5 files changed, 55 insertions, 36 deletions

diff --git a/ChangeLog b/ChangeLog
index c216c287b..20d4ef279 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,7 @@
 20020425
  - (stevesk) [defines.h] remove USE_TIMEVAL; unused
+ - (stevesk) [acconfig.h auth-passwd.c configure.ac sshd.c] HP-UX 10.26
+   support.  bug #184.  most from dcole@keysoftsys.com.
 
 20020424
  - (djm) OpenBSD CVS Sync
@@ -506,4 +508,4 @@
  - (stevesk) entropy.c: typo in debug message
  - (djm) ssh-keygen -i needs seeded RNG; report from markus@
 
-$Id: ChangeLog,v 1.2084 2002/04/25 17:56:07 stevesk Exp $
+$Id: ChangeLog,v 1.2085 2002/04/25 18:17:05 stevesk Exp $
diff --git a/acconfig.h b/acconfig.h
index c110c5e48..087ce4302 100644
--- a/acconfig.h
+++ b/acconfig.h
@@ -1,4 +1,4 @@
-/* $Id: acconfig.h,v 1.134 2002/04/23 20:45:56 stevesk Exp $ */
+/* $Id: acconfig.h,v 1.135 2002/04/25 18:17:04 stevesk Exp $ */
 
 #ifndef _CONFIG_H
 #define _CONFIG_H
@@ -15,8 +15,8 @@
 /* SCO workaround */
 #undef BROKEN_SYS_TERMIO_H
 
-/* Define if you have SCO protected password database */
-#undef HAVE_SCO_PROTECTED_PW
+/* Define if you have SecureWare-based protected password database */
+#undef HAVE_SECUREWARE
 
 /* If your header files don't define LOGIN_PROGRAM, then use this (detected) */
 /* from environment and PATH */
diff --git a/auth-passwd.c b/auth-passwd.c
index 7f3073839..58c113649 100644
--- a/auth-passwd.c
+++ b/auth-passwd.c
@@ -55,11 +55,11 @@ RCSID("$OpenBSD: auth-passwd.c,v 1.24 2002/03/04 12:43:06 markus Exp $");
 #  include <hpsecurity.h>
 #  include <prot.h>
 # endif
-# ifdef HAVE_SCO_PROTECTED_PW
+# ifdef HAVE_SECUREWARE
 #  include <sys/security.h>
 #  include <sys/audit.h>
 #  include <prot.h>
-# endif /* HAVE_SCO_PROTECTED_PW */
+# endif /* HAVE_SECUREWARE */
 # if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW)
 #  include <shadow.h>
 # endif
@@ -102,12 +102,9 @@ auth_password(Authctxt *authctxt, const char *password)
         char *encrypted_password;
         char *pw_password;
         char *salt;
-#ifdef __hpux
+#if defined(__hpux) || defined(HAVE_SECUREWARE)
         struct pr_passwd *spw;
-#endif
-#ifdef HAVE_SCO_PROTECTED_PW
-        struct pr_passwd *spw;
-#endif /* HAVE_SCO_PROTECTED_PW */
+#endif /* __hpux || HAVE_SECUREWARE */
 #if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW)
         struct spwd *spw;
 #endif
@@ -183,21 +180,20 @@ auth_password(Authctxt *authctxt, const char *password)
                 pw_password = spw->sp_pwdp;
 #endif /* defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) */
 
-#ifdef HAVE_SCO_PROTECTED_PW
-        spw = getprpwnam(pw->pw_name);
-        if (spw != NULL)
-                pw_password = spw->ufld.fd_encrypt;
-#endif /* HAVE_SCO_PROTECTED_PW */
-
 #if defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW)
         if (issecure() && (spw = getpwanam(pw->pw_name)) != NULL)
                 pw_password = spw->pwa_passwd;
 #endif /* defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW) */
 
-#if defined(__hpux)
+#ifdef HAVE_SECUREWARE
+        if ((spw = getprpwnam(pw->pw_name)) != NULL)
+                pw_password = spw->ufld.fd_encrypt;
+#endif /* HAVE_SECUREWARE */
+
+#if defined(__hpux) && !defined(HAVE_SECUREWARE)
         if (iscomsec() && (spw = getprpwnam(pw->pw_name)) != NULL)
                 pw_password = spw->ufld.fd_encrypt;
-#endif /* defined(__hpux) */
+#endif /* defined(__hpux) && !defined(HAVE_SECUREWARE) */
 
         /* Check for users with no password. */
         if ((password[0] == '\0') && (pw_password[0] == '\0'))
@@ -214,18 +210,18 @@ auth_password(Authctxt *authctxt, const char *password)
         else
                 encrypted_password = crypt(password, salt);
 #else /* HAVE_MD5_PASSWORDS */
-# ifdef __hpux
+# if defined(__hpux) && !defined(HAVE_SECUREWARE)
         if (iscomsec())
                 encrypted_password = bigcrypt(password, salt);
         else
                 encrypted_password = crypt(password, salt);
 # else
-#  ifdef HAVE_SCO_PROTECTED_PW
+#  ifdef HAVE_SECUREWARE
         encrypted_password = bigcrypt(password, salt);
 #  else
         encrypted_password = crypt(password, salt);
-#  endif /* HAVE_SCO_PROTECTED_PW */
-# endif /* __hpux */
+#  endif /* HAVE_SECUREWARE */
+# endif /* __hpux && !defined(HAVE_SECUREWARE) */
 #endif /* HAVE_MD5_PASSWORDS */
 
         /* Authentication is accepted if the encrypted passwords are identical. */
diff --git a/configure.ac b/configure.ac
index 91a0a72f3..a092aaadb 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,4 +1,4 @@
-# $Id: configure.ac,v 1.52 2002/04/23 20:45:56 stevesk Exp $
+# $Id: configure.ac,v 1.53 2002/04/25 18:17:05 stevesk Exp $
 
 AC_INIT
 AC_CONFIG_SRCDIR([ssh.c])
@@ -91,6 +91,22 @@ case "$host" in
 *-*-darwin*)
         AC_DEFINE(BROKEN_GETADDRINFO)
         ;;
+*-*-hpux10.26)
+        if test -z "$GCC"; then
+                CFLAGS="$CFLAGS -Ae"
+        fi
+        CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
+        IPADDR_IN_DISPLAY=yes
+        AC_DEFINE(HAVE_SECUREWARE)
+        AC_DEFINE(USE_PIPES)
+        AC_DEFINE(LOGIN_NO_ENDOPT)
+        AC_DEFINE(LOGIN_NEEDS_UTMPX)
+        AC_DEFINE(DISABLE_SHADOW)
+        AC_DEFINE(DISABLE_UTMP)
+        AC_DEFINE(SPT_TYPE,SPT_PSTAT)
+        LIBS="$LIBS -lxnet -lsec -lsecpw"
+        disable_ptmx_check=yes
+        ;;
 *-*-hpux10*)
         if test -z "$GCC"; then
                 CFLAGS="$CFLAGS -Ae"
@@ -235,7 +251,7 @@ mips-sony-bsd|mips-sony-newsos4)
         no_dev_ptmx=1
         AC_DEFINE(BROKEN_SYS_TERMIO_H)
         AC_DEFINE(USE_PIPES)
-        AC_DEFINE(HAVE_SCO_PROTECTED_PW)
+        AC_DEFINE(HAVE_SECUREWARE)
         AC_DEFINE(DISABLE_SHADOW)
         AC_DEFINE(BROKEN_SAVED_UIDS)
         AC_CHECK_FUNCS(getluid setluid)
@@ -249,7 +265,7 @@ mips-sony-bsd|mips-sony-newsos4)
         no_dev_ptmx=1
         rsh_path="/usr/bin/rcmd"
         AC_DEFINE(USE_PIPES)
-        AC_DEFINE(HAVE_SCO_PROTECTED_PW)
+        AC_DEFINE(HAVE_SECUREWARE)
         AC_DEFINE(DISABLE_SHADOW)
         AC_CHECK_FUNCS(getluid setluid)
         MANTYPE=man
@@ -1926,12 +1942,14 @@ if test ! -z "$MAIL" ; then
 fi
 
 if test -z "$no_dev_ptmx" ; then
-        AC_CHECK_FILE("/dev/ptmx", 
-                [
-                        AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX)
-                        have_dev_ptmx=1
-                ]
-        )
+        if test "x$disable_ptmx_check" != "xyes" ; then
+                AC_CHECK_FILE("/dev/ptmx", 
+                        [
+                                AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX)
+                                have_dev_ptmx=1
+                        ]
+                )
+        fi
 fi
 AC_CHECK_FILE("/dev/ptc", 
         [
diff --git a/sshd.c b/sshd.c
index 8b1ebb462..f3e4d835e 100644
--- a/sshd.c
+++ b/sshd.c
@@ -48,6 +48,10 @@ RCSID("$OpenBSD: sshd.c,v 1.240 2002/04/23 22:16:29 djm Exp $");
 #include <openssl/bn.h>
 #include <openssl/md5.h>
 #include <openssl/rand.h>
+#ifdef HAVE_SECUREWARE
+#include <sys/security.h>
+#include <prot.h>
+#endif
 
 #include "ssh.h"
 #include "ssh1.h"
@@ -786,6 +790,9 @@ main(int ac, char **av)
         Key *key;
         int ret, key_used = 0;
 
+#ifdef HAVE_SECUREWARE
+        (void)set_auth_parameters(ac, av);
+#endif
         __progname = get_progname(av[0]);
         init_rng();
 
@@ -998,10 +1005,6 @@ main(int ac, char **av)
         if (test_flag)
                 exit(0);
 
-#ifdef HAVE_SCO_PROTECTED_PW
-        (void) set_auth_parameters(ac, av);
-#endif
-
         /* Initialize the log (it is reinitialized below in case we forked). */
         if (debug_flag && !inetd_flag)
                 log_stderr = 1;