_host_dsa_key -N "" |
175 | 176 | ||
@@ -186,12 +187,12 @@ uninstallall: uninstall | |||
186 | -rmdir $(DESTDIR)$(libexecdir) | 187 | -rmdir $(DESTDIR)$(libexecdir) |
187 | 188 | ||
188 | uninstall: | 189 | uninstall: |
189 | -rm -f $(DESTDIR)$(bindir)/ssh | 190 | -rm -f $(DESTDIR)$(bindir)/ssh$(EXEEXT) |
190 | -rm -f $(DESTDIR)$(bindir)/scp | 191 | -rm -f $(DESTDIR)$(bindir)/scp$(EXEEXT) |
191 | -rm -f $(DESTDIR)$(bindir)/ssh-add | 192 | -rm -f $(DESTDIR)$(bindir)/ssh-add$(EXEEXT) |
192 | -rm -f $(DESTDIR)$(bindir)/ssh-agent | 193 | -rm -f $(DESTDIR)$(bindir)/ssh-agent$(EXEEXT) |
193 | -rm -f $(DESTDIR)$(bindir)/ssh-keygen | 194 | -rm -f $(DESTDIR)$(bindir)/ssh-keygen$(EXEEXT) |
194 | -rm -f $(DESTDIR)$(sbindir)/sshd | 195 | -rm -f $(DESTDIR)$(sbindir)/sshd$(EXEEXT) |
195 | -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1 | 196 | -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1 |
196 | -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1 | 197 | -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1 |
197 | -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1 | 198 | -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1 |
diff --git a/acconfig.h b/acconfig.h index c16ec2bf6..d855d887a 100644 --- a/acconfig.h +++ b/acconfig.h | |||
@@ -43,6 +43,9 @@ | |||
43 | /* Define if your snprintf is busted */ | 43 | /* Define if your snprintf is busted */ |
44 | #undef BROKEN_SNPRINTF | 44 | #undef BROKEN_SNPRINTF |
45 | 45 | ||
46 | /* Define if you are on Cygwin */ | ||
47 | #undef HAVE_CYGWIN | ||
48 | |||
46 | /* Define if you are on NeXT */ | 49 | /* Define if you are on NeXT */ |
47 | #undef HAVE_NEXT | 50 | #undef HAVE_NEXT |
48 | 51 | ||
@@ -243,6 +246,9 @@ | |||
243 | /* getaddrinfo is broken (if present) */ | 246 | /* getaddrinfo is broken (if present) */ |
244 | #undef BROKEN_GETADDRINFO | 247 | #undef BROKEN_GETADDRINFO |
245 | 248 | ||
249 | /* vhangup is broken (if present) */ | ||
250 | #undef BROKEN_VHANGUP | ||
251 | |||
246 | /* Workaround more Linux IPv6 quirks */ | 252 | /* Workaround more Linux IPv6 quirks */ |
247 | #undef DONT_TRY_OTHER_AF | 253 | #undef DONT_TRY_OTHER_AF |
248 | 254 | ||
diff --git a/auth-passwd.c b/auth-passwd.c index 93756e9e6..850e25834 100644 --- a/auth-passwd.c +++ b/auth-passwd.c | |||
@@ -37,6 +37,13 @@ RCSID("$OpenBSD: auth-passwd.c,v 1.16 2000/06/20 01:39:38 markus Exp $"); | |||
37 | # include "md5crypt.h" | 37 | # include "md5crypt.h" |
38 | #endif /* defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT) */ | 38 | #endif /* defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT) */ |
39 | 39 | ||
40 | #ifdef HAVE_CYGWIN | ||
41 | #undef ERROR | ||
42 | #include <windows.h> | ||
43 | #include <sys/cygwin.h> | ||
44 | #define is_winnt (GetVersion() < 0x80000000) | ||
45 | #endif | ||
46 | |||
40 | /* | 47 | /* |
41 | * Tries to authenticate the user using password. Returns true if | 48 | * Tries to authenticate the user using password. Returns true if |
42 | * authentication succeeds. | 49 | * authentication succeeds. |
@@ -63,11 +70,31 @@ auth_password(struct passwd * pw, const char *password) | |||
63 | /* deny if no user. */ | 70 | /* deny if no user. */ |
64 | if (pw == NULL) | 71 | if (pw == NULL) |
65 | return 0; | 72 | return 0; |
73 | #ifndef HAVE_CYGWIN | ||
66 | if (pw->pw_uid == 0 && options.permit_root_login == 2) | 74 | if (pw->pw_uid == 0 && options.permit_root_login == 2) |
67 | return 0; | 75 | return 0; |
76 | #endif | ||
77 | #ifdef HAVE_CYGWIN | ||
78 | /* | ||
79 | * Empty password is only possible on NT if the user has _really_ | ||
80 | * an empty password and authentication is done, though. | ||
81 | */ | ||
82 | if (!is_winnt) | ||
83 | #endif | ||
68 | if (*password == '\0' && options.permit_empty_passwd == 0) | 84 | if (*password == '\0' && options.permit_empty_passwd == 0) |
69 | return 0; | 85 | return 0; |
70 | 86 | ||
87 | #ifdef HAVE_CYGWIN | ||
88 | if (is_winnt) { | ||
89 | HANDLE hToken = cygwin_logon_user(pw, password); | ||
90 | |||
91 | if (hToken == INVALID_HANDLE_VALUE) | ||
92 | return 0; | ||
93 | cygwin_set_impersonation_token(hToken); | ||
94 | return 1; | ||
95 | } | ||
96 | #endif | ||
97 | |||
71 | #ifdef SKEY | 98 | #ifdef SKEY |
72 | if (options.skey_authentication == 1) { | 99 | if (options.skey_authentication == 1) { |
73 | int ret = auth_skey_password(pw, password); | 100 | int ret = auth_skey_password(pw, password); |
@@ -23,6 +23,11 @@ RCSID("$OpenBSD: auth1.c,v 1.3 2000/08/20 18:42:40 millert Exp $"); | |||
23 | # include <siad.h> | 23 | # include <siad.h> |
24 | #endif | 24 | #endif |
25 | 25 | ||
26 | #ifdef HAVE_CYGWIN | ||
27 | #include <windows.h> | ||
28 | #define is_winnt (GetVersion() < 0x80000000) | ||
29 | #endif | ||
30 | |||
26 | /* import */ | 31 | /* import */ |
27 | extern ServerOptions options; | 32 | extern ServerOptions options; |
28 | extern char *forced_command; | 33 | extern char *forced_command; |
@@ -371,6 +376,23 @@ do_authloop(struct passwd * pw) | |||
371 | break; | 376 | break; |
372 | } | 377 | } |
373 | 378 | ||
379 | #ifdef HAVE_CYGWIN | ||
380 | /* | ||
381 | * The only authentication which is able to change the user | ||
382 | * context on NT systems is the password authentication. So | ||
383 | * we deny all requsts for changing the user context if another | ||
384 | * authentication method is used. | ||
385 | * This may change in future when a special openssh | ||
386 | * subauthentication package is available. | ||
387 | */ | ||
388 | if (is_winnt && type != SSH_CMSG_AUTH_PASSWORD && | ||
389 | authenticated && geteuid() != pw->pw_uid) { | ||
390 | packet_disconnect("Authentication rejected for uid %d.", | ||
391 | (int) pw->pw_uid); | ||
392 | authenticated = 0; | ||
393 | } | ||
394 | #endif | ||
395 | |||
374 | /* | 396 | /* |
375 | * Check if the user is logging in as root and root logins | 397 | * Check if the user is logging in as root and root logins |
376 | * are disallowed. | 398 | * are disallowed. |
@@ -491,12 +513,15 @@ do_authentication() | |||
491 | start_pam(pw); | 513 | start_pam(pw); |
492 | #endif | 514 | #endif |
493 | 515 | ||
516 | #ifndef HAVE_CYGWIN | ||
494 | /* | 517 | /* |
495 | * If we are not running as root, the user must have the same uid as | 518 | * If we are not running as root, the user must have the same uid as |
496 | * the server. | 519 | * the server. |
520 | * Rule not valid on Windows systems. | ||
497 | */ | 521 | */ |
498 | if (getuid() != 0 && pw->pw_uid != getuid()) | 522 | if (getuid() != 0 && pw->pw_uid != getuid()) |
499 | packet_disconnect("Cannot change user when server not running as root."); | 523 | packet_disconnect("Cannot change user when server not running as root."); |
524 | #endif | ||
500 | 525 | ||
501 | debug("Attempting authentication for %.100s.", pw->pw_name); | 526 | debug("Attempting authentication for %.100s.", pw->pw_name); |
502 | 527 | ||
diff --git a/authfile.c b/authfile.c index 71c4a5d84..4368cb941 100644 --- a/authfile.c +++ b/authfile.c | |||
@@ -457,7 +457,12 @@ load_private_key(const char *filename, const char *passphrase, Key *key, | |||
457 | if (fd < 0) | 457 | if (fd < 0) |
458 | return 0; | 458 | return 0; |
459 | 459 | ||
460 | /* check owner and modes */ | 460 | #ifndef HAVE_CYGWIN |
461 | /* | ||
462 | * check owner and modes. | ||
463 | * This won't work on Windows under all circumstances so we drop | ||
464 | * that check for now. | ||
465 | */ | ||
461 | if (fstat(fd, &st) < 0 || | 466 | if (fstat(fd, &st) < 0 || |
462 | (st.st_uid != 0 && st.st_uid != getuid()) || | 467 | (st.st_uid != 0 && st.st_uid != getuid()) || |
463 | (st.st_mode & 077) != 0) { | 468 | (st.st_mode & 077) != 0) { |
@@ -470,6 +475,7 @@ load_private_key(const char *filename, const char *passphrase, Key *key, | |||
470 | error("It is recommended that your private key files are NOT accessible by others."); | 475 | error("It is recommended that your private key files are NOT accessible by others."); |
471 | return 0; | 476 | return 0; |
472 | } | 477 | } |
478 | #endif | ||
473 | switch (key->type) { | 479 | switch (key->type) { |
474 | case KEY_RSA: | 480 | case KEY_RSA: |
475 | if (key->rsa->e != NULL) { | 481 | if (key->rsa->e != NULL) { |
diff --git a/bsd-daemon.c b/bsd-daemon.c index de829958c..f704a9048 100644 --- a/bsd-daemon.c +++ b/bsd-daemon.c | |||
@@ -51,6 +51,13 @@ daemon(nochdir, noclose) | |||
51 | case 0: | 51 | case 0: |
52 | break; | 52 | break; |
53 | default: | 53 | default: |
54 | #ifdef HAVE_CYGWIN | ||
55 | /* | ||
56 | * This sleep avoids a race condition which kills the | ||
57 | * child process if parent is started by a NT/W2K service. | ||
58 | */ | ||
59 | sleep(1); | ||
60 | #endif | ||
54 | _exit(0); | 61 | _exit(0); |
55 | } | 62 | } |
56 | 63 | ||
diff --git a/bsd-mktemp.c b/bsd-mktemp.c index e8ffd0219..9ed1bc80f 100644 --- a/bsd-mktemp.c +++ b/bsd-mktemp.c | |||
@@ -42,6 +42,11 @@ | |||
42 | static char rcsid[] = "$OpenBSD: mktemp.c,v 1.13 1998/06/30 23:03:13 deraadt Exp $"; | 42 | static char rcsid[] = "$OpenBSD: mktemp.c,v 1.13 1998/06/30 23:03:13 deraadt Exp $"; |
43 | #endif /* LIBC_SCCS and not lint */ | 43 | #endif /* LIBC_SCCS and not lint */ |
44 | 44 | ||
45 | #ifdef HAVE_CYGWIN | ||
46 | #define open binary_open | ||
47 | extern int binary_open(); | ||
48 | #endif | ||
49 | |||
45 | static int _gettemp(char *, int *, int, int); | 50 | static int _gettemp(char *, int *, int, int); |
46 | 51 | ||
47 | int | 52 | int |
diff --git a/channels.c b/channels.c index c77f6b96a..4ac48a77a 100644 --- a/channels.c +++ b/channels.c | |||
@@ -1567,6 +1567,7 @@ channel_input_port_forward_request(int is_root, int gateway_ports) | |||
1567 | hostname = packet_get_string(NULL); | 1567 | hostname = packet_get_string(NULL); |
1568 | host_port = packet_get_int(); | 1568 | host_port = packet_get_int(); |
1569 | 1569 | ||
1570 | #ifndef HAVE_CYGWIN | ||
1570 | /* | 1571 | /* |
1571 | * Check that an unprivileged user is not trying to forward a | 1572 | * Check that an unprivileged user is not trying to forward a |
1572 | * privileged port. | 1573 | * privileged port. |
@@ -1574,6 +1575,7 @@ channel_input_port_forward_request(int is_root, int gateway_ports) | |||
1574 | if (port < IPPORT_RESERVED && !is_root) | 1575 | if (port < IPPORT_RESERVED && !is_root) |
1575 | packet_disconnect("Requested forwarding of port %d but user is not root.", | 1576 | packet_disconnect("Requested forwarding of port %d but user is not root.", |
1576 | port); | 1577 | port); |
1578 | #endif | ||
1577 | /* | 1579 | /* |
1578 | * Initiate forwarding, | 1580 | * Initiate forwarding, |
1579 | */ | 1581 | */ |
diff --git a/configure.in b/configure.in index b1dd1d067..9fb78f1ff 100644 --- a/configure.in +++ b/configure.in | |||
@@ -54,6 +54,18 @@ case "$host" in | |||
54 | MANTYPE='$(CATMAN)' | 54 | MANTYPE='$(CATMAN)' |
55 | mansubdir=cat | 55 | mansubdir=cat |
56 | ;; | 56 | ;; |
57 | *-*-cygwin*) | ||
58 | LIBS="$LIBS /usr/lib/textmode.o" | ||
59 | AC_DEFINE(HAVE_CYGWIN) | ||
60 | AC_DEFINE(DISABLE_PAM) | ||
61 | AC_DEFINE(DISABLE_SHADOW) | ||
62 | AC_DEFINE(IPV4_DEFAULT) | ||
63 | AC_DEFINE(IP_TOS_IS_BROKEN) | ||
64 | AC_DEFINE(BROKEN_VHANGUP) | ||
65 | no_pam=1 | ||
66 | no_libsocket=1 | ||
67 | no_libnsl=1 | ||
68 | ;; | ||
57 | *-*-hpux10*) | 69 | *-*-hpux10*) |
58 | if test -z "$GCC"; then | 70 | if test -z "$GCC"; then |
59 | CFLAGS="$CFLAGS -Ae" | 71 | CFLAGS="$CFLAGS -Ae" |
@@ -1400,6 +1412,8 @@ if test ! -z "$blibpath" ; then | |||
1400 | AC_MSG_WARN([Please check and edit -blibpath in LDFLAGS in Makefile]) | 1412 | AC_MSG_WARN([Please check and edit -blibpath in LDFLAGS in Makefile]) |
1401 | fi | 1413 | fi |
1402 | 1414 | ||
1415 | AC_EXEEXT | ||
1416 | |||
1403 | AC_OUTPUT(Makefile ssh_prng_cmds) | 1417 | AC_OUTPUT(Makefile ssh_prng_cmds) |
1404 | 1418 | ||
1405 | # Print summary of options | 1419 | # Print summary of options |
diff --git a/cygwin_util.c b/cygwin_util.c new file mode 100644 index 000000000..13bd66347 --- /dev/null +++ b/cygwin_util.c | |||
@@ -0,0 +1,35 @@ | |||
1 | /* | ||
2 | * | ||
3 | * cygwin_util.c | ||
4 | * | ||
5 | * Author: Corinna Vinschen <vinschen@cygnus.com> | ||
6 | * | ||
7 | * Copyright (c) 2000 Corinna Vinschen <vinschen@cygnus.com>, Duisburg, Germany | ||
8 | * All rights reserved | ||
9 | * | ||
10 | * Created: Sat Sep 02 12:17:00 2000 cv | ||
11 | * | ||
12 | * This file contains functions for forcing opened file descriptors to | ||
13 | * binary mode on Windows systems. | ||
14 | */ | ||
15 | |||
16 | #include "config.h" | ||
17 | |||
18 | #ifdef HAVE_CYGWIN | ||
19 | #include <fcntl.h> | ||
20 | #include <io.h> | ||
21 | |||
22 | int binary_open(const char *filename, int flags, mode_t mode) | ||
23 | { | ||
24 | return open(filename, flags | O_BINARY, mode); | ||
25 | } | ||
26 | |||
27 | int binary_pipe(int fd[2]) | ||
28 | { | ||
29 | int ret = pipe(fd); | ||
30 | if (!ret) { | ||
31 | setmode (fd[0], O_BINARY); | ||
32 | setmode (fd[1], O_BINARY); | ||
33 | } | ||
34 | } | ||
35 | #endif | ||
@@ -322,6 +322,10 @@ typedef int mode_t; | |||
322 | # define atexit(a) on_exit(a) | 322 | # define atexit(a) on_exit(a) |
323 | #endif /* !defined(HAVE_ATEXIT) && defined(HAVE_ON_EXIT) */ | 323 | #endif /* !defined(HAVE_ATEXIT) && defined(HAVE_ON_EXIT) */ |
324 | 324 | ||
325 | #if defined(HAVE_VHANGUP) && !defined(BROKEN_VHANGUP) | ||
326 | # define USE_VHANGUP | ||
327 | #endif /* defined(HAVE_VHANGUP) && !defined(BROKEN_VHANGUP) */ | ||
328 | |||
325 | /** | 329 | /** |
326 | ** login recorder definitions | 330 | ** login recorder definitions |
327 | **/ | 331 | **/ |
diff --git a/includes.h b/includes.h index 5102c97ad..27569e18f 100644 --- a/includes.h +++ b/includes.h | |||
@@ -29,7 +29,9 @@ static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg } | |||
29 | #include <sys/wait.h> | 29 | #include <sys/wait.h> |
30 | #include <sys/resource.h> | 30 | #include <sys/resource.h> |
31 | 31 | ||
32 | #ifndef HAVE_CYGWIN | ||
32 | #include <netinet/tcp.h> | 33 | #include <netinet/tcp.h> |
34 | #endif | ||
33 | #include <arpa/inet.h> | 35 | #include <arpa/inet.h> |
34 | #include <netdb.h> | 36 | #include <netdb.h> |
35 | 37 | ||
@@ -46,6 +48,9 @@ static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg } | |||
46 | #include <grp.h> | 48 | #include <grp.h> |
47 | #include <time.h> | 49 | #include <time.h> |
48 | #include <dirent.h> | 50 | #include <dirent.h> |
51 | #ifdef HAVE_CYGWIN | ||
52 | #include <getopt.h> | ||
53 | #endif | ||
49 | 54 | ||
50 | #ifdef HAVE_BSTRING_H | 55 | #ifdef HAVE_BSTRING_H |
51 | # include <bstring.h> | 56 | # include <bstring.h> |
@@ -110,4 +115,11 @@ static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg } | |||
110 | */ | 115 | */ |
111 | /* #define USE_PIPES 1 */ | 116 | /* #define USE_PIPES 1 */ |
112 | 117 | ||
118 | #ifdef HAVE_CYGWIN | ||
119 | #define open binary_open | ||
120 | #define pipe binary_pipe | ||
121 | extern int binary_open(); | ||
122 | extern int binary_pipe(); | ||
123 | #endif | ||
124 | |||
113 | #endif /* INCLUDES_H */ | 125 | #endif /* INCLUDES_H */ |
diff --git a/loginrec.c b/loginrec.c index 61bceb180..0e1f344b9 100644 --- a/loginrec.c +++ b/loginrec.c | |||
@@ -161,7 +161,7 @@ | |||
161 | #include "xmalloc.h" | 161 | #include "xmalloc.h" |
162 | #include "loginrec.h" | 162 | #include "loginrec.h" |
163 | 163 | ||
164 | RCSID("$Id: loginrec.c,v 1.22 2000/08/29 03:30:37 djm Exp $"); | 164 | RCSID("$Id: loginrec.c,v 1.23 2000/09/05 05:13:07 djm Exp $"); |
165 | 165 | ||
166 | /** | 166 | /** |
167 | ** prototypes for helper functions in this file | 167 | ** prototypes for helper functions in this file |
@@ -401,10 +401,12 @@ login_set_addr(struct logininfo *li, const struct sockaddr *sa, | |||
401 | int | 401 | int |
402 | login_write (struct logininfo *li) | 402 | login_write (struct logininfo *li) |
403 | { | 403 | { |
404 | #ifndef HAVE_CYGWIN | ||
404 | if ((int)geteuid() != 0) { | 405 | if ((int)geteuid() != 0) { |
405 | log("Attempt to write login records by non-root user (aborting)"); | 406 | log("Attempt to write login records by non-root user (aborting)"); |
406 | return 1; | 407 | return 1; |
407 | } | 408 | } |
409 | #endif | ||
408 | 410 | ||
409 | /* set the timestamp */ | 411 | /* set the timestamp */ |
410 | login_set_current_time(li); | 412 | login_set_current_time(li); |
@@ -118,6 +118,7 @@ pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen) | |||
118 | close(*ptyfd); | 118 | close(*ptyfd); |
119 | return 0; | 119 | return 0; |
120 | } | 120 | } |
121 | #ifndef HAVE_CYGWIN | ||
121 | /* Push the appropriate streams modules, as described in Solaris pts(7). */ | 122 | /* Push the appropriate streams modules, as described in Solaris pts(7). */ |
122 | if (ioctl(*ttyfd, I_PUSH, "ptem") < 0) | 123 | if (ioctl(*ttyfd, I_PUSH, "ptem") < 0) |
123 | error("ioctl I_PUSH ptem: %.100s", strerror(errno)); | 124 | error("ioctl I_PUSH ptem: %.100s", strerror(errno)); |
@@ -127,6 +128,7 @@ pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen) | |||
127 | if (ioctl(*ttyfd, I_PUSH, "ttcompat") < 0) | 128 | if (ioctl(*ttyfd, I_PUSH, "ttcompat") < 0) |
128 | error("ioctl I_PUSH ttcompat: %.100s", strerror(errno)); | 129 | error("ioctl I_PUSH ttcompat: %.100s", strerror(errno)); |
129 | #endif | 130 | #endif |
131 | #endif | ||
130 | return 1; | 132 | return 1; |
131 | #else /* HAVE_DEV_PTMX */ | 133 | #else /* HAVE_DEV_PTMX */ |
132 | #ifdef HAVE_DEV_PTS_AND_PTC | 134 | #ifdef HAVE_DEV_PTS_AND_PTC |
@@ -208,9 +210,9 @@ void | |||
208 | pty_make_controlling_tty(int *ttyfd, const char *ttyname) | 210 | pty_make_controlling_tty(int *ttyfd, const char *ttyname) |
209 | { | 211 | { |
210 | int fd; | 212 | int fd; |
211 | #ifdef HAVE_VHANGUP | 213 | #ifdef USE_VHANGUP |
212 | void *old; | 214 | void *old; |
213 | #endif /* HAVE_VHANGUP */ | 215 | #endif /* USE_VHANGUP */ |
214 | 216 | ||
215 | /* First disconnect from the old controlling tty. */ | 217 | /* First disconnect from the old controlling tty. */ |
216 | #ifdef TIOCNOTTY | 218 | #ifdef TIOCNOTTY |
@@ -242,21 +244,21 @@ pty_make_controlling_tty(int *ttyfd, const char *ttyname) | |||
242 | */ | 244 | */ |
243 | ioctl(*ttyfd, TIOCSCTTY, NULL); | 245 | ioctl(*ttyfd, TIOCSCTTY, NULL); |
244 | #endif /* TIOCSCTTY */ | 246 | #endif /* TIOCSCTTY */ |
245 | #ifdef HAVE_VHANGUP | 247 | #ifdef USE_VHANGUP |
246 | old = signal(SIGHUP, SIG_IGN); | 248 | old = signal(SIGHUP, SIG_IGN); |
247 | vhangup(); | 249 | vhangup(); |
248 | signal(SIGHUP, old); | 250 | signal(SIGHUP, old); |
249 | #endif /* HAVE_VHANGUP */ | 251 | #endif /* USE_VHANGUP */ |
250 | fd = open(ttyname, O_RDWR); | 252 | fd = open(ttyname, O_RDWR); |
251 | if (fd < 0) { | 253 | if (fd < 0) { |
252 | error("%.100s: %.100s", ttyname, strerror(errno)); | 254 | error("%.100s: %.100s", ttyname, strerror(errno)); |
253 | } else { | 255 | } else { |
254 | #ifdef HAVE_VHANGUP | 256 | #ifdef USE_VHANGUP |
255 | close(*ttyfd); | 257 | close(*ttyfd); |
256 | *ttyfd = fd; | 258 | *ttyfd = fd; |
257 | #else /* HAVE_VHANGUP */ | 259 | #else /* USE_VHANGUP */ |
258 | close(fd); | 260 | close(fd); |
259 | #endif /* HAVE_VHANGUP */ | 261 | #endif /* USE_VHANGUP */ |
260 | } | 262 | } |
261 | /* Verify that we now have a controlling tty. */ | 263 | /* Verify that we now have a controlling tty. */ |
262 | fd = open("/dev/tty", O_WRONLY); | 264 | fd = open("/dev/tty", O_WRONLY); |
diff --git a/readconf.c b/readconf.c index f31b1c4e6..c9e0f5944 100644 --- a/readconf.c +++ b/readconf.c | |||
@@ -174,9 +174,11 @@ add_local_forward(Options *options, u_short port, const char *host, | |||
174 | u_short host_port) | 174 | u_short host_port) |
175 | { | 175 | { |
176 | Forward *fwd; | 176 | Forward *fwd; |
177 | #ifndef HAVE_CYGWIN | ||
177 | extern uid_t original_real_uid; | 178 | extern uid_t original_real_uid; |
178 | if (port < IPPORT_RESERVED && original_real_uid != 0) | 179 | if (port < IPPORT_RESERVED && original_real_uid != 0) |
179 | fatal("Privileged ports can only be forwarded by root.\n"); | 180 | fatal("Privileged ports can only be forwarded by root.\n"); |
181 | #endif | ||
180 | if (options->num_local_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION) | 182 | if (options->num_local_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION) |
181 | fatal("Too many local forwards (max %d).", SSH_MAX_FORWARDS_PER_DIRECTION); | 183 | fatal("Too many local forwards (max %d).", SSH_MAX_FORWARDS_PER_DIRECTION); |
182 | fwd = &options->local_forwards[options->num_local_forwards++]; | 184 | fwd = &options->local_forwards[options->num_local_forwards++]; |
@@ -1117,8 +1117,17 @@ foregroundproc() | |||
1117 | if (pgrp == -1) | 1117 | if (pgrp == -1) |
1118 | pgrp = getpgrp(); | 1118 | pgrp = getpgrp(); |
1119 | 1119 | ||
1120 | #ifdef HAVE_CYGWIN | ||
1121 | /* | ||
1122 | * Cygwin only supports tcgetpgrp() for getting the controlling tty | ||
1123 | * currently. | ||
1124 | */ | ||
1125 | return ((ctty_pgrp = tcgetpgrp(STDOUT_FILENO)) != -1 && | ||
1126 | ctty_pgrp == pgrp); | ||
1127 | #else | ||
1120 | return ((ioctl(STDOUT_FILENO, TIOCGPGRP, &ctty_pgrp) != -1 && | 1128 | return ((ioctl(STDOUT_FILENO, TIOCGPGRP, &ctty_pgrp) != -1 && |
1121 | ctty_pgrp == pgrp)); | 1129 | ctty_pgrp == pgrp)); |
1130 | #endif | ||
1122 | } | 1131 | } |
1123 | 1132 | ||
1124 | void | 1133 | void |
@@ -41,6 +41,12 @@ RCSID("$OpenBSD: session.c,v 1.35 2000/09/04 19:07:21 markus Exp $"); | |||
41 | # include <siad.h> | 41 | # include <siad.h> |
42 | #endif | 42 | #endif |
43 | 43 | ||
44 | #ifdef HAVE_CYGWIN | ||
45 | #include <windows.h> | ||
46 | #include <sys/cygwin.h> | ||
47 | #define is_winnt (GetVersion() < 0x80000000) | ||
48 | #endif | ||
49 | |||
44 | /* AIX limits */ | 50 | /* AIX limits */ |
45 | #if defined(HAVE_GETUSERATTR) && !defined(S_UFSIZE_HARD) && defined(S_UFSIZE) | 51 | #if defined(HAVE_GETUSERATTR) && !defined(S_UFSIZE_HARD) && defined(S_UFSIZE) |
46 | # define S_UFSIZE_HARD S_UFSIZE "_hard" | 52 | # define S_UFSIZE_HARD S_UFSIZE "_hard" |
@@ -503,6 +509,10 @@ do_exec_no_pty(Session *s, const char *command, struct passwd * pw) | |||
503 | do_child(command, pw, NULL, s->display, s->auth_proto, s->auth_data, NULL); | 509 | do_child(command, pw, NULL, s->display, s->auth_proto, s->auth_data, NULL); |
504 | /* NOTREACHED */ | 510 | /* NOTREACHED */ |
505 | } | 511 | } |
512 | #ifdef HAVE_CYGWIN | ||
513 | if (is_winnt) | ||
514 | cygwin_set_impersonation_token(INVALID_HANDLE_VALUE); | ||
515 | #endif | ||
506 | if (pid < 0) | 516 | if (pid < 0) |
507 | packet_disconnect("fork failed: %.100s", strerror(errno)); | 517 | packet_disconnect("fork failed: %.100s", strerror(errno)); |
508 | s->pid = pid; | 518 | s->pid = pid; |
@@ -594,6 +604,10 @@ do_exec_pty(Session *s, const char *command, struct passwd * pw) | |||
594 | s->auth_data, s->tty); | 604 | s->auth_data, s->tty); |
595 | /* NOTREACHED */ | 605 | /* NOTREACHED */ |
596 | } | 606 | } |
607 | #ifdef HAVE_CYGWIN | ||
608 | if (is_winnt) | ||
609 | cygwin_set_impersonation_token(INVALID_HANDLE_VALUE); | ||
610 | #endif | ||
597 | if (pid < 0) | 611 | if (pid < 0) |
598 | packet_disconnect("fork failed: %.100s", strerror(errno)); | 612 | packet_disconnect("fork failed: %.100s", strerror(errno)); |
599 | s->pid = pid; | 613 | s->pid = pid; |
@@ -973,7 +987,11 @@ do_child(const char *command, struct passwd * pw, const char *term, | |||
973 | exit(1); | 987 | exit(1); |
974 | } | 988 | } |
975 | #else /* HAVE_OSF_SIA */ | 989 | #else /* HAVE_OSF_SIA */ |
990 | #ifdef HAVE_CYGWIN | ||
991 | if (is_winnt) { | ||
992 | #else | ||
976 | if (getuid() == 0 || geteuid() == 0) { | 993 | if (getuid() == 0 || geteuid() == 0) { |
994 | #endif | ||
977 | # ifdef HAVE_GETUSERATTR | 995 | # ifdef HAVE_GETUSERATTR |
978 | set_limits_from_userattr(pw->pw_name); | 996 | set_limits_from_userattr(pw->pw_name); |
979 | # endif /* HAVE_GETUSERATTR */ | 997 | # endif /* HAVE_GETUSERATTR */ |
@@ -1018,6 +1036,9 @@ do_child(const char *command, struct passwd * pw, const char *term, | |||
1018 | } | 1036 | } |
1019 | #endif /* HAVE_OSF_SIA */ | 1037 | #endif /* HAVE_OSF_SIA */ |
1020 | 1038 | ||
1039 | #ifdef HAVE_CYGWIN | ||
1040 | if (is_winnt) | ||
1041 | #endif | ||
1021 | if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid) | 1042 | if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid) |
1022 | fatal("Failed to set uids to %u.", (u_int) pw->pw_uid); | 1043 | fatal("Failed to set uids to %u.", (u_int) pw->pw_uid); |
1023 | } | 1044 | } |
@@ -1047,6 +1068,22 @@ do_child(const char *command, struct passwd * pw, const char *term, | |||
1047 | env = xmalloc(envsize * sizeof(char *)); | 1068 | env = xmalloc(envsize * sizeof(char *)); |
1048 | env[0] = NULL; | 1069 | env[0] = NULL; |
1049 | 1070 | ||
1071 | #ifdef HAVE_CYGWIN | ||
1072 | /* | ||
1073 | * The Windows environment contains some setting which are | ||
1074 | * important for a running system. They must not be dropped. | ||
1075 | */ | ||
1076 | { | ||
1077 | char **ep; | ||
1078 | for (ep = environ; *ep; ++ep) { | ||
1079 | char *esp = strchr(*ep, '='); | ||
1080 | *esp = '\0'; | ||
1081 | child_set_env(&env, &envsize, *ep, esp + 1); | ||
1082 | *esp = '='; | ||
1083 | } | ||
1084 | } | ||
1085 | #endif | ||
1086 | |||
1050 | if (!options.use_login) { | 1087 | if (!options.use_login) { |
1051 | /* Set basic environment. */ | 1088 | /* Set basic environment. */ |
1052 | child_set_env(&env, &envsize, "USER", pw->pw_name); | 1089 | child_set_env(&env, &envsize, "USER", pw->pw_name); |
@@ -1056,8 +1093,16 @@ do_child(const char *command, struct passwd * pw, const char *term, | |||
1056 | (void) setusercontext(lc, pw, pw->pw_uid, LOGIN_SETPATH); | 1093 | (void) setusercontext(lc, pw, pw->pw_uid, LOGIN_SETPATH); |
1057 | child_set_env(&env, &envsize, "PATH", getenv("PATH")); | 1094 | child_set_env(&env, &envsize, "PATH", getenv("PATH")); |
1058 | #else | 1095 | #else |
1096 | #ifndef HAVE_CYGWIN | ||
1097 | /* | ||
1098 | * There's no standard path on Windows. The path contains | ||
1099 | * important components pointing to the system directories, | ||
1100 | * needed for loading shared libraries. So the path better | ||
1101 | * remains intact here. | ||
1102 | */ | ||
1059 | child_set_env(&env, &envsize, "PATH", _PATH_STDPATH); | 1103 | child_set_env(&env, &envsize, "PATH", _PATH_STDPATH); |
1060 | #endif | 1104 | #endif |
1105 | #endif | ||
1061 | 1106 | ||
1062 | snprintf(buf, sizeof buf, "%.200s/%.50s", | 1107 | snprintf(buf, sizeof buf, "%.200s/%.50s", |
1063 | _PATH_MAILDIR, pw->pw_name); | 1108 | _PATH_MAILDIR, pw->pw_name); |
@@ -1234,11 +1279,13 @@ do_child(const char *command, struct passwd * pw, const char *term, | |||
1234 | "Running %.100s add %.100s %.100s %.100s\n", | 1279 | "Running %.100s add %.100s %.100s %.100s\n", |
1235 | options.xauth_location, display, | 1280 | options.xauth_location, display, |
1236 | auth_proto, auth_data); | 1281 | auth_proto, auth_data); |
1282 | #ifndef HAVE_CYGWIN | ||
1237 | if (screen != NULL) | 1283 | if (screen != NULL) |
1238 | fprintf(stderr, | 1284 | fprintf(stderr, |
1239 | "Adding %.*s/unix%s %s %s\n", | 1285 | "Adding %.*s/unix%s %s %s\n", |
1240 | (int)(screen-display), display, | 1286 | (int)(screen-display), display, |
1241 | screen, auth_proto, auth_data); | 1287 | screen, auth_proto, auth_data); |
1288 | #endif | ||
1242 | } | 1289 | } |
1243 | snprintf(cmd, sizeof cmd, "%s -q -", | 1290 | snprintf(cmd, sizeof cmd, "%s -q -", |
1244 | options.xauth_location); | 1291 | options.xauth_location); |
@@ -1246,10 +1293,12 @@ do_child(const char *command, struct passwd * pw, const char *term, | |||
1246 | if (f) { | 1293 | if (f) { |
1247 | fprintf(f, "add %s %s %s\n", display, | 1294 | fprintf(f, "add %s %s %s\n", display, |
1248 | auth_proto, auth_data); | 1295 | auth_proto, auth_data); |
1296 | #ifndef HAVE_CYGWIN | ||
1249 | if (screen != NULL) | 1297 | if (screen != NULL) |
1250 | fprintf(f, "add %.*s/unix%s %s %s\n", | 1298 | fprintf(f, "add %.*s/unix%s %s %s\n", |
1251 | (int)(screen-display), display, | 1299 | (int)(screen-display), display, |
1252 | screen, auth_proto, auth_data); | 1300 | screen, auth_proto, auth_data); |
1301 | #endif | ||
1253 | pclose(f); | 1302 | pclose(f); |
1254 | } else { | 1303 | } else { |
1255 | fprintf(stderr, "Could not run %s\n", | 1304 | fprintf(stderr, "Could not run %s\n", |
@@ -215,6 +215,7 @@ main(int ac, char **av) | |||
215 | original_real_uid = getuid(); | 215 | original_real_uid = getuid(); |
216 | original_effective_uid = geteuid(); | 216 | original_effective_uid = geteuid(); |
217 | 217 | ||
218 | #ifndef HAVE_CYGWIN | ||
218 | /* If we are installed setuid root be careful to not drop core. */ | 219 | /* If we are installed setuid root be careful to not drop core. */ |
219 | if (original_real_uid != original_effective_uid) { | 220 | if (original_real_uid != original_effective_uid) { |
220 | struct rlimit rlim; | 221 | struct rlimit rlim; |
@@ -222,6 +223,7 @@ main(int ac, char **av) | |||
222 | if (setrlimit(RLIMIT_CORE, &rlim) < 0) | 223 | if (setrlimit(RLIMIT_CORE, &rlim) < 0) |
223 | fatal("setrlimit failed: %.100s", strerror(errno)); | 224 | fatal("setrlimit failed: %.100s", strerror(errno)); |
224 | } | 225 | } |
226 | #endif | ||
225 | /* | 227 | /* |
226 | * Use uid-swapping to give up root privileges for the duration of | 228 | * Use uid-swapping to give up root privileges for the duration of |
227 | * option processing. We will re-instantiate the rights when we are | 229 | * option processing. We will re-instantiate the rights when we are |
@@ -253,8 +255,17 @@ main(int ac, char **av) | |||
253 | cp = strrchr(av0, '/') + 1; | 255 | cp = strrchr(av0, '/') + 1; |
254 | else | 256 | else |
255 | cp = av0; | 257 | cp = av0; |
258 | #ifdef HAVE_CYGWIN | ||
259 | if (strcasecmp(cp, "rsh") && strcasecmp(cp, "ssh") && | ||
260 | strcasecmp(cp, "rlogin") && strcasecmp(cp, "slogin") && | ||
261 | strcasecmp(cp, "remsh") && | ||
262 | strcasecmp(cp, "rsh.exe") && strcasecmp(cp, "ssh.exe") && | ||
263 | strcasecmp(cp, "rlogin.exe") && strcasecmp(cp, "slogin.exe") && | ||
264 | strcasecmp(cp, "remsh.exe")) | ||
265 | #else | ||
256 | if (strcmp(cp, "rsh") && strcmp(cp, "ssh") && strcmp(cp, "rlogin") && | 266 | if (strcmp(cp, "rsh") && strcmp(cp, "ssh") && strcmp(cp, "rlogin") && |
257 | strcmp(cp, "slogin") && strcmp(cp, "remsh")) | 267 | strcmp(cp, "slogin") && strcmp(cp, "remsh")) |
268 | #endif | ||
258 | host = cp; | 269 | host = cp; |
259 | 270 | ||
260 | for (optind = 1; optind < ac; optind++) { | 271 | for (optind = 1; optind < ac; optind++) { |
@@ -551,7 +562,12 @@ main(int ac, char **av) | |||
551 | } | 562 | } |
552 | } | 563 | } |
553 | /* Disable rhosts authentication if not running as root. */ | 564 | /* Disable rhosts authentication if not running as root. */ |
565 | #ifdef HAVE_CYGWIN | ||
566 | /* Ignore uid if running under Windows */ | ||
567 | if (!options.use_privileged_port) { | ||
568 | #else | ||
554 | if (original_effective_uid != 0 || !options.use_privileged_port) { | 569 | if (original_effective_uid != 0 || !options.use_privileged_port) { |
570 | #endif | ||
555 | options.rhosts_authentication = 0; | 571 | options.rhosts_authentication = 0; |
556 | options.rhosts_rsa_authentication = 0; | 572 | options.rhosts_rsa_authentication = 0; |
557 | } | 573 | } |
diff --git a/sshconnect.c b/sshconnect.c index 21eff6c6b..7c47ebe94 100644 --- a/sshconnect.c +++ b/sshconnect.c | |||
@@ -243,7 +243,11 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr, | |||
243 | 243 | ||
244 | /* Create a socket for connecting. */ | 244 | /* Create a socket for connecting. */ |
245 | sock = ssh_create_socket(original_real_uid, | 245 | sock = ssh_create_socket(original_real_uid, |
246 | #ifdef HAVE_CYGWIN | ||
247 | !anonymous && port < IPPORT_RESERVED, | ||
248 | #else | ||
246 | !anonymous && geteuid() == 0 && port < IPPORT_RESERVED, | 249 | !anonymous && geteuid() == 0 && port < IPPORT_RESERVED, |
250 | #endif | ||
247 | ai->ai_family); | 251 | ai->ai_family); |
248 | if (sock < 0) | 252 | if (sock < 0) |
249 | continue; | 253 | continue; |
@@ -765,7 +765,7 @@ main(int ac, char **av) | |||
765 | * fail if there already is a daemon, and this will | 765 | * fail if there already is a daemon, and this will |
766 | * overwrite any old pid in the file. | 766 | * overwrite any old pid in the file. |
767 | */ | 767 | */ |
768 | f = fopen(options.pid_file, "w"); | 768 | f = fopen(options.pid_file, "wb"); |
769 | if (f) { | 769 | if (f) { |
770 | fprintf(f, "%u\n", (unsigned int) getpid()); | 770 | fprintf(f, "%u\n", (unsigned int) getpid()); |
771 | fclose(f); | 771 | fclose(f); |