summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog13
-rw-r--r--Makefile.in4
-rw-r--r--acconfig.h17
-rw-r--r--bsd-login.c16
-rw-r--r--configure.in10
-rw-r--r--login.c19
-rw-r--r--packages/redhat/openssh.spec2
-rw-r--r--packages/suse/openssh.spec2
-rw-r--r--sshd.c11
9 files changed, 66 insertions, 28 deletions
diff --git a/ChangeLog b/ChangeLog
index 394ebc899..a89fcdc9c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,13 +1,24 @@
119991226
2 - Enabled utmpx support by default for Solaris
3 - Cleanup sshd.c PAM a little more
4
119991225 519991225
2 - More fixes from Andre Lucas <andre.lucas@dial.pipex.com> 6 - More fixes from Andre Lucas <andre.lucas@dial.pipex.com>
3 - Cleanup of auth-passwd.c for shadow and MD5 passwords 7 - Cleanup of auth-passwd.c for shadow and MD5 passwords
4 - Cleanup and bugfix of PAM authentication code 8 - Cleanup and bugfix of PAM authentication code
9 - Released 1.2.1pre20
10
11 - Merged fixes from Ben Taylor <bent@clark.net>
12 - Fixed configure support for PAM. Reported by Naz <96na@eng.cam.ac.uk>
13 - Disabled logging of PAM password authentication failures when password
14 is empty. (e.g start of authentication loop). Reported by Naz
15 <96na@eng.cam.ac.uk>)
5 16
619991223 1719991223
7 - Merged later HPUX patch from Andre Lucas 18 - Merged later HPUX patch from Andre Lucas
8 <andre.lucas@dial.pipex.com> 19 <andre.lucas@dial.pipex.com>
9 - Above patch included better utmpx support from Ben Taylor 20 - Above patch included better utmpx support from Ben Taylor
10 <bent@clark.net>: 21 <bent@clark.net>
11 22
1219991222 2319991222
13 - Fix undefined fd_set type in ssh.h from Povl H. Pedersen 24 - Fix undefined fd_set type in ssh.h from Povl H. Pedersen
diff --git a/Makefile.in b/Makefile.in
index ff978b74f..fa9a9d815 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -44,6 +44,10 @@ LIBOBJS= atomicio.o authfd.o authfile.o bsd-daemon.o bsd-mktemp.o \
44 44
45all: $(OBJS) $(TARGETS) 45all: $(OBJS) $(TARGETS)
46 46
47$(OBJS): config.h
48
49$(LIBOBJS): config.h
50
47libssh.a: $(LIBOBJS) 51libssh.a: $(LIBOBJS)
48 $(AR) rv $@ $(LIBOBJS) 52 $(AR) rv $@ $(LIBOBJS)
49 $(RANLIB) $@ 53 $(RANLIB) $@
diff --git a/acconfig.h b/acconfig.h
index 1e706ff58..60dd43010 100644
--- a/acconfig.h
+++ b/acconfig.h
@@ -222,6 +222,23 @@ enum
222# endif 222# endif
223#endif 223#endif
224 224
225#if defined(HAVE_UTMPX_H) && defined(USE_UTMPX)
226# ifndef _PATH_UTMPX
227# ifdef UTMPX_FILE
228# define _PATH_UTMPX UTMPX_FILE
229# else
230# define _PATH_UTMPX "/var/adm/utmpx"
231# endif
232# endif
233# ifndef _PATH_WTMPX
234# ifdef WTMPX_FILE
235# define _PATH_WTMPX WTMPX_FILE
236# else
237# define _PATH_WTMPX "/var/adm/wtmp"
238# endif
239# endif
240#endif
241
225#ifndef _PATH_BSHELL 242#ifndef _PATH_BSHELL
226# define _PATH_BSHELL "/bin/sh" 243# define _PATH_BSHELL "/bin/sh"
227#endif 244#endif
diff --git a/bsd-login.c b/bsd-login.c
index d81e46914..eccb29ee4 100644
--- a/bsd-login.c
+++ b/bsd-login.c
@@ -65,24 +65,24 @@ login(utp)
65 struct utmp *utp; 65 struct utmp *utp;
66#endif /* defined(HAVE_UTMPX_H) && defined(USE_UTMPX) */ 66#endif /* defined(HAVE_UTMPX_H) && defined(USE_UTMPX) */
67{ 67{
68#if defined(HAVE_HOST_IN_UTMP)
68 struct utmp old_ut; 69 struct utmp old_ut;
70#endif
69#if defined(HAVE_UTMPX_H) && defined(USE_UTMPX) 71#if defined(HAVE_UTMPX_H) && defined(USE_UTMPX)
70 struct utmpx *old_utx; 72 struct utmpx *old_utx;
71#endif /* defined(HAVE_UTMPX_H) && defined(USE_UTMPX) */ 73#endif /* defined(HAVE_UTMPX_H) && defined(USE_UTMPX) */
72 register int fd; 74 register int fd;
73 int tty; 75 int tty;
74 76
75#ifndef UT_LINESIZE
76# define UT_LINESIZE (sizeof(old_ut.ut_line))
77# define UT_NAMESIZE (sizeof(old_ut.ut_name))
78# ifdef HAVE_HOST_IN_UTMP
79# define UT_HOSTSIZE (sizeof(old_ut.ut_host))
80# endif
81#endif
82
83 tty = ttyslot(); 77 tty = ttyslot();
84 if (tty > 0 && (fd = open(_PATH_UTMP, O_RDWR|O_CREAT, 0644)) >= 0) { 78 if (tty > 0 && (fd = open(_PATH_UTMP, O_RDWR|O_CREAT, 0644)) >= 0) {
79
85#if defined(HAVE_HOST_IN_UTMP) 80#if defined(HAVE_HOST_IN_UTMP)
81# ifndef UT_LINESIZE
82# define UT_LINESIZE (sizeof(old_ut.ut_line))
83# define UT_NAMESIZE (sizeof(old_ut.ut_name))
84# define UT_HOSTSIZE (sizeof(old_ut.ut_host))
85# endif
86 (void)lseek(fd, (off_t)(tty * sizeof(struct utmp)), SEEK_SET); 86 (void)lseek(fd, (off_t)(tty * sizeof(struct utmp)), SEEK_SET);
87 /* 87 /*
88 * Prevent luser from zero'ing out ut_host. 88 * Prevent luser from zero'ing out ut_host.
diff --git a/configure.in b/configure.in
index 7bb96270a..6cfacd2db 100644
--- a/configure.in
+++ b/configure.in
@@ -53,6 +53,9 @@ case "$host" in
53 AC_DEFINE(DISABLE_SHADOW) 53 AC_DEFINE(DISABLE_SHADOW)
54 fi 54 fi
55 ;; 55 ;;
56*-*-solaris*)
57 AC_DEFINE(USE_UTMPX)
58 ;;
56esac 59esac
57 60
58dnl Check for OpenSSL/SSLeay directories. 61dnl Check for OpenSSL/SSLeay directories.
@@ -101,11 +104,14 @@ AC_ARG_WITH(pam,
101 [ --without-pam Disable PAM support ], 104 [ --without-pam Disable PAM support ],
102 [ 105 [
103 if test "x$withval" != "xno" ; then 106 if test "x$withval" != "xno" ; then
104 AC_CHECK_LIB(dl, dlopen, , ) 107 no_pam=1
105 AC_CHECK_LIB(pam, pam_authenticate, , )
106 fi 108 fi
107 ] 109 ]
108) 110)
111if test -z "$no_pam" ; then
112 AC_CHECK_LIB(dl, dlopen, , )
113 AC_CHECK_LIB(pam, pam_authenticate, , )
114fi
109 115
110dnl Checks for header files. 116dnl Checks for header files.
111AC_CHECK_HEADERS(endian.h lastlog.h login.h maillock.h netgroup.h paths.h poll.h pty.h shadow.h util.h utmp.h utmpx.h sys/bsdtty.h sys/poll.h sys/select.h sys/stropts.h sys/time.h sys/ttcompat.h) 117AC_CHECK_HEADERS(endian.h lastlog.h login.h maillock.h netgroup.h paths.h poll.h pty.h shadow.h util.h utmp.h utmpx.h sys/bsdtty.h sys/poll.h sys/select.h sys/stropts.h sys/time.h sys/ttcompat.h)
diff --git a/login.c b/login.c
index c551da898..f4e6ddfaf 100644
--- a/login.c
+++ b/login.c
@@ -18,7 +18,7 @@
18 */ 18 */
19 19
20#include "includes.h" 20#include "includes.h"
21RCSID("$Id: login.c,v 1.11 1999/12/24 23:11:29 damien Exp $"); 21RCSID("$Id: login.c,v 1.12 1999/12/25 23:21:48 damien Exp $");
22 22
23#if defined(HAVE_UTMPX_H) && defined(USE_UTMPX) 23#if defined(HAVE_UTMPX_H) && defined(USE_UTMPX)
24# include <utmpx.h> 24# include <utmpx.h>
@@ -155,18 +155,19 @@ record_login(int pid, const char *ttyname, const char *user, uid_t uid,
155 strncpy(utx.ut_line, ttyname + 5, sizeof(utx.ut_line)); 155 strncpy(utx.ut_line, ttyname + 5, sizeof(utx.ut_line));
156 utx.ut_pid = (pid_t)pid; 156 utx.ut_pid = (pid_t)pid;
157 utx.ut_tv.tv_sec = time(NULL); 157 utx.ut_tv.tv_sec = time(NULL);
158 u.ut_type = (uid == -1)?DEAD_PROCESS:USER_PROCESS; 158 utx.ut_type = (uid == -1)?DEAD_PROCESS:USER_PROCESS;
159#ifdef HAVE_HOST_IN_UTMPX 159# ifdef HAVE_HOST_IN_UTMPX
160#ifdef HAVE_SYSLEN_IN_UTMPX 160# ifdef HAVE_SYSLEN_IN_UTMPX
161 utx.ut_syslen = strlen(host); 161 utx.ut_syslen = strlen(host);
162 strncpy(utx.ut_host, host, utx.ut_syslen ); 162 strncpy(utx.ut_host, host, utx.ut_syslen);
163#else 163# else
164 strncpy(utx.ut_host, host, sizeof(utx.ut_host)); 164 strncpy(utx.ut_host, host, sizeof(utx.ut_host));
165#endif /* HAVE_SYSLEN_IN_UTMPX */ 165# endif /* HAVE_SYSLEN_IN_UTMPX */
166#endif 166# endif
167#endif /* defined(HAVE_UTMPX_H) && defined(USE_UTMPX) */ 167#endif /* defined(HAVE_UTMPX_H) && defined(USE_UTMPX) */
168 168
169#if defined(HAVE_UTMPX_H) && defined(USE_UTMPX) && !defined(HAVE_LOGIN) 169/*#if defined(HAVE_UTMPX_H) && defined(USE_UTMPX) && !defined(HAVE_LOGIN)*/
170#if defined(HAVE_UTMPX_H) && defined(USE_UTMPX)
170 login(&u, &utx); 171 login(&u, &utx);
171#else /* defined(HAVE_UTMPX_H) && defined(USE_UTMPX) */ 172#else /* defined(HAVE_UTMPX_H) && defined(USE_UTMPX) */
172 login(&u); 173 login(&u);
diff --git a/packages/redhat/openssh.spec b/packages/redhat/openssh.spec
index a3e51bb81..af904c7de 100644
--- a/packages/redhat/openssh.spec
+++ b/packages/redhat/openssh.spec
@@ -1,6 +1,6 @@
1Summary: OpenSSH free Secure Shell (SSH) implementation 1Summary: OpenSSH free Secure Shell (SSH) implementation
2Name: openssh 2Name: openssh
3Version: 1.2.1pre20 3Version: 1.2.1pre21
4Release: 1 4Release: 1
5Packager: Damien Miller <djm@ibs.com.au> 5Packager: Damien Miller <djm@ibs.com.au>
6Source0: openssh-%{version}.tar.gz 6Source0: openssh-%{version}.tar.gz
diff --git a/packages/suse/openssh.spec b/packages/suse/openssh.spec
index c649ef235..23926e017 100644
--- a/packages/suse/openssh.spec
+++ b/packages/suse/openssh.spec
@@ -1,6 +1,6 @@
1Summary: OpenSSH, a free Secure Shell (SSH) implementation 1Summary: OpenSSH, a free Secure Shell (SSH) implementation
2Name: openssh 2Name: openssh
3Version: 1.2.1pre20 3Version: 1.2.1pre21
4Release: 1 4Release: 1
5Source0: openssh-%{version}.tar.gz 5Source0: openssh-%{version}.tar.gz
6Copyright: BSD 6Copyright: BSD
diff --git a/sshd.c b/sshd.c
index 9c570ab8a..c06d914e6 100644
--- a/sshd.c
+++ b/sshd.c
@@ -11,7 +11,7 @@
11 */ 11 */
12 12
13#include "includes.h" 13#include "includes.h"
14RCSID("$Id: sshd.c,v 1.40 1999/12/24 23:11:29 damien Exp $"); 14RCSID("$Id: sshd.c,v 1.41 1999/12/25 23:21:48 damien Exp $");
15 15
16#ifdef HAVE_POLL_H 16#ifdef HAVE_POLL_H
17# include <poll.h> 17# include <poll.h>
@@ -249,8 +249,10 @@ int do_pam_auth(const char *user, const char *password)
249 log("PAM Password authentication accepted for user \"%.100s\"", user); 249 log("PAM Password authentication accepted for user \"%.100s\"", user);
250 return 1; 250 return 1;
251 } else { 251 } else {
252 log("PAM Password authentication for \"%.100s\" failed: %s", 252 /* Don't log failure for auth attempts with empty password */
253 user, PAM_STRERROR((pam_handle_t *)pamh, pam_retval)); 253 if (password[0] != '\0')
254 log("PAM Password authentication for \"%.100s\" failed: %s",
255 user, PAM_STRERROR((pam_handle_t *)pamh, pam_retval));
254 return 0; 256 return 0;
255 } 257 }
256} 258}
@@ -1362,9 +1364,6 @@ do_authloop(struct passwd * pw)
1362 int plen, dlen, nlen, ulen, elen; 1364 int plen, dlen, nlen, ulen, elen;
1363 int type = 0; 1365 int type = 0;
1364 void (*authlog) (const char *fmt,...) = verbose; 1366 void (*authlog) (const char *fmt,...) = verbose;
1365#ifdef HAVE_LIBPAM
1366 int pam_retval;
1367#endif /* HAVE_LIBPAM */
1368 1367
1369 /* Indicate that authentication is needed. */ 1368 /* Indicate that authentication is needed. */
1370 packet_start(SSH_SMSG_FAILURE); 1369 packet_start(SSH_SMSG_FAILURE);