diff options
| author | Damien Miller <djm@mindrot.org> | 1999-12-26 10:21:48 +1100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 1999-12-26 10:21:48 +1100 |
| commit | 32b3cf2c96fd8cee6cb082821a43d3375c850d58 (patch) | |
| tree | 103872b5f4423e17000a6221fd07fd6234924a26 | |
| parent | 2e1b082dfbc5dcdae80957a3d889abe9fa480d77 (diff) | |
- Enabled utmpx support by default for Solaris
- Cleanup sshd.c PAM a little more
19991225
- Merged fixes from Ben Taylor <bent@clark.net>
- Fixed configure support for PAM. Reported by Naz <96na@eng.cam.ac.uk>
- Disabled logging of PAM password authentication failures when password
is empty. (e.g start of authentication loop). Reported by Naz
<96na@eng.cam.ac.uk>)
| -rw-r--r-- | ChangeLog | 13 | ||||
| -rw-r--r-- | Makefile.in | 4 | ||||
| -rw-r--r-- | acconfig.h | 17 | ||||
| -rw-r--r-- | bsd-login.c | 16 | ||||
| -rw-r--r-- | configure.in | 10 | ||||
| -rw-r--r-- | login.c | 19 | ||||
| -rw-r--r-- | packages/redhat/openssh.spec | 2 | ||||
| -rw-r--r-- | packages/suse/openssh.spec | 2 | ||||
| -rw-r--r-- | sshd.c | 11 |
9 files changed, 66 insertions, 28 deletions
@@ -1,13 +1,24 @@ +19991226 + - Enabled utmpx support by default for Solaris + - Cleanup sshd.c PAM a little more + 19991225 - More fixes from Andre Lucas <andre.lucas@dial.pipex.com> - Cleanup of auth-passwd.c for shadow and MD5 passwords - Cleanup and bugfix of PAM authentication code + - Released 1.2.1pre20 + + - Merged fixes from Ben Taylor <bent@clark.net> + - Fixed configure support for PAM. Reported by Naz <96na@eng.cam.ac.uk> + - Disabled logging of PAM password authentication failures when password + is empty. (e.g start of authentication loop). Reported by Naz + <96na@eng.cam.ac.uk>) 19991223 - Merged later HPUX patch from Andre Lucas <andre.lucas@dial.pipex.com> - Above patch included better utmpx support from Ben Taylor - <bent@clark.net>: + <bent@clark.net> 19991222 - Fix undefined fd_set type in ssh.h from Povl H. Pedersen diff --git a/Makefile.in b/Makefile.in index ff978b74..fa9a9d81 100644 --- a/Makefile.in +++ b/Makefile.in @@ -44,6 +44,10 @@ LIBOBJS= atomicio.o authfd.o authfile.o bsd-daemon.o bsd-mktemp.o \ all: $(OBJS) $(TARGETS) +$(OBJS): config.h + +$(LIBOBJS): config.h + libssh.a: $(LIBOBJS) $(AR) rv $@ $(LIBOBJS) $(RANLIB) $@ @@ -222,6 +222,23 @@ enum # endif #endif +#if defined(HAVE_UTMPX_H) && defined(USE_UTMPX) +# ifndef _PATH_UTMPX +# ifdef UTMPX_FILE +# define _PATH_UTMPX UTMPX_FILE +# else +# define _PATH_UTMPX "/var/adm/utmpx" +# endif +# endif +# ifndef _PATH_WTMPX +# ifdef WTMPX_FILE +# define _PATH_WTMPX WTMPX_FILE +# else +# define _PATH_WTMPX "/var/adm/wtmp" +# endif +# endif +#endif + #ifndef _PATH_BSHELL # define _PATH_BSHELL "/bin/sh" #endif diff --git a/bsd-login.c b/bsd-login.c index d81e4691..eccb29ee 100644 --- a/bsd-login.c +++ b/bsd-login.c @@ -65,24 +65,24 @@ login(utp) struct utmp *utp; #endif /* defined(HAVE_UTMPX_H) && defined(USE_UTMPX) */ { +#if defined(HAVE_HOST_IN_UTMP) struct utmp old_ut; +#endif #if defined(HAVE_UTMPX_H) && defined(USE_UTMPX) struct utmpx *old_utx; #endif /* defined(HAVE_UTMPX_H) && defined(USE_UTMPX) */ register int fd; int tty; -#ifndef UT_LINESIZE -# define UT_LINESIZE (sizeof(old_ut.ut_line)) -# define UT_NAMESIZE (sizeof(old_ut.ut_name)) -# ifdef HAVE_HOST_IN_UTMP -# define UT_HOSTSIZE (sizeof(old_ut.ut_host)) -# endif -#endif - tty = ttyslot(); if (tty > 0 && (fd = open(_PATH_UTMP, O_RDWR|O_CREAT, 0644)) >= 0) { + #if defined(HAVE_HOST_IN_UTMP) +# ifndef UT_LINESIZE +# define UT_LINESIZE (sizeof(old_ut.ut_line)) +# define UT_NAMESIZE (sizeof(old_ut.ut_name)) +# define UT_HOSTSIZE (sizeof(old_ut.ut_host)) +# endif (void)lseek(fd, (off_t)(tty * sizeof(struct utmp)), SEEK_SET); /* * Prevent luser from zero'ing out ut_host. diff --git a/configure.in b/configure.in index 7bb96270..6cfacd2d 100644 --- a/configure.in +++ b/configure.in @@ -53,6 +53,9 @@ case "$host" in AC_DEFINE(DISABLE_SHADOW) fi ;; +*-*-solaris*) + AC_DEFINE(USE_UTMPX) + ;; esac dnl Check for OpenSSL/SSLeay directories. @@ -101,11 +104,14 @@ AC_ARG_WITH(pam, [ --without-pam Disable PAM support ], [ if test "x$withval" != "xno" ; then - AC_CHECK_LIB(dl, dlopen, , ) - AC_CHECK_LIB(pam, pam_authenticate, , ) + no_pam=1 fi ] ) +if test -z "$no_pam" ; then + AC_CHECK_LIB(dl, dlopen, , ) + AC_CHECK_LIB(pam, pam_authenticate, , ) +fi dnl Checks for header files. AC_CHECK_HEADERS(endian.h lastlog.h login.h maillock.h netgroup.h paths.h poll.h pty.h shadow.h util.h utmp.h utmpx.h sys/bsdtty.h sys/poll.h sys/select.h sys/stropts.h sys/time.h sys/ttcompat.h) @@ -18,7 +18,7 @@ */ #include "includes.h" -RCSID("$Id: login.c,v 1.11 1999/12/24 23:11:29 damien Exp $"); +RCSID("$Id: login.c,v 1.12 1999/12/25 23:21:48 damien Exp $"); #if defined(HAVE_UTMPX_H) && defined(USE_UTMPX) # include <utmpx.h> @@ -155,18 +155,19 @@ record_login(int pid, const char *ttyname, const char *user, uid_t uid, strncpy(utx.ut_line, ttyname + 5, sizeof(utx.ut_line)); utx.ut_pid = (pid_t)pid; utx.ut_tv.tv_sec = time(NULL); - u.ut_type = (uid == -1)?DEAD_PROCESS:USER_PROCESS; -#ifdef HAVE_HOST_IN_UTMPX -#ifdef HAVE_SYSLEN_IN_UTMPX + utx.ut_type = (uid == -1)?DEAD_PROCESS:USER_PROCESS; +# ifdef HAVE_HOST_IN_UTMPX +# ifdef HAVE_SYSLEN_IN_UTMPX utx.ut_syslen = strlen(host); - strncpy(utx.ut_host, host, utx.ut_syslen ); -#else + strncpy(utx.ut_host, host, utx.ut_syslen); +# else strncpy(utx.ut_host, host, sizeof(utx.ut_host)); -#endif /* HAVE_SYSLEN_IN_UTMPX */ -#endif +# endif /* HAVE_SYSLEN_IN_UTMPX */ +# endif #endif /* defined(HAVE_UTMPX_H) && defined(USE_UTMPX) */ -#if defined(HAVE_UTMPX_H) && defined(USE_UTMPX) && !defined(HAVE_LOGIN) +/*#if defined(HAVE_UTMPX_H) && defined(USE_UTMPX) && !defined(HAVE_LOGIN)*/ +#if defined(HAVE_UTMPX_H) && defined(USE_UTMPX) login(&u, &utx); #else /* defined(HAVE_UTMPX_H) && defined(USE_UTMPX) */ login(&u); diff --git a/packages/redhat/openssh.spec b/packages/redhat/openssh.spec index a3e51bb8..af904c7d 100644 --- a/packages/redhat/openssh.spec +++ b/packages/redhat/openssh.spec @@ -1,6 +1,6 @@ Summary: OpenSSH free Secure Shell (SSH) implementation Name: openssh -Version: 1.2.1pre20 +Version: 1.2.1pre21 Release: 1 Packager: Damien Miller <djm@ibs.com.au> Source0: openssh-%{version}.tar.gz diff --git a/packages/suse/openssh.spec b/packages/suse/openssh.spec index c649ef23..23926e01 100644 --- a/packages/suse/openssh.spec +++ b/packages/suse/openssh.spec @@ -1,6 +1,6 @@ Summary: OpenSSH, a free Secure Shell (SSH) implementation Name: openssh -Version: 1.2.1pre20 +Version: 1.2.1pre21 Release: 1 Source0: openssh-%{version}.tar.gz Copyright: BSD @@ -11,7 +11,7 @@ */ #include "includes.h" -RCSID("$Id: sshd.c,v 1.40 1999/12/24 23:11:29 damien Exp $"); +RCSID("$Id: sshd.c,v 1.41 1999/12/25 23:21:48 damien Exp $"); #ifdef HAVE_POLL_H # include <poll.h> @@ -249,8 +249,10 @@ int do_pam_auth(const char *user, const char *password) log("PAM Password authentication accepted for user \"%.100s\"", user); return 1; } else { - log("PAM Password authentication for \"%.100s\" failed: %s", - user, PAM_STRERROR((pam_handle_t *)pamh, pam_retval)); + /* Don't log failure for auth attempts with empty password */ + if (password[0] != '\0') + log("PAM Password authentication for \"%.100s\" failed: %s", + user, PAM_STRERROR((pam_handle_t *)pamh, pam_retval)); return 0; } } @@ -1362,9 +1364,6 @@ do_authloop(struct passwd * pw) int plen, dlen, nlen, ulen, elen; int type = 0; void (*authlog) (const char *fmt,...) = verbose; -#ifdef HAVE_LIBPAM - int pam_retval; -#endif /* HAVE_LIBPAM */ /* Indicate that authentication is needed. */ packet_start(SSH_SMSG_FAILURE); |