From 97363a8b24601bad631f6f187c487a166f7eb959 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 2 May 2003 23:42:25 +1000 Subject: - (dtucker) Move handling of bad password authentications into a platform specific record_failed_login() function (affects AIX & Unicos). --- openbsd-compat/port-aix.c | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'openbsd-compat/port-aix.c') diff --git a/openbsd-compat/port-aix.c b/openbsd-compat/port-aix.c index 4c96a3171..cddc0907f 100644 --- a/openbsd-compat/port-aix.c +++ b/openbsd-compat/port-aix.c @@ -24,12 +24,17 @@ * */ #include "includes.h" +#include "ssh.h" +#include "log.h" +#include "servconf.h" #ifdef _AIX #include #include <../xmalloc.h> +extern ServerOptions options; + /* * AIX has a "usrinfo" area where logname and other stuff is stored - * a few applications actually use this and die if it's not set @@ -52,5 +57,16 @@ aix_usrinfo(struct passwd *pw) xfree(cp); } +# ifdef CUSTOM_FAILED_LOGIN +/* + * record_failed_login: generic "login failed" interface function + */ +void +record_failed_login(const char *user, const char *ttyname) +{ + loginfailed(user, + get_canonical_hostname(options.verify_reverse_mapping), ttyname); +} +# endif /* CUSTOM_FAILED_LOGIN */ #endif /* _AIX */ -- cgit v1.2.3 From 317412502b900ddecdafdfa171da99271846478b Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Mon, 19 May 2003 00:13:38 +1000 Subject: - (djm) Big KNF on openbsd-compat/ --- ChangeLog | 3 +- openbsd-compat/bsd-arc4random.c | 3 +- openbsd-compat/bsd-cray.c | 799 ++++++++++++++++++-------------------- openbsd-compat/bsd-cray.h | 27 +- openbsd-compat/bsd-cygwin_util.c | 93 ++--- openbsd-compat/bsd-cygwin_util.h | 8 +- openbsd-compat/bsd-getpeereid.h | 26 +- openbsd-compat/bsd-misc.c | 33 +- openbsd-compat/bsd-misc.h | 27 +- openbsd-compat/bsd-nextstep.c | 6 +- openbsd-compat/bsd-nextstep.h | 23 +- openbsd-compat/bsd-snprintf.c | 557 +++++++++++--------------- openbsd-compat/bsd-snprintf.h | 6 +- openbsd-compat/bsd-waitpid.c | 11 +- openbsd-compat/bsd-waitpid.h | 4 +- openbsd-compat/fake-gai-errnos.h | 11 +- openbsd-compat/fake-getaddrinfo.c | 83 ++-- openbsd-compat/fake-getnameinfo.c | 37 +- openbsd-compat/fake-getnameinfo.h | 6 +- openbsd-compat/port-aix.c | 15 +- openbsd-compat/port-irix.c | 20 +- openbsd-compat/port-irix.h | 11 +- openbsd-compat/vis.c | 1 + 23 files changed, 868 insertions(+), 942 deletions(-) (limited to 'openbsd-compat/port-aix.c') diff --git a/ChangeLog b/ChangeLog index b79be01f5..b1adb6ed1 100644 --- a/ChangeLog +++ b/ChangeLog @@ -17,6 +17,7 @@ - (djm) Remove IPv4 by default hack now that we can specify AF in config - (djm) Tidy and trim TODO - (djm) Sync openbsd-compat/ with OpenBSD CVS head + - (djm) Big KNF on openbsd-compat/ 20030517 - (bal) strcat -> strlcat on openbsd-compat/realpath.c (rev 1.8 OpenBSD) @@ -1572,4 +1573,4 @@ save auth method before monitor_reset_key_state(); bugzilla bug #284; ok provos@ -$Id: ChangeLog,v 1.2738 2003/05/18 12:24:09 djm Exp $ +$Id: ChangeLog,v 1.2739 2003/05/18 14:13:38 djm Exp $ diff --git a/openbsd-compat/bsd-arc4random.c b/openbsd-compat/bsd-arc4random.c index dd08130d5..5f890968e 100644 --- a/openbsd-compat/bsd-arc4random.c +++ b/openbsd-compat/bsd-arc4random.c @@ -25,7 +25,7 @@ #include "includes.h" #include "log.h" -RCSID("$Id: bsd-arc4random.c,v 1.6 2003/03/17 05:13:53 djm Exp $"); +RCSID("$Id: bsd-arc4random.c,v 1.7 2003/05/18 14:13:38 djm Exp $"); #ifndef HAVE_ARC4RANDOM @@ -70,6 +70,7 @@ void arc4random_stir(void) fatal("Couldn't obtain random bytes (error %ld)", ERR_get_error()); RC4_set_key(&rc4, sizeof(rand_buf), rand_buf); + RC4(&rc4, sizeof(rand_buf), rand_buf, rand_buf); memset(rand_buf, 0, sizeof(rand_buf)); rc4_ready = REKEY_BYTES; diff --git a/openbsd-compat/bsd-cray.c b/openbsd-compat/bsd-cray.c index b04f31004..bff0fea3a 100644 --- a/openbsd-compat/bsd-cray.c +++ b/openbsd-compat/bsd-cray.c @@ -1,5 +1,5 @@ /* - * $Id: bsd-cray.c,v 1.10 2003/05/02 21:32:56 dtucker Exp $ + * $Id: bsd-cray.c,v 1.11 2003/05/18 14:13:38 djm Exp $ * * bsd-cray.c * @@ -67,10 +67,10 @@ extern ServerOptions options; -char cray_tmpdir[TPATHSIZ+1]; /* job TMPDIR path */ +char cray_tmpdir[TPATHSIZ + 1]; /* job TMPDIR path */ -struct sysv sysv; /* system security structure */ -struct usrv usrv; /* user security structure */ +struct sysv sysv; /* system security structure */ +struct usrv usrv; /* user security structure */ /* * Functions. @@ -86,39 +86,40 @@ int cray_access_denied(char *); void cray_login_failure(char *username, int errcode) { - struct udb *ueptr; /* UDB pointer for username */ - ia_failure_t fsent; /* ia_failure structure */ + struct udb *ueptr; /* UDB pointer for username */ + ia_failure_t fsent; /* ia_failure structure */ ia_failure_ret_t fret; /* ia_failure return stuff */ - struct jtab jtab; /* job table structure */ - int jid = 0; /* job id */ + struct jtab jtab; /* job table structure */ + int jid = 0; /* job id */ - if ((jid = getjtab(&jtab)) < 0) { + if ((jid = getjtab(&jtab)) < 0) debug("cray_login_failure(): getjtab error"); - } + getsysudb(); - if ((ueptr = getudbnam(username)) == UDB_NULL) { + if ((ueptr = getudbnam(username)) == UDB_NULL) debug("cray_login_failure(): getudbname() returned NULL"); - } endudb(); - fsent.revision = 0; - fsent.uname = username; - fsent.host = (char *)get_canonical_hostname(options.verify_reverse_mapping); - fsent.ttyn = "sshd"; - fsent.caller = IA_SSHD; - fsent.flags = IA_INTERACTIVE; - fsent.ueptr = ueptr; - fsent.jid = jid; - fsent.errcode = errcode; - fsent.pwdp = NULL; - fsent.exitcode = 0; /* dont exit in ia_failure() */ - - fret.revision = 0; - fret.normal = 0; + + memset(&fsent, '\0', sizeof(fsent)); + fsent.revision = 0; + fsent.uname = username; + fsent.host = (char *)get_canonical_hostname(options.verify_reverse_mapping); + fsent.ttyn = "sshd"; + fsent.caller = IA_SSHD; + fsent.flags = IA_INTERACTIVE; + fsent.ueptr = ueptr; + fsent.jid = jid; + fsent.errcode = errcode; + fsent.pwdp = NULL; + fsent.exitcode = 0; /* dont exit in ia_failure() */ + + fret.revision = 0; + fret.normal = 0; /* * Call ia_failure because of an login failure. */ - ia_failure(&fsent,&fret); + ia_failure(&fsent, &fret); } /* @@ -127,19 +128,20 @@ cray_login_failure(char *username, int errcode) int cray_access_denied(char *username) { - struct udb *ueptr; /* UDB pointer for username */ - int errcode; /* IA errorcode */ + struct udb *ueptr; /* UDB pointer for username */ + int errcode; /* IA errorcode */ errcode = 0; getsysudb(); - if ((ueptr = getudbnam(username)) == UDB_NULL) { + if ((ueptr = getudbnam(username)) == UDB_NULL) debug("cray_login_failure(): getudbname() returned NULL"); - } endudb(); - if (ueptr && ueptr->ue_disabled) + + if (ueptr != NULL && ueptr->ue_disabled) errcode = IA_DISABLED; if (errcode) cray_login_failure(username, errcode); + return (errcode); } @@ -158,316 +160,284 @@ cray_setup (uid_t uid, char *username, const char *command) extern struct udb *getudb(); extern char *setlimits(); - int err; /* error return */ - time_t system_time; /* current system clock */ - time_t expiration_time; /* password expiration time */ - int maxattempts; /* maximum no. of failed login attempts */ - int SecureSys; /* unicos security flag */ - int minslevel = 0; /* system minimum security level */ - int i, j; - int valid_acct = -1; /* flag for reading valid acct */ - char acct_name[MAXACID] = { "" }; /* used to read acct name */ - struct jtab jtab; /* Job table struct */ - struct udb ue; /* udb entry for logging-in user */ - struct udb *up; /* pointer to UDB entry */ - struct secstat secinfo; /* file security attributes */ - struct servprov init_info; /* used for sesscntl() call */ - int jid; /* job ID */ - int pid; /* process ID */ - char *sr; /* status return from setlimits() */ - char *ttyn = NULL; /* ttyname or command name*/ - char hostname[MAXHOSTNAMELEN]; - passwd_t pwdacm, - pwddialup, - pwdudb, - pwdwal, - pwddce; /* passwd stuff for ia_user */ - ia_user_ret_t uret; /* stuff returned from ia_user */ - ia_user_t usent; /* ia_user main structure */ - int ia_rcode; /* ia_user return code */ - ia_failure_t fsent; /* ia_failure structure */ + int err; /* error return */ + time_t system_time; /* current system clock */ + time_t expiration_time; /* password expiration time */ + int maxattempts; /* maximum no. of failed login attempts */ + int SecureSys; /* unicos security flag */ + int minslevel = 0; /* system minimum security level */ + int i, j; + int valid_acct = -1; /* flag for reading valid acct */ + char acct_name[MAXACID] = { "" }; /* used to read acct name */ + struct jtab jtab; /* Job table struct */ + struct udb ue; /* udb entry for logging-in user */ + struct udb *up; /* pointer to UDB entry */ + struct secstat secinfo; /* file security attributes */ + struct servprov init_info; /* used for sesscntl() call */ + int jid; /* job ID */ + int pid; /* process ID */ + char *sr; /* status return from setlimits() */ + char *ttyn = NULL; /* ttyname or command name*/ + char hostname[MAXHOSTNAMELEN]; + /* passwd stuff for ia_user */ + passwd_t pwdacm, pwddialup, pwdudb, pwdwal, pwddce; + ia_user_ret_t uret; /* stuff returned from ia_user */ + ia_user_t usent /* ia_user main structure */ + int ia_rcode; /* ia_user return code */ + ia_failure_t fsent; /* ia_failure structure */ ia_failure_ret_t fret; /* ia_failure return stuff */ - ia_success_t ssent; /* ia_success structure */ + ia_success_t ssent; /* ia_success structure */ ia_success_ret_t sret; /* ia_success return stuff */ - int ia_mlsrcode; /* ia_mlsuser return code */ - int secstatrc; /* [f]secstat return code */ + int ia_mlsrcode; /* ia_mlsuser return code */ + int secstatrc; /* [f]secstat return code */ if (SecureSys = (int)sysconf(_SC_CRAY_SECURE_SYS)) { getsysv(&sysv, sizeof(struct sysv)); minslevel = sysv.sy_minlvl; - if (getusrv(&usrv) < 0) { - debug("getusrv() failed, errno = %d",errno); - exit(1); - } + if (getusrv(&usrv) < 0) + fatal("getusrv() failed, errno = %d", errno); } hostname[0] = '\0'; - strncpy(hostname, + strlcpy(hostname, (char *)get_canonical_hostname(options.verify_reverse_mapping), MAXHOSTNAMELEN); - /* - * Fetch user's UDB entry. - */ - getsysudb(); - if ((up = getudbnam(username)) == UDB_NULL) { - debug("cannot fetch user's UDB entry"); - exit(1); - } - - /* - * Prevent any possible fudging so perform a data - * safety check and compare the supplied uid against - * the udb's uid. - */ - if (up->ue_uid != uid) { - debug("IA uid missmatch"); - exit(1); - } + /* + * Fetch user's UDB entry. + */ + getsysudb(); + if ((up = getudbnam(username)) == UDB_NULL) + fatal("cannot fetch user's UDB entry"); + + /* + * Prevent any possible fudging so perform a data + * safety check and compare the supplied uid against + * the udb's uid. + */ + if (up->ue_uid != uid) + fatal("IA uid missmatch"); endudb(); - if ((jid = getjtab (&jtab)) < 0) { + if ((jid = getjtab(&jtab)) < 0) { debug("getjtab"); - return -1; + return(-1); } pid = getpid(); ttyn = ttyname(0); if (SecureSys) { - if (ttyn) { + if (ttyn != NULL) secstatrc = secstat(ttyn, &secinfo); - } else { + else secstatrc = fsecstat(1, &secinfo); - } - if (secstatrc == 0) { + + if (secstatrc == 0) debug("[f]secstat() successful"); - } else { - debug("[f]secstat() error, rc = %d", secstatrc); - exit(1); - } + else + fatal("[f]secstat() error, rc = %d", secstatrc); } if ((ttyn == NULL) && ((char *)command != NULL)) ttyn = (char *)command; - /* - * Initialize all structures to call ia_user - */ - usent.revision = 0; - usent.uname = username; - usent.host = hostname; - usent.ttyn = ttyn; - usent.caller = IA_SSHD; - usent.pswdlist = &pwdacm; - usent.ueptr = &ue; - usent.flags = IA_INTERACTIVE | IA_FFLAG; - pwdacm.atype = IA_SECURID; - pwdacm.pwdp = NULL; - pwdacm.next = &pwdudb; - - pwdudb.atype = IA_UDB; - pwdudb.pwdp = NULL; - pwdudb.next = &pwddce; - - pwddce.atype = IA_DCE; - pwddce.pwdp = NULL; - pwddce.next = &pwddialup; - - pwddialup.atype = IA_DIALUP; - pwddialup.pwdp = NULL; - /* pwddialup.next = &pwdwal; */ - pwddialup.next = NULL; - - pwdwal.atype = IA_WAL; - pwdwal.pwdp = NULL; - pwdwal.next = NULL; - - uret.revision = 0; - uret.pswd = NULL; - uret.normal = 0; - - ia_rcode = ia_user(&usent, &uret); - - switch (ia_rcode) { - /* - * These are acceptable return codes from ia_user() - */ - case IA_UDBWEEK: /* Password Expires in 1 week */ - expiration_time = ue.ue_pwage.time + ue.ue_pwage.maxage; - printf ("WARNING - your current password will expire %s\n", - ctime((const time_t *)&expiration_time)); - break; - case IA_UDBEXPIRED: - if (ttyname(0) != NULL) { - /* Force a password change */ - printf("Your password has expired; Choose a new one.\n"); - execl("/bin/passwd", "passwd", username, 0); - exit(9); - } - - break; - case IA_NORMAL: /* Normal Return Code */ - break; - case IA_BACKDOOR: - strcpy(ue.ue_name, "root"); - strcpy(ue.ue_passwd, ""); - strcpy(ue.ue_dir, "/"); - strcpy(ue.ue_shell, "/bin/sh"); - strcpy(ue.ue_age, ""); - strcpy(ue.ue_comment, ""); - strcpy(ue.ue_loghost, ""); - strcpy(ue.ue_logline, ""); - ue.ue_uid=-1; - ue.ue_nice[UDBRC_INTER]=0; - for (i=0;i PERMIT_NO) - break; /* Accept root login */ - default: - /* - * These are failed return codes from ia_user() - */ - switch (ia_rcode) - { - case IA_BADAUTH: - printf ("Bad authorization, access denied.\n"); - break; - case IA_DIALUPERR: - break; - case IA_DISABLED: - printf ("Your login has been disabled. Contact the system "); - printf ("administrator for assistance.\n"); - break; - case IA_GETSYSV: - printf ("getsysv() failed - errno = %d\n", errno); - break; - case IA_LOCALHOST: - break; - case IA_MAXLOGS: - printf ("Maximum number of failed login attempts exceeded.\n"); - printf ("Access denied.\n"); - break; - case IA_NOPASS: - break; - case IA_PUBLIC: - break; - case IA_SECURIDERR: - break; - case IA_CONSOLE: - break; - case IA_TRUSTED: - break; - case IA_UDBERR: - break; - case IA_UDBPWDNULL: - /* - * NULL password not allowed on MLS systems - */ - if (SecureSys) { - printf("NULL Password not allowed on MLS systems.\n"); - } - break; - case IA_UNKNOWN: - break; - case IA_UNKNOWNYP: - break; - case IA_WALERR: - break; - default: - /* nothing special */ - ; - } /* 2. switch (ia_rcode) */ - /* - * Authentication failed. - */ - printf("sshd: Login incorrect, (0%o)\n", - ia_rcode-IA_ERRORCODE); - - /* - * Initialize structure for ia_failure - * which will exit. - */ - fsent.revision = 0; - fsent.uname = username; - fsent.host = hostname; - fsent.ttyn = ttyn; - fsent.caller = IA_SSHD; - fsent.flags = IA_INTERACTIVE; - fsent.ueptr = &ue; - fsent.jid = jid; - fsent.errcode = ia_rcode; - fsent.pwdp = uret.pswd; - fsent.exitcode = 1; - - fret.revision = 0; - fret.normal = 0; - - /* - * Call ia_failure because of an IA failure. - * There is no return because ia_failure exits. - */ - - ia_failure(&fsent,&fret); - - exit(1); - } /* 1. switch (ia_rcode) */ + /* + * Initialize all structures to call ia_user + */ + usent.revision = 0; + usent.uname = username; + usent.host = hostname; + usent.ttyn = ttyn; + usent.caller = IA_SSHD; + usent.pswdlist = &pwdacm; + usent.ueptr = &ue; + usent.flags = IA_INTERACTIVE | IA_FFLAG; + pwdacm.atype = IA_SECURID; + pwdacm.pwdp = NULL; + pwdacm.next = &pwdudb; + + pwdudb.atype = IA_UDB; + pwdudb.pwdp = NULL; + pwdudb.next = &pwddce; + + pwddce.atype = IA_DCE; + pwddce.pwdp = NULL; + pwddce.next = &pwddialup; + + pwddialup.atype = IA_DIALUP; + pwddialup.pwdp = NULL; + /* pwddialup.next = &pwdwal; */ + pwddialup.next = NULL; + + pwdwal.atype = IA_WAL; + pwdwal.pwdp = NULL; + pwdwal.next = NULL; + + uret.revision = 0; + uret.pswd = NULL; + uret.normal = 0; + + ia_rcode = ia_user(&usent, &uret); + switch (ia_rcode) { + /* + * These are acceptable return codes from ia_user() + */ + case IA_UDBWEEK: /* Password Expires in 1 week */ + expiration_time = ue.ue_pwage.time + ue.ue_pwage.maxage; + printf ("WARNING - your current password will expire %s\n", + ctime((const time_t *)&expiration_time)); + break; + case IA_UDBEXPIRED: + if (ttyname(0) != NULL) { + /* Force a password change */ + printf("Your password has expired; Choose a new one.\n"); + execl("/bin/passwd", "passwd", username, 0); + exit(9); + } + break; + case IA_NORMAL: /* Normal Return Code */ + break; + case IA_BACKDOOR: + /* XXX: can we memset it to zero here so save some of this */ + strlcpy(ue.ue_name, "root", sizeof(ue.ue_name)); + strlcpy(ue.ue_dir, "/", sizeof(ue.ue_dir)); + strlcpy(ue.ue_shell, "/bin/sh", sizeof(ue.ue_shell)); + + ue.ue_passwd[0] = '\0'; + ue.ue_age[0] = '\0'; + ue.ue_comment[0] = '\0'; + ue.ue_loghost[0] = '\0'; + ue.ue_logline[0] = '\0'; + + ue.ue_uid = -1; + ue.ue_nice[UDBRC_INTER] = 0; + + for (i = 0; i < MAXVIDS; i++) + ue.ue_gids[i] = 0; + + ue.ue_logfails = 0; + ue.ue_minlvl = ue.ue_maxlvl = ue.ue_deflvl = minslevel; + ue.ue_defcomps = 0; + ue.ue_comparts = 0; + ue.ue_permits = 0; + ue.ue_trap = 0; + ue.ue_disabled = 0; + ue.ue_logtime = 0; + break; + case IA_CONSOLE: /* Superuser not from Console */ + case IA_TRUSTED: /* Trusted user */ + if (options.permit_root_login > PERMIT_NO) + break; /* Accept root login */ + default: + /* + * These are failed return codes from ia_user() + */ + switch (ia_rcode) + { + case IA_BADAUTH: + printf("Bad authorization, access denied.\n"); + break; + case IA_DISABLED: + printf("Your login has been disabled. Contact the system "); + printf("administrator for assistance.\n"); + break; + case IA_GETSYSV: + printf("getsysv() failed - errno = %d\n", errno); + break; + case IA_MAXLOGS: + printf("Maximum number of failed login attempts exceeded.\n"); + printf("Access denied.\n"); + break; + case IA_UDBPWDNULL: + if (SecureSys) + printf("NULL Password not allowed on MLS systems.\n"); + break; + default: + break; + } + + /* + * Authentication failed. + */ + printf("sshd: Login incorrect, (0%o)\n", + ia_rcode-IA_ERRORCODE); + + /* + * Initialize structure for ia_failure + * which will exit. + */ + fsent.revision = 0; + fsent.uname = username; + fsent.host = hostname; + fsent.ttyn = ttyn; + fsent.caller = IA_SSHD; + fsent.flags = IA_INTERACTIVE; + fsent.ueptr = &ue; + fsent.jid = jid; + fsent.errcode = ia_rcode; + fsent.pwdp = uret.pswd; + fsent.exitcode = 1; + + fret.revision = 0; + fret.normal = 0; + + /* + * Call ia_failure because of an IA failure. + * There is no return because ia_failure exits. + */ + ia_failure(&fsent, &fret); + + exit(1); + } + ia_mlsrcode = IA_NORMAL; if (SecureSys) { debug("calling ia_mlsuser()"); - ia_mlsrcode = ia_mlsuser (&ue, &secinfo, &usrv, NULL, 0); + ia_mlsrcode = ia_mlsuser(&ue, &secinfo, &usrv, NULL, 0); } if (ia_mlsrcode != IA_NORMAL) { printf("sshd: Login incorrect, (0%o)\n", - ia_mlsrcode-IA_ERRORCODE); + ia_mlsrcode-IA_ERRORCODE); /* - * Initialize structure for ia_failure - * which will exit. - */ + * Initialize structure for ia_failure + * which will exit. + */ fsent.revision = 0; - fsent.uname = username; - fsent.host = hostname; - fsent.ttyn = ttyn; - fsent.caller = IA_SSHD; - fsent.flags = IA_INTERACTIVE; - fsent.ueptr = &ue; - fsent.jid = jid; - fsent.errcode = ia_mlsrcode; - fsent.pwdp = uret.pswd; + fsent.uname = username; + fsent.host = hostname; + fsent.ttyn = ttyn; + fsent.caller = IA_SSHD; + fsent.flags = IA_INTERACTIVE; + fsent.ueptr = &ue; + fsent.jid = jid; + fsent.errcode = ia_mlsrcode; + fsent.pwdp = uret.pswd; fsent.exitcode = 1; - fret.revision = 0; - fret.normal = 0; + fret.revision = 0; + fret.normal = 0; /* - * Call ia_failure because of an IA failure. - * There is no return because ia_failure exits. - */ + * Call ia_failure because of an IA failure. + * There is no return because ia_failure exits. + */ ia_failure(&fsent,&fret); exit(1); } - /* Provide login status information */ - if (options.print_lastlog && ue.ue_logtime != 0) { - printf("Last successful login was : %.*s ", - 19, (char *)ctime(&ue.ue_logtime)); - - if (*ue.ue_loghost != '\0') - printf("from %.*s\n", sizeof(ue.ue_loghost), ue.ue_loghost); - - else printf("on %.*s\n", sizeof(ue.ue_logline), ue.ue_logline); - - if ( SecureSys && (ue.ue_logfails != 0)) - printf(" followed by %d failed attempts\n", ue.ue_logfails); - } - - + /* Provide login status information */ + if (options.print_lastlog && ue.ue_logtime != 0) { + printf("Last successful login was : %.*s ", 19, + (char *)ctime(&ue.ue_logtime)); + + if (*ue.ue_loghost != '\0') { + printf("from %.*s\n", sizeof(ue.ue_loghost), + ue.ue_loghost); + } else { + printf("on %.*s\n", sizeof(ue.ue_logline), + ue.ue_logline); + } + + if (SecureSys && (ue.ue_logfails != 0)) { + printf(" followed by %d failed attempts\n", + ue.ue_logfails); + } + } + /* * Call ia_success to process successful I/A. */ @@ -481,109 +451,116 @@ cray_setup (uid_t uid, char *username, const char *command) ssent.jid = jid; ssent.errcode = ia_rcode; ssent.us = NULL; - ssent.time = 1; /* Set ue_logtime */ + ssent.time = 1; /* Set ue_logtime */ sret.revision = 0; sret.normal = 0; - ia_success(&ssent,&sret); + ia_success(&ssent, &sret); - /* - * Query for account, iff > 1 valid acid & askacid permbit - */ - if (((ue.ue_permbits & PERMBITS_ACCTID) || - (ue.ue_acids[0] >= 0) && (ue.ue_acids[1] >= 0)) && - ue.ue_permbits & PERMBITS_ASKACID) { + /* + * Query for account, iff > 1 valid acid & askacid permbit + */ + if (((ue.ue_permbits & PERMBITS_ACCTID) || + (ue.ue_acids[0] >= 0) && (ue.ue_acids[1] >= 0)) && + ue.ue_permbits & PERMBITS_ASKACID) { if (ttyname(0) != NULL) { - debug("cray_setup: ttyname true case, %.100s", ttyname); - while (valid_acct == -1) { - printf("Account (? for available accounts)" - " [%s]: ", acid2nam(ue.ue_acids[0])); - gets(acct_name); - switch (acct_name[0]) { - case EOF: - exit(0); - break; - case '\0': - valid_acct = ue.ue_acids[0]; - strcpy(acct_name, acid2nam(valid_acct)); - break; - case '?': - /* Print the list 3 wide */ - for (i = 0, j = 0; i < MAXVIDS; i++) { - if (ue.ue_acids[i] == -1) { - printf("\n"); - break; - } - if (++j == 4) { - j = 1; - printf("\n"); - } - printf(" %s", - acid2nam(ue.ue_acids[i])); - } - if (ue.ue_permbits & PERMBITS_ACCTID) - printf("\"acctid\" permbit also allows" - " you to select any valid " - "account name.\n"); - printf("\n"); - break; - default: - if ((valid_acct = nam2acid(acct_name)) == -1) printf("Account id not found for" - " account name \"%s\"\n\n", - acct_name); - break; - } - /* - * If an account was given, search the user's - * acids array to verify they can use this account. - */ - if ((valid_acct != -1) && - !(ue.ue_permbits & PERMBITS_ACCTID)) { - for (i = 0; i < MAXVIDS; i++) { - if (ue.ue_acids[i] == -1) - break; - if (valid_acct == ue.ue_acids[i]) - break; - } - if (i == MAXVIDS || - ue.ue_acids[i] == -1) { - fprintf(stderr, "Cannot set" - " account name to " - "\"%s\", permission " - "denied\n\n", acct_name); - valid_acct = -1; - } - } - } + debug("cray_setup: ttyname true case, %.100s", ttyname); + while (valid_acct == -1) { + printf("Account (? for available accounts)" + " [%s]: ", acid2nam(ue.ue_acids[0])); + fgets(acct_name, MAXACID, stdin); + switch (acct_name[0]) { + case EOF: + exit(0); + break; + case '\0': + valid_acct = ue.ue_acids[0]; + strlcpy(acct_name, acid2nam(valid_acct), MAXACID); + break; + case '?': + /* Print the list 3 wide */ + for (i = 0, j = 0; i < MAXVIDS; i++) { + if (ue.ue_acids[i] == -1) { + printf("\n"); + break; + } + if (++j == 4) { + j = 1; + printf("\n"); + } + printf(" %s", + acid2nam(ue.ue_acids[i])); + } + if (ue.ue_permbits & PERMBITS_ACCTID) { + printf("\"acctid\" permbit also allows" + " you to select any valid " + "account name.\n"); + } + printf("\n"); + break; + default: + valid_acct = nam2acid(acct_name); + if (valid_acct == -1) { + printf( + "Account id not found for" + " account name \"%s\"\n\n", + acct_name); + break; + } + /* + * If an account was given, search the user's + * acids array to verify they can use this account. + */ + if ((valid_acct != -1) && + !(ue.ue_permbits & PERMBITS_ACCTID)) { + for (i = 0; i < MAXVIDS; i++) { + if (ue.ue_acids[i] == -1) + break; + if (valid_acct == ue.ue_acids[i]) + break; + } + if (i == MAXVIDS || + ue.ue_acids[i] == -1) { + fprintf(stderr, "Cannot set" + " account name to " + "\"%s\", permission " + "denied\n\n", acct_name); + valid_acct = -1; + } + } + } + } else { + /* + * The client isn't connected to a terminal and can't + * respond to an acid prompt. Use default acid. + */ + debug("cray_setup: ttyname false case, %.100s", + ttyname); + valid_acct = ue.ue_acids[0]; + } } else { /* - * The client isn't connected to a terminal and can't - * respond to an acid prompt. Use default acid. + * The user doesn't have the askacid permbit set or + * only has one valid account to use. */ - debug("cray_setup: ttyname false case, %.100s", ttyname); valid_acct = ue.ue_acids[0]; } - } else { - /* - * The user doesn't have the askacid permbit set or - * only has one valid account to use. - */ - valid_acct = ue.ue_acids[0]; - } - if (acctid(0, valid_acct) < 0) { - printf ("Bad account id: %d\n", valid_acct); - exit(1); - } - -/* set up shares and quotas */ -/* Now set shares, quotas, limits, including CPU time for the (interactive) - * job and process, and set up permissions (for chown etc), etc. - */ + if (acctid(0, valid_acct) < 0) { + printf ("Bad account id: %d\n", valid_acct); + exit(1); + } + + /* + * Now set shares, quotas, limits, including CPU time for the + * (interactive) job and process, and set up permissions + * (for chown etc), etc. + */ if (setshares(ue.ue_uid, valid_acct, printf, 0, 0)) { - printf("Unable to give %d shares to <%s>(%d/%d)\n", ue.ue_shares, ue.ue_name, ue.ue_uid, valid_acct); + printf("Unable to give %d shares to <%s>(%d/%d)\n", + ue.ue_shares, ue.ue_name, ue.ue_uid, valid_acct); exit(1); - } + } sr = setlimits(username, C_PROC, pid, UDBRC_INTER); if (sr != NULL) { @@ -596,17 +573,15 @@ cray_setup (uid_t uid, char *username, const char *command) exit(1); } /* - * Place the service provider information into + * Place the service provider information into * the session table (Unicos) or job table (Unicos/mk). * There exist double defines for the job/session table in * unicos/mk (jtab.h) so no need for a compile time switch. */ - bzero((char *)&init_info, sizeof(struct servprov)); - init_info.s_sessinit.si_id = URM_SPT_LOGIN; + memset(&init_info, '\0', sizeof(init_info)); + init_info.s_sessinit.si_id = URM_SPT_LOGIN; init_info.s_sessinit.si_pid = getpid(); init_info.s_sessinit.si_sid = jid; - init_info.s_routing.seqno = 0; - init_info.s_routing.iadrs = 0; sesscntl(0, S_SETSERVPO, (int)&init_info); /* @@ -619,7 +594,7 @@ cray_setup (uid_t uid, char *username, const char *command) } } - return(0); + return (0); } /* @@ -632,10 +607,10 @@ void drop_cray_privs() { #if defined(_SC_CRAY_PRIV_SU) - priv_proc_t* privstate; - int result; - extern int priv_set_proc(); - extern priv_proc_t* priv_init_proc(); + priv_proc_t *privstate; + int result; + extern int priv_set_proc(); + extern priv_proc_t *priv_init_proc(); /* * If ether of theses two flags are not set @@ -663,15 +638,17 @@ drop_cray_privs() usrv.sv_intcat = TFM_SYSTEM; usrv.sv_valcat |= (TFM_SYSTEM | TFM_SYSFILE); - if (setusrv(&usrv) < 0) + if (setusrv(&usrv) < 0) { fatal("%s(%d): setusrv(): %s", __FILE__, __LINE__, strerror(errno)); + } if ((privstate = priv_init_proc()) != NULL) { result = priv_set_proc(privstate); - if (result != 0 ) + if (result != 0 ) { fatal("%s(%d): priv_set_proc(): %s", __FILE__, __LINE__, strerror(errno)); + } priv_free_proc(privstate); } debug ("Privileges should be cleared..."); @@ -692,6 +669,7 @@ cray_retain_utmp(struct utmp *ut, int pid) struct utmp utmp; if ((fd = open(UTMP_FILE, O_RDONLY)) != -1) { + /* XXX use atomicio */ while (read(fd, (char *)&utmp, sizeof(utmp)) == sizeof(utmp)) { if (pid == utmp.ut_pid) { ut->ut_jid = utmp.ut_jid; @@ -702,9 +680,8 @@ cray_retain_utmp(struct utmp *ut, int pid) } } close(fd); - } - else - fatal("Unable to open utmp file"); + } else + fatal("Unable to open utmp file"); } /* @@ -717,11 +694,9 @@ cray_retain_utmp(struct utmp *ut, int pid) void cray_delete_tmpdir(char *login, int jid, uid_t uid) { - int child; static char jtmp[TPATHSIZ]; struct stat statbuf; - int c; - int wstat; + int child, c, wstat; for (c = 'a'; c <= 'z'; c++) { snprintf(jtmp, TPATHSIZ, "%s/jtmp.%06d%c", JTMPDIR, jid, c); diff --git a/openbsd-compat/bsd-cray.h b/openbsd-compat/bsd-cray.h index d2489f4bf..433144f6f 100644 --- a/openbsd-compat/bsd-cray.h +++ b/openbsd-compat/bsd-cray.h @@ -1,5 +1,5 @@ /* - * $Id: bsd-cray.h,v 1.8 2003/05/02 13:42:25 dtucker Exp $ + * $Id: bsd-cray.h,v 1.9 2003/05/18 14:13:39 djm Exp $ * * bsd-cray.h * @@ -38,23 +38,26 @@ #define _BSD_CRAY_H #ifdef _UNICOS -void cray_init_job(struct passwd *); /* init cray job */ -void cray_job_termination_handler(int); /* process end of job signal */ -void cray_login_failure(char *username, int errcode); -int cray_access_denied(char *username); + +void cray_init_job(struct passwd *); +void cray_job_termination_handler(int); +void cray_login_failure(char *, int ); +int cray_access_denied(char *); #define CUSTOM_FAILED_LOGIN 1 -void record_failed_login(const char *user, const char *ttyname); -extern char cray_tmpdir[]; /* cray tmpdir */ +void record_failed_login(const char *, const char *); +extern char cray_tmpdir[]; + #ifndef IA_SSHD -#define IA_SSHD IA_LOGIN +# define IA_SSHD IA_LOGIN #endif #ifndef MAXHOSTNAMELEN -#define MAXHOSTNAMELEN 64 +# define MAXHOSTNAMELEN 64 #endif #ifndef _CRAYT3E -#include -#define TIOCGPGRP (tIOC|20) -#endif +# include +# define TIOCGPGRP (tIOC|20) #endif +#endif /* UNICOS */ + #endif /* _BSD_CRAY_H */ diff --git a/openbsd-compat/bsd-cygwin_util.c b/openbsd-compat/bsd-cygwin_util.c index 0fa5964bc..012ba4c75 100644 --- a/openbsd-compat/bsd-cygwin_util.c +++ b/openbsd-compat/bsd-cygwin_util.c @@ -31,7 +31,7 @@ #include "includes.h" -RCSID("$Id: bsd-cygwin_util.c,v 1.9 2002/11/09 15:59:29 mouring Exp $"); +RCSID("$Id: bsd-cygwin_util.c,v 1.10 2003/05/18 14:13:39 djm Exp $"); #ifdef HAVE_CYGWIN @@ -53,7 +53,8 @@ RCSID("$Id: bsd-cygwin_util.c,v 1.9 2002/11/09 15:59:29 mouring Exp $"); # undef pipe #endif -int binary_open(const char *filename, int flags, ...) +int +binary_open(const char *filename, int flags, ...) { va_list ap; mode_t mode; @@ -61,55 +62,56 @@ int binary_open(const char *filename, int flags, ...) va_start(ap, flags); mode = va_arg(ap, mode_t); va_end(ap); - return open(filename, flags | O_BINARY, mode); + return (open(filename, flags | O_BINARY, mode)); } -int binary_pipe(int fd[2]) +int +binary_pipe(int fd[2]) { int ret = pipe(fd); if (!ret) { - setmode (fd[0], O_BINARY); - setmode (fd[1], O_BINARY); + setmode(fd[0], O_BINARY); + setmode(fd[1], O_BINARY); } - return ret; + return (ret); } #define HAS_CREATE_TOKEN 1 #define HAS_NTSEC_BY_DEFAULT 2 -static int has_capability(int what) +static int +has_capability(int what) { - /* has_capability() basically calls uname() and checks if - specific capabilities of Cygwin can be evaluated from that. - This simplifies the calling functions which only have to ask - for a capability using has_capability() instead of having - to figure that out by themselves. */ static int inited; static int has_create_token; static int has_ntsec_by_default; + /* + * has_capability() basically calls uname() and checks if + * specific capabilities of Cygwin can be evaluated from that. + * This simplifies the calling functions which only have to ask + * for a capability using has_capability() instead of having + * to figure that out by themselves. + */ if (!inited) { struct utsname uts; char *c; if (!uname(&uts)) { - int major_high = 0; - int major_low = 0; - int minor = 0; - int api_major_version = 0; - int api_minor_version = 0; + int major_high = 0, major_low = 0, minor = 0; + int api_major_version = 0, api_minor_version = 0; char *c; sscanf(uts.release, "%d.%d.%d", &major_high, - &major_low, &minor); - c = strchr(uts.release, '('); - if (c) + &major_low, &minor); + if ((c = strchr(uts.release, '(')) != NULL) { sscanf(c + 1, "%d.%d", &api_major_version, - &api_minor_version); + &api_minor_version); + } if (major_high > 1 || (major_high == 1 && (major_low > 3 || - (major_low == 3 && minor >= 2)))) + (major_low == 3 && minor >= 2)))) has_create_token = 1; if (api_major_version > 0 || api_minor_version >= 56) has_ntsec_by_default = 1; @@ -118,14 +120,15 @@ static int has_capability(int what) } switch (what) { case HAS_CREATE_TOKEN: - return has_create_token; + return (has_create_token); case HAS_NTSEC_BY_DEFAULT: - return has_ntsec_by_default; + return (has_ntsec_by_default); } - return 0; + return (0); } -int check_nt_auth(int pwd_authenticated, struct passwd *pw) +int +check_nt_auth(int pwd_authenticated, struct passwd *pw) { /* * The only authentication which is able to change the user @@ -149,34 +152,33 @@ int check_nt_auth(int pwd_authenticated, struct passwd *pw) has_create_token = 0; if (has_capability(HAS_CREATE_TOKEN) && (ntsec_on(cygwin) || - (has_capability(HAS_NTSEC_BY_DEFAULT) && - !ntsec_off(cygwin)))) + (has_capability(HAS_NTSEC_BY_DEFAULT) && + !ntsec_off(cygwin)))) has_create_token = 1; } if (has_create_token < 1 && !pwd_authenticated && geteuid() != pw->pw_uid) - return 0; + return (0); } - return 1; + return (1); } -int check_ntsec(const char *filename) +int +check_ntsec(const char *filename) { char *cygwin; - int allow_ntea = 0; - int allow_ntsec = 0; + int allow_ntea = 0, allow_ntsec = 0; struct statfs fsstat; /* Windows 95/98/ME don't support file system security at all. */ if (!is_winnt) - return 0; + return (0); /* Evaluate current CYGWIN settings. */ cygwin = getenv("CYGWIN"); allow_ntea = ntea_on(cygwin); allow_ntsec = ntsec_on(cygwin) || - (has_capability(HAS_NTSEC_BY_DEFAULT) && - !ntsec_off(cygwin)); + (has_capability(HAS_NTSEC_BY_DEFAULT) && !ntsec_off(cygwin)); /* * `ntea' is an emulation of POSIX attributes. It doesn't support @@ -185,14 +187,14 @@ int check_ntsec(const char *filename) * for security checks. */ if (allow_ntea) - return 1; + return (1); /* * Retrieve file system flags. In Cygwin, file system flags are * copied to f_type which has no meaning in Win32 itself. */ if (statfs(filename, &fsstat)) - return 1; + return (1); /* * Only file systems supporting ACLs are able to set permissions. @@ -200,12 +202,13 @@ int check_ntsec(const char *filename) * ACLs to support POSIX permissions on files. */ if (fsstat.f_type & FS_PERSISTENT_ACLS) - return allow_ntsec; + return (allow_ntsec); - return 0; + return (0); } -void register_9x_service(void) +void +register_9x_service(void) { HINSTANCE kerneldll; DWORD (*RegisterServiceProcess)(DWORD, DWORD); @@ -219,10 +222,10 @@ void register_9x_service(void) */ if (is_winnt) return; - if (! (kerneldll = LoadLibrary("KERNEL32.DLL"))) + if (!(kerneldll = LoadLibrary("KERNEL32.DLL"))) return; - if (! (RegisterServiceProcess = (DWORD (*)(DWORD, DWORD)) - GetProcAddress(kerneldll, "RegisterServiceProcess"))) + if (!(RegisterServiceProcess = (DWORD (*)(DWORD, DWORD)) + GetProcAddress(kerneldll, "RegisterServiceProcess"))) return; RegisterServiceProcess(0, 1); } diff --git a/openbsd-compat/bsd-cygwin_util.h b/openbsd-compat/bsd-cygwin_util.h index af470bdd8..859afbef5 100644 --- a/openbsd-compat/bsd-cygwin_util.h +++ b/openbsd-compat/bsd-cygwin_util.h @@ -1,4 +1,4 @@ -/* $Id: bsd-cygwin_util.h,v 1.7 2002/04/15 22:00:52 stevesk Exp $ */ +/* $Id: bsd-cygwin_util.h,v 1.8 2003/05/18 14:13:39 djm Exp $ */ /* * cygwin_util.c @@ -38,10 +38,10 @@ #include -int binary_open(const char *filename, int flags, ...); +int binary_open(const char *, int , ...); int binary_pipe(int fd[2]); -int check_nt_auth(int pwd_authenticated, struct passwd *pw); -int check_ntsec(const char *filename); +int check_nt_auth(int, struct passwd *); +int check_ntsec(const char *); void register_9x_service(void); #define open binary_open diff --git a/openbsd-compat/bsd-getpeereid.h b/openbsd-compat/bsd-getpeereid.h index 2e9f077f9..771e9cbf9 100644 --- a/openbsd-compat/bsd-getpeereid.h +++ b/openbsd-compat/bsd-getpeereid.h @@ -1,4 +1,28 @@ -/* $Id: bsd-getpeereid.h,v 1.1 2002/09/12 00:33:02 djm Exp $ */ +/* + * Copyright (c) 2002-2003 Damien Miller. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +/* $Id: bsd-getpeereid.h,v 1.2 2003/05/18 14:13:39 djm Exp $ */ #ifndef _BSD_GETPEEREID_H #define _BSD_GETPEEREID_H diff --git a/openbsd-compat/bsd-misc.c b/openbsd-compat/bsd-misc.c index b8e9996d5..cdc63c24d 100644 --- a/openbsd-compat/bsd-misc.c +++ b/openbsd-compat/bsd-misc.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999-2000 Damien Miller. All rights reserved. + * Copyright (c) 1999-2003 Damien Miller. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -25,7 +25,7 @@ #include "includes.h" #include "xmalloc.h" -RCSID("$Id: bsd-misc.c,v 1.12 2003/03/18 18:21:41 tim Exp $"); +RCSID("$Id: bsd-misc.c,v 1.13 2003/05/18 14:13:39 djm Exp $"); /* * NB. duplicate __progname in case it is an alias for argv[0] @@ -41,21 +41,21 @@ char *get_progname(char *argv0) char *p; if (argv0 == NULL) - return "unknown"; /* XXX */ + return ("unknown"); /* XXX */ p = strrchr(argv0, '/'); if (p == NULL) p = argv0; else p++; - return xstrdup(p); + return (xstrdup(p)); #endif } #ifndef HAVE_SETLOGIN int setlogin(const char *name) { - return(0); + return (0); } #endif /* !HAVE_SETLOGIN */ @@ -63,21 +63,21 @@ int setlogin(const char *name) int innetgr(const char *netgroup, const char *host, const char *user, const char *domain) { - return(0); + return (0); } #endif /* HAVE_INNETGR */ #if !defined(HAVE_SETEUID) && defined(HAVE_SETREUID) int seteuid(uid_t euid) { - return(setreuid(-1,euid)); + return (setreuid(-1, euid)); } #endif /* !defined(HAVE_SETEUID) && defined(HAVE_SETREUID) */ #if !defined(HAVE_SETEGID) && defined(HAVE_SETRESGID) int setegid(uid_t egid) { - return(setresgid(-1,egid,-1)); + return(setresgid(-1, egid, -1)); } #endif /* !defined(HAVE_SETEGID) && defined(HAVE_SETRESGID) */ @@ -88,9 +88,9 @@ const char *strerror(int e) extern char *sys_errlist[]; if ((e >= 0) && (e < sys_nerr)) - return(sys_errlist[e]); - else - return("unlisted error"); + return (sys_errlist[e]); + + return ("unlisted error"); } #endif @@ -102,24 +102,25 @@ int utimes(char *filename, struct timeval *tvp) ub.actime = tvp[0].tv_sec; ub.modtime = tvp[1].tv_sec; - return(utime(filename, &ub)); + return (utime(filename, &ub)); } #endif #ifndef HAVE_TRUNCATE -int truncate (const char *path, off_t length) +int truncate(const char *path, off_t length) { int fd, ret, saverrno; fd = open(path, O_WRONLY); if (fd < 0) - return -1; + return (-1); ret = ftruncate(fd, length); saverrno = errno; - (void) close (fd); + close(fd); if (ret == -1) errno = saverrno; + return(ret); } #endif /* HAVE_TRUNCATE */ @@ -131,7 +132,7 @@ int truncate (const char *path, off_t length) int setgroups(size_t size, const gid_t *list) { - return 0; + return (0); } #endif diff --git a/openbsd-compat/bsd-misc.h b/openbsd-compat/bsd-misc.h index 78d9ccdd4..00e508cfc 100644 --- a/openbsd-compat/bsd-misc.h +++ b/openbsd-compat/bsd-misc.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999-2000 Damien Miller. All rights reserved. + * Copyright (c) 1999-2003 Damien Miller. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -22,42 +22,41 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -/* $Id: bsd-misc.h,v 1.7 2003/03/18 18:21:41 tim Exp $ */ +/* $Id: bsd-misc.h,v 1.8 2003/05/18 14:13:39 djm Exp $ */ #ifndef _BSD_MISC_H #define _BSD_MISC_H #include "config.h" -char *get_progname(char *argv0); +char *get_progname(char *); #ifndef HAVE_SETSID #define setsid() setpgrp(0, getpid()) #endif /* !HAVE_SETSID */ #ifndef HAVE_SETENV -int setenv(const char *name, const char *value, int overwrite); +int setenv(const char *, const char *, int); #endif /* !HAVE_SETENV */ #ifndef HAVE_SETLOGIN -int setlogin(const char *name); +int setlogin(const char *); #endif /* !HAVE_SETLOGIN */ #ifndef HAVE_INNETGR -int innetgr(const char *netgroup, const char *host, - const char *user, const char *domain); +int innetgr(const char *, const char *, const char *, const char *); #endif /* HAVE_INNETGR */ #if !defined(HAVE_SETEUID) && defined(HAVE_SETREUID) -int seteuid(uid_t euid); +int seteuid(uid_t); #endif /* !defined(HAVE_SETEUID) && defined(HAVE_SETREUID) */ #if !defined(HAVE_SETEGID) && defined(HAVE_SETRESGID) -int setegid(uid_t egid); +int setegid(uid_t); #endif /* !defined(HAVE_SETEGID) && defined(HAVE_SETRESGID) */ #if !defined(HAVE_STRERROR) && defined(HAVE_SYS_ERRLIST) && defined(HAVE_SYS_NERR) -const char *strerror(int e); +const char *strerror(int); #endif @@ -69,15 +68,15 @@ struct timeval { } #endif /* HAVE_STRUCT_TIMEVAL */ -int utimes(char *filename, struct timeval *tvp); +int utimes(char *, struct timeval *); #endif /* HAVE_UTIMES */ #ifndef HAVE_TRUNCATE -int truncate (const char *path, off_t length); +int truncate (const char *, off_t); #endif /* HAVE_TRUNCATE */ #if !defined(HAVE_SETGROUPS) && defined(SETGROUPS_NOOP) -int setgroups(size_t size, const gid_t *list); +int setgroups(size_t, const gid_t *); #endif #if !defined(HAVE_NANOSLEEP) && !defined(HAVE_NSLEEP) @@ -87,7 +86,7 @@ struct timespec { long tv_nsec; }; #endif -int nanosleep(const struct timespec *req, struct timespec *rem); +int nanosleep(const struct timespec *, struct timespec *); #endif #endif /* _BSD_MISC_H */ diff --git a/openbsd-compat/bsd-nextstep.c b/openbsd-compat/bsd-nextstep.c index 85b298a48..5b264ab2f 100644 --- a/openbsd-compat/bsd-nextstep.c +++ b/openbsd-compat/bsd-nextstep.c @@ -1,3 +1,5 @@ +/* XXX - author */ + /* * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -22,7 +24,7 @@ #include "includes.h" -RCSID("$Id: bsd-nextstep.c,v 1.4 2001/03/26 05:35:34 mouring Exp $"); +RCSID("$Id: bsd-nextstep.c,v 1.5 2003/05/18 14:13:39 djm Exp $"); #ifdef HAVE_NEXT #include @@ -40,7 +42,7 @@ posix_wait(int *status) if (status) *status = (int) statusp.w_status; - return wait_pid; + return (wait_pid); } int diff --git a/openbsd-compat/bsd-nextstep.h b/openbsd-compat/bsd-nextstep.h index c6a7019c6..dc5dc7e17 100644 --- a/openbsd-compat/bsd-nextstep.h +++ b/openbsd-compat/bsd-nextstep.h @@ -1,3 +1,5 @@ +/* XXX - author */ + /* * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -21,7 +23,7 @@ * */ -/* $Id: bsd-nextstep.h,v 1.6 2001/03/19 13:42:22 mouring Exp $ */ +/* $Id: bsd-nextstep.h,v 1.7 2003/05/18 14:13:39 djm Exp $ */ #ifndef _NEXT_POSIX_H #define _NEXT_POSIX_H @@ -37,22 +39,21 @@ #define dirent direct /* Swap out NeXT's BSD wait() for a more POSIX complient one */ -pid_t posix_wait(int *status); +pid_t posix_wait(int *); #define wait(a) posix_wait(a) /* #ifdef wrapped functions that need defining for clean compiling */ pid_t getppid(void); void vhangup(void); -int innetgr(const char *netgroup, const char *host, const char *user, - const char *domain); +int innetgr(const char *, const char *, const char *, const char *); /* TERMCAP */ -int tcgetattr(int fd, struct termios *t); -int tcsetattr(int fd, int opt, const struct termios *t); -int tcsetpgrp(int fd, pid_t pgrp); -speed_t cfgetospeed(const struct termios *t); -speed_t cfgetispeed(const struct termios *t); -int cfsetospeed(struct termios *t, int speed); -int cfsetispeed(struct termios *t, int speed); +int tcgetattr(int, struct termios *); +int tcsetattr(int, int, const struct termios *); +int tcsetpgrp(int, pid_t); +speed_t cfgetospeed(const struct termios *); +speed_t cfgetispeed(const struct termios *); +int cfsetospeed(struct termios *, int); +int cfsetispeed(struct termios *, int); #endif /* HAVE_NEXT */ #endif /* _NEXT_POSIX_H */ diff --git a/openbsd-compat/bsd-snprintf.c b/openbsd-compat/bsd-snprintf.c index 2f82180d1..e4d8a439a 100644 --- a/openbsd-compat/bsd-snprintf.c +++ b/openbsd-compat/bsd-snprintf.c @@ -58,7 +58,7 @@ #include "includes.h" -RCSID("$Id: bsd-snprintf.c,v 1.6 2003/04/01 11:31:56 djm Exp $"); +RCSID("$Id: bsd-snprintf.c,v 1.7 2003/05/18 14:13:39 djm Exp $"); #if defined(BROKEN_SNPRINTF) /* For those with broken snprintf() */ # undef HAVE_SNPRINTF @@ -72,15 +72,15 @@ dopr(char *buffer, size_t maxlen, const char *format, va_list args); static void fmtstr(char *buffer, size_t *currlen, size_t maxlen, char *value, int flags, - int min, int max); + int min, int max); static void fmtint(char *buffer, size_t *currlen, size_t maxlen, long value, int base, - int min, int max, int flags); + int min, int max, int flags); static void fmtfp(char *buffer, size_t *currlen, size_t maxlen, long double fvalue, - int min, int max, int flags); + int min, int max, int flags); static void dopr_outch(char *buffer, size_t *currlen, size_t maxlen, char c); @@ -121,15 +121,10 @@ dopr_outch(char *buffer, size_t *currlen, size_t maxlen, char c); static void dopr(char *buffer, size_t maxlen, const char *format, va_list args) { - char *strvalue; - char ch; + char *strvalue, ch; long value; long double fvalue; - int min = 0; - int max = -1; - int state = DP_S_DEFAULT; - int flags = 0; - int cflags = 0; + int min = 0, max = -1, state = DP_S_DEFAULT, flags = 0, cflags = 0; size_t currlen = 0; ch = *format++; @@ -139,224 +134,224 @@ dopr(char *buffer, size_t maxlen, const char *format, va_list args) state = DP_S_DONE; switch(state) { - case DP_S_DEFAULT: - if (ch == '%') - state = DP_S_FLAGS; - else - dopr_outch(buffer, &currlen, maxlen, ch); + case DP_S_DEFAULT: + if (ch == '%') + state = DP_S_FLAGS; + else + dopr_outch(buffer, &currlen, maxlen, ch); + ch = *format++; + break; + case DP_S_FLAGS: + switch (ch) { + case '-': + flags |= DP_F_MINUS; ch = *format++; break; - case DP_S_FLAGS: - switch (ch) { - case '-': - flags |= DP_F_MINUS; - ch = *format++; - break; - case '+': - flags |= DP_F_PLUS; - ch = *format++; - break; - case ' ': - flags |= DP_F_SPACE; - ch = *format++; - break; - case '#': - flags |= DP_F_NUM; - ch = *format++; - break; - case '0': - flags |= DP_F_ZERO; - ch = *format++; - break; - default: - state = DP_S_MIN; - break; - } + case '+': + flags |= DP_F_PLUS; + ch = *format++; break; - case DP_S_MIN: - if (isdigit((unsigned char)ch)) { - min = 10*min + char_to_int (ch); - ch = *format++; - } else if (ch == '*') { - min = va_arg (args, int); - ch = *format++; - state = DP_S_DOT; - } else - state = DP_S_DOT; + case ' ': + flags |= DP_F_SPACE; + ch = *format++; break; - case DP_S_DOT: - if (ch == '.') { - state = DP_S_MAX; - ch = *format++; - } else - state = DP_S_MOD; + case '#': + flags |= DP_F_NUM; + ch = *format++; break; - case DP_S_MAX: - if (isdigit((unsigned char)ch)) { - if (max < 0) - max = 0; - max = 10*max + char_to_int(ch); - ch = *format++; - } else if (ch == '*') { - max = va_arg (args, int); - ch = *format++; - state = DP_S_MOD; - } else - state = DP_S_MOD; + case '0': + flags |= DP_F_ZERO; + ch = *format++; break; - case DP_S_MOD: - switch (ch) { - case 'h': - cflags = DP_C_SHORT; - ch = *format++; - break; - case 'l': - cflags = DP_C_LONG; - ch = *format++; - if (ch == 'l') { - cflags = DP_C_LONG_LONG; - ch = *format++; - } - break; - case 'q': - cflags = DP_C_LONG_LONG; - ch = *format++; - break; - case 'L': - cflags = DP_C_LDOUBLE; - ch = *format++; - break; - default: - break; - } - state = DP_S_CONV; + default: + state = DP_S_MIN; break; - case DP_S_CONV: - switch (ch) { - case 'd': - case 'i': - if (cflags == DP_C_SHORT) - value = va_arg(args, int); - else if (cflags == DP_C_LONG) - value = va_arg(args, long int); - else if (cflags == DP_C_LONG_LONG) - value = va_arg (args, long long); - else - value = va_arg (args, int); - fmtint(buffer, &currlen, maxlen, value, 10, min, max, flags); - break; - case 'o': - flags |= DP_F_UNSIGNED; - if (cflags == DP_C_SHORT) - value = va_arg(args, unsigned int); - else if (cflags == DP_C_LONG) - value = va_arg(args, unsigned long int); - else if (cflags == DP_C_LONG_LONG) - value = va_arg(args, unsigned long long); - else - value = va_arg(args, unsigned int); - fmtint(buffer, &currlen, maxlen, value, 8, min, max, flags); - break; - case 'u': - flags |= DP_F_UNSIGNED; - if (cflags == DP_C_SHORT) - value = va_arg(args, unsigned int); - else if (cflags == DP_C_LONG) - value = va_arg(args, unsigned long int); - else if (cflags == DP_C_LONG_LONG) - value = va_arg(args, unsigned long long); - else - value = va_arg(args, unsigned int); - fmtint (buffer, &currlen, maxlen, value, 10, min, max, flags); - break; - case 'X': - flags |= DP_F_UP; - case 'x': - flags |= DP_F_UNSIGNED; - if (cflags == DP_C_SHORT) - value = va_arg(args, unsigned int); - else if (cflags == DP_C_LONG) - value = va_arg(args, unsigned long int); - else if (cflags == DP_C_LONG_LONG) - value = va_arg(args, unsigned long long); - else - value = va_arg(args, unsigned int); - fmtint(buffer, &currlen, maxlen, value, 16, min, max, flags); - break; - case 'f': - if (cflags == DP_C_LDOUBLE) - fvalue = va_arg(args, long double); - else - fvalue = va_arg(args, double); - /* um, floating point? */ - fmtfp(buffer, &currlen, maxlen, fvalue, min, max, flags); - break; - case 'E': - flags |= DP_F_UP; - case 'e': - if (cflags == DP_C_LDOUBLE) - fvalue = va_arg(args, long double); - else - fvalue = va_arg(args, double); - break; - case 'G': - flags |= DP_F_UP; - case 'g': - if (cflags == DP_C_LDOUBLE) - fvalue = va_arg(args, long double); - else - fvalue = va_arg(args, double); - break; - case 'c': - dopr_outch(buffer, &currlen, maxlen, va_arg(args, int)); - break; - case 's': - strvalue = va_arg(args, char *); - if (max < 0) - max = maxlen; /* ie, no max */ - fmtstr(buffer, &currlen, maxlen, strvalue, flags, min, max); - break; - case 'p': - strvalue = va_arg(args, void *); - fmtint(buffer, &currlen, maxlen, (long) strvalue, 16, min, max, flags); - break; - case 'n': - if (cflags == DP_C_SHORT) { - short int *num; - num = va_arg(args, short int *); - *num = currlen; - } else if (cflags == DP_C_LONG) { - long int *num; - num = va_arg(args, long int *); - *num = currlen; - } else if (cflags == DP_C_LONG_LONG) { - long long *num; - num = va_arg(args, long long *); - *num = currlen; - } else { - int *num; - num = va_arg(args, int *); - *num = currlen; - } - break; - case '%': - dopr_outch(buffer, &currlen, maxlen, ch); - break; - case 'w': /* not supported yet, treat as next char */ - ch = *format++; - break; - default: /* Unknown, skip */ - break; + } + break; + case DP_S_MIN: + if (isdigit((unsigned char)ch)) { + min = 10 * min + char_to_int (ch); + ch = *format++; + } else if (ch == '*') { + min = va_arg (args, int); + ch = *format++; + state = DP_S_DOT; + } else + state = DP_S_DOT; + break; + case DP_S_DOT: + if (ch == '.') { + state = DP_S_MAX; + ch = *format++; + } else + state = DP_S_MOD; + break; + case DP_S_MAX: + if (isdigit((unsigned char)ch)) { + if (max < 0) + max = 0; + max = 10 * max + char_to_int(ch); + ch = *format++; + } else if (ch == '*') { + max = va_arg (args, int); + ch = *format++; + state = DP_S_MOD; + } else + state = DP_S_MOD; + break; + case DP_S_MOD: + switch (ch) { + case 'h': + cflags = DP_C_SHORT; + ch = *format++; + break; + case 'l': + cflags = DP_C_LONG; + ch = *format++; + if (ch == 'l') { + cflags = DP_C_LONG_LONG; + ch = *format++; } + break; + case 'q': + cflags = DP_C_LONG_LONG; + ch = *format++; + break; + case 'L': + cflags = DP_C_LDOUBLE; ch = *format++; - state = DP_S_DEFAULT; - flags = cflags = min = 0; - max = -1; break; - case DP_S_DONE: + default: + break; + } + state = DP_S_CONV; + break; + case DP_S_CONV: + switch (ch) { + case 'd': + case 'i': + if (cflags == DP_C_SHORT) + value = va_arg(args, int); + else if (cflags == DP_C_LONG) + value = va_arg(args, long int); + else if (cflags == DP_C_LONG_LONG) + value = va_arg (args, long long); + else + value = va_arg (args, int); + fmtint(buffer, &currlen, maxlen, value, 10, min, max, flags); + break; + case 'o': + flags |= DP_F_UNSIGNED; + if (cflags == DP_C_SHORT) + value = va_arg(args, unsigned int); + else if (cflags == DP_C_LONG) + value = va_arg(args, unsigned long int); + else if (cflags == DP_C_LONG_LONG) + value = va_arg(args, unsigned long long); + else + value = va_arg(args, unsigned int); + fmtint(buffer, &currlen, maxlen, value, 8, min, max, flags); break; - default: /* hmm? */ - break; /* some picky compilers need this */ + case 'u': + flags |= DP_F_UNSIGNED; + if (cflags == DP_C_SHORT) + value = va_arg(args, unsigned int); + else if (cflags == DP_C_LONG) + value = va_arg(args, unsigned long int); + else if (cflags == DP_C_LONG_LONG) + value = va_arg(args, unsigned long long); + else + value = va_arg(args, unsigned int); + fmtint (buffer, &currlen, maxlen, value, 10, min, max, flags); + break; + case 'X': + flags |= DP_F_UP; + case 'x': + flags |= DP_F_UNSIGNED; + if (cflags == DP_C_SHORT) + value = va_arg(args, unsigned int); + else if (cflags == DP_C_LONG) + value = va_arg(args, unsigned long int); + else if (cflags == DP_C_LONG_LONG) + value = va_arg(args, unsigned long long); + else + value = va_arg(args, unsigned int); + fmtint(buffer, &currlen, maxlen, value, 16, min, max, flags); + break; + case 'f': + if (cflags == DP_C_LDOUBLE) + fvalue = va_arg(args, long double); + else + fvalue = va_arg(args, double); + /* um, floating point? */ + fmtfp(buffer, &currlen, maxlen, fvalue, min, max, flags); + break; + case 'E': + flags |= DP_F_UP; + case 'e': + if (cflags == DP_C_LDOUBLE) + fvalue = va_arg(args, long double); + else + fvalue = va_arg(args, double); + break; + case 'G': + flags |= DP_F_UP; + case 'g': + if (cflags == DP_C_LDOUBLE) + fvalue = va_arg(args, long double); + else + fvalue = va_arg(args, double); + break; + case 'c': + dopr_outch(buffer, &currlen, maxlen, va_arg(args, int)); + break; + case 's': + strvalue = va_arg(args, char *); + if (max < 0) + max = maxlen; /* ie, no max */ + fmtstr(buffer, &currlen, maxlen, strvalue, flags, min, max); + break; + case 'p': + strvalue = va_arg(args, void *); + fmtint(buffer, &currlen, maxlen, (long) strvalue, 16, min, max, flags); + break; + case 'n': + if (cflags == DP_C_SHORT) { + short int *num; + num = va_arg(args, short int *); + *num = currlen; + } else if (cflags == DP_C_LONG) { + long int *num; + num = va_arg(args, long int *); + *num = currlen; + } else if (cflags == DP_C_LONG_LONG) { + long long *num; + num = va_arg(args, long long *); + *num = currlen; + } else { + int *num; + num = va_arg(args, int *); + *num = currlen; + } + break; + case '%': + dopr_outch(buffer, &currlen, maxlen, ch); + break; + case 'w': /* not supported yet, treat as next char */ + ch = *format++; + break; + default: /* Unknown, skip */ + break; + } + ch = *format++; + state = DP_S_DEFAULT; + flags = cflags = min = 0; + max = -1; + break; + case DP_S_DONE: + break; + default: /* hmm? */ + break; /* some picky compilers need this */ } } if (currlen < maxlen - 1) @@ -367,10 +362,9 @@ dopr(char *buffer, size_t maxlen, const char *format, va_list args) static void fmtstr(char *buffer, size_t *currlen, size_t maxlen, - char *value, int flags, int min, int max) + char *value, int flags, int min, int max) { - int padlen, strln; /* amount to pad */ - int cnt = 0; + int cnt = 0, padlen, strln; /* amount to pad */ if (value == 0) value = ""; @@ -402,15 +396,13 @@ fmtstr(char *buffer, size_t *currlen, size_t maxlen, static void fmtint(char *buffer, size_t *currlen, size_t maxlen, - long value, int base, int min, int max, int flags) + long value, int base, int min, int max, int flags) { unsigned long uvalue; char convert[20]; - int signvalue = 0; - int place = 0; + int signvalue = 0, place = 0, caps = 0; int spadlen = 0; /* amount to space pad */ int zpadlen = 0; /* amount to zero pad */ - int caps = 0; if (max < 0) max = 0; @@ -429,11 +421,10 @@ fmtint(char *buffer, size_t *currlen, size_t maxlen, if (flags & DP_F_UP) caps = 1; /* Should characters be upper case? */ - do { convert[place++] = - (caps? "0123456789ABCDEF":"0123456789abcdef") - [uvalue % (unsigned)base]; + (caps ? "0123456789ABCDEF" : "0123456789abcdef") + [uvalue % (unsigned)base]; uvalue = (uvalue / (unsigned)base ); } while (uvalue && (place < 20)); if (place == 20) @@ -453,7 +444,6 @@ fmtint(char *buffer, size_t *currlen, size_t maxlen, if (flags & DP_F_MINUS) spadlen = -spadlen; /* Left Justifty */ - /* Spaces */ while (spadlen > 0) { dopr_outch(buffer, currlen, maxlen, ' '); @@ -512,16 +502,11 @@ static void fmtfp(char *buffer, size_t *currlen, size_t maxlen, long double fvalue, int min, int max, int flags) { - char iconvert[20]; - char fconvert[20]; - int signvalue = 0; - int iplace = 0; - int fplace = 0; + char iconvert[20], fconvert[20]; + int signvalue = 0, iplace = 0, fplace = 0; int padlen = 0; /* amount to pad */ - int zpadlen = 0; - int caps = 0; - long intpart; - long fracpart; + int zpadlen = 0, caps = 0; + long intpart, fracpart; long double ufvalue; /* @@ -562,7 +547,8 @@ fmtfp(char *buffer, size_t *currlen, size_t maxlen, long double fvalue, /* Convert integer part */ do { iconvert[iplace++] = - (caps? "0123456789ABCDEF":"0123456789abcdef")[intpart % 10]; + (caps ? "0123456789ABCDEF" : "0123456789abcdef") + [intpart % 10]; intpart = (intpart / 10); } while(intpart && (iplace < 20)); if (iplace == 20) @@ -572,7 +558,8 @@ fmtfp(char *buffer, size_t *currlen, size_t maxlen, long double fvalue, /* Convert fractional part */ do { fconvert[fplace++] = - (caps? "0123456789ABCDEF":"0123456789abcdef")[fracpart % 10]; + (caps ? "0123456789ABCDEF" : "0123456789abcdef") + [fracpart % 10]; fracpart = (fracpart / 10); } while(fracpart && (fplace < 20)); if (fplace == 20) @@ -611,8 +598,8 @@ fmtfp(char *buffer, size_t *currlen, size_t maxlen, long double fvalue, dopr_outch(buffer, currlen, maxlen, iconvert[--iplace]); /* - * Decimal point. This should probably use locale to find the correct - * char to print out. + * Decimal point. This should probably use locale to find the + * correct char to print out. */ dopr_outch(buffer, currlen, maxlen, '.'); @@ -662,90 +649,4 @@ snprintf(char *str,size_t count,const char *fmt,...) return(strlen(str)); } -#ifdef TEST_SNPRINTF -int -main(void) -{ -#define LONG_STRING 1024 - char buf1[LONG_STRING]; - char buf2[LONG_STRING]; - char *fp_fmt[] = { - "%-1.5f", - "%1.5f", - "%123.9f", - "%10.5f", - "% 10.5f", - "%+22.9f", - "%+4.9f", - "%01.3f", - "%4f", - "%3.1f", - "%3.2f", - NULL - }; - double fp_nums[] = { - -1.5, - 134.21, - 91340.2, - 341.1234, - 0203.9, - 0.96, - 0.996, - 0.9996, - 1.996, - 4.136, - 0 - }; - char *int_fmt[] = { - "%-1.5d", - "%1.5d", - "%123.9d", - "%5.5d", - "%10.5d", - "% 10.5d", - "%+22.33d", - "%01.3d", - "%4d", - "%lld", - "%qd", - NULL - }; - long long int_nums[] = { -1, 134, 91340, 341, 0203, 0, 9999999 }; - int x, y; - int fail = 0; - int num = 0; - - printf("Testing snprintf format codes against system sprintf...\n"); - - for (x = 0; fp_fmt[x] != NULL ; x++) { - for (y = 0; fp_nums[y] != 0 ; y++) { - snprintf(buf1, sizeof (buf1), fp_fmt[x], fp_nums[y]); - sprintf (buf2, fp_fmt[x], fp_nums[y]); - if (strcmp (buf1, buf2)) { - printf("snprintf doesn't match Format: %s\n\t" - "snprintf = %s\n\tsprintf = %s\n", - fp_fmt[x], buf1, buf2); - fail++; - } - num++; - } - } - for (x = 0; int_fmt[x] != NULL ; x++) { - for (y = 0; int_nums[y] != 0 ; y++) { - snprintf(buf1, sizeof (buf1), int_fmt[x], int_nums[y]); - sprintf(buf2, int_fmt[x], int_nums[y]); - if (strcmp (buf1, buf2)) { - printf("snprintf doesn't match Format: %s\n\t" - "snprintf = %s\n\tsprintf = %s\n", - int_fmt[x], buf1, buf2); - fail++; - } - num++; - } - } - printf("%d tests failed out of %d.\n", fail, num); - return(0); -} -#endif /* SNPRINTF_TEST */ - #endif /* !HAVE_SNPRINTF */ diff --git a/openbsd-compat/bsd-snprintf.h b/openbsd-compat/bsd-snprintf.h index 002b764e3..95e4d136c 100644 --- a/openbsd-compat/bsd-snprintf.h +++ b/openbsd-compat/bsd-snprintf.h @@ -1,4 +1,4 @@ -/* $Id: bsd-snprintf.h,v 1.2 2001/02/09 01:55:36 djm Exp $ */ +/* $Id: bsd-snprintf.h,v 1.3 2003/05/18 14:13:39 djm Exp $ */ #ifndef _BSD_SNPRINTF_H #define _BSD_SNPRINTF_H @@ -8,11 +8,11 @@ #include /* For size_t */ #ifndef HAVE_SNPRINTF -int snprintf(char *str, size_t count, const char *fmt, ...); +int snprintf(char *, size_t, const char *, ...); #endif /* !HAVE_SNPRINTF */ #ifndef HAVE_VSNPRINTF -int vsnprintf(char *str, size_t count, const char *fmt, va_list args); +int vsnprintf(char *, size_t, const char *, va_list); #endif /* !HAVE_SNPRINTF */ diff --git a/openbsd-compat/bsd-waitpid.c b/openbsd-compat/bsd-waitpid.c index 47b4446dc..d60081e58 100644 --- a/openbsd-compat/bsd-waitpid.c +++ b/openbsd-compat/bsd-waitpid.c @@ -1,3 +1,5 @@ +/* XXX - no author */ + /* * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -22,7 +24,7 @@ #include "includes.h" -RCSID("$Id: bsd-waitpid.c,v 1.3 2001/03/26 05:35:34 mouring Exp $"); +RCSID("$Id: bsd-waitpid.c,v 1.4 2003/05/18 14:13:39 djm Exp $"); #ifndef HAVE_WAITPID #include @@ -38,15 +40,16 @@ waitpid(int pid, int *stat_loc, int options) if (pid <= 0) { if (pid != -1) { errno = EINVAL; - return -1; + return (-1); } - pid = 0; /* wait4() wants pid=0 for indiscriminate wait. */ + /* wait4() wants pid=0 for indiscriminate wait. */ + pid = 0; } wait_pid = wait4(pid, &statusp, options, NULL); if (stat_loc) *stat_loc = (int) statusp.w_status; - return wait_pid; + return (wait_pid); } #endif /* !HAVE_WAITPID */ diff --git a/openbsd-compat/bsd-waitpid.h b/openbsd-compat/bsd-waitpid.h index e24edd791..6d48deb29 100644 --- a/openbsd-compat/bsd-waitpid.h +++ b/openbsd-compat/bsd-waitpid.h @@ -21,7 +21,7 @@ * */ -/* $Id: bsd-waitpid.h,v 1.2 2001/02/09 01:55:36 djm Exp $ */ +/* $Id: bsd-waitpid.h,v 1.3 2003/05/18 14:13:39 djm Exp $ */ #ifndef _BSD_WAITPID_H #define _BSD_WAITPID_H @@ -43,7 +43,7 @@ #define WCOREDUMP(w) ((_W_INT(w)) & WCOREFLAG) /* Prototype */ -pid_t waitpid(int pid, int *stat_loc, int options); +pid_t waitpid(int, int *, int); #endif /* !HAVE_WAITPID */ #endif /* _BSD_WAITPID_H */ diff --git a/openbsd-compat/fake-gai-errnos.h b/openbsd-compat/fake-gai-errnos.h index 5edc31b59..8fca7db0c 100644 --- a/openbsd-compat/fake-gai-errnos.h +++ b/openbsd-compat/fake-gai-errnos.h @@ -5,10 +5,15 @@ * See getaddrinfo.c and getnameinfo.c. */ -/* $Id: fake-gai-errnos.h,v 1.2 2001/02/09 01:55:36 djm Exp $ */ +#ifndef _FAKE_GAI_ERRNOS_H +#define _FAKE_GAI_ERRNOS_H + +/* $Id: fake-gai-errnos.h,v 1.3 2003/05/18 14:13:39 djm Exp $ */ /* for old netdb.h */ #ifndef EAI_NODATA -#define EAI_NODATA 1 -#define EAI_MEMORY 2 +# define EAI_NODATA 1 +# define EAI_MEMORY 2 #endif + +#endif /* !_FAKE_GAI_ERRNOS_H */ diff --git a/openbsd-compat/fake-getaddrinfo.c b/openbsd-compat/fake-getaddrinfo.c index 34e1fce78..76b8a6274 100644 --- a/openbsd-compat/fake-getaddrinfo.c +++ b/openbsd-compat/fake-getaddrinfo.c @@ -10,47 +10,48 @@ */ #include "includes.h" +#include "xmalloc.h" #include "ssh.h" -RCSID("$Id: fake-getaddrinfo.c,v 1.6 2003/05/14 11:48:51 dtucker Exp $"); +RCSID("$Id: fake-getaddrinfo.c,v 1.7 2003/05/18 14:13:39 djm Exp $"); #ifndef HAVE_GAI_STRERROR -char *gai_strerror(int ecode) +char * +gai_strerror(int err) { - switch (ecode) { - case EAI_NODATA: - return "no address associated with hostname."; - case EAI_MEMORY: - return "memory allocation failure."; - default: - return "unknown error."; + switch (err) { + case EAI_NODATA: + return ("no address associated with name"); + case EAI_MEMORY: + return ("memory allocation failure."); + default: + return ("unknown/invalid error."); } } #endif /* !HAVE_GAI_STRERROR */ #ifndef HAVE_FREEADDRINFO -void freeaddrinfo(struct addrinfo *ai) +void +freeaddrinfo(struct addrinfo *ai) { struct addrinfo *next; - do { - next = ai->ai_next; + for(;ai != NULL; next = ai->ai_next) { free(ai); - } while (NULL != (ai = next)); + ai = next; + } } #endif /* !HAVE_FREEADDRINFO */ #ifndef HAVE_GETADDRINFO -static struct addrinfo *malloc_ai(int port, u_long addr, - const struct addrinfo *hints) +static struct +addrinfo *malloc_ai(int port, u_long addr, const struct addrinfo *hints) { struct addrinfo *ai; - ai = malloc(sizeof(struct addrinfo) + sizeof(struct sockaddr_in)); - if (ai == NULL) - return(NULL); + ai = xmalloc(sizeof(*ai) + sizeof(struct sockaddr_in)); - memset(ai, 0, sizeof(struct addrinfo) + sizeof(struct sockaddr_in)); + memset(ai, '\0', sizeof(*ai) + sizeof(struct sockaddr_in)); ai->ai_addr = (struct sockaddr *)(ai + 1); /* XXX -- ssh doesn't use sa_len */ @@ -69,13 +70,13 @@ static struct addrinfo *malloc_ai(int port, u_long addr, if (hints->ai_protocol) ai->ai_protocol = hints->ai_protocol; - return(ai); + return (ai); } -int getaddrinfo(const char *hostname, const char *servname, - const struct addrinfo *hints, struct addrinfo **res) +int +getaddrinfo(const char *hostname, const char *servname, + const struct addrinfo *hints, struct addrinfo **res) { - struct addrinfo *cur, *prev = NULL; struct hostent *hp; struct servent *sp; struct in_addr in; @@ -100,37 +101,29 @@ int getaddrinfo(const char *hostname, const char *servname, addr = htonl(0x00000000); if (hostname && inet_aton(hostname, &in) != 0) addr = in.s_addr; - if (NULL != (*res = malloc_ai(port, addr, hints))) - return 0; - else - return EAI_MEMORY; + *res = malloc_ai(port, addr, hints); + return (0); } if (!hostname) { - if (NULL != (*res = malloc_ai(port, htonl(0x7f000001), hints))) - return 0; - else - return EAI_MEMORY; + *res = malloc_ai(port, htonl(0x7f000001), hints); + return (0); } if (inet_aton(hostname, &in)) { - if (NULL != (*res = malloc_ai(port, in.s_addr, hints))) - return 0; - else - return EAI_MEMORY; + *res = malloc_ai(port, in.s_addr, hints); + return (0); } hp = gethostbyname(hostname); if (hp && hp->h_name && hp->h_name[0] && hp->h_addr_list[0]) { + struct addrinfo *cur, *prev; + + cur = prev = NULL; for (i = 0; hp->h_addr_list[i]; i++) { - cur = malloc_ai(port, - ((struct in_addr *)hp->h_addr_list[i])->s_addr, hints); - if (cur == NULL) { - if (*res) - freeaddrinfo(*res); - return EAI_MEMORY; - } - + struct in_addr *in = (struct in_addr *)hp->h_addr_list[i]; + + cur = malloc_ai(port, in->s_addr, hints); if (prev) prev->ai_next = cur; else @@ -138,9 +131,9 @@ int getaddrinfo(const char *hostname, const char *servname, prev = cur; } - return 0; + return (0); } - return EAI_NODATA; + return (EAI_NODATA); } #endif /* !HAVE_GETADDRINFO */ diff --git a/openbsd-compat/fake-getnameinfo.c b/openbsd-compat/fake-getnameinfo.c index e255ed333..f3b0913de 100644 --- a/openbsd-compat/fake-getnameinfo.c +++ b/openbsd-compat/fake-getnameinfo.c @@ -12,7 +12,7 @@ #include "includes.h" #include "ssh.h" -RCSID("$Id: fake-getnameinfo.c,v 1.2 2001/02/09 01:55:36 djm Exp $"); +RCSID("$Id: fake-getnameinfo.c,v 1.3 2003/05/18 14:13:39 djm Exp $"); #ifndef HAVE_GETNAMEINFO int getnameinfo(const struct sockaddr *sa, size_t salen, char *host, @@ -22,34 +22,31 @@ int getnameinfo(const struct sockaddr *sa, size_t salen, char *host, struct hostent *hp; char tmpserv[16]; - if (serv) { + if (serv != NULL) { snprintf(tmpserv, sizeof(tmpserv), "%d", ntohs(sin->sin_port)); - if (strlen(tmpserv) >= servlen) - return EAI_MEMORY; - else - strcpy(serv, tmpserv); + if (strlcpy(serv, tmpserv, servlen) >= servlen) + return (EAI_MEMORY); } - if (host) { + if (host != NULL) { if (flags & NI_NUMERICHOST) { - if (strlen(inet_ntoa(sin->sin_addr)) >= hostlen) - return EAI_MEMORY; - - strcpy(host, inet_ntoa(sin->sin_addr)); - return 0; + if (strlcpy(host, inet_ntoa(sin->sin_addr), + hostlen) >= hostlen) + return (EAI_MEMORY); + else + return (0); } else { hp = gethostbyaddr((char *)&sin->sin_addr, - sizeof(struct in_addr), AF_INET); + sizeof(struct in_addr), AF_INET); if (hp == NULL) - return EAI_NODATA; + return (EAI_NODATA); - if (strlen(hp->h_name) >= hostlen) - return EAI_MEMORY; - - strcpy(host, hp->h_name); - return 0; + if (strlcpy(host, hp->h_name, hostlen) >= hostlen) + return (EAI_MEMORY); + else + return (0); } } - return 0; + return (0); } #endif /* !HAVE_GETNAMEINFO */ diff --git a/openbsd-compat/fake-getnameinfo.h b/openbsd-compat/fake-getnameinfo.h index c9b7908aa..7aaabc7f6 100644 --- a/openbsd-compat/fake-getnameinfo.h +++ b/openbsd-compat/fake-getnameinfo.h @@ -1,4 +1,4 @@ -/* $Id: fake-getnameinfo.h,v 1.2 2001/02/09 01:55:36 djm Exp $ */ +/* $Id: fake-getnameinfo.h,v 1.3 2003/05/18 14:13:39 djm Exp $ */ #ifndef _FAKE_GETNAMEINFO_H #define _FAKE_GETNAMEINFO_H @@ -6,8 +6,8 @@ #include "config.h" #ifndef HAVE_GETNAMEINFO -int getnameinfo(const struct sockaddr *sa, size_t salen, char *host, - size_t hostlen, char *serv, size_t servlen, int flags); +int getnameinfo(const struct sockaddr *, size_t, char *, size_t, + char *, size_t, int); #endif /* !HAVE_GETNAMEINFO */ #ifndef NI_MAXSERV diff --git a/openbsd-compat/port-aix.c b/openbsd-compat/port-aix.c index cddc0907f..7a42810e9 100644 --- a/openbsd-compat/port-aix.c +++ b/openbsd-compat/port-aix.c @@ -46,14 +46,18 @@ void aix_usrinfo(struct passwd *pw) { u_int i; + size_t len; char *cp; - cp = xmalloc(16 + 2 * strlen(pw->pw_name)); - i = sprintf(cp, "LOGNAME=%s%cNAME=%s%c", pw->pw_name, 0, - pw->pw_name, 0); + len = sizeof("LOGNAME= NAME= ") + (2 * strlen(pw->pw_name)); + cp = xmalloc(len); + + i = snprintf(cp, "LOGNAME=%s%cNAME=%s%c", pw->pw_name, '\0', + pw->pw_name, '\0', len); if (usrinfo(SETUINFO, cp, i) == -1) fatal("Couldn't set usrinfo: %s", strerror(errno)); debug3("AIX/UsrInfo: set len %d", i); + xfree(cp); } @@ -64,8 +68,9 @@ aix_usrinfo(struct passwd *pw) void record_failed_login(const char *user, const char *ttyname) { - loginfailed(user, - get_canonical_hostname(options.verify_reverse_mapping), ttyname); + char *hostname = get_canonical_hostname(options.verify_reverse_mapping); + + loginfailed(user, hostname, ttyname); } # endif /* CUSTOM_FAILED_LOGIN */ #endif /* _AIX */ diff --git a/openbsd-compat/port-irix.c b/openbsd-compat/port-irix.c index a63ec429a..1b212980d 100644 --- a/openbsd-compat/port-irix.c +++ b/openbsd-compat/port-irix.c @@ -1,15 +1,19 @@ +/* XXX - BSD license here */ + #include "includes.h" -#if defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) +#if defined(WITH_IRIX_PROJECT) || \ + defined(WITH_IRIX_JOBS) || \ + defined(WITH_IRIX_ARRAY) #ifdef WITH_IRIX_PROJECT -#include +# include #endif /* WITH_IRIX_PROJECT */ #ifdef WITH_IRIX_JOBS -#include +# include #endif #ifdef WITH_IRIX_AUDIT -#include +# include #endif /* WITH_IRIX_AUDIT */ void @@ -17,14 +21,12 @@ irix_setusercontext(struct passwd *pw) { #ifdef WITH_IRIX_PROJECT prid_t projid; -#endif /* WITH_IRIX_PROJECT */ +#endif #ifdef WITH_IRIX_JOBS jid_t jid = 0; -#else -# ifdef WITH_IRIX_ARRAY +#elif defined(WITH_IRIX_ARRAY) int jid = 0; -# endif /* WITH_IRIX_ARRAY */ -#endif /* WITH_IRIX_JOBS */ +#endif #ifdef WITH_IRIX_JOBS jid = jlimit_startjob(pw->pw_name, pw->pw_uid, "interactive"); diff --git a/openbsd-compat/port-irix.h b/openbsd-compat/port-irix.h index 2dd3c2e25..fd9f09e6c 100644 --- a/openbsd-compat/port-irix.h +++ b/openbsd-compat/port-irix.h @@ -1,5 +1,14 @@ -#if defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) +/* XXX - BSD license */ + +#ifndef _PORT_IRIX_H +#define _PORT_IRIX_H + +#if defined(WITH_IRIX_PROJECT) || \ + defined(WITH_IRIX_JOBS) || \ + defined(WITH_IRIX_ARRAY) void irix_setusercontext(struct passwd *pw); #endif /* defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) */ + +#endif /* ! _PORT_IRIX_H */ diff --git a/openbsd-compat/vis.c b/openbsd-compat/vis.c index 0d15886f0..92b2ac498 100644 --- a/openbsd-compat/vis.c +++ b/openbsd-compat/vis.c @@ -38,6 +38,7 @@ static char rcsid[] = "$OpenBSD: vis.c,v 1.11 2003/05/14 05:16:43 pjanzen Exp $" #endif /* LIBC_SCCS and not lint */ #include +#include #include "vis.h" -- cgit v1.2.3 From 3867bf3e7a8b9ec6b49a07a7728797e96eae8aa5 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Mon, 19 May 2003 09:33:15 +1000 Subject: unfuck --- openbsd-compat/port-aix.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'openbsd-compat/port-aix.c') diff --git a/openbsd-compat/port-aix.c b/openbsd-compat/port-aix.c index 7a42810e9..f192a4e79 100644 --- a/openbsd-compat/port-aix.c +++ b/openbsd-compat/port-aix.c @@ -52,8 +52,8 @@ aix_usrinfo(struct passwd *pw) len = sizeof("LOGNAME= NAME= ") + (2 * strlen(pw->pw_name)); cp = xmalloc(len); - i = snprintf(cp, "LOGNAME=%s%cNAME=%s%c", pw->pw_name, '\0', - pw->pw_name, '\0', len); + i = snprintf(cp, len, "LOGNAME=%s%cNAME=%s%c", pw->pw_name, '\0', + pw->pw_name, '\0'); if (usrinfo(SETUINFO, cp, i) == -1) fatal("Couldn't set usrinfo: %s", strerror(errno)); debug3("AIX/UsrInfo: set len %d", i); -- cgit v1.2.3 From eb28cbc3996a7a6157f7637ed2270555a32cc292 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 3 Jun 2003 12:45:27 +1000 Subject: - (dtucker) [port-aix.c bsd-cray.c] Fix uses of verify_reverse_mapping. --- ChangeLog | 3 ++- openbsd-compat/bsd-cray.c | 6 +++--- openbsd-compat/port-aix.c | 2 +- 3 files changed, 6 insertions(+), 5 deletions(-) (limited to 'openbsd-compat/port-aix.c') diff --git a/ChangeLog b/ChangeLog index dacdfbb00..1881189c7 100644 --- a/ChangeLog +++ b/ChangeLog @@ -14,6 +14,7 @@ - (djm) Fix portable-specific uses of verify_reverse_mapping too - (djm) Sync openbsd-compat with OpenBSD CVS. - No more 4-term BSD licenses in our tree + - (dtucker) [port-aix.c bsd-cray.c] Fix uses of verify_reverse_mapping. 20030602 - (djm) Fix segv from bad reordering in auth-pam.c @@ -420,4 +421,4 @@ - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo. Report from murple@murple.net, diagnosis from dtucker@zip.com.au -$Id: ChangeLog,v 1.2767 2003/06/03 02:43:14 djm Exp $ +$Id: ChangeLog,v 1.2768 2003/06/03 02:45:27 dtucker Exp $ diff --git a/openbsd-compat/bsd-cray.c b/openbsd-compat/bsd-cray.c index bff0fea3a..f2ac428cc 100644 --- a/openbsd-compat/bsd-cray.c +++ b/openbsd-compat/bsd-cray.c @@ -1,5 +1,5 @@ /* - * $Id: bsd-cray.c,v 1.11 2003/05/18 14:13:38 djm Exp $ + * $Id: bsd-cray.c,v 1.12 2003/06/03 02:45:27 dtucker Exp $ * * bsd-cray.c * @@ -103,7 +103,7 @@ cray_login_failure(char *username, int errcode) memset(&fsent, '\0', sizeof(fsent)); fsent.revision = 0; fsent.uname = username; - fsent.host = (char *)get_canonical_hostname(options.verify_reverse_mapping); + fsent.host = (char *)get_canonical_hostname(options.use_dns); fsent.ttyn = "sshd"; fsent.caller = IA_SSHD; fsent.flags = IA_INTERACTIVE; @@ -199,7 +199,7 @@ cray_setup (uid_t uid, char *username, const char *command) } hostname[0] = '\0'; strlcpy(hostname, - (char *)get_canonical_hostname(options.verify_reverse_mapping), + (char *)get_canonical_hostname(options.use_dns), MAXHOSTNAMELEN); /* * Fetch user's UDB entry. diff --git a/openbsd-compat/port-aix.c b/openbsd-compat/port-aix.c index f192a4e79..b4c9454a1 100644 --- a/openbsd-compat/port-aix.c +++ b/openbsd-compat/port-aix.c @@ -68,7 +68,7 @@ aix_usrinfo(struct passwd *pw) void record_failed_login(const char *user, const char *ttyname) { - char *hostname = get_canonical_hostname(options.verify_reverse_mapping); + char *hostname = get_canonical_hostname(options.use_dns); loginfailed(user, hostname, ttyname); } -- cgit v1.2.3 From a0c0b6311210e0cddfb1b038bd7b37f5a298ef3e Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 8 Jul 2003 20:52:12 +1000 Subject: - (dtucker) [acconfig.h auth-passwd.c configure.ac session.c port-aix.[ch]] Include AIX headers for authentication functions and make calls match prototypes. Test for and handle 3-args and 4-arg variants of loginfailed. --- ChangeLog | 7 ++++++- acconfig.h | 5 ++++- auth-passwd.c | 4 +--- configure.ac | 23 ++++++++++++++++++----- openbsd-compat/port-aix.c | 6 +++++- openbsd-compat/port-aix.h | 9 +++++++++ session.c | 2 +- 7 files changed, 44 insertions(+), 12 deletions(-) (limited to 'openbsd-compat/port-aix.c') diff --git a/ChangeLog b/ChangeLog index 266756fe3..ea4d4ac20 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +20030708 + - (dtucker) [acconfig.h auth-passwd.c configure.ac session.c port-aix.[ch]] + Include AIX headers for authentication functions and make calls match + prototypes. Test for and handle 3-args and 4-arg variants of loginfailed. + 20030707 - (dtucker) [configure.ac] Bug #600: Check that getrusage is declared before searching libraries for it. Fixes build errors on NCR MP-RAS. @@ -662,4 +667,4 @@ - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo. Report from murple@murple.net, diagnosis from dtucker@zip.com.au -$Id: ChangeLog,v 1.2846 2003/07/07 09:44:01 dtucker Exp $ +$Id: ChangeLog,v 1.2847 2003/07/08 10:52:12 dtucker Exp $ diff --git a/acconfig.h b/acconfig.h index e6f5ebbbd..23cc9c817 100644 --- a/acconfig.h +++ b/acconfig.h @@ -1,4 +1,4 @@ -/* $Id: acconfig.h,v 1.157 2003/06/11 12:51:32 djm Exp $ */ +/* $Id: acconfig.h,v 1.158 2003/07/08 10:52:13 dtucker Exp $ */ /* * Copyright (c) 1999-2003 Damien Miller. All rights reserved. @@ -110,6 +110,9 @@ /* Define if you want to enable AIX4's authenticate function */ #undef WITH_AIXAUTHENTICATE +/* Define if your AIX loginfailed() function takes 3 arguments (AIX <= 5.1) */ +#undef AIX_LOGINFAILED_3ARG + /* Define if you have/want arrays (cluster-wide session managment, not C arrays) */ #undef WITH_IRIX_ARRAY diff --git a/auth-passwd.c b/auth-passwd.c index 9a94c373f..ea65a0125 100644 --- a/auth-passwd.c +++ b/auth-passwd.c @@ -42,15 +42,13 @@ RCSID("$OpenBSD: auth-passwd.c,v 1.27 2002/05/24 16:45:16 stevesk Exp $"); #include "log.h" #include "servconf.h" #include "auth.h" +#include "canohost.h" #if !defined(HAVE_OSF_SIA) /* Don't need any of these headers for the SIA cases */ # ifdef HAVE_CRYPT_H # include # endif -# ifdef WITH_AIXAUTHENTICATE -# include -# endif # ifdef __hpux # include # include diff --git a/configure.ac b/configure.ac index 8d9143e6c..431c6446b 100644 --- a/configure.ac +++ b/configure.ac @@ -1,4 +1,4 @@ -# $Id: configure.ac,v 1.131 2003/07/07 09:44:01 dtucker Exp $ +# $Id: configure.ac,v 1.132 2003/07/08 10:52:13 dtucker Exp $ AC_INIT AC_CONFIG_SRCDIR([ssh.c]) @@ -75,12 +75,25 @@ case "$host" in AC_MSG_RESULT($blibflags) fi LDFLAGS="$saved_LDFLAGS" - AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE)], + # Check for authenticate. Might be in libs.a on older AIXes + AC_CHECK_FUNC(authenticate, [with_aixauthenticate=1], [AC_CHECK_LIB(s,authenticate, - [ AC_DEFINE(WITH_AIXAUTHENTICATE) + [ with_aixaixauthenticate=1 LIBS="$LIBS -ls" ]) ]) + # Check if loginfailed takes 3 arguments (AIX <= 5.1) + if (test "x$with_aixauthenticate" = "x1" ); then + AC_DEFINE(WITH_AIXAUTHENTICATE) + AC_MSG_CHECKING(if loginfailed takes 3 arguments) + AC_TRY_COMPILE( + [#include ], + [(void)loginfailed("user","host","tty");], + [AC_MSG_RESULT(yes) + AC_DEFINE(AIX_LOGINFAILED_3ARG)], + [AC_MSG_RESULT(no)] + ) + fi AC_DEFINE(BROKEN_GETADDRINFO) AC_DEFINE(BROKEN_REALPATH) dnl AIX handles lastlog as part of its login message @@ -456,8 +469,8 @@ AC_CHECK_HEADERS(bstring.h crypt.h endian.h features.h floatingpoint.h \ login_cap.h maillock.h netdb.h netgroup.h \ netinet/in_systm.h paths.h pty.h readpassphrase.h \ rpc/types.h security/pam_appl.h shadow.h stddef.h stdint.h \ - strings.h sys/strtio.h sys/bitypes.h sys/bsdtty.h sys/cdefs.h \ - sys/mman.h sys/pstat.h sys/select.h sys/stat.h \ + strings.h sys/strtio.h sys/audit.h sys/bitypes.h sys/bsdtty.h \ + sys/cdefs.h sys/mman.h sys/pstat.h sys/select.h sys/stat.h \ sys/stropts.h sys/sysmacros.h sys/time.h sys/timers.h \ sys/un.h time.h tmpdir.h ttyent.h usersec.h \ util.h utime.h utmp.h utmpx.h) diff --git a/openbsd-compat/port-aix.c b/openbsd-compat/port-aix.c index b4c9454a1..c8d9517b6 100644 --- a/openbsd-compat/port-aix.c +++ b/openbsd-compat/port-aix.c @@ -70,7 +70,11 @@ record_failed_login(const char *user, const char *ttyname) { char *hostname = get_canonical_hostname(options.use_dns); - loginfailed(user, hostname, ttyname); +# ifdef AIX_LOGINFAILED_3ARG + loginfailed((char *)user, hostname, (char *)ttyname); +# else + loginfailed((char *)user, hostname, (char *)ttyname, AUDIT_FAIL_AUTH); +# endif } # endif /* CUSTOM_FAILED_LOGIN */ #endif /* _AIX */ diff --git a/openbsd-compat/port-aix.h b/openbsd-compat/port-aix.h index 2254e7462..2787d919d 100644 --- a/openbsd-compat/port-aix.h +++ b/openbsd-compat/port-aix.h @@ -26,6 +26,15 @@ #ifdef _AIX +#ifdef WITH_AIXAUTHENTICATE +# include +# include +# include +# ifdef HAVE_SYS_AUDIT_H +# include +# endif +#endif + /* AIX 4.2.x doesn't have nanosleep but does have nsleep which is equivalent */ #if !defined(HAVE_NANOSLEEP) && defined(HAVE_NSLEEP) # define nanosleep(a,b) nsleep(a,b) diff --git a/session.c b/session.c index dc9777de9..ac57c3d0f 100644 --- a/session.c +++ b/session.c @@ -1215,7 +1215,7 @@ do_setusercontext(struct passwd *pw) { #ifdef HAVE_SETPCRED - setpcred(pw->pw_name); + setpcred(pw->pw_name, (char **)NULL); #endif /* HAVE_SETPCRED */ #ifdef HAVE_LOGIN_CAP # ifdef __bsdi__ -- cgit v1.2.3 From b9aa0a0baa33efb06a773de18f2b45c12c15cbaf Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 8 Jul 2003 22:59:59 +1000 Subject: - (dtucker) [auth-passwd.c auth.c session.c sshd.c port-aix.c port-aix.h] Convert aixloginmsg into platform-independant Buffer loginmsg. --- ChangeLog | 6 ++++-- auth-passwd.c | 28 +++++++++++++++++++++------- auth.c | 37 ++++++++++++++++--------------------- openbsd-compat/port-aix.c | 22 ++++++++++++++++++++++ openbsd-compat/port-aix.h | 1 + session.c | 16 ++++++++-------- sshd.c | 6 ++++++ 7 files changed, 78 insertions(+), 38 deletions(-) (limited to 'openbsd-compat/port-aix.c') diff --git a/ChangeLog b/ChangeLog index 58b188eb3..89adc1266 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,7 +2,9 @@ - (dtucker) [acconfig.h auth-passwd.c configure.ac session.c port-aix.[ch]] Include AIX headers for authentication functions and make calls match prototypes. Test for and handle 3-args and 4-arg variants of loginfailed. - - (dtucker) Check return value of setpcred(). + - (dtucker) [session.c] Check return value of setpcred(). + - (dtucker) [auth-passwd.c auth.c session.c sshd.c port-aix.c port-aix.h] + Convert aixloginmsg into platform-independant Buffer loginmsg. 20030707 - (dtucker) [configure.ac] Bug #600: Check that getrusage is declared before @@ -668,4 +670,4 @@ - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo. Report from murple@murple.net, diagnosis from dtucker@zip.com.au -$Id: ChangeLog,v 1.2848 2003/07/08 11:01:04 dtucker Exp $ +$Id: ChangeLog,v 1.2849 2003/07/08 12:59:59 dtucker Exp $ diff --git a/auth-passwd.c b/auth-passwd.c index ea65a0125..f078eddd5 100644 --- a/auth-passwd.c +++ b/auth-passwd.c @@ -42,6 +42,8 @@ RCSID("$OpenBSD: auth-passwd.c,v 1.27 2002/05/24 16:45:16 stevesk Exp $"); #include "log.h" #include "servconf.h" #include "auth.h" +#include "buffer.h" +#include "xmalloc.h" #include "canohost.h" #if !defined(HAVE_OSF_SIA) @@ -79,9 +81,7 @@ RCSID("$OpenBSD: auth-passwd.c,v 1.27 2002/05/24 16:45:16 stevesk Exp $"); #endif /* !HAVE_OSF_SIA */ extern ServerOptions options; -#ifdef WITH_AIXAUTHENTICATE -extern char *aixloginmsg; -#endif +extern Buffer loginmsg; /* * Tries to authenticate the user using password. Returns true if @@ -149,15 +149,29 @@ auth_password(Authctxt *authctxt, const char *password) # endif # ifdef WITH_AIXAUTHENTICATE authsuccess = (authenticate(pw->pw_name,password,&reenter,&authmsg) == 0); + aix_remove_embedded_newlines(authmsg); if (authsuccess) { + char *msg; + char *host = (char *)get_canonical_hostname(options.use_dns); + + debug3("AIX/authenticate succeeded for user %s: %.100s", + pw->pw_name, authmsg); + /* We don't have a pty yet, so just label the line as "ssh" */ - if (loginsuccess(authctxt->user, - get_canonical_hostname(options.use_dns), - "ssh", &aixloginmsg) < 0) { - aixloginmsg = NULL; + if (loginsuccess(authctxt->user, host, "ssh", &msg) == 0){ + if (msg != NULL) { + debug("%s: msg %s", __func__, msg); + buffer_append(&loginmsg, msg, strlen(msg)); + xfree(msg); + } } + } else { + debug3("AIX/authenticate failed for user %s: %.100s", + pw->pw_name, authmsg); } + if (authmsg != NULL) + xfree(authmsg); return (authsuccess); # endif diff --git a/auth.c b/auth.c index 6b48addf7..d4768a154 100644 --- a/auth.c +++ b/auth.c @@ -54,6 +54,7 @@ RCSID("$OpenBSD: auth.c,v 1.48 2003/06/02 09:17:34 markus Exp $"); /* import */ extern ServerOptions options; +extern Buffer loginmsg; /* Debugging messages */ Buffer auth_debug; @@ -75,9 +76,6 @@ allowed_user(struct passwd * pw) const char *hostname = NULL, *ipaddr = NULL; char *shell; int i; -#ifdef WITH_AIXAUTHENTICATE - char *loginmsg; -#endif /* WITH_AIXAUTHENTICATE */ #if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) && \ defined(HAS_SHADOW_EXPIRE) struct spwd *spw; @@ -206,26 +204,23 @@ allowed_user(struct passwd * pw) * PermitRootLogin to control logins via ssh), or if running as * non-root user (since loginrestrictions will always fail). */ - if ((pw->pw_uid != 0) && (geteuid() == 0) && - loginrestrictions(pw->pw_name, S_RLOGIN, NULL, &loginmsg) != 0) { - int loginrestrict_errno = errno; - - if (loginmsg && *loginmsg) { - /* Remove embedded newlines (if any) */ - char *p; - for (p = loginmsg; *p; p++) { - if (*p == '\n') - *p = ' '; + if ((pw->pw_uid != 0) && (geteuid() == 0)) { + char *msg; + + if (loginrestrictions(pw->pw_name, S_RLOGIN, NULL, &msg) != 0) { + int loginrestrict_errno = errno; + + if (msg && *msg) { + buffer_append(&loginmsg, msg, strlen(msg)); + aix_remove_embedded_newlines(msg); + logit("Login restricted for %s: %.100s", + pw->pw_name, msg); } - /* Remove trailing newline */ - *--p = '\0'; - logit("Login restricted for %s: %.100s", pw->pw_name, - loginmsg); + /* Don't fail if /etc/nologin set */ + if (!(loginrestrict_errno == EPERM && + stat(_PATH_NOLOGIN, &st) == 0)) + return 0; } - /* Don't fail if /etc/nologin set */ - if (!(loginrestrict_errno == EPERM && - stat(_PATH_NOLOGIN, &st) == 0)) - return 0; } #endif /* WITH_AIXAUTHENTICATE */ diff --git a/openbsd-compat/port-aix.c b/openbsd-compat/port-aix.c index c8d9517b6..cc6190cb8 100644 --- a/openbsd-compat/port-aix.c +++ b/openbsd-compat/port-aix.c @@ -61,6 +61,28 @@ aix_usrinfo(struct passwd *pw) xfree(cp); } +#ifdef WITH_AIXAUTHENTICATE +/* + * Remove embedded newlines in string (if any). + * Used before logging messages returned by AIX authentication functions + * so the message is logged on one line. + */ +void +aix_remove_embedded_newlines(char *p) +{ + if (p == NULL) + return; + + for (; *p; p++) { + if (*p == '\n') + *p = ' '; + } + /* Remove trailing whitespace */ + if (*--p == ' ') + *p = '\0'; +} +#endif /* WITH_AIXAUTHENTICATE */ + # ifdef CUSTOM_FAILED_LOGIN /* * record_failed_login: generic "login failed" interface function diff --git a/openbsd-compat/port-aix.h b/openbsd-compat/port-aix.h index 2787d919d..4627a82f0 100644 --- a/openbsd-compat/port-aix.h +++ b/openbsd-compat/port-aix.h @@ -51,4 +51,5 @@ void record_failed_login(const char *user, const char *ttyname); #endif void aix_usrinfo(struct passwd *pw); +void aix_remove_embedded_newlines(char *); #endif /* _AIX */ diff --git a/session.c b/session.c index e9cf7e959..4b443831b 100644 --- a/session.c +++ b/session.c @@ -95,6 +95,7 @@ extern int debug_flag; extern u_int utmp_len; extern int startup_pipe; extern void destroy_sensitive_data(void); +extern Buffer loginmsg; /* original command from peer. */ const char *original_command = NULL; @@ -103,10 +104,6 @@ const char *original_command = NULL; #define MAX_SESSIONS 10 Session sessions[MAX_SESSIONS]; -#ifdef WITH_AIXAUTHENTICATE -char *aixloginmsg; -#endif /* WITH_AIXAUTHENTICATE */ - #ifdef HAVE_LOGIN_CAP login_cap_t *lc; #endif @@ -770,10 +767,13 @@ do_login(Session *s, const char *command) if (options.use_pam && !is_pam_password_change_required()) print_pam_messages(); #endif /* USE_PAM */ -#ifdef WITH_AIXAUTHENTICATE - if (aixloginmsg && *aixloginmsg) - printf("%s\n", aixloginmsg); -#endif /* WITH_AIXAUTHENTICATE */ + + /* display post-login message */ + if (buffer_len(&loginmsg) > 0) { + buffer_append(&loginmsg, "\0", 1); + printf("%s\n", (char *)buffer_ptr(&loginmsg)); + } + buffer_free(&loginmsg); #ifndef NO_SSH_LASTLOG if (options.print_lastlog && s->last_login_time != 0) { diff --git a/sshd.c b/sshd.c index fafe0c66d..14cd4a27f 100644 --- a/sshd.c +++ b/sshd.c @@ -201,6 +201,9 @@ int startup_pipe; /* in child */ int use_privsep; struct monitor *pmonitor; +/* message to be displayed after login */ +Buffer loginmsg; + /* Prototypes for various functions defined later in this file. */ void destroy_sensitive_data(void); void demote_sensitive_data(void); @@ -1501,6 +1504,9 @@ main(int ac, char **av) packet_set_nonblocking(); + /* prepare buffers to collect authentication messages */ + buffer_init(&loginmsg); + if (use_privsep) if ((authctxt = privsep_preauth()) != NULL) goto authenticated; -- cgit v1.2.3 From 5c6a91a39d83f2fe68de28d9635076dd4066d7e2 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 14 Jul 2003 16:21:44 +1000 Subject: - (dtucker) [acconfig.h configure.ac port-aix.c] Older AIXes don't declare loginfailed at all, so assume 3-arg loginfailed if not declared. --- ChangeLog | 8 ++++++-- acconfig.h | 6 +++--- configure.ac | 29 +++++++++++++++-------------- openbsd-compat/port-aix.c | 6 +++--- 4 files changed, 27 insertions(+), 22 deletions(-) (limited to 'openbsd-compat/port-aix.c') diff --git a/ChangeLog b/ChangeLog index 89adc1266..cddfe3c32 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,7 +1,11 @@ +20030714 + - (dtucker) [acconfig.h configure.ac port-aix.c] Older AIXes don't declare + loginfailed at all, so assume 3-arg loginfailed if not declared. + 20030708 - (dtucker) [acconfig.h auth-passwd.c configure.ac session.c port-aix.[ch]] Include AIX headers for authentication functions and make calls match - prototypes. Test for and handle 3-args and 4-arg variants of loginfailed. + prototypes. Test for and handle 3-arg and 4-arg variants of loginfailed. - (dtucker) [session.c] Check return value of setpcred(). - (dtucker) [auth-passwd.c auth.c session.c sshd.c port-aix.c port-aix.h] Convert aixloginmsg into platform-independant Buffer loginmsg. @@ -670,4 +674,4 @@ - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo. Report from murple@murple.net, diagnosis from dtucker@zip.com.au -$Id: ChangeLog,v 1.2849 2003/07/08 12:59:59 dtucker Exp $ +$Id: ChangeLog,v 1.2850 2003/07/14 06:21:44 dtucker Exp $ diff --git a/acconfig.h b/acconfig.h index 23cc9c817..0af93663c 100644 --- a/acconfig.h +++ b/acconfig.h @@ -1,4 +1,4 @@ -/* $Id: acconfig.h,v 1.158 2003/07/08 10:52:13 dtucker Exp $ */ +/* $Id: acconfig.h,v 1.159 2003/07/14 06:21:44 dtucker Exp $ */ /* * Copyright (c) 1999-2003 Damien Miller. All rights reserved. @@ -110,8 +110,8 @@ /* Define if you want to enable AIX4's authenticate function */ #undef WITH_AIXAUTHENTICATE -/* Define if your AIX loginfailed() function takes 3 arguments (AIX <= 5.1) */ -#undef AIX_LOGINFAILED_3ARG +/* Define if your AIX loginfailed() function takes 4 arguments (AIX >= 5.2) */ +#undef AIX_LOGINFAILED_4ARG /* Define if you have/want arrays (cluster-wide session managment, not C arrays) */ #undef WITH_IRIX_ARRAY diff --git a/configure.ac b/configure.ac index 431c6446b..8a23469ad 100644 --- a/configure.ac +++ b/configure.ac @@ -1,4 +1,4 @@ -# $Id: configure.ac,v 1.132 2003/07/08 10:52:13 dtucker Exp $ +# $Id: configure.ac,v 1.133 2003/07/14 06:21:44 dtucker Exp $ AC_INIT AC_CONFIG_SRCDIR([ssh.c]) @@ -75,25 +75,26 @@ case "$host" in AC_MSG_RESULT($blibflags) fi LDFLAGS="$saved_LDFLAGS" - # Check for authenticate. Might be in libs.a on older AIXes - AC_CHECK_FUNC(authenticate, [with_aixauthenticate=1], + dnl Check for authenticate. Might be in libs.a on older AIXes + AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE)], [AC_CHECK_LIB(s,authenticate, - [ with_aixaixauthenticate=1 + [ AC_DEFINE(WITH_AIXAUTHENTICATE) LIBS="$LIBS -ls" ]) ]) - # Check if loginfailed takes 3 arguments (AIX <= 5.1) - if (test "x$with_aixauthenticate" = "x1" ); then - AC_DEFINE(WITH_AIXAUTHENTICATE) - AC_MSG_CHECKING(if loginfailed takes 3 arguments) - AC_TRY_COMPILE( + dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2) + AC_CHECK_DECL(loginfailed, + [AC_MSG_CHECKING(if loginfailed takes 4 arguments) + AC_TRY_COMPILE( [#include ], - [(void)loginfailed("user","host","tty");], - [AC_MSG_RESULT(yes) - AC_DEFINE(AIX_LOGINFAILED_3ARG)], + [(void)loginfailed("user","host","tty",0);], + [AC_MSG_RESULT(yes) + AC_DEFINE(AIX_LOGINFAILED_4ARG)], [AC_MSG_RESULT(no)] - ) - fi + )], + [], + [#include ] + ) AC_DEFINE(BROKEN_GETADDRINFO) AC_DEFINE(BROKEN_REALPATH) dnl AIX handles lastlog as part of its login message diff --git a/openbsd-compat/port-aix.c b/openbsd-compat/port-aix.c index cc6190cb8..562923720 100644 --- a/openbsd-compat/port-aix.c +++ b/openbsd-compat/port-aix.c @@ -92,10 +92,10 @@ record_failed_login(const char *user, const char *ttyname) { char *hostname = get_canonical_hostname(options.use_dns); -# ifdef AIX_LOGINFAILED_3ARG - loginfailed((char *)user, hostname, (char *)ttyname); -# else +# ifdef AIX_LOGINFAILED_4ARG loginfailed((char *)user, hostname, (char *)ttyname, AUDIT_FAIL_AUTH); +# else + loginfailed((char *)user, hostname, (char *)ttyname); # endif } # endif /* CUSTOM_FAILED_LOGIN */ -- cgit v1.2.3 From fc3454ee6752333ce7af349b71be12aa9cbe4fcc Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 14 Jul 2003 16:41:55 +1000 Subject: - (dtucker) Bug #543: [configure.ac port-aix.c port-aix.h] Call setauthdb() before loginfailed(), which may load password registry- specific functions. Based on patch by cawlfiel@us.ibm.com. --- CREDITS | 3 ++- ChangeLog | 5 ++++- configure.ac | 3 ++- openbsd-compat/port-aix.c | 38 ++++++++++++++++++++++++++++++++++++++ openbsd-compat/port-aix.h | 1 + 5 files changed, 47 insertions(+), 3 deletions(-) (limited to 'openbsd-compat/port-aix.c') diff --git a/CREDITS b/CREDITS index 6434e5d35..d52c7cbcb 100644 --- a/CREDITS +++ b/CREDITS @@ -49,6 +49,7 @@ Juergen Keil - scp bugfixing KAMAHARA Junzo - Configure fixes Kees Cook - scp fixes Kenji Miyake - Configure fixes +Kevin Cawlfield - AIX fixes. Kevin O'Connor - RSAless operation Kevin Steves - HP support, bugfixes, improvements Kiyokazu SUTO - Bugfixes @@ -92,5 +93,5 @@ Apologies to anyone I have missed. Damien Miller -$Id: CREDITS,v 1.69 2003/06/28 04:27:29 dtucker Exp $ +$Id: CREDITS,v 1.70 2003/07/14 06:41:55 dtucker Exp $ diff --git a/ChangeLog b/ChangeLog index 884dd6360..28003b960 100644 --- a/ChangeLog +++ b/ChangeLog @@ -3,6 +3,9 @@ loginfailed at all, so assume 3-arg loginfailed if not declared. - (dtucker) [port-aix.h] Work around name collision on AIX for r_type by undef'ing it. + - (dtucker) Bug #543: [configure.ac port-aix.c port-aix.h] + Call setauthdb() before loginfailed(), which may load password registry- + specific functions. Based on patch by cawlfiel@us.ibm.com. 20030708 - (dtucker) [acconfig.h auth-passwd.c configure.ac session.c port-aix.[ch]] @@ -676,4 +679,4 @@ - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo. Report from murple@murple.net, diagnosis from dtucker@zip.com.au -$Id: ChangeLog,v 1.2851 2003/07/14 06:26:51 dtucker Exp $ +$Id: ChangeLog,v 1.2852 2003/07/14 06:41:55 dtucker Exp $ diff --git a/configure.ac b/configure.ac index 8a23469ad..516a24437 100644 --- a/configure.ac +++ b/configure.ac @@ -1,4 +1,4 @@ -# $Id: configure.ac,v 1.133 2003/07/14 06:21:44 dtucker Exp $ +# $Id: configure.ac,v 1.134 2003/07/14 06:41:55 dtucker Exp $ AC_INIT AC_CONFIG_SRCDIR([ssh.c]) @@ -95,6 +95,7 @@ case "$host" in [], [#include ] ) + AC_CHECK_FUNCS(setauthdb) AC_DEFINE(BROKEN_GETADDRINFO) AC_DEFINE(BROKEN_REALPATH) dnl AIX handles lastlog as part of its login message diff --git a/openbsd-compat/port-aix.c b/openbsd-compat/port-aix.c index 562923720..7a981634b 100644 --- a/openbsd-compat/port-aix.c +++ b/openbsd-compat/port-aix.c @@ -32,6 +32,7 @@ #include #include <../xmalloc.h> +#include "port-aix.h" extern ServerOptions options; @@ -92,12 +93,49 @@ record_failed_login(const char *user, const char *ttyname) { char *hostname = get_canonical_hostname(options.use_dns); + if (geteuid() != 0) + return; + + aix_setauthdb(user); # ifdef AIX_LOGINFAILED_4ARG loginfailed((char *)user, hostname, (char *)ttyname, AUDIT_FAIL_AUTH); # else loginfailed((char *)user, hostname, (char *)ttyname); # endif } + +/* + * If we have setauthdb, retrieve the password registry for the user's + * account then feed it to setauthdb. This may load registry-specific method + * code. If we don't have setauthdb or have already called it this is a no-op. + */ +void +aix_setauthdb(const char *user) +{ +# ifdef HAVE_SETAUTHDB + static char *registry = NULL; + + if (registry != NULL) /* have already done setauthdb */ + return; + + if (setuserdb(S_READ) == -1) { + debug3("%s: Could not open userdb to read", __func__); + return; + } + + if (getuserattr((char *)user, S_REGISTRY, ®istry, SEC_CHAR) == 0) { + if (setauthdb(registry, NULL) == 0) + debug3("%s: AIX/setauthdb set registry %s", __func__, + registry); + else + debug3("%s: AIX/setauthdb set registry %s failed: %s", + __func__, registry, strerror(errno)); + } else + debug3("%s: Could not read S_REGISTRY for user: %s", __func__, + strerror(errno)); + enduserdb(); +# endif +} # endif /* CUSTOM_FAILED_LOGIN */ #endif /* _AIX */ diff --git a/openbsd-compat/port-aix.h b/openbsd-compat/port-aix.h index 2e5def54e..25ceb5b19 100644 --- a/openbsd-compat/port-aix.h +++ b/openbsd-compat/port-aix.h @@ -53,6 +53,7 @@ #ifdef WITH_AIXAUTHENTICATE # define CUSTOM_FAILED_LOGIN 1 void record_failed_login(const char *user, const char *ttyname); +void aix_setauthdb(const char *); #endif void aix_usrinfo(struct passwd *pw); -- cgit v1.2.3 From 537d716831e65176b7ec1ac52b7ea370d1e9e7c0 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 22 Sep 2003 13:05:48 +1000 Subject: - (dtucker) [openbsd-compat/port-aix.c] Use correct include for xmalloc.h, add canohost.h to stop warning. Based on patch from openssh-unix-dev at thewrittenword.com --- ChangeLog | 5 ++++- openbsd-compat/port-aix.c | 3 ++- 2 files changed, 6 insertions(+), 2 deletions(-) (limited to 'openbsd-compat/port-aix.c') diff --git a/ChangeLog b/ChangeLog index 29951f6d5..fb121b124 100644 --- a/ChangeLog +++ b/ChangeLog @@ -19,6 +19,9 @@ - (dtucker) [uidswap.c] Don't test restoration of uid on Cygwin since the OS does not support permanently dropping privileges. Patch from vinschen at redhat.com. + - (dtucker) [openbsd-compat/port-aix.c] Use correct include for xmalloc.h, + add canohost.h to stop warning. Based on patch from openssh-unix-dev at + thewrittenword.com 20030919 - (djm) Bug #683: Remove reference to --with-ipv4-default from INSTALL; @@ -1151,4 +1154,4 @@ - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo. Report from murple@murple.net, diagnosis from dtucker@zip.com.au -$Id: ChangeLog,v 1.2994.2.21 2003/09/22 02:55:20 dtucker Exp $ +$Id: ChangeLog,v 1.2994.2.22 2003/09/22 03:05:48 dtucker Exp $ diff --git a/openbsd-compat/port-aix.c b/openbsd-compat/port-aix.c index 7a981634b..9fbcce936 100644 --- a/openbsd-compat/port-aix.c +++ b/openbsd-compat/port-aix.c @@ -27,11 +27,12 @@ #include "ssh.h" #include "log.h" #include "servconf.h" +#include "canohost.h" +#include "xmalloc.h" #ifdef _AIX #include -#include <../xmalloc.h> #include "port-aix.h" extern ServerOptions options; -- cgit v1.2.3