From 73b42d2bb058da914828b53f2951954560a5b6eb Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Sat, 22 Apr 2006 21:26:08 +1000 Subject: - (djm) [Makefile.in configure.ac session.c sshpty.c] [contrib/redhat/sshd.init openbsd-compat/Makefile.in] [openbsd-compat/openbsd-compat.h openbsd-compat/port-linux.c] [openbsd-compat/port-linux.h] Add support for SELinux, setting the execution and TTY contexts. based on patch from Daniel Walsh, bz #880; ok dtucker@ --- openbsd-compat/port-linux.c | 165 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 165 insertions(+) create mode 100644 openbsd-compat/port-linux.c (limited to 'openbsd-compat/port-linux.c') diff --git a/openbsd-compat/port-linux.c b/openbsd-compat/port-linux.c new file mode 100644 index 000000000..54ec2910e --- /dev/null +++ b/openbsd-compat/port-linux.c @@ -0,0 +1,165 @@ +/* $Id: port-linux.c,v 1.1 2006/04/22 11:26:08 djm Exp $ */ + +/* + * Copyright (c) 2005 Daniel Walsh + * Copyright (c) 2006 Damien Miller + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +/* + * Linux-specific portability code - just SELinux support at present + */ + +#include "includes.h" + +#ifdef WITH_SELINUX +#include "log.h" +#include "port-linux.h" + +#include +#include +#include + +/* Wrapper around is_selinux_enabled() to log its return value once only */ +static int +ssh_selinux_enabled(void) +{ + static int enabled = -1; + + if (enabled == -1) { + enabled = is_selinux_enabled(); + debug("SELinux support %s", enabled ? "enabled" : "disabled"); + } + + return (enabled); +} + +/* Return the default security context for the given username */ +static security_context_t +ssh_selinux_getctxbyname(char *pwname) +{ + security_context_t sc; + char *sename = NULL, *lvl = NULL; + int r; + +#ifdef HAVE_GETSEUSERBYNAME + if (getseuserbyname(pwname, &sename, &lvl) != 0) + return NULL; +#else + sename = pwname; + lvl = NULL; +#endif + +#ifdef HAVE_GET_DEFAULT_CONTEXT_WITH_LEVEL + r = get_default_context_with_level(sename, lvl, NULL, &sc); +#else + r = get_default_context(sename, NULL, &sc); +#endif + + if (r != 0) { + switch (security_getenforce()) { + case -1: + fatal("%s: ssh_selinux_getctxbyname: " + "security_getenforce() failed", __func__); + case 0: + error("%s: Failed to get default SELinux security " + "context for %s", __func__, pwname); + default: + fatal("%s: Failed to get default SELinux security " + "context for %s (in enforcing mode)", + __func__, pwname); + } + } + +#ifdef HAVE_GETSEUSERBYNAME + if (sename != NULL) + xfree(sename); + if (lvl != NULL) + xfree(lvl); +#endif + + return (sc); +} + +/* Set the execution context to the default for the specified user */ +void +ssh_selinux_setup_exec_context(char *pwname) +{ + security_context_t user_ctx = NULL; + + if (!ssh_selinux_enabled()) + return; + + debug3("%s: setting execution context", __func__); + + user_ctx = ssh_selinux_getctxbyname(pwname); + if (setexeccon(user_ctx) != 0) { + switch (security_getenforce()) { + case -1: + fatal("%s: security_getenforce() failed", __func__); + case 0: + error("%s: Failed to set SELinux execution " + "context for %s", __func__, pwname); + default: + fatal("%s: Failed to set SELinux execution context " + "for %s (in enforcing mode)", __func__, pwname); + } + } + if (user_ctx != NULL) + freecon(user_ctx); + + debug3("%s: done", __func__); +} + +/* Set the TTY context for the specified user */ +void +ssh_selinux_setup_pty(char *pwname, const char *tty) +{ + security_context_t new_tty_ctx = NULL; + security_context_t user_ctx = NULL; + security_context_t old_tty_ctx = NULL; + + if (!ssh_selinux_enabled()) + return; + + debug3("%s: setting TTY context on %s", __func__, tty); + + user_ctx = ssh_selinux_getctxbyname(pwname); + + /* XXX: should these calls fatal() upon failure in enforcing mode? */ + + if (getfilecon(tty, &old_tty_ctx) == -1) { + error("%s: getfilecon: %s", __func__, strerror(errno)); + goto out; + } + + if (security_compute_relabel(user_ctx, old_tty_ctx, + SECCLASS_CHR_FILE, &new_tty_ctx) != 0) { + error("%s: security_compute_relabel: %s", + __func__, strerror(errno)); + goto out; + } + + if (setfilecon(tty, new_tty_ctx) != 0) + error("%s: setfilecon: %s", __func__, strerror(errno)); + out: + if (new_tty_ctx != NULL) + freecon(new_tty_ctx); + if (old_tty_ctx != NULL) + freecon(old_tty_ctx); + if (user_ctx != NULL) + freecon(user_ctx); + debug3("%s: done", __func__); +} +#endif /* WITH_SELINUX */ -- cgit v1.2.3 From b8fe89c4d97ea9a5d7efb2c60108b8a7644f6a49 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Mon, 24 Jul 2006 14:51:00 +1000 Subject: - (djm) [acss.c auth-krb5.c auth-options.c auth-pam.c auth-shadow.c] [canohost.c channels.c cipher-acss.c defines.h dns.c gss-genr.c] [gss-serv-krb5.c gss-serv.c log.h loginrec.c logintest.c readconf.c] [servconf.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c] [ssh.c sshconnect.c sshd.c openbsd-compat/bindresvport.c] [openbsd-compat/bsd-arc4random.c openbsd-compat/bsd-misc.c] [openbsd-compat/getrrsetbyname.c openbsd-compat/glob.c] [openbsd-compat/mktemp.c openbsd-compat/port-linux.c] [openbsd-compat/port-tun.c openbsd-compat/readpassphrase.c] [openbsd-compat/setproctitle.c openbsd-compat/xmmap.c] make the portable tree compile again - sprinkle unistd.h and string.h back in. Don't redefine __unused, as it turned out to be used in headers on Linux, and replace its use in auth-pam.c with ARGSUSED --- ChangeLog | 15 ++++++++++++++- acss.c | 5 ++++- auth-krb5.c | 2 ++ auth-options.c | 4 +--- auth-pam.c | 11 ++++++++--- auth-shadow.c | 1 + canohost.c | 4 +--- channels.c | 4 +--- cipher-acss.c | 3 +++ defines.h | 7 +------ dns.c | 4 +--- gss-genr.c | 1 + gss-serv-krb5.c | 2 ++ gss-serv.c | 1 + log.h | 2 ++ loginrec.c | 2 ++ logintest.c | 4 +--- openbsd-compat/bindresvport.c | 1 + openbsd-compat/bsd-arc4random.c | 4 ++++ openbsd-compat/bsd-misc.c | 1 + openbsd-compat/getrrsetbyname.c | 2 ++ openbsd-compat/glob.c | 2 ++ openbsd-compat/mktemp.c | 1 + openbsd-compat/port-linux.c | 5 ++++- openbsd-compat/port-tun.c | 2 ++ openbsd-compat/readpassphrase.c | 2 ++ openbsd-compat/setproctitle.c | 1 + openbsd-compat/xmmap.c | 4 +++- readconf.c | 4 +--- servconf.c | 4 +--- ssh-keygen.c | 4 +--- ssh-keyscan.c | 4 +--- ssh-keysign.c | 2 +- ssh-rand-helper.c | 2 ++ ssh.c | 4 +--- sshconnect.c | 4 +--- sshd.c | 4 +--- 37 files changed, 79 insertions(+), 50 deletions(-) (limited to 'openbsd-compat/port-linux.c') diff --git a/ChangeLog b/ChangeLog index 7f7679402..d2cd9b597 100644 --- a/ChangeLog +++ b/ChangeLog @@ -99,6 +99,19 @@ [auth.h dispatch.c kex.h sftp-client.c] #include for sig_atomic_t; need this prior to move + - (djm) [acss.c auth-krb5.c auth-options.c auth-pam.c auth-shadow.c] + [canohost.c channels.c cipher-acss.c defines.h dns.c gss-genr.c] + [gss-serv-krb5.c gss-serv.c log.h loginrec.c logintest.c readconf.c] + [servconf.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c] + [ssh.c sshconnect.c sshd.c openbsd-compat/bindresvport.c] + [openbsd-compat/bsd-arc4random.c openbsd-compat/bsd-misc.c] + [openbsd-compat/getrrsetbyname.c openbsd-compat/glob.c] + [openbsd-compat/mktemp.c openbsd-compat/port-linux.c] + [openbsd-compat/port-tun.c openbsd-compat/readpassphrase.c] + [openbsd-compat/setproctitle.c openbsd-compat/xmmap.c] + make the portable tree compile again - sprinkle unistd.h and string.h + back in. Don't redefine __unused, as it turned out to be used in + headers on Linux, and replace its use in auth-pam.c with ARGSUSED 20060713 - (dtucker) [auth-krb5.c auth-pam.c] Still more errno.h @@ -5017,4 +5030,4 @@ - (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu -$Id: ChangeLog,v 1.4429 2006/07/24 04:14:19 djm Exp $ +$Id: ChangeLog,v 1.4430 2006/07/24 04:51:00 djm Exp $ diff --git a/acss.c b/acss.c index 99efde071..86e2c01a8 100644 --- a/acss.c +++ b/acss.c @@ -1,4 +1,4 @@ -/* $Id: acss.c,v 1.3 2005/07/17 07:04:47 djm Exp $ */ +/* $Id: acss.c,v 1.4 2006/07/24 04:51:01 djm Exp $ */ /* * Copyright (c) 2004 The OpenBSD project * @@ -16,6 +16,9 @@ */ #include "includes.h" + +#include + #include #if !defined(EVP_CTRL_SET_ACSS_MODE) && (OPENSSL_VERSION_NUMBER >= 0x00906000L) diff --git a/auth-krb5.c b/auth-krb5.c index 8beacc0d4..676b8ab1f 100644 --- a/auth-krb5.c +++ b/auth-krb5.c @@ -41,6 +41,8 @@ #ifdef KRB5 #include +#include +#include #include extern ServerOptions options; diff --git a/auth-options.c b/auth-options.c index 33c62641b..cd904967a 100644 --- a/auth-options.c +++ b/auth-options.c @@ -14,9 +14,7 @@ #include -#if defined(HAVE_NETDB_H) -# include -#endif +#include #include #include diff --git a/auth-pam.c b/auth-pam.c index cb8754ec7..6ce9db12b 100644 --- a/auth-pam.c +++ b/auth-pam.c @@ -54,6 +54,8 @@ #include #include +#include +#include #ifdef USE_PAM #if defined(HAVE_SECURITY_PAM_APPL_H) @@ -152,14 +154,16 @@ sshpam_sigchld_handler(int sig) fatal("PAM: authentication thread exited uncleanly"); } +/* ARGSUSED */ static void -pthread_exit(void *value __unused) +pthread_exit(void *value) { _exit(0); } +/* ARGSUSED */ static int -pthread_create(sp_pthread_t *thread, const void *attr __unused, +pthread_create(sp_pthread_t *thread, const void *attr, void *(*thread_start)(void *), void *arg) { pid_t pid; @@ -191,8 +195,9 @@ pthread_cancel(sp_pthread_t thread) return (kill(thread, SIGTERM)); } +/* ARGSUSED */ static int -pthread_join(sp_pthread_t thread, void **value __unused) +pthread_join(sp_pthread_t thread, void **value) { int status; diff --git a/auth-shadow.c b/auth-shadow.c index c8d5dd3c1..7cd69c21f 100644 --- a/auth-shadow.c +++ b/auth-shadow.c @@ -26,6 +26,7 @@ #if defined(USE_SHADOW) && defined(HAS_SHADOW_EXPIRE) #include +#include #include "auth.h" #include "buffer.h" diff --git a/canohost.c b/canohost.c index 97b5a78f9..b40cbf603 100644 --- a/canohost.c +++ b/canohost.c @@ -21,9 +21,7 @@ #include #include -#if defined(HAVE_NETDB_H) -# include -#endif +#include #include #include "packet.h" diff --git a/channels.c b/channels.c index 8cf4242fe..895c43f6a 100644 --- a/channels.c +++ b/channels.c @@ -50,9 +50,7 @@ #include #include -#if defined(HAVE_NETDB_H) -# include -#endif +#include #include #include #include diff --git a/cipher-acss.c b/cipher-acss.c index 90b51a4d1..cb0bf736c 100644 --- a/cipher-acss.c +++ b/cipher-acss.c @@ -15,8 +15,11 @@ */ #include "includes.h" + #include +#include + #if !defined(EVP_CTRL_SET_ACSS_MODE) && (OPENSSL_VERSION_NUMBER >= 0x00907000L) #include "acss.h" diff --git a/defines.h b/defines.h index 4dccc9172..7b0a302a5 100644 --- a/defines.h +++ b/defines.h @@ -25,7 +25,7 @@ #ifndef _DEFINES_H #define _DEFINES_H -/* $Id: defines.h,v 1.133 2006/07/12 04:14:31 dtucker Exp $ */ +/* $Id: defines.h,v 1.134 2006/07/24 04:51:01 djm Exp $ */ /* Constants */ @@ -143,16 +143,11 @@ including rpc/rpc.h breaks Solaris 6 #define INADDR_LOOPBACK ((u_long)0x7f000001) #endif -#ifndef __unused -#define __unused -#endif - /* Types */ /* If sys/types.h does not supply intXX_t, supply them ourselves */ /* (or die trying) */ - #ifndef HAVE_U_INT typedef unsigned int u_int; #endif diff --git a/dns.c b/dns.c index 5f123a2ee..c9368b96b 100644 --- a/dns.c +++ b/dns.c @@ -30,9 +30,7 @@ #include #include -#if defined(HAVE_NETDB_H) -# include -#endif +#include #include #include "xmalloc.h" diff --git a/gss-genr.c b/gss-genr.c index 0497657c0..522fedab3 100644 --- a/gss-genr.c +++ b/gss-genr.c @@ -29,6 +29,7 @@ #ifdef GSSAPI #include +#include #include "xmalloc.h" #include "bufaux.h" diff --git a/gss-serv-krb5.c b/gss-serv-krb5.c index eae29b2ae..7b78cfe0a 100644 --- a/gss-serv-krb5.c +++ b/gss-serv-krb5.c @@ -29,6 +29,8 @@ #ifdef GSSAPI #ifdef KRB5 +#include + #include "auth.h" #include "xmalloc.h" #include "log.h" diff --git a/gss-serv.c b/gss-serv.c index c033aad4f..b5c5538fe 100644 --- a/gss-serv.c +++ b/gss-serv.c @@ -29,6 +29,7 @@ #ifdef GSSAPI #include +#include #include "bufaux.h" #include "auth.h" diff --git a/log.h b/log.h index 9e1a2fcdb..15ebc93b5 100644 --- a/log.h +++ b/log.h @@ -15,6 +15,8 @@ #ifndef SSH_LOG_H #define SSH_LOG_H +#include "includes.h" + #include #include /* Needed for LOG_AUTHPRIV (if present) */ diff --git a/loginrec.c b/loginrec.c index 8299b79e4..955d42e8f 100644 --- a/loginrec.c +++ b/loginrec.c @@ -156,6 +156,8 @@ #include #include #include +#include +#include #include "ssh.h" #include "xmalloc.h" diff --git a/logintest.c b/logintest.c index 0de928bec..7e9fbbfbb 100644 --- a/logintest.c +++ b/logintest.c @@ -40,9 +40,7 @@ #include #include #include -#if defined(HAVE_NETDB_H) -# include -#endif +#include #ifdef HAVE_TIME_H #include #endif diff --git a/openbsd-compat/bindresvport.c b/openbsd-compat/bindresvport.c index 2c16233c9..ef0eff3b6 100644 --- a/openbsd-compat/bindresvport.c +++ b/openbsd-compat/bindresvport.c @@ -37,6 +37,7 @@ #include "includes.h" #include +#include #define STARTPORT 600 #define ENDPORT (IPPORT_RESERVED - 1) diff --git a/openbsd-compat/bsd-arc4random.c b/openbsd-compat/bsd-arc4random.c index 46e0a020f..c1aecfe99 100644 --- a/openbsd-compat/bsd-arc4random.c +++ b/openbsd-compat/bsd-arc4random.c @@ -15,6 +15,10 @@ */ #include "includes.h" + +#include +#include + #include "log.h" #ifndef HAVE_ARC4RANDOM diff --git a/openbsd-compat/bsd-misc.c b/openbsd-compat/bsd-misc.c index d2d9ad771..e6128f9a7 100644 --- a/openbsd-compat/bsd-misc.c +++ b/openbsd-compat/bsd-misc.c @@ -17,6 +17,7 @@ #include "includes.h" +#include #include #include "xmalloc.h" diff --git a/openbsd-compat/getrrsetbyname.c b/openbsd-compat/getrrsetbyname.c index a855ad6d5..70ef1850d 100644 --- a/openbsd-compat/getrrsetbyname.c +++ b/openbsd-compat/getrrsetbyname.c @@ -49,6 +49,8 @@ #ifndef HAVE_GETRRSETBYNAME +#include + #include "getrrsetbyname.h" #if defined(HAVE_DECL_H_ERRNO) && !HAVE_DECL_H_ERRNO diff --git a/openbsd-compat/glob.c b/openbsd-compat/glob.c index bba4c0976..b4873932a 100644 --- a/openbsd-compat/glob.c +++ b/openbsd-compat/glob.c @@ -41,6 +41,8 @@ #include #include #include +#include +#include static long get_arg_max(void) diff --git a/openbsd-compat/mktemp.c b/openbsd-compat/mktemp.c index b8b0793a6..2285c84df 100644 --- a/openbsd-compat/mktemp.c +++ b/openbsd-compat/mktemp.c @@ -41,6 +41,7 @@ #include #include #include +#include #if !defined(HAVE_MKDTEMP) || defined(HAVE_STRICT_MKSTEMP) diff --git a/openbsd-compat/port-linux.c b/openbsd-compat/port-linux.c index 54ec2910e..5e2e878dc 100644 --- a/openbsd-compat/port-linux.c +++ b/openbsd-compat/port-linux.c @@ -1,4 +1,4 @@ -/* $Id: port-linux.c,v 1.1 2006/04/22 11:26:08 djm Exp $ */ +/* $Id: port-linux.c,v 1.2 2006/07/24 04:51:01 djm Exp $ */ /* * Copyright (c) 2005 Daniel Walsh @@ -23,6 +23,9 @@ #include "includes.h" +#include +#include + #ifdef WITH_SELINUX #include "log.h" #include "port-linux.h" diff --git a/openbsd-compat/port-tun.c b/openbsd-compat/port-tun.c index 9806eec7d..f6a6aa9e1 100644 --- a/openbsd-compat/port-tun.c +++ b/openbsd-compat/port-tun.c @@ -23,6 +23,8 @@ #include #include +#include +#include #include "log.h" #include "misc.h" diff --git a/openbsd-compat/readpassphrase.c b/openbsd-compat/readpassphrase.c index fd9731ac6..11bd8f646 100644 --- a/openbsd-compat/readpassphrase.c +++ b/openbsd-compat/readpassphrase.c @@ -32,6 +32,8 @@ #include #include #include +#include +#include #ifdef TCSASOFT # define _T_FLUSH (TCSAFLUSH|TCSASOFT) diff --git a/openbsd-compat/setproctitle.c b/openbsd-compat/setproctitle.c index 32e987deb..7fec73f89 100644 --- a/openbsd-compat/setproctitle.c +++ b/openbsd-compat/setproctitle.c @@ -40,6 +40,7 @@ #ifdef HAVE_SYS_PSTAT_H #include #endif +#include #define SPT_NONE 0 /* don't use it at all */ #define SPT_PSTAT 1 /* use pstat(PSTAT_SETCMD, ...) */ diff --git a/openbsd-compat/xmmap.c b/openbsd-compat/xmmap.c index 7d5cc812c..1293dcab0 100644 --- a/openbsd-compat/xmmap.c +++ b/openbsd-compat/xmmap.c @@ -23,7 +23,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -/* $Id: xmmap.c,v 1.8 2006/07/12 12:35:52 dtucker Exp $ */ +/* $Id: xmmap.c,v 1.9 2006/07/24 04:51:01 djm Exp $ */ #include "includes.h" @@ -34,6 +34,8 @@ #include #include +#include +#include #include "log.h" diff --git a/readconf.c b/readconf.c index 432b80ed0..6fe372796 100644 --- a/readconf.c +++ b/readconf.c @@ -22,9 +22,7 @@ #include #include -#if defined(HAVE_NETDB_H) -# include -#endif +#include #include #include diff --git a/servconf.c b/servconf.c index ce44b5f60..dca9508ab 100644 --- a/servconf.c +++ b/servconf.c @@ -15,9 +15,7 @@ #include #include -#if defined(HAVE_NETDB_H) -# include -#endif +#include #include #include diff --git a/ssh-keygen.c b/ssh-keygen.c index f2d37129b..17236a55a 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -23,9 +23,7 @@ #include #include -#if defined(HAVE_NETDB_H) -# include -#endif +#include #ifdef HAVE_PATHS_H # include #endif diff --git a/ssh-keyscan.c b/ssh-keyscan.c index 30df75166..6b706f0af 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c @@ -14,9 +14,7 @@ #include -#if defined(HAVE_NETDB_H) -# include -#endif +#include #include #include #include diff --git a/ssh-keysign.c b/ssh-keysign.c index 435b839fa..89b8e4342 100644 --- a/ssh-keysign.c +++ b/ssh-keysign.c @@ -148,7 +148,7 @@ main(int argc, char **argv) { Buffer b; Options options; - Key *keys[2], *key; + Key *keys[2], *key = NULL; struct passwd *pw; int key_fd[2], i, found, version = 2, fd; u_char *signature, *data; diff --git a/ssh-rand-helper.c b/ssh-rand-helper.c index fb6fc2814..121fa52fa 100644 --- a/ssh-rand-helper.c +++ b/ssh-rand-helper.c @@ -41,6 +41,8 @@ #include #include #include +#include +#include #include #include diff --git a/ssh.c b/ssh.c index d0d9457c2..df787e45f 100644 --- a/ssh.c +++ b/ssh.c @@ -54,9 +54,7 @@ #include #include #include -#if defined(HAVE_NETDB_H) -# include -#endif +#include #ifdef HAVE_PATHS_H #include #endif diff --git a/sshconnect.c b/sshconnect.c index f33cf52b1..21c5203c6 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -24,9 +24,7 @@ #include #include -#if defined(HAVE_NETDB_H) -# include -#endif +#include #ifdef HAVE_PATHS_H #include #endif diff --git a/sshd.c b/sshd.c index 6428f42a0..cc1ebd8d9 100644 --- a/sshd.c +++ b/sshd.c @@ -54,9 +54,7 @@ #include #include -#if defined(HAVE_NETDB_H) -# include -#endif +#include #ifdef HAVE_PATHS_H #include #endif -- cgit v1.2.3 From ded319cca23923651ddc5e6a4bd4bda66d0737f4 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Fri, 1 Sep 2006 15:38:36 +1000 Subject: - (djm) [audit-bsm.c audit.c auth-bsdauth.c auth-chall.c auth-pam.c] [auth-rsa.c auth-shadow.c auth-sia.c auth1.c auth2-chall.c] [auth2-gss.c auth2-kbdint.c auth2-none.c authfd.c authfile.c] [cipher-3des1.c cipher-aes.c cipher-bf1.c cipher-ctr.c clientloop.c] [dh.c dns.c entropy.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c] [kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c loginrec.c mac.c] [md5crypt.c monitor.c monitor_wrap.c readconf.c rsa.c] [scard-opensc.c scard.c session.c ssh-add.c ssh-agent.c ssh-dss.c] [ssh-keygen.c ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c] [sshconnect1.c sshconnect2.c sshd.c rc4.diff] [openbsd-compat/bsd-cray.c openbsd-compat/port-aix.c] [openbsd-compat/port-linux.c openbsd-compat/port-solaris.c] [openbsd-compat/port-uw.c] Lots of headers for SCO OSR6, mainly adding stdarg.h for log.h; compile problems reported by rac AT tenzing.org --- ChangeLog | 19 ++++++++++++++++++- audit-bsm.c | 3 ++- audit.c | 5 ++++- auth-bsdauth.c | 2 ++ auth-chall.c | 2 ++ auth-pam.c | 1 + auth-rsa.c | 1 + auth-shadow.c | 1 + auth-sia.c | 17 +++++++++-------- auth1.c | 1 + auth2-chall.c | 1 + auth2-gss.c | 2 ++ auth2-kbdint.c | 2 ++ auth2-none.c | 1 + authfd.c | 1 + authfile.c | 1 + cipher-3des1.c | 1 + cipher-aes.c | 4 ++++ cipher-bf1.c | 1 + cipher-ctr.c | 1 + clientloop.c | 1 + dh.c | 1 + dns.c | 1 + entropy.c | 1 + gss-serv-krb5.c | 1 + gss-serv.c | 1 + hostfile.c | 1 + kex.c | 1 + kexdhc.c | 1 + kexdhs.c | 2 ++ kexgexc.c | 1 + kexgexs.c | 1 + key.c | 1 + loginrec.c | 1 + mac.c | 1 + md5crypt.c | 4 ++++ monitor.c | 1 + monitor_wrap.c | 1 + openbsd-compat/bsd-cray.c | 3 ++- openbsd-compat/port-aix.c | 1 + openbsd-compat/port-linux.c | 3 ++- openbsd-compat/port-solaris.c | 3 ++- openbsd-compat/port-uw.c | 15 +++++++++++++-- readconf.c | 1 + rsa.c | 1 + scard-opensc.c | 4 ++++ scard.c | 1 + session.c | 1 + ssh-add.c | 1 + ssh-agent.c | 1 + ssh-dss.c | 1 + ssh-keygen.c | 1 + ssh-keysign.c | 1 + ssh-rsa.c | 1 + ssh.c | 1 + sshconnect.c | 1 + sshconnect1.c | 1 + sshconnect2.c | 1 + sshd.c | 1 + 59 files changed, 117 insertions(+), 16 deletions(-) (limited to 'openbsd-compat/port-linux.c') diff --git a/ChangeLog b/ChangeLog index bef6b0538..ebf308975 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,20 @@ +20060901 + - (djm) [audit-bsm.c audit.c auth-bsdauth.c auth-chall.c auth-pam.c] + [auth-rsa.c auth-shadow.c auth-sia.c auth1.c auth2-chall.c] + [auth2-gss.c auth2-kbdint.c auth2-none.c authfd.c authfile.c] + [cipher-3des1.c cipher-aes.c cipher-bf1.c cipher-ctr.c clientloop.c] + [dh.c dns.c entropy.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c] + [kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c loginrec.c mac.c] + [md5crypt.c monitor.c monitor_wrap.c readconf.c rsa.c] + [scard-opensc.c scard.c session.c ssh-add.c ssh-agent.c ssh-dss.c] + [ssh-keygen.c ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c] + [sshconnect1.c sshconnect2.c sshd.c rc4.diff] + [openbsd-compat/bsd-cray.c openbsd-compat/port-aix.c] + [openbsd-compat/port-linux.c openbsd-compat/port-solaris.c] + [openbsd-compat/port-uw.c] + Lots of headers for SCO OSR6, mainly adding stdarg.h for log.h; + compile problems reported by rac AT tenzing.org + 20060831 - (djm) [CREDITS LICENCE Makefile.in auth.c configure.ac includes.h ] [platform.c platform.h sshd.c openbsd-compat/Makefile.in] @@ -5348,4 +5365,4 @@ - (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu -$Id: ChangeLog,v 1.4520 2006/08/31 01:28:49 dtucker Exp $ +$Id: ChangeLog,v 1.4521 2006/09/01 05:38:36 djm Exp $ diff --git a/audit-bsm.c b/audit-bsm.c index 50241b32f..d5cf302ce 100644 --- a/audit-bsm.c +++ b/audit-bsm.c @@ -1,4 +1,4 @@ -/* $Id: audit-bsm.c,v 1.3 2006/08/16 01:40:45 djm Exp $ */ +/* $Id: audit-bsm.c,v 1.4 2006/09/01 05:38:36 djm Exp $ */ /* * TODO @@ -39,6 +39,7 @@ #include +#include #include #include "ssh.h" diff --git a/audit.c b/audit.c index 8c3ec5a6a..dbea34cb2 100644 --- a/audit.c +++ b/audit.c @@ -1,4 +1,4 @@ -/* $Id: audit.c,v 1.4 2006/08/05 14:05:10 dtucker Exp $ */ +/* $Id: audit.c,v 1.5 2006/09/01 05:38:36 djm Exp $ */ /* * Copyright (c) 2004, 2005 Darren Tucker. All rights reserved. @@ -26,6 +26,9 @@ #include "includes.h" +#include +#include + #ifdef SSH_AUDIT_EVENTS #include "audit.h" diff --git a/auth-bsdauth.c b/auth-bsdauth.c index f718e5d38..37d527d11 100644 --- a/auth-bsdauth.c +++ b/auth-bsdauth.c @@ -27,6 +27,8 @@ #include +#include + #ifdef BSD_AUTH #include "xmalloc.h" #include "key.h" diff --git a/auth-chall.c b/auth-chall.c index 9c1079a17..919b1eaa4 100644 --- a/auth-chall.c +++ b/auth-chall.c @@ -27,6 +27,8 @@ #include +#include + #include "xmalloc.h" #include "key.h" #include "hostfile.h" diff --git a/auth-pam.c b/auth-pam.c index 8e9361caa..493993a10 100644 --- a/auth-pam.c +++ b/auth-pam.c @@ -54,6 +54,7 @@ #include #include +#include #include #include diff --git a/auth-rsa.c b/auth-rsa.c index 1c66b86a4..8c43458b0 100644 --- a/auth-rsa.c +++ b/auth-rsa.c @@ -24,6 +24,7 @@ #include #include +#include #include #include "xmalloc.h" diff --git a/auth-shadow.c b/auth-shadow.c index 52447fe4a..8b3160aee 100644 --- a/auth-shadow.c +++ b/auth-shadow.c @@ -26,6 +26,7 @@ #if defined(USE_SHADOW) && defined(HAS_SHADOW_EXPIRE) #include +#include #include #include "key.h" diff --git a/auth-sia.c b/auth-sia.c index af7182b48..63304d36e 100644 --- a/auth-sia.c +++ b/auth-sia.c @@ -25,14 +25,6 @@ #include "includes.h" #ifdef HAVE_OSF_SIA -#include "ssh.h" -#include "auth.h" -#include "auth-sia.h" -#include "log.h" -#include "servconf.h" -#include "canohost.h" -#include "uidswap.h" - #include #include #include @@ -40,8 +32,17 @@ #include #include #include +#include #include +#include "ssh.h" +#include "auth.h" +#include "auth-sia.h" +#include "log.h" +#include "servconf.h" +#include "canohost.h" +#include "uidswap.h" + extern ServerOptions options; extern int saved_argc; extern char **saved_argv; diff --git a/auth1.c b/auth1.c index 34dcf6266..b9d6b1115 100644 --- a/auth1.c +++ b/auth1.c @@ -14,6 +14,7 @@ #include +#include #include #include #include diff --git a/auth2-chall.c b/auth2-chall.c index b091957b1..b78b739cd 100644 --- a/auth2-chall.c +++ b/auth2-chall.c @@ -28,6 +28,7 @@ #include +#include #include #include diff --git a/auth2-gss.c b/auth2-gss.c index d88bc4273..c77c841a3 100644 --- a/auth2-gss.c +++ b/auth2-gss.c @@ -30,6 +30,8 @@ #include +#include + #include "xmalloc.h" #include "key.h" #include "hostfile.h" diff --git a/auth2-kbdint.c b/auth2-kbdint.c index 901596484..a4fc9e6f7 100644 --- a/auth2-kbdint.c +++ b/auth2-kbdint.c @@ -27,6 +27,8 @@ #include +#include + #include "xmalloc.h" #include "packet.h" #include "key.h" diff --git a/auth2-none.c b/auth2-none.c index f455bdde3..952b44824 100644 --- a/auth2-none.c +++ b/auth2-none.c @@ -30,6 +30,7 @@ #include #include +#include #include #include "xmalloc.h" diff --git a/authfd.c b/authfd.c index 5c910df13..61faad123 100644 --- a/authfd.c +++ b/authfd.c @@ -47,6 +47,7 @@ #include #include #include +#include #include #include diff --git a/authfile.c b/authfile.c index 675085646..735c64780 100644 --- a/authfile.c +++ b/authfile.c @@ -49,6 +49,7 @@ #include #include +#include #include #include #include diff --git a/cipher-3des1.c b/cipher-3des1.c index 61798bfde..fc16e20d7 100644 --- a/cipher-3des1.c +++ b/cipher-3des1.c @@ -29,6 +29,7 @@ #include +#include #include #include "xmalloc.h" diff --git a/cipher-aes.c b/cipher-aes.c index 99e9eea92..14ef10f03 100644 --- a/cipher-aes.c +++ b/cipher-aes.c @@ -28,8 +28,12 @@ #include "openbsd-compat/openssl-compat.h" #ifdef USE_BUILTIN_RIJNDAEL +#include #include + +#include + #include "rijndael.h" #include "xmalloc.h" #include "log.h" diff --git a/cipher-bf1.c b/cipher-bf1.c index eb4c04777..292488c5c 100644 --- a/cipher-bf1.c +++ b/cipher-bf1.c @@ -29,6 +29,7 @@ #include +#include #include #include "xmalloc.h" diff --git a/cipher-ctr.c b/cipher-ctr.c index 9733b7d56..b24f3a428 100644 --- a/cipher-ctr.c +++ b/cipher-ctr.c @@ -18,6 +18,7 @@ #include +#include #include #include diff --git a/clientloop.c b/clientloop.c index 132d75a44..88dfb1f32 100644 --- a/clientloop.c +++ b/clientloop.c @@ -78,6 +78,7 @@ #include #endif #include +#include #include #include #include diff --git a/dh.c b/dh.c index 925eedddf..f6ef05cf6 100644 --- a/dh.c +++ b/dh.c @@ -30,6 +30,7 @@ #include #include +#include #include #include #include diff --git a/dns.c b/dns.c index 229210835..92623de72 100644 --- a/dns.c +++ b/dns.c @@ -31,6 +31,7 @@ #include #include +#include #include #include diff --git a/entropy.c b/entropy.c index c89e0b528..4f19c8767 100644 --- a/entropy.c +++ b/entropy.c @@ -34,6 +34,7 @@ #ifdef HAVE_FCNTL_H # include #endif +#include #include #include diff --git a/gss-serv-krb5.c b/gss-serv-krb5.c index 006bedad9..5a625acb8 100644 --- a/gss-serv-krb5.c +++ b/gss-serv-krb5.c @@ -31,6 +31,7 @@ #include +#include #include #include "xmalloc.h" diff --git a/gss-serv.c b/gss-serv.c index 296f63a89..e8191a859 100644 --- a/gss-serv.c +++ b/gss-serv.c @@ -30,6 +30,7 @@ #include +#include #include #include diff --git a/hostfile.c b/hostfile.c index 08ba44264..2cceb352a 100644 --- a/hostfile.c +++ b/hostfile.c @@ -46,6 +46,7 @@ #include #include +#include #include #include #include diff --git a/kex.c b/kex.c index 0c36519a1..bfc1c11f9 100644 --- a/kex.c +++ b/kex.c @@ -28,6 +28,7 @@ #include #include +#include #include #include #include diff --git a/kexdhc.c b/kexdhc.c index bf875ae07..64de7af30 100644 --- a/kexdhc.c +++ b/kexdhc.c @@ -27,6 +27,7 @@ #include +#include #include #include #include diff --git a/kexdhs.c b/kexdhs.c index 7d2c21eed..93ec97f93 100644 --- a/kexdhs.c +++ b/kexdhs.c @@ -26,6 +26,8 @@ #include "includes.h" #include + +#include #include #include diff --git a/kexgexc.c b/kexgexc.c index fc48880d4..2c19713e1 100644 --- a/kexgexc.c +++ b/kexgexc.c @@ -28,6 +28,7 @@ #include +#include #include #include #include diff --git a/kexgexs.c b/kexgexs.c index 7599f2af4..5373a633a 100644 --- a/kexgexs.c +++ b/kexgexs.c @@ -28,6 +28,7 @@ #include +#include #include #include #include diff --git a/key.c b/key.c index 40aab20ea..f3b3d6b94 100644 --- a/key.c +++ b/key.c @@ -39,6 +39,7 @@ #include +#include #include #include diff --git a/loginrec.c b/loginrec.c index 7850312b6..67447edc0 100644 --- a/loginrec.c +++ b/loginrec.c @@ -156,6 +156,7 @@ #include #include #include +#include #include #include diff --git a/mac.c b/mac.c index edf9b69bd..e5d5bfa88 100644 --- a/mac.c +++ b/mac.c @@ -29,6 +29,7 @@ #include +#include #include #include diff --git a/md5crypt.c b/md5crypt.c index 253fdfdf2..22ef98933 100644 --- a/md5crypt.c +++ b/md5crypt.c @@ -11,6 +11,10 @@ #include "includes.h" #if defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT) +#include + +#include + #include /* 0 ... 63 => ascii - 64 */ diff --git a/monitor.c b/monitor.c index 83b3765a0..b3ccde017 100644 --- a/monitor.c +++ b/monitor.c @@ -40,6 +40,7 @@ #endif #include #include +#include #include #include diff --git a/monitor_wrap.c b/monitor_wrap.c index 431b3e495..3865539df 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c @@ -33,6 +33,7 @@ #include #include #include +#include #include #include #include diff --git a/openbsd-compat/bsd-cray.c b/openbsd-compat/bsd-cray.c index 8093f6d54..1532c991c 100644 --- a/openbsd-compat/bsd-cray.c +++ b/openbsd-compat/bsd-cray.c @@ -1,5 +1,5 @@ /* - * $Id: bsd-cray.c,v 1.15 2006/07/24 05:08:36 djm Exp $ + * $Id: bsd-cray.c,v 1.16 2006/09/01 05:38:41 djm Exp $ * * bsd-cray.c * @@ -52,6 +52,7 @@ #include #include #include +#include #include #include #include diff --git a/openbsd-compat/port-aix.c b/openbsd-compat/port-aix.c index 13a73e873..d0a423005 100644 --- a/openbsd-compat/port-aix.c +++ b/openbsd-compat/port-aix.c @@ -41,6 +41,7 @@ # include #endif #include +#include #include #include #include diff --git a/openbsd-compat/port-linux.c b/openbsd-compat/port-linux.c index 5e2e878dc..77f3a1c17 100644 --- a/openbsd-compat/port-linux.c +++ b/openbsd-compat/port-linux.c @@ -1,4 +1,4 @@ -/* $Id: port-linux.c,v 1.2 2006/07/24 04:51:01 djm Exp $ */ +/* $Id: port-linux.c,v 1.3 2006/09/01 05:38:41 djm Exp $ */ /* * Copyright (c) 2005 Daniel Walsh @@ -24,6 +24,7 @@ #include "includes.h" #include +#include #include #ifdef WITH_SELINUX diff --git a/openbsd-compat/port-solaris.c b/openbsd-compat/port-solaris.c index f31f0c6ea..f57433e78 100644 --- a/openbsd-compat/port-solaris.c +++ b/openbsd-compat/port-solaris.c @@ -1,4 +1,4 @@ -/* $Id: port-solaris.c,v 1.1 2006/08/30 17:24:42 djm Exp $ */ +/* $Id: port-solaris.c,v 1.2 2006/09/01 05:38:41 djm Exp $ */ /* * Copyright (c) 2006 Chad Mynhier. @@ -29,6 +29,7 @@ #ifdef HAVE_FCNTL_H # include #endif +#include #include #include diff --git a/openbsd-compat/port-uw.c b/openbsd-compat/port-uw.c index c64427121..6f3523902 100644 --- a/openbsd-compat/port-uw.c +++ b/openbsd-compat/port-uw.c @@ -26,15 +26,26 @@ #include "includes.h" #ifdef HAVE_LIBIAF +#include #ifdef HAVE_CRYPT_H -#include +# include #endif +#include +#include +#include +#include +#include + +#include "xmalloc.h" #include "packet.h" #include "buffer.h" +#include "auth-options.h" #include "log.h" #include "servconf.h" +#include "key.h" +#include "hostfile.h" #include "auth.h" -#include "auth-options.h" +#include "ssh.h" int nischeck(char *); diff --git a/readconf.c b/readconf.c index c57ea0c82..4cacf6026 100644 --- a/readconf.c +++ b/readconf.c @@ -24,6 +24,7 @@ #include #include #include +#include #include #include #include diff --git a/rsa.c b/rsa.c index 875b486c4..08cc82007 100644 --- a/rsa.c +++ b/rsa.c @@ -64,6 +64,7 @@ #include +#include #include #include "xmalloc.h" diff --git a/scard-opensc.c b/scard-opensc.c index 7a496dff8..4751ea295 100644 --- a/scard-opensc.c +++ b/scard-opensc.c @@ -26,9 +26,13 @@ #include "includes.h" #if defined(SMARTCARD) && defined(USE_OPENSC) +#include + #include #include +#include + #include #include diff --git a/scard.c b/scard.c index a2d28cba1..328655edd 100644 --- a/scard.c +++ b/scard.c @@ -29,6 +29,7 @@ #include #include +#include #include #include diff --git a/session.c b/session.c index 006e4304d..15c5ca9a0 100644 --- a/session.c +++ b/session.c @@ -53,6 +53,7 @@ #endif #include #include +#include #include #include #include diff --git a/ssh-add.c b/ssh-add.c index 518f47066..4dc46f6db 100644 --- a/ssh-add.c +++ b/ssh-add.c @@ -45,6 +45,7 @@ #include #include +#include #include #include #include diff --git a/ssh-agent.c b/ssh-agent.c index 6bc1e541a..08b07212e 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -58,6 +58,7 @@ # include #endif #include +#include #include #include #include diff --git a/ssh-dss.c b/ssh-dss.c index 448f704f6..fbc078e84 100644 --- a/ssh-dss.c +++ b/ssh-dss.c @@ -30,6 +30,7 @@ #include #include +#include #include #include "xmalloc.h" diff --git a/ssh-keygen.c b/ssh-keygen.c index c607e257e..969bd2359 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -29,6 +29,7 @@ # include #endif #include +#include #include #include #include diff --git a/ssh-keysign.c b/ssh-keysign.c index 1ddb2a058..c4bc7e56e 100644 --- a/ssh-keysign.c +++ b/ssh-keysign.c @@ -30,6 +30,7 @@ #include #endif #include +#include #include #include #include diff --git a/ssh-rsa.c b/ssh-rsa.c index 28444c1f9..0e16ff85f 100644 --- a/ssh-rsa.c +++ b/ssh-rsa.c @@ -22,6 +22,7 @@ #include #include +#include #include #include "xmalloc.h" diff --git a/ssh.c b/ssh.c index 07a4ca3c8..a34990b54 100644 --- a/ssh.c +++ b/ssh.c @@ -60,6 +60,7 @@ #endif #include #include +#include #include #include #include diff --git a/sshconnect.c b/sshconnect.c index 71ca4ec52..823def6a9 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -32,6 +32,7 @@ #include #endif #include +#include #include #include #include diff --git a/sshconnect1.c b/sshconnect1.c index 51f1f8088..90fcb344f 100644 --- a/sshconnect1.c +++ b/sshconnect1.c @@ -21,6 +21,7 @@ #include #include +#include #include #include #include diff --git a/sshconnect2.c b/sshconnect2.c index 5846c8e9c..dd971a9f9 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -33,6 +33,7 @@ #include #include #include +#include #include #include #include diff --git a/sshd.c b/sshd.c index ee588ff8a..3fb146424 100644 --- a/sshd.c +++ b/sshd.c @@ -65,6 +65,7 @@ #include #include #include +#include #include #include #include -- cgit v1.2.3