diff options
| -rw-r--r-- | ChangeLog | 4 | ||||
| -rw-r--r-- | acconfig.h | 6 | ||||
| -rw-r--r-- | auth-passwd.c | 34 | ||||
| -rw-r--r-- | configure.ac | 36 | ||||
| -rw-r--r-- | sshd.c | 11 |
5 files changed, 55 insertions, 36 deletions
@@ -1,5 +1,7 @@ 20020425 - (stevesk) [defines.h] remove USE_TIMEVAL; unused + - (stevesk) [acconfig.h auth-passwd.c configure.ac sshd.c] HP-UX 10.26 + support. bug #184. most from dcole@keysoftsys.com. 20020424 - (djm) OpenBSD CVS Sync @@ -506,4 +508,4 @@ - (stevesk) entropy.c: typo in debug message - (djm) ssh-keygen -i needs seeded RNG; report from markus@ -$Id: ChangeLog,v 1.2084 2002/04/25 17:56:07 stevesk Exp $ +$Id: ChangeLog,v 1.2085 2002/04/25 18:17:05 stevesk Exp $ @@ -1,4 +1,4 @@ -/* $Id: acconfig.h,v 1.134 2002/04/23 20:45:56 stevesk Exp $ */ +/* $Id: acconfig.h,v 1.135 2002/04/25 18:17:04 stevesk Exp $ */ #ifndef _CONFIG_H #define _CONFIG_H @@ -15,8 +15,8 @@ /* SCO workaround */ #undef BROKEN_SYS_TERMIO_H -/* Define if you have SCO protected password database */ -#undef HAVE_SCO_PROTECTED_PW +/* Define if you have SecureWare-based protected password database */ +#undef HAVE_SECUREWARE /* If your header files don't define LOGIN_PROGRAM, then use this (detected) */ /* from environment and PATH */ diff --git a/auth-passwd.c b/auth-passwd.c index 7f307383..58c11364 100644 --- a/auth-passwd.c +++ b/auth-passwd.c @@ -55,11 +55,11 @@ RCSID("$OpenBSD: auth-passwd.c,v 1.24 2002/03/04 12:43:06 markus Exp $"); # include <hpsecurity.h> # include <prot.h> # endif -# ifdef HAVE_SCO_PROTECTED_PW +# ifdef HAVE_SECUREWARE # include <sys/security.h> # include <sys/audit.h> # include <prot.h> -# endif /* HAVE_SCO_PROTECTED_PW */ +# endif /* HAVE_SECUREWARE */ # if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) # include <shadow.h> # endif @@ -102,12 +102,9 @@ auth_password(Authctxt *authctxt, const char *password) char *encrypted_password; char *pw_password; char *salt; -#ifdef __hpux +#if defined(__hpux) || defined(HAVE_SECUREWARE) struct pr_passwd *spw; -#endif -#ifdef HAVE_SCO_PROTECTED_PW - struct pr_passwd *spw; -#endif /* HAVE_SCO_PROTECTED_PW */ +#endif /* __hpux || HAVE_SECUREWARE */ #if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) struct spwd *spw; #endif @@ -183,21 +180,20 @@ auth_password(Authctxt *authctxt, const char *password) pw_password = spw->sp_pwdp; #endif /* defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) */ -#ifdef HAVE_SCO_PROTECTED_PW - spw = getprpwnam(pw->pw_name); - if (spw != NULL) - pw_password = spw->ufld.fd_encrypt; -#endif /* HAVE_SCO_PROTECTED_PW */ - #if defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW) if (issecure() && (spw = getpwanam(pw->pw_name)) != NULL) pw_password = spw->pwa_passwd; #endif /* defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW) */ -#if defined(__hpux) +#ifdef HAVE_SECUREWARE + if ((spw = getprpwnam(pw->pw_name)) != NULL) + pw_password = spw->ufld.fd_encrypt; +#endif /* HAVE_SECUREWARE */ + +#if defined(__hpux) && !defined(HAVE_SECUREWARE) if (iscomsec() && (spw = getprpwnam(pw->pw_name)) != NULL) pw_password = spw->ufld.fd_encrypt; -#endif /* defined(__hpux) */ +#endif /* defined(__hpux) && !defined(HAVE_SECUREWARE) */ /* Check for users with no password. */ if ((password[0] == '\0') && (pw_password[0] == '\0')) @@ -214,18 +210,18 @@ auth_password(Authctxt *authctxt, const char *password) else encrypted_password = crypt(password, salt); #else /* HAVE_MD5_PASSWORDS */ -# ifdef __hpux +# if defined(__hpux) && !defined(HAVE_SECUREWARE) if (iscomsec()) encrypted_password = bigcrypt(password, salt); else encrypted_password = crypt(password, salt); # else -# ifdef HAVE_SCO_PROTECTED_PW +# ifdef HAVE_SECUREWARE encrypted_password = bigcrypt(password, salt); # else encrypted_password = crypt(password, salt); -# endif /* HAVE_SCO_PROTECTED_PW */ -# endif /* __hpux */ +# endif /* HAVE_SECUREWARE */ +# endif /* __hpux && !defined(HAVE_SECUREWARE) */ #endif /* HAVE_MD5_PASSWORDS */ /* Authentication is accepted if the encrypted passwords are identical. */ diff --git a/configure.ac b/configure.ac index 91a0a72f..a092aaad 100644 --- a/configure.ac +++ b/configure.ac @@ -1,4 +1,4 @@ -# $Id: configure.ac,v 1.52 2002/04/23 20:45:56 stevesk Exp $ +# $Id: configure.ac,v 1.53 2002/04/25 18:17:05 stevesk Exp $ AC_INIT AC_CONFIG_SRCDIR([ssh.c]) @@ -91,6 +91,22 @@ case "$host" in *-*-darwin*) AC_DEFINE(BROKEN_GETADDRINFO) ;; +*-*-hpux10.26) + if test -z "$GCC"; then + CFLAGS="$CFLAGS -Ae" + fi + CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1" + IPADDR_IN_DISPLAY=yes + AC_DEFINE(HAVE_SECUREWARE) + AC_DEFINE(USE_PIPES) + AC_DEFINE(LOGIN_NO_ENDOPT) + AC_DEFINE(LOGIN_NEEDS_UTMPX) + AC_DEFINE(DISABLE_SHADOW) + AC_DEFINE(DISABLE_UTMP) + AC_DEFINE(SPT_TYPE,SPT_PSTAT) + LIBS="$LIBS -lxnet -lsec -lsecpw" + disable_ptmx_check=yes + ;; *-*-hpux10*) if test -z "$GCC"; then CFLAGS="$CFLAGS -Ae" @@ -235,7 +251,7 @@ mips-sony-bsd|mips-sony-newsos4) no_dev_ptmx=1 AC_DEFINE(BROKEN_SYS_TERMIO_H) AC_DEFINE(USE_PIPES) - AC_DEFINE(HAVE_SCO_PROTECTED_PW) + AC_DEFINE(HAVE_SECUREWARE) AC_DEFINE(DISABLE_SHADOW) AC_DEFINE(BROKEN_SAVED_UIDS) AC_CHECK_FUNCS(getluid setluid) @@ -249,7 +265,7 @@ mips-sony-bsd|mips-sony-newsos4) no_dev_ptmx=1 rsh_path="/usr/bin/rcmd" AC_DEFINE(USE_PIPES) - AC_DEFINE(HAVE_SCO_PROTECTED_PW) + AC_DEFINE(HAVE_SECUREWARE) AC_DEFINE(DISABLE_SHADOW) AC_CHECK_FUNCS(getluid setluid) MANTYPE=man @@ -1926,12 +1942,14 @@ if test ! -z "$MAIL" ; then fi if test -z "$no_dev_ptmx" ; then - AC_CHECK_FILE("/dev/ptmx", - [ - AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX) - have_dev_ptmx=1 - ] - ) + if test "x$disable_ptmx_check" != "xyes" ; then + AC_CHECK_FILE("/dev/ptmx", + [ + AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX) + have_dev_ptmx=1 + ] + ) + fi fi AC_CHECK_FILE("/dev/ptc", [ @@ -48,6 +48,10 @@ RCSID("$OpenBSD: sshd.c,v 1.240 2002/04/23 22:16:29 djm Exp $"); #include <openssl/bn.h> #include <openssl/md5.h> #include <openssl/rand.h> +#ifdef HAVE_SECUREWARE +#include <sys/security.h> +#include <prot.h> +#endif #include "ssh.h" #include "ssh1.h" @@ -786,6 +790,9 @@ main(int ac, char **av) Key *key; int ret, key_used = 0; +#ifdef HAVE_SECUREWARE + (void)set_auth_parameters(ac, av); +#endif __progname = get_progname(av[0]); init_rng(); @@ -998,10 +1005,6 @@ main(int ac, char **av) if (test_flag) exit(0); -#ifdef HAVE_SCO_PROTECTED_PW - (void) set_auth_parameters(ac, av); -#endif - /* Initialize the log (it is reinitialized below in case we forked). */ if (debug_flag && !inetd_flag) log_stderr = 1; |