ssh-add
ssh-keygen
ssh-keyscan
+ssh-keysign
ssh-agent
sftp-server
sftp
+20020626
+ - (stevesk) [monitor.c] remove duplicate proto15 dispatch entry for PAM
+ - (bal) OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2002/06/23 21:34:07
+ [channels.c]
+ tcode is u_int
+ - markus@cvs.openbsd.org 2002/06/24 13:12:23
+ [ssh-agent.1]
+ the socket name contains ssh-agent's ppid; via mpech@ from form@
+ - markus@cvs.openbsd.org 2002/06/24 14:33:27
+ [channels.c channels.h clientloop.c serverloop.c]
+ move channel counter to u_int
+ - markus@cvs.openbsd.org 2002/06/24 14:55:38
+ [authfile.c kex.c ssh-agent.c]
+ cat to (void) when output from buffer_get_X is ignored
+ - itojun@cvs.openbsd.org 2002/06/24 15:49:22
+ [msg.c]
+ printf type pedant
+ - deraadt@cvs.openbsd.org 2002/06/24 17:57:20
+ [sftp-server.c sshpty.c]
+ explicit (u_int) for uid and gid
+ - markus@cvs.openbsd.org 2002/06/25 16:22:42
+ [authfd.c]
+ unnecessary cast
+ - markus@cvs.openbsd.org 2002/06/25 18:51:04
+ [sshd.c]
+ lightweight do_setusercontext after chroot()
+ - (bal) Updated AIX package build. Patch by dtucker@zip.com.au
+ - (tim) [Makefile.in] fix test on installing ssh-rand-helper.8
+ - (bal) added back in error check for mmap(). I screwed up, Pointed
+ out by stevesk@
+ - (tim) [README.privsep] UnixWare tip no longer needed.
+ - (bal) fixed NeXTStep missing munmap() issue. It defines HAVE_MMAP,
+ but it all damned lies.
+ - (stevesk) [README.privsep] more for sshd pseudo-account.
+ - (tim) [contrib/caldera/openssh.spec] add support for privsep
+ - (djm) setlogin needs pgid==pid on BSD/OS; from itojun@
+ - (djm) OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2002/06/26 08:53:12
+ [bufaux.c]
+ limit size of BNs to 8KB; ok provos/deraadt
+ - markus@cvs.openbsd.org 2002/06/26 08:54:18
+ [buffer.c]
+ limit append to 1MB and buffers to 10MB
+ - markus@cvs.openbsd.org 2002/06/26 08:55:02
+ [channels.c]
+ limit # of channels to 10000
+ - markus@cvs.openbsd.org 2002/06/26 08:58:26
+ [session.c]
+ limit # of env vars to 1000; ok deraadt/djm
+ - deraadt@cvs.openbsd.org 2002/06/26 13:20:57
+ [monitor.c]
+ be careful in mm_zalloc
+ - deraadt@cvs.openbsd.org 2002/06/26 13:49:26
+ [session.c]
+ disclose less information from environment files; based on input
+ from djm, and dschultz@uclink.Berkeley.EDU
+ - markus@cvs.openbsd.org 2002/06/26 13:55:37
+ [auth2-chall.c]
+ make sure # of response matches # of queries, fixes int overflow;
+ from ISS
+ - markus@cvs.openbsd.org 2002/06/26 13:56:27
+ [version.h]
+ 3.4
+ - (djm) Require krb5 devel for RPM build w/ KrbV
+ - (djm) Improve PAMAuthenticationViaKbdInt text from Nalin Dahyabhai
+ <nalin@redhat.com>
+ - (djm) Update spec files for release
+ - (djm) Fix int overflow in auth2-pam.c, similar to one discovered by ISS
+ - (djm) Release 3.4p1
+
+20020625
+ - (stevesk) [INSTALL acconfig.h configure.ac defines.h] remove --with-rsh
+ - (stevesk) [README.privsep] minor updates
+ - (djm) Create privsep directory and warn if privsep user is missing
+ during make install
+ - (bal) Started list of PrivSep issues in TODO
+ - (bal) if mmap() is substandard, don't allow compression on server side.
+ Post 'event' we will add more options.
+ - (tim) [contrib/caldera/openssh.spec] Sync with Caldera
+ - (bal) moved aix_usrinfo() and noted not setting real TTY. Patch by
+ dtucker@zip.com.au
+ - (tim) [acconfig.h configure.ac sshd.c] BROKEN_FD_PASSING fix from Markus
+ for Cygwin, Cray, & SCO
+
+20020624
+ - OpenBSD CVS Sync
+ - deraadt@cvs.openbsd.org 2002/06/23 03:25:50
+ [tildexpand.c]
+ KNF
+ - deraadt@cvs.openbsd.org 2002/06/23 03:26:19
+ [cipher.c key.c]
+ KNF
+ - deraadt@cvs.openbsd.org 2002/06/23 03:30:58
+ [scard.c ssh-dss.c ssh-rsa.c sshconnect.c sshconnect2.c sshd.c sshlogin.c
+ sshpty.c]
+ various KNF and %d for unsigned
+ - deraadt@cvs.openbsd.org 2002/06/23 09:30:14
+ [sftp-client.c sftp-client.h sftp-common.c sftp-int.c sftp-server.c
+ sftp.c]
+ bunch of u_int vs int stuff
+ - deraadt@cvs.openbsd.org 2002/06/23 09:39:55
+ [ssh-keygen.c]
+ u_int stuff
+ - deraadt@cvs.openbsd.org 2002/06/23 09:46:51
+ [bufaux.c servconf.c]
+ minor KNF. things the fingers do while you read
+ - deraadt@cvs.openbsd.org 2002/06/23 10:29:52
+ [ssh-agent.c sshd.c]
+ some minor KNF and %u
+ - deraadt@cvs.openbsd.org 2002/06/23 20:39:45
+ [session.c]
+ compression_level is u_int
+ - deraadt@cvs.openbsd.org 2002/06/23 21:06:13
+ [sshpty.c]
+ KNF
+ - deraadt@cvs.openbsd.org 2002/06/23 21:06:41
+ [channels.c channels.h session.c session.h]
+ display, screen, row, col, xpixel, ypixel are u_int; markus ok
+ - deraadt@cvs.openbsd.org 2002/06/23 21:10:02
+ [packet.c]
+ packet_get_int() returns unsigned for reason & seqnr
+ - (bal) Also fixed IPADDR_IN_DISPLAY case where display, screen, row, col,
+ xpixel are u_int.
+
+
+20020623
+ - (stevesk) [configure.ac] bug #255 LOGIN_NEEDS_UTMPX for AIX.
+ - (bal) removed GNUism for getops in ssh-agent since glibc lacks optreset.
+ - (bal) add extern char *getopt. Based on report by dtucker@zip.com.au
+ - OpenBSD CVS Sync
+ - stevesk@cvs.openbsd.org 2002/06/22 02:00:29
+ [ssh.h]
+ correct comment
+ - stevesk@cvs.openbsd.org 2002/06/22 02:40:23
+ [ssh.1]
+ section 5 not 4 for ssh_config
+ - naddy@cvs.openbsd.org 2002/06/22 11:51:39
+ [ssh.1]
+ typo
+ - stevesk@cvs.openbsd.org 2002/06/22 16:32:54
+ [sshd.8]
+ add /var/empty in FILES section
+ - stevesk@cvs.openbsd.org 2002/06/22 16:40:19
+ [sshd.c]
+ check /var/empty owner mode; ok provos@
+ - stevesk@cvs.openbsd.org 2002/06/22 16:41:57
+ [scp.1]
+ typo
+ - stevesk@cvs.openbsd.org 2002/06/22 16:45:29
+ [ssh-agent.1 sshd.8 sshd_config.5]
+ use process ID vs. pid/PID/process identifier
+ - stevesk@cvs.openbsd.org 2002/06/22 20:05:27
+ [sshd.c]
+ don't call setsid() if debugging or run from inetd; no "Operation not
+ permitted" errors now; ok millert@ markus@
+ - stevesk@cvs.openbsd.org 2002/06/22 23:09:51
+ [monitor.c]
+ save auth method before monitor_reset_key_state(); bugzilla bug #284;
+ ok provos@
+
20020622
- (djm) Update README.privsep; spotted by fries@
- (djm) Release 3.3p1
+ - (bal) getopt now can be staticly compiled on those platforms missing
+ optreset. Patch by binder@arago.de
20020621
- (djm) Sync:
There are a few other options to the configure script:
---with-rsh=PATH allows you to specify the path to your rsh program.
-Normally ./configure will search the current $PATH for 'rsh'. You
-may need to specify this option if rsh is not in your path or has a
-different name.
-
--with-pam enables PAM support.
--enable-gnome-askpass will build the GNOME passphrase dialog. You
SSH_KEYSIGN=$(libexecdir)/ssh-keysign
RAND_HELPER=$(libexecdir)/ssh-rand-helper
PRIVSEP_PATH=@PRIVSEP_PATH@
+SSH_PRIVSEP_USER=@SSH_PRIVSEP_USER@
PATHS= -DSSHDIR=\"$(sysconfdir)\" \
-D_PATH_SSH_PROGRAM=\"$(SSH_PROGRAM)\" \
$(AUTORECONF)
(cd scard && $(MAKE) -f Makefile.in distprep)
-install: $(CONFIGFILES) $(MANPAGES) $(TARGETS) install-files host-key
+install: $(CONFIGFILES) $(MANPAGES) $(TARGETS) install-files host-key check-user
install-nokeys: $(CONFIGFILES) $(MANPAGES) $(TARGETS) install-files
+check-user:
+ id $(SSH_PRIVSEP_USER) || \
+ echo "WARNING: Privilege separation user \"$(SSH_PRIVSEP_USER)\" does not exist"
+
scard-install:
(cd scard && $(MAKE) DESTDIR=$(DESTDIR) install)
$(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)5
$(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)8
$(srcdir)/mkinstalldirs $(DESTDIR)$(libexecdir)
+ $(srcdir)/mkinstalldirs $(DESTDIR)$(PRIVSEP_PATH)
+ chmod 0700 $(DESTDIR)$(PRIVSEP_PATH)
$(INSTALL) -m 0755 -s ssh $(DESTDIR)$(bindir)/ssh
$(INSTALL) -m 0755 -s scp $(DESTDIR)$(bindir)/scp
$(INSTALL) -m 0755 -s ssh-add $(DESTDIR)$(bindir)/ssh-add
$(INSTALL) -m 644 sshd_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/sshd_config.5
$(INSTALL) -m 644 ssh_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/ssh_config.5
$(INSTALL) -m 644 sshd.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8
- if [ ! -z "$(INSTALL_SSH_PRNG_CMDS)" ]; then \
+ if [ ! -z "$(INSTALL_SSH_RAND_HELPER)" ]; then \
$(INSTALL) -m 644 ssh-rand-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-rand-helper.8 ; \
fi
@NO_SFTP@$(INSTALL) -m 644 sftp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/sftp.1
compression must be disabled in order for privilege separation to
function.
-When privsep is enabled, the pre-authentication sshd process will
+When privsep is enabled, during the pre-authentication phase sshd will
chroot(2) to "/var/empty" and change its privileges to the "sshd" user
-and its primary group. You should do something like the following to
-prepare the privsep preauth environment:
+and its primary group. sshd is a pseudo-account that should not be
+used by other daemons, and must be locked and should contain a
+"nologin" or invalid shell.
+
+You should do something like the following to prepare the privsep
+preauth environment:
# mkdir /var/empty
# chown root:sys /var/empty
# chmod 755 /var/empty
# groupadd sshd
- # useradd -g sshd sshd
-
-If you are on UnixWare 7 or OpenUNIX 8 do this additional step.
- # ln /usr/lib/.ns.so /usr/lib/ns.so.1
+ # useradd -g sshd -c 'sshd privsep' -d /var/empty -s /bin/false sshd
/var/empty should not contain any files.
--with-privsep-path=xxx Path for privilege separation chroot
--with-privsep-user=user Specify non-privileged user for privilege separation
-Privsep requires operating system support for file descriptor passing
-and mmap(MAP_ANON).
+Privsep requires operating system support for file descriptor passing.
+Compression will be disabled on systems without a working mmap MAP_ANON.
PAM-enabled OpenSSH is known to function with privsep on Linux.
It does not function on HP-UX with a trusted system
- HP-UX: Provide DEPOT package scripts.
(gilbert.r.loomis@saic.com)
+
+PrivSep Issues:
+- mmap() issues.
+ + /dev/zero solution (Solaris)
+ + No/broken MAP_ANON (Irix)
+ + broken /dev/zero parse (Linux)
+- PAM
+ + See above PAM notes
+- AIX
+ + usrinfo() does not set TTY, but only required for legicy systems. Works
+ with PrivSep.
+- OSF
+ + SIA is broken
+- Cygwin
+ + Privsep for Pre-auth only (no fd passing)
+
$Id$
/* Define if xauth is found in your path */
#undef XAUTH_PATH
-/* Define if rsh is found in your path */
-#undef RSH_PATH
-
/* Define if you want to allow MD5 passwords */
#undef HAVE_MD5_PASSWORDS
/* Path that unprivileged child will chroot() to in privep mode */
#undef PRIVSEP_PATH
+/* Define if you have the `mmap' function that supports MAP_ANON|SHARED */
+#undef HAVE_MMAP_ANON_SHARED
+
+/* Define if sendmsg()/recvmsg() has problems passing file descriptors */
+#undef BROKEN_FD_PASSING
+
@BOTTOM@
/* ******************* Shouldn't need to edit below this line ************** */
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
-RCSID("$OpenBSD: auth2-chall.c,v 1.18 2002/06/19 00:27:55 deraadt Exp $");
+RCSID("$OpenBSD: auth2-chall.c,v 1.19 2002/06/26 13:55:37 markus Exp $");
#include "ssh2.h"
#include "auth.h"
char *devices;
void *ctxt;
KbdintDevice *device;
+ u_int nreq;
};
static KbdintAuthctxt *
debug("kbdint_alloc: devices '%s'", kbdintctxt->devices);
kbdintctxt->ctxt = NULL;
kbdintctxt->device = NULL;
+ kbdintctxt->nreq = 0;
return kbdintctxt;
}
KbdintAuthctxt *kbdintctxt;
char *name, *instr, **prompts;
int i;
- u_int numprompts, *echo_on;
+ u_int *echo_on;
kbdintctxt = authctxt->kbdintctxt;
if (kbdintctxt->device->query(kbdintctxt->ctxt,
- &name, &instr, &numprompts, &prompts, &echo_on))
+ &name, &instr, &kbdintctxt->nreq, &prompts, &echo_on))
return 0;
packet_start(SSH2_MSG_USERAUTH_INFO_REQUEST);
packet_put_cstring(name);
packet_put_cstring(instr);
packet_put_cstring(""); /* language not used */
- packet_put_int(numprompts);
- for (i = 0; i < numprompts; i++) {
+ packet_put_int(kbdintctxt->nreq);
+ for (i = 0; i < kbdintctxt->nreq; i++) {
packet_put_cstring(prompts[i]);
packet_put_char(echo_on[i]);
}
packet_send();
packet_write_wait();
- for (i = 0; i < numprompts; i++)
+ for (i = 0; i < kbdintctxt->nreq; i++)
xfree(prompts[i]);
xfree(prompts);
xfree(echo_on);
authctxt->postponed = 0; /* reset */
nresp = packet_get_int();
+ if (nresp != kbdintctxt->nreq)
+ fatal("input_userauth_info_response: wrong number of replies");
+ if (nresp > 100)
+ fatal("input_userauth_info_response: too many replies");
if (nresp > 0) {
response = xmalloc(nresp * sizeof(char*));
for (i = 0; i < nresp; i++)
nresp = packet_get_int(); /* Number of responses. */
debug("got %d responses", nresp);
+
+ if (nresp != context_pam2.num_expected)
+ fatal("%s: Received incorrect number of responses "
+ "(expected %u, received %u)", __func__, nresp,
+ context_pam2.num_expected);
+
+ if (nresp > 100)
+ fatal("%s: too many replies", __func__);
+
for (i = 0; i < nresp; i++) {
int j = context_pam2.prompts[i];
*/
#include "includes.h"
-RCSID("$OpenBSD: authfd.c,v 1.55 2002/06/19 00:27:55 deraadt Exp $");
+RCSID("$OpenBSD: authfd.c,v 1.56 2002/06/25 16:22:42 markus Exp $");
#include <openssl/evp.h>
error("Error reading response from authentication socket.");
return 0;
}
- buffer_append(reply, (char *) buf, l);
+ buffer_append(reply, buf, l);
len -= l;
}
return 1;
*/
#include "includes.h"
-RCSID("$OpenBSD: authfile.c,v 1.49 2002/05/23 19:24:30 markus Exp $");
+RCSID("$OpenBSD: authfile.c,v 1.50 2002/06/24 14:55:38 markus Exp $");
#include <openssl/err.h>
#include <openssl/evp.h>
(void) buffer_get_int(&buffer); /* reserved */
/* Read the public key from the buffer. */
- buffer_get_int(&buffer);
+ (void) buffer_get_int(&buffer);
pub = key_new(KEY_RSA1);
buffer_get_bignum(&buffer, pub->rsa->n);
buffer_get_bignum(&buffer, pub->rsa->e);
(void) buffer_get_int(&buffer); /* Reserved data. */
/* Read the public key from the buffer. */
- buffer_get_int(&buffer);
+ (void) buffer_get_int(&buffer);
prv = key_new_private(KEY_RSA1);
buffer_get_bignum(&buffer, prv->rsa->n);
--with-kerberos5=PATH Enable Kerberos 5 support
--with-kerberos4=PATH Enable Kerberos 4 support
--with-afs=PATH Enable AFS support
- --with-rsh=PATH Specify path to remote shell program
--with-privsep-path=xxx Path for privilege separation chroot
--with-xauth=PATH Specify path to xauth program
--with-mantype=man|cat|doc Set man page type
cat >>confdefs.h <<\_ACEOF
@%:@define DISABLE_LASTLOG 1
+_ACEOF
+
+ cat >>confdefs.h <<\_ACEOF
+@%:@define LOGIN_NEEDS_UTMPX 1
_ACEOF
;;
cat >>confdefs.h <<\_ACEOF
@%:@define NO_X11_UNIX_SOCKETS 1
+_ACEOF
+
+ cat >>confdefs.h <<\_ACEOF
+@%:@define BROKEN_FD_PASSING 1
_ACEOF
cat >>confdefs.h <<\_ACEOF
CPPFLAGS="$CPPFLAGS -Dftruncate=chsize -I/usr/local/include"
LDFLAGS="$LDFLAGS -L/usr/local/lib"
LIBS="$LIBS -los -lprot -lx -ltinfo -lm"
- rsh_path="/usr/bin/rcmd"
RANLIB=true
no_dev_ptmx=1
cat >>confdefs.h <<\_ACEOF
LDFLAGS="$LDFLAGS -L/usr/local/lib"
LIBS="$LIBS -lprot -lx -ltinfo -lm"
no_dev_ptmx=1
- rsh_path="/usr/bin/rcmd"
cat >>confdefs.h <<\_ACEOF
@%:@define USE_PIPES 1
_ACEOF
@%:@define DISABLE_SHADOW 1
_ACEOF
+ cat >>confdefs.h <<\_ACEOF
+@%:@define BROKEN_FD_PASSING 1
+_ACEOF
+
for ac_func in getluid setluid
no_libnsl=1
cat >>confdefs.h <<\_ACEOF
@%:@define USE_PIPES 1
+_ACEOF
+
+ cat >>confdefs.h <<\_ACEOF
+@%:@define BROKEN_FD_PASSING 1
_ACEOF
LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal,-L/usr/local/lib"
done
+if test $ac_cv_func_mmap = yes ; then
+echo "$as_me:$LINENO: checking for mmap anon shared" >&5
+echo $ECHO_N "checking for mmap anon shared... $ECHO_C" >&6
+if test "$cross_compiling" = yes; then
+ { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling" >&5
+echo "$as_me: error: cannot run test program while cross compiling" >&2;}
+ { (exit 1); exit 1; }; }
+else
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+
+#include <stdio.h>
+#include <sys/mman.h>
+#if !defined(MAP_ANON) && defined(MAP_ANONYMOUS)
+#define MAP_ANON MAP_ANONYMOUS
+#endif
+main() { char *p;
+p = (char *) mmap(NULL, 10, PROT_WRITE|PROT_READ, MAP_ANON|MAP_SHARED, -1, 0);
+if (p == (char *)-1)
+ exit(1);
+exit(0);
+}
+
+_ACEOF
+rm -f conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+
+ echo "$as_me:$LINENO: result: yes" >&5
+echo "${ECHO_T}yes" >&6
+ cat >>confdefs.h <<\_ACEOF
+@%:@define HAVE_MMAP_ANON_SHARED 1
+_ACEOF
+
+
+else
+ echo "$as_me: program exited with status $ac_status" >&5
+echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+( exit $ac_status )
+ echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6
+
+fi
+rm -f core core.* *.core conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
+fi
+fi
+
for ac_func in dirname
do
_ACEOF
-ssh_privsep_user=sshd
+SSH_PRIVSEP_USER=sshd
# Check whether --with-privsep-user or --without-privsep-user was given.
if test "${with_privsep_user+set}" = set; then
withval="$with_privsep_user"
if test -n "$withval"; then
- ssh_privsep_user=$withval
+ SSH_PRIVSEP_USER=$withval
fi
fi;
cat >>confdefs.h <<_ACEOF
-@%:@define SSH_PRIVSEP_USER "$ssh_privsep_user"
+@%:@define SSH_PRIVSEP_USER "$SSH_PRIVSEP_USER"
_ACEOF
+
# We do this little dance with the search path to insure
# that programs that we select for use by installed programs
# (which may be run by the super-user) come from trusted
# Looking for programs, paths and files
-# Check whether --with-rsh or --without-rsh was given.
-if test "${with_rsh+set}" = set; then
- withval="$with_rsh"
-
- if test "x$withval" != "$no" ; then
- rsh_path=$withval
- fi
-
-else
-
- # Extract the first word of "rsh", so it can be a program name with args.
-set dummy rsh; ac_word=$2
-echo "$as_me:$LINENO: checking for $ac_word" >&5
-echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
-if test "${ac_cv_path_rsh_path+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- case $rsh_path in
- [\\/]* | ?:[\\/]*)
- ac_cv_path_rsh_path="$rsh_path" # Let the user override the test with a path.
- ;;
- *)
- as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_exec_ext in '' $ac_executable_extensions; do
- if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
- ac_cv_path_rsh_path="$as_dir/$ac_word$ac_exec_ext"
- echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
- break 2
- fi
-done
-done
-
- ;;
-esac
-fi
-rsh_path=$ac_cv_path_rsh_path
-
-if test -n "$rsh_path"; then
- echo "$as_me:$LINENO: result: $rsh_path" >&5
-echo "${ECHO_T}$rsh_path" >&6
-else
- echo "$as_me:$LINENO: result: no" >&5
-echo "${ECHO_T}no" >&6
-fi
-
-
-
-fi;
-
PRIVSEP_PATH=/var/empty
# Check whether --with-privsep-path or --without-privsep-path was given.
XAUTH_PATH=$xauth_path
-fi
-if test ! -z "$rsh_path" ; then
- cat >>confdefs.h <<_ACEOF
-@%:@define RSH_PATH "$rsh_path"
-_ACEOF
-
fi
# Check for mail directory (last resort if we cannot get it from headers)
s,@LIBWRAP@,$LIBWRAP,;t t
s,@LIBPAM@,$LIBPAM,;t t
s,@INSTALL_SSH_RAND_HELPER@,$INSTALL_SSH_RAND_HELPER,;t t
+s,@SSH_PRIVSEP_USER@,$SSH_PRIVSEP_USER,;t t
s,@PROG_LS@,$PROG_LS,;t t
s,@PROG_NETSTAT@,$PROG_NETSTAT,;t t
s,@PROG_ARP@,$PROG_ARP,;t t
s,@INSTALL_SSH_PRNG_CMDS@,$INSTALL_SSH_PRNG_CMDS,;t t
s,@NO_SFTP@,$NO_SFTP,;t t
s,@OPENSC_CONFIG@,$OPENSC_CONFIG,;t t
-s,@rsh_path@,$rsh_path,;t t
s,@PRIVSEP_PATH@,$PRIVSEP_PATH,;t t
s,@xauth_path@,$xauth_path,;t t
s,@XAUTH_PATH@,$XAUTH_PATH,;t t
m4trace:configure.ac:75: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_GETADDRINFO])
m4trace:configure.ac:76: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_REALPATH])
m4trace:configure.ac:78: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_LASTLOG])
-m4trace:configure.ac:82: -1- AC_DEFINE_TRACE_LITERAL([HAVE_CYGWIN])
-m4trace:configure.ac:83: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES])
-m4trace:configure.ac:84: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_SHADOW])
-m4trace:configure.ac:85: -1- AC_DEFINE_TRACE_LITERAL([IPV4_DEFAULT])
-m4trace:configure.ac:86: -1- AC_DEFINE_TRACE_LITERAL([IP_TOS_IS_BROKEN])
-m4trace:configure.ac:87: -1- AC_DEFINE_TRACE_LITERAL([NO_X11_UNIX_SOCKETS])
-m4trace:configure.ac:88: -1- AC_DEFINE_TRACE_LITERAL([SETGROUPS_NOOP])
-m4trace:configure.ac:91: -1- AC_DEFINE_TRACE_LITERAL([IP_TOS_IS_BROKEN])
-m4trace:configure.ac:94: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_GETADDRINFO])
-m4trace:configure.ac:102: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SECUREWARE])
-m4trace:configure.ac:103: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES])
-m4trace:configure.ac:104: -1- AC_DEFINE_TRACE_LITERAL([LOGIN_NO_ENDOPT])
-m4trace:configure.ac:105: -1- AC_DEFINE_TRACE_LITERAL([LOGIN_NEEDS_UTMPX])
-m4trace:configure.ac:106: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_SHADOW])
-m4trace:configure.ac:107: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_UTMP])
-m4trace:configure.ac:108: -1- AC_DEFINE_TRACE_LITERAL([SPT_TYPE])
-m4trace:configure.ac:118: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES])
-m4trace:configure.ac:119: -1- AC_DEFINE_TRACE_LITERAL([LOGIN_NO_ENDOPT])
-m4trace:configure.ac:120: -1- AC_DEFINE_TRACE_LITERAL([LOGIN_NEEDS_UTMPX])
-m4trace:configure.ac:121: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_SHADOW])
-m4trace:configure.ac:122: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_UTMP])
-m4trace:configure.ac:123: -1- AC_DEFINE_TRACE_LITERAL([SPT_TYPE])
-m4trace:configure.ac:129: -1- AC_DEFINE_TRACE_LITERAL([PAM_SUN_CODEBASE])
-m4trace:configure.ac:130: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES])
-m4trace:configure.ac:131: -1- AC_DEFINE_TRACE_LITERAL([LOGIN_NO_ENDOPT])
-m4trace:configure.ac:132: -1- AC_DEFINE_TRACE_LITERAL([LOGIN_NEEDS_UTMPX])
-m4trace:configure.ac:133: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_SHADOW])
-m4trace:configure.ac:134: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_UTMP])
-m4trace:configure.ac:135: -1- AC_DEFINE_TRACE_LITERAL([SPT_TYPE])
-m4trace:configure.ac:142: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_INET_NTOA])
-m4trace:configure.ac:143: -1- AC_DEFINE_TRACE_LITERAL([WITH_ABBREV_NO_TTY])
-m4trace:configure.ac:149: -1- AC_DEFINE_TRACE_LITERAL([WITH_IRIX_ARRAY])
-m4trace:configure.ac:150: -1- AC_DEFINE_TRACE_LITERAL([WITH_IRIX_PROJECT])
-m4trace:configure.ac:151: -1- AC_DEFINE_TRACE_LITERAL([WITH_IRIX_AUDIT])
-m4trace:configure.ac:152: -1- AC_DEFINE_TRACE_LITERAL([WITH_IRIX_JOBS])
-m4trace:configure.ac:153: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_INET_NTOA])
-m4trace:configure.ac:154: -1- AC_DEFINE_TRACE_LITERAL([WITH_ABBREV_NO_TTY])
-m4trace:configure.ac:159: -1- AC_DEFINE_TRACE_LITERAL([DONT_TRY_OTHER_AF])
-m4trace:configure.ac:160: -1- AC_DEFINE_TRACE_LITERAL([PAM_TTY_KLUDGE])
-m4trace:configure.ac:164: -1- AC_DEFINE_TRACE_LITERAL([HAVE_NEWS4])
-m4trace:configure.ac:178: -1- AC_DEFINE_TRACE_LITERAL([HAVE_NEXT])
-m4trace:configure.ac:179: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_REALPATH])
-m4trace:configure.ac:180: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES])
-m4trace:configure.ac:181: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_SAVED_UIDS])
-m4trace:configure.ac:189: -1- AC_DEFINE_TRACE_LITERAL([PAM_SUN_CODEBASE])
-m4trace:configure.ac:190: -1- AC_DEFINE_TRACE_LITERAL([LOGIN_NEEDS_UTMPX])
-m4trace:configure.ac:191: -1- AC_DEFINE_TRACE_LITERAL([LOGIN_NEEDS_TERM])
-m4trace:configure.ac:192: -1- AC_DEFINE_TRACE_LITERAL([PAM_TTY_KLUDGE])
-m4trace:configure.ac:199: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_UTMP])
-m4trace:configure.ac:200: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_WTMP])
-m4trace:configure.ac:207: -1- AC_CHECK_FUNCS([getpwanam])
-m4trace:configure.ac:207: -1- AH_OUTPUT([HAVE_GETPWANAM], [/* Define to 1 if you have the \`getpwanam' function. */
+m4trace:configure.ac:79: -1- AC_DEFINE_TRACE_LITERAL([LOGIN_NEEDS_UTMPX])
+m4trace:configure.ac:83: -1- AC_DEFINE_TRACE_LITERAL([HAVE_CYGWIN])
+m4trace:configure.ac:84: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES])
+m4trace:configure.ac:85: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_SHADOW])
+m4trace:configure.ac:86: -1- AC_DEFINE_TRACE_LITERAL([IPV4_DEFAULT])
+m4trace:configure.ac:87: -1- AC_DEFINE_TRACE_LITERAL([IP_TOS_IS_BROKEN])
+m4trace:configure.ac:88: -1- AC_DEFINE_TRACE_LITERAL([NO_X11_UNIX_SOCKETS])
+m4trace:configure.ac:89: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_FD_PASSING])
+m4trace:configure.ac:90: -1- AC_DEFINE_TRACE_LITERAL([SETGROUPS_NOOP])
+m4trace:configure.ac:93: -1- AC_DEFINE_TRACE_LITERAL([IP_TOS_IS_BROKEN])
+m4trace:configure.ac:96: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_GETADDRINFO])
+m4trace:configure.ac:104: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SECUREWARE])
+m4trace:configure.ac:105: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES])
+m4trace:configure.ac:106: -1- AC_DEFINE_TRACE_LITERAL([LOGIN_NO_ENDOPT])
+m4trace:configure.ac:107: -1- AC_DEFINE_TRACE_LITERAL([LOGIN_NEEDS_UTMPX])
+m4trace:configure.ac:108: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_SHADOW])
+m4trace:configure.ac:109: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_UTMP])
+m4trace:configure.ac:110: -1- AC_DEFINE_TRACE_LITERAL([SPT_TYPE])
+m4trace:configure.ac:120: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES])
+m4trace:configure.ac:121: -1- AC_DEFINE_TRACE_LITERAL([LOGIN_NO_ENDOPT])
+m4trace:configure.ac:122: -1- AC_DEFINE_TRACE_LITERAL([LOGIN_NEEDS_UTMPX])
+m4trace:configure.ac:123: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_SHADOW])
+m4trace:configure.ac:124: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_UTMP])
+m4trace:configure.ac:125: -1- AC_DEFINE_TRACE_LITERAL([SPT_TYPE])
+m4trace:configure.ac:131: -1- AC_DEFINE_TRACE_LITERAL([PAM_SUN_CODEBASE])
+m4trace:configure.ac:132: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES])
+m4trace:configure.ac:133: -1- AC_DEFINE_TRACE_LITERAL([LOGIN_NO_ENDOPT])
+m4trace:configure.ac:134: -1- AC_DEFINE_TRACE_LITERAL([LOGIN_NEEDS_UTMPX])
+m4trace:configure.ac:135: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_SHADOW])
+m4trace:configure.ac:136: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_UTMP])
+m4trace:configure.ac:137: -1- AC_DEFINE_TRACE_LITERAL([SPT_TYPE])
+m4trace:configure.ac:144: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_INET_NTOA])
+m4trace:configure.ac:145: -1- AC_DEFINE_TRACE_LITERAL([WITH_ABBREV_NO_TTY])
+m4trace:configure.ac:151: -1- AC_DEFINE_TRACE_LITERAL([WITH_IRIX_ARRAY])
+m4trace:configure.ac:152: -1- AC_DEFINE_TRACE_LITERAL([WITH_IRIX_PROJECT])
+m4trace:configure.ac:153: -1- AC_DEFINE_TRACE_LITERAL([WITH_IRIX_AUDIT])
+m4trace:configure.ac:154: -1- AC_DEFINE_TRACE_LITERAL([WITH_IRIX_JOBS])
+m4trace:configure.ac:155: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_INET_NTOA])
+m4trace:configure.ac:156: -1- AC_DEFINE_TRACE_LITERAL([WITH_ABBREV_NO_TTY])
+m4trace:configure.ac:161: -1- AC_DEFINE_TRACE_LITERAL([DONT_TRY_OTHER_AF])
+m4trace:configure.ac:162: -1- AC_DEFINE_TRACE_LITERAL([PAM_TTY_KLUDGE])
+m4trace:configure.ac:166: -1- AC_DEFINE_TRACE_LITERAL([HAVE_NEWS4])
+m4trace:configure.ac:180: -1- AC_DEFINE_TRACE_LITERAL([HAVE_NEXT])
+m4trace:configure.ac:181: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_REALPATH])
+m4trace:configure.ac:182: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES])
+m4trace:configure.ac:183: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_SAVED_UIDS])
+m4trace:configure.ac:191: -1- AC_DEFINE_TRACE_LITERAL([PAM_SUN_CODEBASE])
+m4trace:configure.ac:192: -1- AC_DEFINE_TRACE_LITERAL([LOGIN_NEEDS_UTMPX])
+m4trace:configure.ac:193: -1- AC_DEFINE_TRACE_LITERAL([LOGIN_NEEDS_TERM])
+m4trace:configure.ac:194: -1- AC_DEFINE_TRACE_LITERAL([PAM_TTY_KLUDGE])
+m4trace:configure.ac:201: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_UTMP])
+m4trace:configure.ac:202: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_WTMP])
+m4trace:configure.ac:209: -1- AC_CHECK_FUNCS([getpwanam])
+m4trace:configure.ac:209: -1- AH_OUTPUT([HAVE_GETPWANAM], [/* Define to 1 if you have the \`getpwanam' function. */
#undef HAVE_GETPWANAM])
-m4trace:configure.ac:208: -1- AC_DEFINE_TRACE_LITERAL([PAM_SUN_CODEBASE])
-m4trace:configure.ac:212: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES])
-m4trace:configure.ac:218: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES])
-m4trace:configure.ac:225: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES])
-m4trace:configure.ac:226: -1- AC_DEFINE_TRACE_LITERAL([IP_TOS_IS_BROKEN])
-m4trace:configure.ac:234: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES])
-m4trace:configure.ac:239: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES])
-m4trace:configure.ac:252: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_SYS_TERMIO_H])
-m4trace:configure.ac:253: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES])
-m4trace:configure.ac:254: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SECUREWARE])
-m4trace:configure.ac:255: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_SHADOW])
-m4trace:configure.ac:256: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_SAVED_UIDS])
-m4trace:configure.ac:257: -1- AC_CHECK_FUNCS([getluid setluid])
-m4trace:configure.ac:257: -1- AH_OUTPUT([HAVE_GETLUID], [/* Define to 1 if you have the \`getluid' function. */
+m4trace:configure.ac:210: -1- AC_DEFINE_TRACE_LITERAL([PAM_SUN_CODEBASE])
+m4trace:configure.ac:214: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES])
+m4trace:configure.ac:220: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES])
+m4trace:configure.ac:227: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES])
+m4trace:configure.ac:228: -1- AC_DEFINE_TRACE_LITERAL([IP_TOS_IS_BROKEN])
+m4trace:configure.ac:236: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES])
+m4trace:configure.ac:241: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES])
+m4trace:configure.ac:253: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_SYS_TERMIO_H])
+m4trace:configure.ac:254: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES])
+m4trace:configure.ac:255: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SECUREWARE])
+m4trace:configure.ac:256: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_SHADOW])
+m4trace:configure.ac:257: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_SAVED_UIDS])
+m4trace:configure.ac:258: -1- AC_CHECK_FUNCS([getluid setluid])
+m4trace:configure.ac:258: -1- AH_OUTPUT([HAVE_GETLUID], [/* Define to 1 if you have the \`getluid' function. */
#undef HAVE_GETLUID])
-m4trace:configure.ac:257: -1- AH_OUTPUT([HAVE_SETLUID], [/* Define to 1 if you have the \`setluid' function. */
+m4trace:configure.ac:258: -1- AH_OUTPUT([HAVE_SETLUID], [/* Define to 1 if you have the \`setluid' function. */
#undef HAVE_SETLUID])
m4trace:configure.ac:267: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES])
m4trace:configure.ac:268: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SECUREWARE])
m4trace:configure.ac:269: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_SHADOW])
-m4trace:configure.ac:270: -1- AC_CHECK_FUNCS([getluid setluid])
-m4trace:configure.ac:270: -1- AH_OUTPUT([HAVE_GETLUID], [/* Define to 1 if you have the \`getluid' function. */
+m4trace:configure.ac:270: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_FD_PASSING])
+m4trace:configure.ac:271: -1- AC_CHECK_FUNCS([getluid setluid])
+m4trace:configure.ac:271: -1- AH_OUTPUT([HAVE_GETLUID], [/* Define to 1 if you have the \`getluid' function. */
#undef HAVE_GETLUID])
-m4trace:configure.ac:270: -1- AH_OUTPUT([HAVE_SETLUID], [/* Define to 1 if you have the \`setluid' function. */
+m4trace:configure.ac:271: -1- AH_OUTPUT([HAVE_SETLUID], [/* Define to 1 if you have the \`setluid' function. */
#undef HAVE_SETLUID])
-m4trace:configure.ac:276: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES])
-m4trace:configure.ac:295: -1- AC_DEFINE_TRACE_LITERAL([HAVE_OSF_SIA])
-m4trace:configure.ac:296: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_LOGIN])
-m4trace:configure.ac:305: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES])
-m4trace:configure.ac:306: -1- AC_DEFINE_TRACE_LITERAL([NO_X11_UNIX_SOCKETS])
-m4trace:configure.ac:307: -1- AC_DEFINE_TRACE_LITERAL([MISSING_NFDBITS])
-m4trace:configure.ac:308: -1- AC_DEFINE_TRACE_LITERAL([MISSING_HOWMANY])
-m4trace:configure.ac:309: -1- AC_DEFINE_TRACE_LITERAL([MISSING_FD_MASK])
-m4trace:configure.ac:357: -1- AC_CHECK_HEADERS([bstring.h crypt.h endian.h floatingpoint.h \
+m4trace:configure.ac:277: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES])
+m4trace:configure.ac:278: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_FD_PASSING])
+m4trace:configure.ac:297: -1- AC_DEFINE_TRACE_LITERAL([HAVE_OSF_SIA])
+m4trace:configure.ac:298: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_LOGIN])
+m4trace:configure.ac:307: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES])
+m4trace:configure.ac:308: -1- AC_DEFINE_TRACE_LITERAL([NO_X11_UNIX_SOCKETS])
+m4trace:configure.ac:309: -1- AC_DEFINE_TRACE_LITERAL([MISSING_NFDBITS])
+m4trace:configure.ac:310: -1- AC_DEFINE_TRACE_LITERAL([MISSING_HOWMANY])
+m4trace:configure.ac:311: -1- AC_DEFINE_TRACE_LITERAL([MISSING_FD_MASK])
+m4trace:configure.ac:359: -1- AC_CHECK_HEADERS([bstring.h crypt.h endian.h floatingpoint.h \
getopt.h glob.h lastlog.h limits.h login.h \
login_cap.h maillock.h netdb.h netgroup.h \
netinet/in_systm.h paths.h pty.h readpassphrase.h \
sys/stropts.h sys/sysmacros.h sys/time.h \
sys/un.h time.h ttyent.h usersec.h \
util.h utime.h utmp.h utmpx.h])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_BSTRING_H], [/* Define to 1 if you have the <bstring.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_BSTRING_H], [/* Define to 1 if you have the <bstring.h> header file. */
#undef HAVE_BSTRING_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_CRYPT_H], [/* Define to 1 if you have the <crypt.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_CRYPT_H], [/* Define to 1 if you have the <crypt.h> header file. */
#undef HAVE_CRYPT_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_ENDIAN_H], [/* Define to 1 if you have the <endian.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_ENDIAN_H], [/* Define to 1 if you have the <endian.h> header file. */
#undef HAVE_ENDIAN_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_FLOATINGPOINT_H], [/* Define to 1 if you have the <floatingpoint.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_FLOATINGPOINT_H], [/* Define to 1 if you have the <floatingpoint.h> header file. */
#undef HAVE_FLOATINGPOINT_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_GETOPT_H], [/* Define to 1 if you have the <getopt.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_GETOPT_H], [/* Define to 1 if you have the <getopt.h> header file. */
#undef HAVE_GETOPT_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_GLOB_H], [/* Define to 1 if you have the <glob.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_GLOB_H], [/* Define to 1 if you have the <glob.h> header file. */
#undef HAVE_GLOB_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_LASTLOG_H], [/* Define to 1 if you have the <lastlog.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_LASTLOG_H], [/* Define to 1 if you have the <lastlog.h> header file. */
#undef HAVE_LASTLOG_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_LIMITS_H], [/* Define to 1 if you have the <limits.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_LIMITS_H], [/* Define to 1 if you have the <limits.h> header file. */
#undef HAVE_LIMITS_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_LOGIN_H], [/* Define to 1 if you have the <login.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_LOGIN_H], [/* Define to 1 if you have the <login.h> header file. */
#undef HAVE_LOGIN_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_LOGIN_CAP_H], [/* Define to 1 if you have the <login_cap.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_LOGIN_CAP_H], [/* Define to 1 if you have the <login_cap.h> header file. */
#undef HAVE_LOGIN_CAP_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_MAILLOCK_H], [/* Define to 1 if you have the <maillock.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_MAILLOCK_H], [/* Define to 1 if you have the <maillock.h> header file. */
#undef HAVE_MAILLOCK_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_NETDB_H], [/* Define to 1 if you have the <netdb.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_NETDB_H], [/* Define to 1 if you have the <netdb.h> header file. */
#undef HAVE_NETDB_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_NETGROUP_H], [/* Define to 1 if you have the <netgroup.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_NETGROUP_H], [/* Define to 1 if you have the <netgroup.h> header file. */
#undef HAVE_NETGROUP_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_NETINET_IN_SYSTM_H], [/* Define to 1 if you have the <netinet/in_systm.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_NETINET_IN_SYSTM_H], [/* Define to 1 if you have the <netinet/in_systm.h> header file. */
#undef HAVE_NETINET_IN_SYSTM_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_PATHS_H], [/* Define to 1 if you have the <paths.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_PATHS_H], [/* Define to 1 if you have the <paths.h> header file. */
#undef HAVE_PATHS_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_PTY_H], [/* Define to 1 if you have the <pty.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_PTY_H], [/* Define to 1 if you have the <pty.h> header file. */
#undef HAVE_PTY_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_READPASSPHRASE_H], [/* Define to 1 if you have the <readpassphrase.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_READPASSPHRASE_H], [/* Define to 1 if you have the <readpassphrase.h> header file. */
#undef HAVE_READPASSPHRASE_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_RPC_TYPES_H], [/* Define to 1 if you have the <rpc/types.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_RPC_TYPES_H], [/* Define to 1 if you have the <rpc/types.h> header file. */
#undef HAVE_RPC_TYPES_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_SECURITY_PAM_APPL_H], [/* Define to 1 if you have the <security/pam_appl.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_SECURITY_PAM_APPL_H], [/* Define to 1 if you have the <security/pam_appl.h> header file. */
#undef HAVE_SECURITY_PAM_APPL_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_SHADOW_H], [/* Define to 1 if you have the <shadow.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_SHADOW_H], [/* Define to 1 if you have the <shadow.h> header file. */
#undef HAVE_SHADOW_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_STDDEF_H], [/* Define to 1 if you have the <stddef.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_STDDEF_H], [/* Define to 1 if you have the <stddef.h> header file. */
#undef HAVE_STDDEF_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_STDINT_H], [/* Define to 1 if you have the <stdint.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_STDINT_H], [/* Define to 1 if you have the <stdint.h> header file. */
#undef HAVE_STDINT_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_STRINGS_H], [/* Define to 1 if you have the <strings.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_STRINGS_H], [/* Define to 1 if you have the <strings.h> header file. */
#undef HAVE_STRINGS_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_SYS_BITYPES_H], [/* Define to 1 if you have the <sys/bitypes.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_SYS_BITYPES_H], [/* Define to 1 if you have the <sys/bitypes.h> header file. */
#undef HAVE_SYS_BITYPES_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_SYS_BSDTTY_H], [/* Define to 1 if you have the <sys/bsdtty.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_SYS_BSDTTY_H], [/* Define to 1 if you have the <sys/bsdtty.h> header file. */
#undef HAVE_SYS_BSDTTY_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_SYS_CDEFS_H], [/* Define to 1 if you have the <sys/cdefs.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_SYS_CDEFS_H], [/* Define to 1 if you have the <sys/cdefs.h> header file. */
#undef HAVE_SYS_CDEFS_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_SYS_MMAN_H], [/* Define to 1 if you have the <sys/mman.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_SYS_MMAN_H], [/* Define to 1 if you have the <sys/mman.h> header file. */
#undef HAVE_SYS_MMAN_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_SYS_SELECT_H], [/* Define to 1 if you have the <sys/select.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_SYS_SELECT_H], [/* Define to 1 if you have the <sys/select.h> header file. */
#undef HAVE_SYS_SELECT_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_SYS_STAT_H], [/* Define to 1 if you have the <sys/stat.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_SYS_STAT_H], [/* Define to 1 if you have the <sys/stat.h> header file. */
#undef HAVE_SYS_STAT_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_SYS_STROPTS_H], [/* Define to 1 if you have the <sys/stropts.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_SYS_STROPTS_H], [/* Define to 1 if you have the <sys/stropts.h> header file. */
#undef HAVE_SYS_STROPTS_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_SYS_SYSMACROS_H], [/* Define to 1 if you have the <sys/sysmacros.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_SYS_SYSMACROS_H], [/* Define to 1 if you have the <sys/sysmacros.h> header file. */
#undef HAVE_SYS_SYSMACROS_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_SYS_TIME_H], [/* Define to 1 if you have the <sys/time.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_SYS_TIME_H], [/* Define to 1 if you have the <sys/time.h> header file. */
#undef HAVE_SYS_TIME_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_SYS_UN_H], [/* Define to 1 if you have the <sys/un.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_SYS_UN_H], [/* Define to 1 if you have the <sys/un.h> header file. */
#undef HAVE_SYS_UN_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_TIME_H], [/* Define to 1 if you have the <time.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_TIME_H], [/* Define to 1 if you have the <time.h> header file. */
#undef HAVE_TIME_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_TTYENT_H], [/* Define to 1 if you have the <ttyent.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_TTYENT_H], [/* Define to 1 if you have the <ttyent.h> header file. */
#undef HAVE_TTYENT_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_USERSEC_H], [/* Define to 1 if you have the <usersec.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_USERSEC_H], [/* Define to 1 if you have the <usersec.h> header file. */
#undef HAVE_USERSEC_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_UTIL_H], [/* Define to 1 if you have the <util.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_UTIL_H], [/* Define to 1 if you have the <util.h> header file. */
#undef HAVE_UTIL_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_UTIME_H], [/* Define to 1 if you have the <utime.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_UTIME_H], [/* Define to 1 if you have the <utime.h> header file. */
#undef HAVE_UTIME_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_UTMP_H], [/* Define to 1 if you have the <utmp.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_UTMP_H], [/* Define to 1 if you have the <utmp.h> header file. */
#undef HAVE_UTMP_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_UTMPX_H], [/* Define to 1 if you have the <utmpx.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_UTMPX_H], [/* Define to 1 if you have the <utmpx.h> header file. */
#undef HAVE_UTMPX_H])
-m4trace:configure.ac:357: -1- AC_HEADER_STDC
-m4trace:configure.ac:357: -1- AC_DEFINE_TRACE_LITERAL([STDC_HEADERS])
-m4trace:configure.ac:357: -1- AH_OUTPUT([STDC_HEADERS], [/* Define to 1 if you have the ANSI C header files. */
+m4trace:configure.ac:359: -1- AC_HEADER_STDC
+m4trace:configure.ac:359: -1- AC_DEFINE_TRACE_LITERAL([STDC_HEADERS])
+m4trace:configure.ac:359: -1- AH_OUTPUT([STDC_HEADERS], [/* Define to 1 if you have the ANSI C header files. */
#undef STDC_HEADERS])
-m4trace:configure.ac:357: -1- AC_CHECK_HEADERS([sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \
+m4trace:configure.ac:359: -1- AC_CHECK_HEADERS([sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \
inttypes.h stdint.h unistd.h], [], [], [$ac_includes_default])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_SYS_TYPES_H], [/* Define to 1 if you have the <sys/types.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_SYS_TYPES_H], [/* Define to 1 if you have the <sys/types.h> header file. */
#undef HAVE_SYS_TYPES_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_SYS_STAT_H], [/* Define to 1 if you have the <sys/stat.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_SYS_STAT_H], [/* Define to 1 if you have the <sys/stat.h> header file. */
#undef HAVE_SYS_STAT_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_STDLIB_H], [/* Define to 1 if you have the <stdlib.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_STDLIB_H], [/* Define to 1 if you have the <stdlib.h> header file. */
#undef HAVE_STDLIB_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_STRING_H], [/* Define to 1 if you have the <string.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_STRING_H], [/* Define to 1 if you have the <string.h> header file. */
#undef HAVE_STRING_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_MEMORY_H], [/* Define to 1 if you have the <memory.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_MEMORY_H], [/* Define to 1 if you have the <memory.h> header file. */
#undef HAVE_MEMORY_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_STRINGS_H], [/* Define to 1 if you have the <strings.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_STRINGS_H], [/* Define to 1 if you have the <strings.h> header file. */
#undef HAVE_STRINGS_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_INTTYPES_H], [/* Define to 1 if you have the <inttypes.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_INTTYPES_H], [/* Define to 1 if you have the <inttypes.h> header file. */
#undef HAVE_INTTYPES_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_STDINT_H], [/* Define to 1 if you have the <stdint.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_STDINT_H], [/* Define to 1 if you have the <stdint.h> header file. */
#undef HAVE_STDINT_H])
-m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_UNISTD_H], [/* Define to 1 if you have the <unistd.h> header file. */
+m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_UNISTD_H], [/* Define to 1 if you have the <unistd.h> header file. */
#undef HAVE_UNISTD_H])
-m4trace:configure.ac:360: -2- AC_CHECK_LIB([nsl], [yp_match])
-m4trace:configure.ac:360: -2- AH_OUTPUT([HAVE_LIBNSL], [/* Define to 1 if you have the \`nsl' library (-lnsl). */
+m4trace:configure.ac:362: -2- AC_CHECK_LIB([nsl], [yp_match])
+m4trace:configure.ac:362: -2- AH_OUTPUT([HAVE_LIBNSL], [/* Define to 1 if you have the \`nsl' library (-lnsl). */
#undef HAVE_LIBNSL])
-m4trace:configure.ac:360: -2- AC_DEFINE_TRACE_LITERAL([HAVE_LIBNSL])
-m4trace:configure.ac:361: -2- AC_CHECK_LIB([socket], [setsockopt])
-m4trace:configure.ac:361: -2- AH_OUTPUT([HAVE_LIBSOCKET], [/* Define to 1 if you have the \`socket' library (-lsocket). */
+m4trace:configure.ac:362: -2- AC_DEFINE_TRACE_LITERAL([HAVE_LIBNSL])
+m4trace:configure.ac:363: -2- AC_CHECK_LIB([socket], [setsockopt])
+m4trace:configure.ac:363: -2- AH_OUTPUT([HAVE_LIBSOCKET], [/* Define to 1 if you have the \`socket' library (-lsocket). */
#undef HAVE_LIBSOCKET])
-m4trace:configure.ac:361: -2- AC_DEFINE_TRACE_LITERAL([HAVE_LIBSOCKET])
-m4trace:configure.ac:366: -1- AC_CHECK_LIB([rpc], [innetgr], [LIBS="-lrpc -lyp -lrpc $LIBS" ], [], [-lyp -lrpc])
-m4trace:configure.ac:371: -2- AC_CHECK_LIB([gen], [getspnam], [LIBS="$LIBS -lgen"])
-m4trace:configure.ac:413: -1- AC_CHECK_LIB([z], [deflate], [], [{ { echo "$as_me:$LINENO: error: *** zlib missing - please install first or check config.log ***" >&5
+m4trace:configure.ac:363: -2- AC_DEFINE_TRACE_LITERAL([HAVE_LIBSOCKET])
+m4trace:configure.ac:368: -1- AC_CHECK_LIB([rpc], [innetgr], [LIBS="-lrpc -lyp -lrpc $LIBS" ], [], [-lyp -lrpc])
+m4trace:configure.ac:373: -2- AC_CHECK_LIB([gen], [getspnam], [LIBS="$LIBS -lgen"])
+m4trace:configure.ac:415: -1- AC_CHECK_LIB([z], [deflate], [], [{ { echo "$as_me:$LINENO: error: *** zlib missing - please install first or check config.log ***" >&5
echo "$as_me: error: *** zlib missing - please install first or check config.log ***" >&2;}
{ (exit 1); exit 1; }; }])
-m4trace:configure.ac:413: -1- AH_OUTPUT([HAVE_LIBZ], [/* Define to 1 if you have the \`z' library (-lz). */
+m4trace:configure.ac:415: -1- AH_OUTPUT([HAVE_LIBZ], [/* Define to 1 if you have the \`z' library (-lz). */
#undef HAVE_LIBZ])
-m4trace:configure.ac:413: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBZ])
-m4trace:configure.ac:418: -1- AC_CHECK_LIB([resolv], [strcasecmp], [LIBS="$LIBS -lresolv"])
-m4trace:configure.ac:421: -1- AC_CHECK_LIB([c89], [utimes], [LIBS="$LIBS -lc89"])
-m4trace:configure.ac:424: -1- AC_CHECK_HEADERS([libutil.h])
-m4trace:configure.ac:424: -1- AH_OUTPUT([HAVE_LIBUTIL_H], [/* Define to 1 if you have the <libutil.h> header file. */
+m4trace:configure.ac:415: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBZ])
+m4trace:configure.ac:420: -1- AC_CHECK_LIB([resolv], [strcasecmp], [LIBS="$LIBS -lresolv"])
+m4trace:configure.ac:423: -1- AC_CHECK_LIB([c89], [utimes], [LIBS="$LIBS -lc89"])
+m4trace:configure.ac:426: -1- AC_CHECK_HEADERS([libutil.h])
+m4trace:configure.ac:426: -1- AH_OUTPUT([HAVE_LIBUTIL_H], [/* Define to 1 if you have the <libutil.h> header file. */
#undef HAVE_LIBUTIL_H])
-m4trace:configure.ac:425: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LOGIN])
-m4trace:configure.ac:426: -1- AC_CHECK_FUNCS([logout updwtmp logwtmp])
-m4trace:configure.ac:426: -1- AH_OUTPUT([HAVE_LOGOUT], [/* Define to 1 if you have the \`logout' function. */
+m4trace:configure.ac:427: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LOGIN])
+m4trace:configure.ac:428: -1- AC_CHECK_FUNCS([logout updwtmp logwtmp])
+m4trace:configure.ac:428: -1- AH_OUTPUT([HAVE_LOGOUT], [/* Define to 1 if you have the \`logout' function. */
#undef HAVE_LOGOUT])
-m4trace:configure.ac:426: -1- AH_OUTPUT([HAVE_UPDWTMP], [/* Define to 1 if you have the \`updwtmp' function. */
+m4trace:configure.ac:428: -1- AH_OUTPUT([HAVE_UPDWTMP], [/* Define to 1 if you have the \`updwtmp' function. */
#undef HAVE_UPDWTMP])
-m4trace:configure.ac:426: -1- AH_OUTPUT([HAVE_LOGWTMP], [/* Define to 1 if you have the \`logwtmp' function. */
+m4trace:configure.ac:428: -1- AH_OUTPUT([HAVE_LOGWTMP], [/* Define to 1 if you have the \`logwtmp' function. */
#undef HAVE_LOGWTMP])
-m4trace:configure.ac:428: -1- AC_FUNC_STRFTIME
-m4trace:configure.ac:428: -1- AC_CHECK_FUNCS([strftime], [], [# strftime is in -lintl on SCO UNIX.
+m4trace:configure.ac:430: -1- AC_FUNC_STRFTIME
+m4trace:configure.ac:430: -1- AC_CHECK_FUNCS([strftime], [], [# strftime is in -lintl on SCO UNIX.
AC_CHECK_LIB(intl, strftime,
[AC_DEFINE(HAVE_STRFTIME)
LIBS="-lintl $LIBS"])])
-m4trace:configure.ac:428: -1- AH_OUTPUT([HAVE_STRFTIME], [/* Define to 1 if you have the \`strftime' function. */
+m4trace:configure.ac:430: -1- AH_OUTPUT([HAVE_STRFTIME], [/* Define to 1 if you have the \`strftime' function. */
#undef HAVE_STRFTIME])
-m4trace:configure.ac:428: -1- AC_CHECK_LIB([intl], [strftime], [AC_DEFINE(HAVE_STRFTIME)
+m4trace:configure.ac:430: -1- AC_CHECK_LIB([intl], [strftime], [AC_DEFINE(HAVE_STRFTIME)
LIBS="-lintl $LIBS"])
-m4trace:configure.ac:428: -1- AC_DEFINE_TRACE_LITERAL([HAVE_STRFTIME])
-m4trace:configure.ac:446: -1- AC_DEFINE_TRACE_LITERAL([GLOB_HAS_ALTDIRFUNC])
-m4trace:configure.ac:462: -1- AC_DEFINE_TRACE_LITERAL([GLOB_HAS_GL_MATCHC])
-m4trace:configure.ac:476: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_ONE_BYTE_DIRENT_D_NAME])
-m4trace:configure.ac:509: -1- AC_DEFINE_TRACE_LITERAL([SKEY])
-m4trace:configure.ac:563: -1- AC_DEFINE_TRACE_LITERAL([LIBWRAP])
-m4trace:configure.ac:563: -1- AC_SUBST([LIBWRAP])
-m4trace:configure.ac:576: -1- AC_CHECK_FUNCS([arc4random b64_ntop bcopy bindresvport_sa \
+m4trace:configure.ac:430: -1- AC_DEFINE_TRACE_LITERAL([HAVE_STRFTIME])
+m4trace:configure.ac:448: -1- AC_DEFINE_TRACE_LITERAL([GLOB_HAS_ALTDIRFUNC])
+m4trace:configure.ac:464: -1- AC_DEFINE_TRACE_LITERAL([GLOB_HAS_GL_MATCHC])
+m4trace:configure.ac:478: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_ONE_BYTE_DIRENT_D_NAME])
+m4trace:configure.ac:511: -1- AC_DEFINE_TRACE_LITERAL([SKEY])
+m4trace:configure.ac:565: -1- AC_DEFINE_TRACE_LITERAL([LIBWRAP])
+m4trace:configure.ac:565: -1- AC_SUBST([LIBWRAP])
+m4trace:configure.ac:578: -1- AC_CHECK_FUNCS([arc4random b64_ntop bcopy bindresvport_sa \
clock fchmod fchown freeaddrinfo futimes gai_strerror \
getaddrinfo getcwd getgrouplist getnameinfo getopt \
getrlimit getrusage getttyent glob inet_aton inet_ntoa \
setrlimit setsid setpcred setvbuf sigaction sigvec snprintf \
socketpair strerror strlcat strlcpy strmode strsep sysconf tcgetpgrp \
truncate utimes vhangup vsnprintf waitpid __b64_ntop _getpty])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_ARC4RANDOM], [/* Define to 1 if you have the \`arc4random' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_ARC4RANDOM], [/* Define to 1 if you have the \`arc4random' function. */
#undef HAVE_ARC4RANDOM])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_B64_NTOP], [/* Define to 1 if you have the \`b64_ntop' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_B64_NTOP], [/* Define to 1 if you have the \`b64_ntop' function. */
#undef HAVE_B64_NTOP])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_BCOPY], [/* Define to 1 if you have the \`bcopy' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_BCOPY], [/* Define to 1 if you have the \`bcopy' function. */
#undef HAVE_BCOPY])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_BINDRESVPORT_SA], [/* Define to 1 if you have the \`bindresvport_sa' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_BINDRESVPORT_SA], [/* Define to 1 if you have the \`bindresvport_sa' function. */
#undef HAVE_BINDRESVPORT_SA])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_CLOCK], [/* Define to 1 if you have the \`clock' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_CLOCK], [/* Define to 1 if you have the \`clock' function. */
#undef HAVE_CLOCK])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_FCHMOD], [/* Define to 1 if you have the \`fchmod' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_FCHMOD], [/* Define to 1 if you have the \`fchmod' function. */
#undef HAVE_FCHMOD])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_FCHOWN], [/* Define to 1 if you have the \`fchown' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_FCHOWN], [/* Define to 1 if you have the \`fchown' function. */
#undef HAVE_FCHOWN])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_FREEADDRINFO], [/* Define to 1 if you have the \`freeaddrinfo' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_FREEADDRINFO], [/* Define to 1 if you have the \`freeaddrinfo' function. */
#undef HAVE_FREEADDRINFO])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_FUTIMES], [/* Define to 1 if you have the \`futimes' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_FUTIMES], [/* Define to 1 if you have the \`futimes' function. */
#undef HAVE_FUTIMES])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_GAI_STRERROR], [/* Define to 1 if you have the \`gai_strerror' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_GAI_STRERROR], [/* Define to 1 if you have the \`gai_strerror' function. */
#undef HAVE_GAI_STRERROR])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_GETADDRINFO], [/* Define to 1 if you have the \`getaddrinfo' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_GETADDRINFO], [/* Define to 1 if you have the \`getaddrinfo' function. */
#undef HAVE_GETADDRINFO])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_GETCWD], [/* Define to 1 if you have the \`getcwd' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_GETCWD], [/* Define to 1 if you have the \`getcwd' function. */
#undef HAVE_GETCWD])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_GETGROUPLIST], [/* Define to 1 if you have the \`getgrouplist' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_GETGROUPLIST], [/* Define to 1 if you have the \`getgrouplist' function. */
#undef HAVE_GETGROUPLIST])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_GETNAMEINFO], [/* Define to 1 if you have the \`getnameinfo' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_GETNAMEINFO], [/* Define to 1 if you have the \`getnameinfo' function. */
#undef HAVE_GETNAMEINFO])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_GETOPT], [/* Define to 1 if you have the \`getopt' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_GETOPT], [/* Define to 1 if you have the \`getopt' function. */
#undef HAVE_GETOPT])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_GETRLIMIT], [/* Define to 1 if you have the \`getrlimit' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_GETRLIMIT], [/* Define to 1 if you have the \`getrlimit' function. */
#undef HAVE_GETRLIMIT])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_GETRUSAGE], [/* Define to 1 if you have the \`getrusage' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_GETRUSAGE], [/* Define to 1 if you have the \`getrusage' function. */
#undef HAVE_GETRUSAGE])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_GETTTYENT], [/* Define to 1 if you have the \`getttyent' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_GETTTYENT], [/* Define to 1 if you have the \`getttyent' function. */
#undef HAVE_GETTTYENT])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_GLOB], [/* Define to 1 if you have the \`glob' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_GLOB], [/* Define to 1 if you have the \`glob' function. */
#undef HAVE_GLOB])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_INET_ATON], [/* Define to 1 if you have the \`inet_aton' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_INET_ATON], [/* Define to 1 if you have the \`inet_aton' function. */
#undef HAVE_INET_ATON])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_INET_NTOA], [/* Define to 1 if you have the \`inet_ntoa' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_INET_NTOA], [/* Define to 1 if you have the \`inet_ntoa' function. */
#undef HAVE_INET_NTOA])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_INET_NTOP], [/* Define to 1 if you have the \`inet_ntop' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_INET_NTOP], [/* Define to 1 if you have the \`inet_ntop' function. */
#undef HAVE_INET_NTOP])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_INNETGR], [/* Define to 1 if you have the \`innetgr' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_INNETGR], [/* Define to 1 if you have the \`innetgr' function. */
#undef HAVE_INNETGR])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_LOGIN_GETCAPBOOL], [/* Define to 1 if you have the \`login_getcapbool' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_LOGIN_GETCAPBOOL], [/* Define to 1 if you have the \`login_getcapbool' function. */
#undef HAVE_LOGIN_GETCAPBOOL])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_MD5_CRYPT], [/* Define to 1 if you have the \`md5_crypt' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_MD5_CRYPT], [/* Define to 1 if you have the \`md5_crypt' function. */
#undef HAVE_MD5_CRYPT])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_MEMMOVE], [/* Define to 1 if you have the \`memmove' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_MEMMOVE], [/* Define to 1 if you have the \`memmove' function. */
#undef HAVE_MEMMOVE])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_MKDTEMP], [/* Define to 1 if you have the \`mkdtemp' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_MKDTEMP], [/* Define to 1 if you have the \`mkdtemp' function. */
#undef HAVE_MKDTEMP])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_MMAP], [/* Define to 1 if you have the \`mmap' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_MMAP], [/* Define to 1 if you have the \`mmap' function. */
#undef HAVE_MMAP])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_NGETADDRINFO], [/* Define to 1 if you have the \`ngetaddrinfo' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_NGETADDRINFO], [/* Define to 1 if you have the \`ngetaddrinfo' function. */
#undef HAVE_NGETADDRINFO])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_OPENPTY], [/* Define to 1 if you have the \`openpty' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_OPENPTY], [/* Define to 1 if you have the \`openpty' function. */
#undef HAVE_OPENPTY])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_OGETADDRINFO], [/* Define to 1 if you have the \`ogetaddrinfo' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_OGETADDRINFO], [/* Define to 1 if you have the \`ogetaddrinfo' function. */
#undef HAVE_OGETADDRINFO])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_READPASSPHRASE], [/* Define to 1 if you have the \`readpassphrase' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_READPASSPHRASE], [/* Define to 1 if you have the \`readpassphrase' function. */
#undef HAVE_READPASSPHRASE])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_REALPATH], [/* Define to 1 if you have the \`realpath' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_REALPATH], [/* Define to 1 if you have the \`realpath' function. */
#undef HAVE_REALPATH])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_RECVMSG], [/* Define to 1 if you have the \`recvmsg' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_RECVMSG], [/* Define to 1 if you have the \`recvmsg' function. */
#undef HAVE_RECVMSG])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_RRESVPORT_AF], [/* Define to 1 if you have the \`rresvport_af' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_RRESVPORT_AF], [/* Define to 1 if you have the \`rresvport_af' function. */
#undef HAVE_RRESVPORT_AF])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_SENDMSG], [/* Define to 1 if you have the \`sendmsg' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_SENDMSG], [/* Define to 1 if you have the \`sendmsg' function. */
#undef HAVE_SENDMSG])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_SETDTABLESIZE], [/* Define to 1 if you have the \`setdtablesize' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_SETDTABLESIZE], [/* Define to 1 if you have the \`setdtablesize' function. */
#undef HAVE_SETDTABLESIZE])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_SETEGID], [/* Define to 1 if you have the \`setegid' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_SETEGID], [/* Define to 1 if you have the \`setegid' function. */
#undef HAVE_SETEGID])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_SETENV], [/* Define to 1 if you have the \`setenv' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_SETENV], [/* Define to 1 if you have the \`setenv' function. */
#undef HAVE_SETENV])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_SETEUID], [/* Define to 1 if you have the \`seteuid' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_SETEUID], [/* Define to 1 if you have the \`seteuid' function. */
#undef HAVE_SETEUID])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_SETGROUPS], [/* Define to 1 if you have the \`setgroups' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_SETGROUPS], [/* Define to 1 if you have the \`setgroups' function. */
#undef HAVE_SETGROUPS])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_SETLOGIN], [/* Define to 1 if you have the \`setlogin' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_SETLOGIN], [/* Define to 1 if you have the \`setlogin' function. */
#undef HAVE_SETLOGIN])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_SETPROCTITLE], [/* Define to 1 if you have the \`setproctitle' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_SETPROCTITLE], [/* Define to 1 if you have the \`setproctitle' function. */
#undef HAVE_SETPROCTITLE])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_SETRESGID], [/* Define to 1 if you have the \`setresgid' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_SETRESGID], [/* Define to 1 if you have the \`setresgid' function. */
#undef HAVE_SETRESGID])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_SETREUID], [/* Define to 1 if you have the \`setreuid' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_SETREUID], [/* Define to 1 if you have the \`setreuid' function. */
#undef HAVE_SETREUID])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_SETRLIMIT], [/* Define to 1 if you have the \`setrlimit' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_SETRLIMIT], [/* Define to 1 if you have the \`setrlimit' function. */
#undef HAVE_SETRLIMIT])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_SETSID], [/* Define to 1 if you have the \`setsid' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_SETSID], [/* Define to 1 if you have the \`setsid' function. */
#undef HAVE_SETSID])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_SETPCRED], [/* Define to 1 if you have the \`setpcred' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_SETPCRED], [/* Define to 1 if you have the \`setpcred' function. */
#undef HAVE_SETPCRED])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_SETVBUF], [/* Define to 1 if you have the \`setvbuf' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_SETVBUF], [/* Define to 1 if you have the \`setvbuf' function. */
#undef HAVE_SETVBUF])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_SIGACTION], [/* Define to 1 if you have the \`sigaction' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_SIGACTION], [/* Define to 1 if you have the \`sigaction' function. */
#undef HAVE_SIGACTION])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_SIGVEC], [/* Define to 1 if you have the \`sigvec' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_SIGVEC], [/* Define to 1 if you have the \`sigvec' function. */
#undef HAVE_SIGVEC])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_SNPRINTF], [/* Define to 1 if you have the \`snprintf' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_SNPRINTF], [/* Define to 1 if you have the \`snprintf' function. */
#undef HAVE_SNPRINTF])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_SOCKETPAIR], [/* Define to 1 if you have the \`socketpair' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_SOCKETPAIR], [/* Define to 1 if you have the \`socketpair' function. */
#undef HAVE_SOCKETPAIR])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_STRERROR], [/* Define to 1 if you have the \`strerror' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_STRERROR], [/* Define to 1 if you have the \`strerror' function. */
#undef HAVE_STRERROR])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_STRLCAT], [/* Define to 1 if you have the \`strlcat' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_STRLCAT], [/* Define to 1 if you have the \`strlcat' function. */
#undef HAVE_STRLCAT])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_STRLCPY], [/* Define to 1 if you have the \`strlcpy' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_STRLCPY], [/* Define to 1 if you have the \`strlcpy' function. */
#undef HAVE_STRLCPY])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_STRMODE], [/* Define to 1 if you have the \`strmode' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_STRMODE], [/* Define to 1 if you have the \`strmode' function. */
#undef HAVE_STRMODE])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_STRSEP], [/* Define to 1 if you have the \`strsep' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_STRSEP], [/* Define to 1 if you have the \`strsep' function. */
#undef HAVE_STRSEP])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_SYSCONF], [/* Define to 1 if you have the \`sysconf' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_SYSCONF], [/* Define to 1 if you have the \`sysconf' function. */
#undef HAVE_SYSCONF])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_TCGETPGRP], [/* Define to 1 if you have the \`tcgetpgrp' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_TCGETPGRP], [/* Define to 1 if you have the \`tcgetpgrp' function. */
#undef HAVE_TCGETPGRP])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_TRUNCATE], [/* Define to 1 if you have the \`truncate' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_TRUNCATE], [/* Define to 1 if you have the \`truncate' function. */
#undef HAVE_TRUNCATE])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_UTIMES], [/* Define to 1 if you have the \`utimes' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_UTIMES], [/* Define to 1 if you have the \`utimes' function. */
#undef HAVE_UTIMES])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_VHANGUP], [/* Define to 1 if you have the \`vhangup' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_VHANGUP], [/* Define to 1 if you have the \`vhangup' function. */
#undef HAVE_VHANGUP])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_VSNPRINTF], [/* Define to 1 if you have the \`vsnprintf' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_VSNPRINTF], [/* Define to 1 if you have the \`vsnprintf' function. */
#undef HAVE_VSNPRINTF])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_WAITPID], [/* Define to 1 if you have the \`waitpid' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_WAITPID], [/* Define to 1 if you have the \`waitpid' function. */
#undef HAVE_WAITPID])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE___B64_NTOP], [/* Define to 1 if you have the \`__b64_ntop' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE___B64_NTOP], [/* Define to 1 if you have the \`__b64_ntop' function. */
#undef HAVE___B64_NTOP])
-m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE__GETPTY], [/* Define to 1 if you have the \`_getpty' function. */
+m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE__GETPTY], [/* Define to 1 if you have the \`_getpty' function. */
#undef HAVE__GETPTY])
-m4trace:configure.ac:613: -1- AC_CHECK_FUNCS([dirname], [AC_CHECK_HEADERS(libgen.h) ], [
+m4trace:configure.ac:601: -1- AC_DEFINE_TRACE_LITERAL([HAVE_MMAP_ANON_SHARED])
+m4trace:configure.ac:639: -1- AC_CHECK_FUNCS([dirname], [AC_CHECK_HEADERS(libgen.h) ], [
AC_CHECK_LIB(gen, dirname,[
AC_CACHE_CHECK([for broken dirname],
ac_cv_have_broken_dirname, [
fi
])
])
-m4trace:configure.ac:613: -1- AH_OUTPUT([HAVE_DIRNAME], [/* Define to 1 if you have the \`dirname' function. */
+m4trace:configure.ac:639: -1- AH_OUTPUT([HAVE_DIRNAME], [/* Define to 1 if you have the \`dirname' function. */
#undef HAVE_DIRNAME])
-m4trace:configure.ac:613: -1- AC_CHECK_HEADERS([libgen.h])
-m4trace:configure.ac:613: -1- AH_OUTPUT([HAVE_LIBGEN_H], [/* Define to 1 if you have the <libgen.h> header file. */
+m4trace:configure.ac:639: -1- AC_CHECK_HEADERS([libgen.h])
+m4trace:configure.ac:639: -1- AH_OUTPUT([HAVE_LIBGEN_H], [/* Define to 1 if you have the <libgen.h> header file. */
#undef HAVE_LIBGEN_H])
-m4trace:configure.ac:613: -1- AC_CHECK_LIB([gen], [dirname], [
+m4trace:configure.ac:639: -1- AC_CHECK_LIB([gen], [dirname], [
AC_CACHE_CHECK([for broken dirname],
ac_cv_have_broken_dirname, [
save_LIBS="$LIBS"
AC_CHECK_HEADERS(libgen.h)
fi
])
-m4trace:configure.ac:613: -1- AC_DEFINE_TRACE_LITERAL([HAVE_DIRNAME])
-m4trace:configure.ac:613: -1- AC_CHECK_HEADERS([libgen.h])
-m4trace:configure.ac:613: -1- AH_OUTPUT([HAVE_LIBGEN_H], [/* Define to 1 if you have the <libgen.h> header file. */
+m4trace:configure.ac:639: -1- AC_DEFINE_TRACE_LITERAL([HAVE_DIRNAME])
+m4trace:configure.ac:639: -1- AC_CHECK_HEADERS([libgen.h])
+m4trace:configure.ac:639: -1- AH_OUTPUT([HAVE_LIBGEN_H], [/* Define to 1 if you have the <libgen.h> header file. */
#undef HAVE_LIBGEN_H])
-m4trace:configure.ac:616: -1- AC_CHECK_FUNCS([gettimeofday time])
-m4trace:configure.ac:616: -1- AH_OUTPUT([HAVE_GETTIMEOFDAY], [/* Define to 1 if you have the \`gettimeofday' function. */
+m4trace:configure.ac:642: -1- AC_CHECK_FUNCS([gettimeofday time])
+m4trace:configure.ac:642: -1- AH_OUTPUT([HAVE_GETTIMEOFDAY], [/* Define to 1 if you have the \`gettimeofday' function. */
#undef HAVE_GETTIMEOFDAY])
-m4trace:configure.ac:616: -1- AH_OUTPUT([HAVE_TIME], [/* Define to 1 if you have the \`time' function. */
+m4trace:configure.ac:642: -1- AH_OUTPUT([HAVE_TIME], [/* Define to 1 if you have the \`time' function. */
#undef HAVE_TIME])
-m4trace:configure.ac:618: -1- AC_CHECK_FUNCS([endutent getutent getutid getutline pututline setutent])
-m4trace:configure.ac:618: -1- AH_OUTPUT([HAVE_ENDUTENT], [/* Define to 1 if you have the \`endutent' function. */
+m4trace:configure.ac:644: -1- AC_CHECK_FUNCS([endutent getutent getutid getutline pututline setutent])
+m4trace:configure.ac:644: -1- AH_OUTPUT([HAVE_ENDUTENT], [/* Define to 1 if you have the \`endutent' function. */
#undef HAVE_ENDUTENT])
-m4trace:configure.ac:618: -1- AH_OUTPUT([HAVE_GETUTENT], [/* Define to 1 if you have the \`getutent' function. */
+m4trace:configure.ac:644: -1- AH_OUTPUT([HAVE_GETUTENT], [/* Define to 1 if you have the \`getutent' function. */
#undef HAVE_GETUTENT])
-m4trace:configure.ac:618: -1- AH_OUTPUT([HAVE_GETUTID], [/* Define to 1 if you have the \`getutid' function. */
+m4trace:configure.ac:644: -1- AH_OUTPUT([HAVE_GETUTID], [/* Define to 1 if you have the \`getutid' function. */
#undef HAVE_GETUTID])
-m4trace:configure.ac:618: -1- AH_OUTPUT([HAVE_GETUTLINE], [/* Define to 1 if you have the \`getutline' function. */
+m4trace:configure.ac:644: -1- AH_OUTPUT([HAVE_GETUTLINE], [/* Define to 1 if you have the \`getutline' function. */
#undef HAVE_GETUTLINE])
-m4trace:configure.ac:618: -1- AH_OUTPUT([HAVE_PUTUTLINE], [/* Define to 1 if you have the \`pututline' function. */
+m4trace:configure.ac:644: -1- AH_OUTPUT([HAVE_PUTUTLINE], [/* Define to 1 if you have the \`pututline' function. */
#undef HAVE_PUTUTLINE])
-m4trace:configure.ac:618: -1- AH_OUTPUT([HAVE_SETUTENT], [/* Define to 1 if you have the \`setutent' function. */
+m4trace:configure.ac:644: -1- AH_OUTPUT([HAVE_SETUTENT], [/* Define to 1 if you have the \`setutent' function. */
#undef HAVE_SETUTENT])
-m4trace:configure.ac:619: -1- AC_CHECK_FUNCS([utmpname])
-m4trace:configure.ac:619: -1- AH_OUTPUT([HAVE_UTMPNAME], [/* Define to 1 if you have the \`utmpname' function. */
+m4trace:configure.ac:645: -1- AC_CHECK_FUNCS([utmpname])
+m4trace:configure.ac:645: -1- AH_OUTPUT([HAVE_UTMPNAME], [/* Define to 1 if you have the \`utmpname' function. */
#undef HAVE_UTMPNAME])
-m4trace:configure.ac:621: -1- AC_CHECK_FUNCS([endutxent getutxent getutxid getutxline pututxline ])
-m4trace:configure.ac:621: -1- AH_OUTPUT([HAVE_ENDUTXENT], [/* Define to 1 if you have the \`endutxent' function. */
+m4trace:configure.ac:647: -1- AC_CHECK_FUNCS([endutxent getutxent getutxid getutxline pututxline ])
+m4trace:configure.ac:647: -1- AH_OUTPUT([HAVE_ENDUTXENT], [/* Define to 1 if you have the \`endutxent' function. */
#undef HAVE_ENDUTXENT])
-m4trace:configure.ac:621: -1- AH_OUTPUT([HAVE_GETUTXENT], [/* Define to 1 if you have the \`getutxent' function. */
+m4trace:configure.ac:647: -1- AH_OUTPUT([HAVE_GETUTXENT], [/* Define to 1 if you have the \`getutxent' function. */
#undef HAVE_GETUTXENT])
-m4trace:configure.ac:621: -1- AH_OUTPUT([HAVE_GETUTXID], [/* Define to 1 if you have the \`getutxid' function. */
+m4trace:configure.ac:647: -1- AH_OUTPUT([HAVE_GETUTXID], [/* Define to 1 if you have the \`getutxid' function. */
#undef HAVE_GETUTXID])
-m4trace:configure.ac:621: -1- AH_OUTPUT([HAVE_GETUTXLINE], [/* Define to 1 if you have the \`getutxline' function. */
+m4trace:configure.ac:647: -1- AH_OUTPUT([HAVE_GETUTXLINE], [/* Define to 1 if you have the \`getutxline' function. */
#undef HAVE_GETUTXLINE])
-m4trace:configure.ac:621: -1- AH_OUTPUT([HAVE_PUTUTXLINE], [/* Define to 1 if you have the \`pututxline' function. */
+m4trace:configure.ac:647: -1- AH_OUTPUT([HAVE_PUTUTXLINE], [/* Define to 1 if you have the \`pututxline' function. */
#undef HAVE_PUTUTXLINE])
-m4trace:configure.ac:622: -1- AC_CHECK_FUNCS([setutxent utmpxname])
-m4trace:configure.ac:622: -1- AH_OUTPUT([HAVE_SETUTXENT], [/* Define to 1 if you have the \`setutxent' function. */
+m4trace:configure.ac:648: -1- AC_CHECK_FUNCS([setutxent utmpxname])
+m4trace:configure.ac:648: -1- AH_OUTPUT([HAVE_SETUTXENT], [/* Define to 1 if you have the \`setutxent' function. */
#undef HAVE_SETUTXENT])
-m4trace:configure.ac:622: -1- AH_OUTPUT([HAVE_UTMPXNAME], [/* Define to 1 if you have the \`utmpxname' function. */
+m4trace:configure.ac:648: -1- AH_OUTPUT([HAVE_UTMPXNAME], [/* Define to 1 if you have the \`utmpxname' function. */
#undef HAVE_UTMPXNAME])
-m4trace:configure.ac:627: -1- AC_DEFINE_TRACE_LITERAL([HAVE_DAEMON])
-m4trace:configure.ac:627: -1- AC_CHECK_LIB([bsd], [daemon], [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])
-m4trace:configure.ac:627: -1- AC_DEFINE_TRACE_LITERAL([HAVE_DAEMON])
-m4trace:configure.ac:632: -1- AC_DEFINE_TRACE_LITERAL([HAVE_GETPAGESIZE])
-m4trace:configure.ac:632: -1- AC_CHECK_LIB([ucb], [getpagesize], [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])
-m4trace:configure.ac:632: -1- AC_DEFINE_TRACE_LITERAL([HAVE_GETPAGESIZE])
-m4trace:configure.ac:648: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_SNPRINTF])
-m4trace:configure.ac:651: -1- AC_FUNC_GETPGRP
-m4trace:configure.ac:651: -1- AC_DEFINE_TRACE_LITERAL([GETPGRP_VOID])
-m4trace:configure.ac:651: -1- AH_OUTPUT([GETPGRP_VOID], [/* Define to 1 if the \`getpgrp' function requires zero arguments. */
+m4trace:configure.ac:653: -1- AC_DEFINE_TRACE_LITERAL([HAVE_DAEMON])
+m4trace:configure.ac:653: -1- AC_CHECK_LIB([bsd], [daemon], [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])
+m4trace:configure.ac:653: -1- AC_DEFINE_TRACE_LITERAL([HAVE_DAEMON])
+m4trace:configure.ac:658: -1- AC_DEFINE_TRACE_LITERAL([HAVE_GETPAGESIZE])
+m4trace:configure.ac:658: -1- AC_CHECK_LIB([ucb], [getpagesize], [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])
+m4trace:configure.ac:658: -1- AC_DEFINE_TRACE_LITERAL([HAVE_GETPAGESIZE])
+m4trace:configure.ac:674: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_SNPRINTF])
+m4trace:configure.ac:677: -1- AC_FUNC_GETPGRP
+m4trace:configure.ac:677: -1- AC_DEFINE_TRACE_LITERAL([GETPGRP_VOID])
+m4trace:configure.ac:677: -1- AH_OUTPUT([GETPGRP_VOID], [/* Define to 1 if the \`getpgrp' function requires zero arguments. */
#undef GETPGRP_VOID])
-m4trace:configure.ac:679: -1- AC_CHECK_LIB([dl], [dlopen], [], [])
-m4trace:configure.ac:679: -1- AH_OUTPUT([HAVE_LIBDL], [/* Define to 1 if you have the \`dl' library (-ldl). */
+m4trace:configure.ac:705: -1- AC_CHECK_LIB([dl], [dlopen], [], [])
+m4trace:configure.ac:705: -1- AH_OUTPUT([HAVE_LIBDL], [/* Define to 1 if you have the \`dl' library (-ldl). */
#undef HAVE_LIBDL])
-m4trace:configure.ac:679: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBDL])
-m4trace:configure.ac:679: -1- AC_CHECK_LIB([pam], [pam_set_item], [], [{ { echo "$as_me:$LINENO: error: *** libpam missing" >&5
+m4trace:configure.ac:705: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBDL])
+m4trace:configure.ac:705: -1- AC_CHECK_LIB([pam], [pam_set_item], [], [{ { echo "$as_me:$LINENO: error: *** libpam missing" >&5
echo "$as_me: error: *** libpam missing" >&2;}
{ (exit 1); exit 1; }; }])
-m4trace:configure.ac:679: -1- AH_OUTPUT([HAVE_LIBPAM], [/* Define to 1 if you have the \`pam' library (-lpam). */
+m4trace:configure.ac:705: -1- AH_OUTPUT([HAVE_LIBPAM], [/* Define to 1 if you have the \`pam' library (-lpam). */
#undef HAVE_LIBPAM])
-m4trace:configure.ac:679: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBPAM])
-m4trace:configure.ac:679: -1- AC_CHECK_FUNCS([pam_getenvlist])
-m4trace:configure.ac:679: -1- AH_OUTPUT([HAVE_PAM_GETENVLIST], [/* Define to 1 if you have the \`pam_getenvlist' function. */
+m4trace:configure.ac:705: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBPAM])
+m4trace:configure.ac:705: -1- AC_CHECK_FUNCS([pam_getenvlist])
+m4trace:configure.ac:705: -1- AH_OUTPUT([HAVE_PAM_GETENVLIST], [/* Define to 1 if you have the \`pam_getenvlist' function. */
#undef HAVE_PAM_GETENVLIST])
-m4trace:configure.ac:679: -1- AC_DEFINE_TRACE_LITERAL([USE_PAM])
-m4trace:configure.ac:679: -1- AC_SUBST([LIBPAM])
-m4trace:configure.ac:697: -1- AC_DEFINE_TRACE_LITERAL([HAVE_OLD_PAM])
-m4trace:configure.ac:729: -2- AC_DEFINE_TRACE_LITERAL([HAVE_OPENSSL])
-m4trace:configure.ac:744: -2- AC_DEFINE_TRACE_LITERAL([HAVE_OPENSSL])
-m4trace:configure.ac:767: -1- AC_CHECK_LIB([crypt], [crypt], [LIBS="$LIBS -lcrypt"])
-m4trace:configure.ac:815: -1- AC_DEFINE_TRACE_LITERAL([OPENSSL_PRNG_ONLY])
-m4trace:configure.ac:823: -1- AC_SUBST([INSTALL_SSH_RAND_HELPER])
-m4trace:configure.ac:846: -1- AC_DEFINE_TRACE_LITERAL([PRNGD_PORT])
-m4trace:configure.ac:896: -1- AC_DEFINE_TRACE_LITERAL([PRNGD_SOCKET])
-m4trace:configure.ac:896: -1- AC_DEFINE_TRACE_LITERAL([PRNGD_SOCKET])
-m4trace:configure.ac:908: -1- AC_DEFINE_TRACE_LITERAL([ENTROPY_TIMEOUT_MSEC])
-m4trace:configure.ac:919: -1- AC_DEFINE_TRACE_LITERAL([SSH_PRIVSEP_USER])
-m4trace:configure.ac:936: -1- AC_SUBST([PROG_LS], [$ac_cv_path_PROG_LS])
-m4trace:configure.ac:936: -1- AC_SUBST([PROG_LS])
-m4trace:configure.ac:937: -1- AC_SUBST([PROG_NETSTAT], [$ac_cv_path_PROG_NETSTAT])
-m4trace:configure.ac:937: -1- AC_SUBST([PROG_NETSTAT])
-m4trace:configure.ac:938: -1- AC_SUBST([PROG_ARP], [$ac_cv_path_PROG_ARP])
-m4trace:configure.ac:938: -1- AC_SUBST([PROG_ARP])
-m4trace:configure.ac:939: -1- AC_SUBST([PROG_IFCONFIG], [$ac_cv_path_PROG_IFCONFIG])
-m4trace:configure.ac:939: -1- AC_SUBST([PROG_IFCONFIG])
-m4trace:configure.ac:940: -1- AC_SUBST([PROG_JSTAT], [$ac_cv_path_PROG_JSTAT])
-m4trace:configure.ac:940: -1- AC_SUBST([PROG_JSTAT])
-m4trace:configure.ac:941: -1- AC_SUBST([PROG_PS], [$ac_cv_path_PROG_PS])
-m4trace:configure.ac:941: -1- AC_SUBST([PROG_PS])
-m4trace:configure.ac:942: -1- AC_SUBST([PROG_SAR], [$ac_cv_path_PROG_SAR])
-m4trace:configure.ac:942: -1- AC_SUBST([PROG_SAR])
-m4trace:configure.ac:943: -1- AC_SUBST([PROG_W], [$ac_cv_path_PROG_W])
-m4trace:configure.ac:943: -1- AC_SUBST([PROG_W])
-m4trace:configure.ac:944: -1- AC_SUBST([PROG_WHO], [$ac_cv_path_PROG_WHO])
-m4trace:configure.ac:944: -1- AC_SUBST([PROG_WHO])
-m4trace:configure.ac:945: -1- AC_SUBST([PROG_LAST], [$ac_cv_path_PROG_LAST])
-m4trace:configure.ac:945: -1- AC_SUBST([PROG_LAST])
-m4trace:configure.ac:946: -1- AC_SUBST([PROG_LASTLOG], [$ac_cv_path_PROG_LASTLOG])
-m4trace:configure.ac:946: -1- AC_SUBST([PROG_LASTLOG])
-m4trace:configure.ac:947: -1- AC_SUBST([PROG_DF], [$ac_cv_path_PROG_DF])
-m4trace:configure.ac:947: -1- AC_SUBST([PROG_DF])
-m4trace:configure.ac:948: -1- AC_SUBST([PROG_VMSTAT], [$ac_cv_path_PROG_VMSTAT])
-m4trace:configure.ac:948: -1- AC_SUBST([PROG_VMSTAT])
-m4trace:configure.ac:949: -1- AC_SUBST([PROG_UPTIME], [$ac_cv_path_PROG_UPTIME])
-m4trace:configure.ac:949: -1- AC_SUBST([PROG_UPTIME])
-m4trace:configure.ac:950: -1- AC_SUBST([PROG_IPCS], [$ac_cv_path_PROG_IPCS])
-m4trace:configure.ac:950: -1- AC_SUBST([PROG_IPCS])
-m4trace:configure.ac:951: -1- AC_SUBST([PROG_TAIL], [$ac_cv_path_PROG_TAIL])
-m4trace:configure.ac:951: -1- AC_SUBST([PROG_TAIL])
-m4trace:configure.ac:968: -1- AC_SUBST([INSTALL_SSH_PRNG_CMDS])
-m4trace:configure.ac:977: -1- AC_DEFINE_TRACE_LITERAL([SIZEOF_CHAR])
-m4trace:configure.ac:977: -1- AH_OUTPUT([SIZEOF_CHAR], [/* The size of a \`char', as computed by sizeof. */
+m4trace:configure.ac:705: -1- AC_DEFINE_TRACE_LITERAL([USE_PAM])
+m4trace:configure.ac:705: -1- AC_SUBST([LIBPAM])
+m4trace:configure.ac:723: -1- AC_DEFINE_TRACE_LITERAL([HAVE_OLD_PAM])
+m4trace:configure.ac:755: -2- AC_DEFINE_TRACE_LITERAL([HAVE_OPENSSL])
+m4trace:configure.ac:770: -2- AC_DEFINE_TRACE_LITERAL([HAVE_OPENSSL])
+m4trace:configure.ac:793: -1- AC_CHECK_LIB([crypt], [crypt], [LIBS="$LIBS -lcrypt"])
+m4trace:configure.ac:841: -1- AC_DEFINE_TRACE_LITERAL([OPENSSL_PRNG_ONLY])
+m4trace:configure.ac:849: -1- AC_SUBST([INSTALL_SSH_RAND_HELPER])
+m4trace:configure.ac:872: -1- AC_DEFINE_TRACE_LITERAL([PRNGD_PORT])
+m4trace:configure.ac:922: -1- AC_DEFINE_TRACE_LITERAL([PRNGD_SOCKET])
+m4trace:configure.ac:922: -1- AC_DEFINE_TRACE_LITERAL([PRNGD_SOCKET])
+m4trace:configure.ac:934: -1- AC_DEFINE_TRACE_LITERAL([ENTROPY_TIMEOUT_MSEC])
+m4trace:configure.ac:945: -1- AC_DEFINE_TRACE_LITERAL([SSH_PRIVSEP_USER])
+m4trace:configure.ac:946: -1- AC_SUBST([SSH_PRIVSEP_USER])
+m4trace:configure.ac:963: -1- AC_SUBST([PROG_LS], [$ac_cv_path_PROG_LS])
+m4trace:configure.ac:963: -1- AC_SUBST([PROG_LS])
+m4trace:configure.ac:964: -1- AC_SUBST([PROG_NETSTAT], [$ac_cv_path_PROG_NETSTAT])
+m4trace:configure.ac:964: -1- AC_SUBST([PROG_NETSTAT])
+m4trace:configure.ac:965: -1- AC_SUBST([PROG_ARP], [$ac_cv_path_PROG_ARP])
+m4trace:configure.ac:965: -1- AC_SUBST([PROG_ARP])
+m4trace:configure.ac:966: -1- AC_SUBST([PROG_IFCONFIG], [$ac_cv_path_PROG_IFCONFIG])
+m4trace:configure.ac:966: -1- AC_SUBST([PROG_IFCONFIG])
+m4trace:configure.ac:967: -1- AC_SUBST([PROG_JSTAT], [$ac_cv_path_PROG_JSTAT])
+m4trace:configure.ac:967: -1- AC_SUBST([PROG_JSTAT])
+m4trace:configure.ac:968: -1- AC_SUBST([PROG_PS], [$ac_cv_path_PROG_PS])
+m4trace:configure.ac:968: -1- AC_SUBST([PROG_PS])
+m4trace:configure.ac:969: -1- AC_SUBST([PROG_SAR], [$ac_cv_path_PROG_SAR])
+m4trace:configure.ac:969: -1- AC_SUBST([PROG_SAR])
+m4trace:configure.ac:970: -1- AC_SUBST([PROG_W], [$ac_cv_path_PROG_W])
+m4trace:configure.ac:970: -1- AC_SUBST([PROG_W])
+m4trace:configure.ac:971: -1- AC_SUBST([PROG_WHO], [$ac_cv_path_PROG_WHO])
+m4trace:configure.ac:971: -1- AC_SUBST([PROG_WHO])
+m4trace:configure.ac:972: -1- AC_SUBST([PROG_LAST], [$ac_cv_path_PROG_LAST])
+m4trace:configure.ac:972: -1- AC_SUBST([PROG_LAST])
+m4trace:configure.ac:973: -1- AC_SUBST([PROG_LASTLOG], [$ac_cv_path_PROG_LASTLOG])
+m4trace:configure.ac:973: -1- AC_SUBST([PROG_LASTLOG])
+m4trace:configure.ac:974: -1- AC_SUBST([PROG_DF], [$ac_cv_path_PROG_DF])
+m4trace:configure.ac:974: -1- AC_SUBST([PROG_DF])
+m4trace:configure.ac:975: -1- AC_SUBST([PROG_VMSTAT], [$ac_cv_path_PROG_VMSTAT])
+m4trace:configure.ac:975: -1- AC_SUBST([PROG_VMSTAT])
+m4trace:configure.ac:976: -1- AC_SUBST([PROG_UPTIME], [$ac_cv_path_PROG_UPTIME])
+m4trace:configure.ac:976: -1- AC_SUBST([PROG_UPTIME])
+m4trace:configure.ac:977: -1- AC_SUBST([PROG_IPCS], [$ac_cv_path_PROG_IPCS])
+m4trace:configure.ac:977: -1- AC_SUBST([PROG_IPCS])
+m4trace:configure.ac:978: -1- AC_SUBST([PROG_TAIL], [$ac_cv_path_PROG_TAIL])
+m4trace:configure.ac:978: -1- AC_SUBST([PROG_TAIL])
+m4trace:configure.ac:995: -1- AC_SUBST([INSTALL_SSH_PRNG_CMDS])
+m4trace:configure.ac:1004: -1- AC_DEFINE_TRACE_LITERAL([SIZEOF_CHAR])
+m4trace:configure.ac:1004: -1- AH_OUTPUT([SIZEOF_CHAR], [/* The size of a \`char', as computed by sizeof. */
#undef SIZEOF_CHAR])
-m4trace:configure.ac:978: -1- AC_DEFINE_TRACE_LITERAL([SIZEOF_SHORT_INT])
-m4trace:configure.ac:978: -1- AH_OUTPUT([SIZEOF_SHORT_INT], [/* The size of a \`short int', as computed by sizeof. */
+m4trace:configure.ac:1005: -1- AC_DEFINE_TRACE_LITERAL([SIZEOF_SHORT_INT])
+m4trace:configure.ac:1005: -1- AH_OUTPUT([SIZEOF_SHORT_INT], [/* The size of a \`short int', as computed by sizeof. */
#undef SIZEOF_SHORT_INT])
-m4trace:configure.ac:979: -1- AC_DEFINE_TRACE_LITERAL([SIZEOF_INT])
-m4trace:configure.ac:979: -1- AH_OUTPUT([SIZEOF_INT], [/* The size of a \`int', as computed by sizeof. */
+m4trace:configure.ac:1006: -1- AC_DEFINE_TRACE_LITERAL([SIZEOF_INT])
+m4trace:configure.ac:1006: -1- AH_OUTPUT([SIZEOF_INT], [/* The size of a \`int', as computed by sizeof. */
#undef SIZEOF_INT])
-m4trace:configure.ac:980: -1- AC_DEFINE_TRACE_LITERAL([SIZEOF_LONG_INT])
-m4trace:configure.ac:980: -1- AH_OUTPUT([SIZEOF_LONG_INT], [/* The size of a \`long int', as computed by sizeof. */
+m4trace:configure.ac:1007: -1- AC_DEFINE_TRACE_LITERAL([SIZEOF_LONG_INT])
+m4trace:configure.ac:1007: -1- AH_OUTPUT([SIZEOF_LONG_INT], [/* The size of a \`long int', as computed by sizeof. */
#undef SIZEOF_LONG_INT])
-m4trace:configure.ac:981: -1- AC_DEFINE_TRACE_LITERAL([SIZEOF_LONG_LONG_INT])
-m4trace:configure.ac:981: -1- AH_OUTPUT([SIZEOF_LONG_LONG_INT], [/* The size of a \`long long int', as computed by sizeof. */
+m4trace:configure.ac:1008: -1- AC_DEFINE_TRACE_LITERAL([SIZEOF_LONG_LONG_INT])
+m4trace:configure.ac:1008: -1- AH_OUTPUT([SIZEOF_LONG_LONG_INT], [/* The size of a \`long long int', as computed by sizeof. */
#undef SIZEOF_LONG_LONG_INT])
-m4trace:configure.ac:998: -1- AC_DEFINE_TRACE_LITERAL([HAVE_U_INT])
-m4trace:configure.ac:1011: -1- AC_DEFINE_TRACE_LITERAL([HAVE_INTXX_T])
-m4trace:configure.ac:1027: -1- AC_DEFINE_TRACE_LITERAL([HAVE_INTXX_T])
-m4trace:configure.ac:1039: -1- AC_DEFINE_TRACE_LITERAL([HAVE_INT64_T])
-m4trace:configure.ac:1053: -1- AC_DEFINE_TRACE_LITERAL([HAVE_INT64_T])
+m4trace:configure.ac:1025: -1- AC_DEFINE_TRACE_LITERAL([HAVE_U_INT])
+m4trace:configure.ac:1038: -1- AC_DEFINE_TRACE_LITERAL([HAVE_INTXX_T])
+m4trace:configure.ac:1054: -1- AC_DEFINE_TRACE_LITERAL([HAVE_INTXX_T])
m4trace:configure.ac:1066: -1- AC_DEFINE_TRACE_LITERAL([HAVE_INT64_T])
-m4trace:configure.ac:1078: -1- AC_DEFINE_TRACE_LITERAL([HAVE_U_INTXX_T])
-m4trace:configure.ac:1092: -1- AC_DEFINE_TRACE_LITERAL([HAVE_U_INTXX_T])
-m4trace:configure.ac:1104: -1- AC_DEFINE_TRACE_LITERAL([HAVE_U_INT64_T])
-m4trace:configure.ac:1118: -1- AC_DEFINE_TRACE_LITERAL([HAVE_U_INT64_T])
-m4trace:configure.ac:1133: -1- AC_DEFINE_TRACE_LITERAL([HAVE_UINTXX_T])
-m4trace:configure.ac:1147: -1- AC_DEFINE_TRACE_LITERAL([HAVE_UINTXX_T])
-m4trace:configure.ac:1169: -1- AC_DEFINE_TRACE_LITERAL([HAVE_U_INTXX_T])
-m4trace:configure.ac:1169: -1- AC_DEFINE_TRACE_LITERAL([HAVE_INTXX_T])
-m4trace:configure.ac:1184: -1- AC_DEFINE_TRACE_LITERAL([HAVE_U_CHAR])
-m4trace:configure.ac:1187: -1- AC_DEFINE_TRACE_LITERAL([socklen_t])
-m4trace:configure.ac:1187: -1- AH_OUTPUT([socklen_t], [/* type to use in place of socklen_t if not defined */
+m4trace:configure.ac:1080: -1- AC_DEFINE_TRACE_LITERAL([HAVE_INT64_T])
+m4trace:configure.ac:1093: -1- AC_DEFINE_TRACE_LITERAL([HAVE_INT64_T])
+m4trace:configure.ac:1105: -1- AC_DEFINE_TRACE_LITERAL([HAVE_U_INTXX_T])
+m4trace:configure.ac:1119: -1- AC_DEFINE_TRACE_LITERAL([HAVE_U_INTXX_T])
+m4trace:configure.ac:1131: -1- AC_DEFINE_TRACE_LITERAL([HAVE_U_INT64_T])
+m4trace:configure.ac:1145: -1- AC_DEFINE_TRACE_LITERAL([HAVE_U_INT64_T])
+m4trace:configure.ac:1160: -1- AC_DEFINE_TRACE_LITERAL([HAVE_UINTXX_T])
+m4trace:configure.ac:1174: -1- AC_DEFINE_TRACE_LITERAL([HAVE_UINTXX_T])
+m4trace:configure.ac:1196: -1- AC_DEFINE_TRACE_LITERAL([HAVE_U_INTXX_T])
+m4trace:configure.ac:1196: -1- AC_DEFINE_TRACE_LITERAL([HAVE_INTXX_T])
+m4trace:configure.ac:1211: -1- AC_DEFINE_TRACE_LITERAL([HAVE_U_CHAR])
+m4trace:configure.ac:1214: -1- AC_DEFINE_TRACE_LITERAL([socklen_t])
+m4trace:configure.ac:1214: -1- AH_OUTPUT([socklen_t], [/* type to use in place of socklen_t if not defined */
#undef socklen_t])
-m4trace:configure.ac:1189: -1- AC_CHECK_TYPES([sig_atomic_t], [], [], [#include <signal.h>])
-m4trace:configure.ac:1189: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SIG_ATOMIC_T])
-m4trace:configure.ac:1189: -1- AH_OUTPUT([HAVE_SIG_ATOMIC_T], [/* Define to 1 if the system has the type \`sig_atomic_t'. */
+m4trace:configure.ac:1216: -1- AC_CHECK_TYPES([sig_atomic_t], [], [], [#include <signal.h>])
+m4trace:configure.ac:1216: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SIG_ATOMIC_T])
+m4trace:configure.ac:1216: -1- AH_OUTPUT([HAVE_SIG_ATOMIC_T], [/* Define to 1 if the system has the type \`sig_atomic_t'. */
#undef HAVE_SIG_ATOMIC_T])
-m4trace:configure.ac:1202: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SIZE_T])
-m4trace:configure.ac:1216: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SSIZE_T])
-m4trace:configure.ac:1230: -1- AC_DEFINE_TRACE_LITERAL([HAVE_CLOCK_T])
-m4trace:configure.ac:1255: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SA_FAMILY_T])
-m4trace:configure.ac:1269: -1- AC_DEFINE_TRACE_LITERAL([HAVE_PID_T])
-m4trace:configure.ac:1283: -1- AC_DEFINE_TRACE_LITERAL([HAVE_MODE_T])
-m4trace:configure.ac:1299: -1- AC_DEFINE_TRACE_LITERAL([HAVE_STRUCT_SOCKADDR_STORAGE])
-m4trace:configure.ac:1314: -1- AC_DEFINE_TRACE_LITERAL([HAVE_STRUCT_SOCKADDR_IN6])
-m4trace:configure.ac:1329: -1- AC_DEFINE_TRACE_LITERAL([HAVE_STRUCT_IN6_ADDR])
-m4trace:configure.ac:1345: -1- AC_DEFINE_TRACE_LITERAL([HAVE_STRUCT_ADDRINFO])
-m4trace:configure.ac:1357: -1- AC_DEFINE_TRACE_LITERAL([HAVE_STRUCT_TIMEVAL])
-m4trace:configure.ac:1394: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_SNPRINTF])
-m4trace:configure.ac:1396: -1- AC_SUBST([NO_SFTP])
-m4trace:configure.ac:1399: -1- AC_DEFINE_TRACE_LITERAL([HAVE_HOST_IN_UTMP])
-m4trace:configure.ac:1400: -1- AC_DEFINE_TRACE_LITERAL([HAVE_HOST_IN_UTMPX])
-m4trace:configure.ac:1401: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SYSLEN_IN_UTMPX])
-m4trace:configure.ac:1402: -1- AC_DEFINE_TRACE_LITERAL([HAVE_PID_IN_UTMP])
-m4trace:configure.ac:1403: -1- AC_DEFINE_TRACE_LITERAL([HAVE_TYPE_IN_UTMP])
-m4trace:configure.ac:1404: -1- AC_DEFINE_TRACE_LITERAL([HAVE_TYPE_IN_UTMPX])
-m4trace:configure.ac:1405: -1- AC_DEFINE_TRACE_LITERAL([HAVE_TV_IN_UTMP])
-m4trace:configure.ac:1406: -1- AC_DEFINE_TRACE_LITERAL([HAVE_ID_IN_UTMP])
-m4trace:configure.ac:1407: -1- AC_DEFINE_TRACE_LITERAL([HAVE_ID_IN_UTMPX])
-m4trace:configure.ac:1408: -1- AC_DEFINE_TRACE_LITERAL([HAVE_ADDR_IN_UTMP])
-m4trace:configure.ac:1409: -1- AC_DEFINE_TRACE_LITERAL([HAVE_ADDR_IN_UTMPX])
-m4trace:configure.ac:1410: -1- AC_DEFINE_TRACE_LITERAL([HAVE_ADDR_V6_IN_UTMP])
-m4trace:configure.ac:1411: -1- AC_DEFINE_TRACE_LITERAL([HAVE_ADDR_V6_IN_UTMPX])
-m4trace:configure.ac:1412: -1- AC_DEFINE_TRACE_LITERAL([HAVE_EXIT_IN_UTMP])
-m4trace:configure.ac:1413: -1- AC_DEFINE_TRACE_LITERAL([HAVE_TIME_IN_UTMP])
-m4trace:configure.ac:1414: -1- AC_DEFINE_TRACE_LITERAL([HAVE_TIME_IN_UTMPX])
-m4trace:configure.ac:1415: -1- AC_DEFINE_TRACE_LITERAL([HAVE_TV_IN_UTMPX])
-m4trace:configure.ac:1417: -1- AC_DEFINE_TRACE_LITERAL([HAVE_STRUCT_STAT_ST_BLKSIZE])
-m4trace:configure.ac:1417: -1- AH_OUTPUT([HAVE_STRUCT_STAT_ST_BLKSIZE], [/* Define to 1 if \`st_blksize' is member of \`struct stat'. */
+m4trace:configure.ac:1229: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SIZE_T])
+m4trace:configure.ac:1243: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SSIZE_T])
+m4trace:configure.ac:1257: -1- AC_DEFINE_TRACE_LITERAL([HAVE_CLOCK_T])
+m4trace:configure.ac:1282: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SA_FAMILY_T])
+m4trace:configure.ac:1296: -1- AC_DEFINE_TRACE_LITERAL([HAVE_PID_T])
+m4trace:configure.ac:1310: -1- AC_DEFINE_TRACE_LITERAL([HAVE_MODE_T])
+m4trace:configure.ac:1326: -1- AC_DEFINE_TRACE_LITERAL([HAVE_STRUCT_SOCKADDR_STORAGE])
+m4trace:configure.ac:1341: -1- AC_DEFINE_TRACE_LITERAL([HAVE_STRUCT_SOCKADDR_IN6])
+m4trace:configure.ac:1356: -1- AC_DEFINE_TRACE_LITERAL([HAVE_STRUCT_IN6_ADDR])
+m4trace:configure.ac:1372: -1- AC_DEFINE_TRACE_LITERAL([HAVE_STRUCT_ADDRINFO])
+m4trace:configure.ac:1384: -1- AC_DEFINE_TRACE_LITERAL([HAVE_STRUCT_TIMEVAL])
+m4trace:configure.ac:1421: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_SNPRINTF])
+m4trace:configure.ac:1423: -1- AC_SUBST([NO_SFTP])
+m4trace:configure.ac:1426: -1- AC_DEFINE_TRACE_LITERAL([HAVE_HOST_IN_UTMP])
+m4trace:configure.ac:1427: -1- AC_DEFINE_TRACE_LITERAL([HAVE_HOST_IN_UTMPX])
+m4trace:configure.ac:1428: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SYSLEN_IN_UTMPX])
+m4trace:configure.ac:1429: -1- AC_DEFINE_TRACE_LITERAL([HAVE_PID_IN_UTMP])
+m4trace:configure.ac:1430: -1- AC_DEFINE_TRACE_LITERAL([HAVE_TYPE_IN_UTMP])
+m4trace:configure.ac:1431: -1- AC_DEFINE_TRACE_LITERAL([HAVE_TYPE_IN_UTMPX])
+m4trace:configure.ac:1432: -1- AC_DEFINE_TRACE_LITERAL([HAVE_TV_IN_UTMP])
+m4trace:configure.ac:1433: -1- AC_DEFINE_TRACE_LITERAL([HAVE_ID_IN_UTMP])
+m4trace:configure.ac:1434: -1- AC_DEFINE_TRACE_LITERAL([HAVE_ID_IN_UTMPX])
+m4trace:configure.ac:1435: -1- AC_DEFINE_TRACE_LITERAL([HAVE_ADDR_IN_UTMP])
+m4trace:configure.ac:1436: -1- AC_DEFINE_TRACE_LITERAL([HAVE_ADDR_IN_UTMPX])
+m4trace:configure.ac:1437: -1- AC_DEFINE_TRACE_LITERAL([HAVE_ADDR_V6_IN_UTMP])
+m4trace:configure.ac:1438: -1- AC_DEFINE_TRACE_LITERAL([HAVE_ADDR_V6_IN_UTMPX])
+m4trace:configure.ac:1439: -1- AC_DEFINE_TRACE_LITERAL([HAVE_EXIT_IN_UTMP])
+m4trace:configure.ac:1440: -1- AC_DEFINE_TRACE_LITERAL([HAVE_TIME_IN_UTMP])
+m4trace:configure.ac:1441: -1- AC_DEFINE_TRACE_LITERAL([HAVE_TIME_IN_UTMPX])
+m4trace:configure.ac:1442: -1- AC_DEFINE_TRACE_LITERAL([HAVE_TV_IN_UTMPX])
+m4trace:configure.ac:1444: -1- AC_DEFINE_TRACE_LITERAL([HAVE_STRUCT_STAT_ST_BLKSIZE])
+m4trace:configure.ac:1444: -1- AH_OUTPUT([HAVE_STRUCT_STAT_ST_BLKSIZE], [/* Define to 1 if \`st_blksize' is member of \`struct stat'. */
#undef HAVE_STRUCT_STAT_ST_BLKSIZE])
-m4trace:configure.ac:1432: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SS_FAMILY_IN_SS])
-m4trace:configure.ac:1448: -1- AC_DEFINE_TRACE_LITERAL([HAVE___SS_FAMILY_IN_SS])
-m4trace:configure.ac:1463: -1- AC_DEFINE_TRACE_LITERAL([HAVE_PW_CLASS_IN_PASSWD])
-m4trace:configure.ac:1478: -1- AC_DEFINE_TRACE_LITERAL([HAVE_PW_EXPIRE_IN_PASSWD])
-m4trace:configure.ac:1493: -1- AC_DEFINE_TRACE_LITERAL([HAVE_PW_CHANGE_IN_PASSWD])
-m4trace:configure.ac:1518: -1- AC_DEFINE_TRACE_LITERAL([HAVE_ACCRIGHTS_IN_MSGHDR])
-m4trace:configure.ac:1542: -1- AC_DEFINE_TRACE_LITERAL([HAVE_CONTROL_IN_MSGHDR])
-m4trace:configure.ac:1553: -1- AC_DEFINE_TRACE_LITERAL([HAVE___PROGNAME])
-m4trace:configure.ac:1566: -1- AC_DEFINE_TRACE_LITERAL([HAVE___FUNCTION__])
-m4trace:configure.ac:1579: -1- AC_DEFINE_TRACE_LITERAL([HAVE___func__])
-m4trace:configure.ac:1594: -1- AC_DEFINE_TRACE_LITERAL([HAVE_GETOPT_OPTRESET])
-m4trace:configure.ac:1605: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SYS_ERRLIST])
-m4trace:configure.ac:1617: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SYS_NERR])
-m4trace:configure.ac:1650: -1- AC_CHECK_HEADERS([sectok.h])
-m4trace:configure.ac:1650: -1- AH_OUTPUT([HAVE_SECTOK_H], [/* Define to 1 if you have the <sectok.h> header file. */
+m4trace:configure.ac:1459: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SS_FAMILY_IN_SS])
+m4trace:configure.ac:1475: -1- AC_DEFINE_TRACE_LITERAL([HAVE___SS_FAMILY_IN_SS])
+m4trace:configure.ac:1490: -1- AC_DEFINE_TRACE_LITERAL([HAVE_PW_CLASS_IN_PASSWD])
+m4trace:configure.ac:1505: -1- AC_DEFINE_TRACE_LITERAL([HAVE_PW_EXPIRE_IN_PASSWD])
+m4trace:configure.ac:1520: -1- AC_DEFINE_TRACE_LITERAL([HAVE_PW_CHANGE_IN_PASSWD])
+m4trace:configure.ac:1545: -1- AC_DEFINE_TRACE_LITERAL([HAVE_ACCRIGHTS_IN_MSGHDR])
+m4trace:configure.ac:1569: -1- AC_DEFINE_TRACE_LITERAL([HAVE_CONTROL_IN_MSGHDR])
+m4trace:configure.ac:1580: -1- AC_DEFINE_TRACE_LITERAL([HAVE___PROGNAME])
+m4trace:configure.ac:1593: -1- AC_DEFINE_TRACE_LITERAL([HAVE___FUNCTION__])
+m4trace:configure.ac:1606: -1- AC_DEFINE_TRACE_LITERAL([HAVE___func__])
+m4trace:configure.ac:1621: -1- AC_DEFINE_TRACE_LITERAL([HAVE_GETOPT_OPTRESET])
+m4trace:configure.ac:1632: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SYS_ERRLIST])
+m4trace:configure.ac:1644: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SYS_NERR])
+m4trace:configure.ac:1677: -1- AC_CHECK_HEADERS([sectok.h])
+m4trace:configure.ac:1677: -1- AH_OUTPUT([HAVE_SECTOK_H], [/* Define to 1 if you have the <sectok.h> header file. */
#undef HAVE_SECTOK_H])
-m4trace:configure.ac:1650: -1- AC_CHECK_LIB([sectok], [sectok_open])
-m4trace:configure.ac:1650: -1- AH_OUTPUT([HAVE_LIBSECTOK], [/* Define to 1 if you have the \`sectok' library (-lsectok). */
+m4trace:configure.ac:1677: -1- AC_CHECK_LIB([sectok], [sectok_open])
+m4trace:configure.ac:1677: -1- AH_OUTPUT([HAVE_LIBSECTOK], [/* Define to 1 if you have the \`sectok' library (-lsectok). */
#undef HAVE_LIBSECTOK])
-m4trace:configure.ac:1650: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBSECTOK])
-m4trace:configure.ac:1650: -1- AC_DEFINE_TRACE_LITERAL([SMARTCARD])
-m4trace:configure.ac:1650: -1- AC_DEFINE_TRACE_LITERAL([USE_SECTOK])
-m4trace:configure.ac:1659: -1- AC_SUBST([OPENSC_CONFIG], [$ac_cv_path_OPENSC_CONFIG])
-m4trace:configure.ac:1665: -1- AC_DEFINE_TRACE_LITERAL([SMARTCARD])
-m4trace:configure.ac:1666: -1- AC_DEFINE_TRACE_LITERAL([USE_OPENSC])
-m4trace:configure.ac:1708: -1- AC_DEFINE_TRACE_LITERAL([KRB5])
-m4trace:configure.ac:1708: -1- AC_DEFINE_TRACE_LITERAL([HEIMDAL])
-m4trace:configure.ac:1708: -1- AC_CHECK_LIB([resolv], [dn_expand], [], [])
-m4trace:configure.ac:1708: -1- AH_OUTPUT([HAVE_LIBRESOLV], [/* Define to 1 if you have the \`resolv' library (-lresolv). */
+m4trace:configure.ac:1677: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBSECTOK])
+m4trace:configure.ac:1677: -1- AC_DEFINE_TRACE_LITERAL([SMARTCARD])
+m4trace:configure.ac:1677: -1- AC_DEFINE_TRACE_LITERAL([USE_SECTOK])
+m4trace:configure.ac:1686: -1- AC_SUBST([OPENSC_CONFIG], [$ac_cv_path_OPENSC_CONFIG])
+m4trace:configure.ac:1692: -1- AC_DEFINE_TRACE_LITERAL([SMARTCARD])
+m4trace:configure.ac:1693: -1- AC_DEFINE_TRACE_LITERAL([USE_OPENSC])
+m4trace:configure.ac:1735: -1- AC_DEFINE_TRACE_LITERAL([KRB5])
+m4trace:configure.ac:1735: -1- AC_DEFINE_TRACE_LITERAL([HEIMDAL])
+m4trace:configure.ac:1735: -1- AC_CHECK_LIB([resolv], [dn_expand], [], [])
+m4trace:configure.ac:1735: -1- AH_OUTPUT([HAVE_LIBRESOLV], [/* Define to 1 if you have the \`resolv' library (-lresolv). */
#undef HAVE_LIBRESOLV])
-m4trace:configure.ac:1708: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBRESOLV])
-m4trace:configure.ac:1762: -1- AC_CHECK_HEADERS([krb.h])
-m4trace:configure.ac:1762: -1- AH_OUTPUT([HAVE_KRB_H], [/* Define to 1 if you have the <krb.h> header file. */
+m4trace:configure.ac:1735: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBRESOLV])
+m4trace:configure.ac:1789: -1- AC_CHECK_HEADERS([krb.h])
+m4trace:configure.ac:1789: -1- AH_OUTPUT([HAVE_KRB_H], [/* Define to 1 if you have the <krb.h> header file. */
#undef HAVE_KRB_H])
-m4trace:configure.ac:1762: -1- AC_CHECK_LIB([krb], [main])
-m4trace:configure.ac:1762: -1- AH_OUTPUT([HAVE_LIBKRB], [/* Define to 1 if you have the \`krb' library (-lkrb). */
+m4trace:configure.ac:1789: -1- AC_CHECK_LIB([krb], [main])
+m4trace:configure.ac:1789: -1- AH_OUTPUT([HAVE_LIBKRB], [/* Define to 1 if you have the \`krb' library (-lkrb). */
#undef HAVE_LIBKRB])
-m4trace:configure.ac:1762: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBKRB])
-m4trace:configure.ac:1762: -1- AC_CHECK_LIB([krb4], [main])
-m4trace:configure.ac:1762: -1- AH_OUTPUT([HAVE_LIBKRB4], [/* Define to 1 if you have the \`krb4' library (-lkrb4). */
+m4trace:configure.ac:1789: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBKRB])
+m4trace:configure.ac:1789: -1- AC_CHECK_LIB([krb4], [main])
+m4trace:configure.ac:1789: -1- AH_OUTPUT([HAVE_LIBKRB4], [/* Define to 1 if you have the \`krb4' library (-lkrb4). */
#undef HAVE_LIBKRB4])
-m4trace:configure.ac:1762: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBKRB4])
-m4trace:configure.ac:1762: -1- AC_CHECK_LIB([des], [des_cbc_encrypt])
-m4trace:configure.ac:1762: -1- AH_OUTPUT([HAVE_LIBDES], [/* Define to 1 if you have the \`des' library (-ldes). */
+m4trace:configure.ac:1789: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBKRB4])
+m4trace:configure.ac:1789: -1- AC_CHECK_LIB([des], [des_cbc_encrypt])
+m4trace:configure.ac:1789: -1- AH_OUTPUT([HAVE_LIBDES], [/* Define to 1 if you have the \`des' library (-ldes). */
#undef HAVE_LIBDES])
-m4trace:configure.ac:1762: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBDES])
-m4trace:configure.ac:1762: -1- AC_CHECK_LIB([des425], [des_cbc_encrypt])
-m4trace:configure.ac:1762: -1- AH_OUTPUT([HAVE_LIBDES425], [/* Define to 1 if you have the \`des425' library (-ldes425). */
+m4trace:configure.ac:1789: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBDES])
+m4trace:configure.ac:1789: -1- AC_CHECK_LIB([des425], [des_cbc_encrypt])
+m4trace:configure.ac:1789: -1- AH_OUTPUT([HAVE_LIBDES425], [/* Define to 1 if you have the \`des425' library (-ldes425). */
#undef HAVE_LIBDES425])
-m4trace:configure.ac:1762: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBDES425])
-m4trace:configure.ac:1762: -1- AC_CHECK_LIB([resolv], [dn_expand], [], [])
-m4trace:configure.ac:1762: -1- AH_OUTPUT([HAVE_LIBRESOLV], [/* Define to 1 if you have the \`resolv' library (-lresolv). */
+m4trace:configure.ac:1789: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBDES425])
+m4trace:configure.ac:1789: -1- AC_CHECK_LIB([resolv], [dn_expand], [], [])
+m4trace:configure.ac:1789: -1- AH_OUTPUT([HAVE_LIBRESOLV], [/* Define to 1 if you have the \`resolv' library (-lresolv). */
#undef HAVE_LIBRESOLV])
-m4trace:configure.ac:1762: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBRESOLV])
-m4trace:configure.ac:1762: -1- AC_DEFINE_TRACE_LITERAL([KRB4])
-m4trace:configure.ac:1788: -1- AC_DEFINE_TRACE_LITERAL([AFS])
-m4trace:configure.ac:1802: -1- AC_SUBST([rsh_path], [$ac_cv_path_rsh_path])
-m4trace:configure.ac:1813: -1- AC_SUBST([PRIVSEP_PATH])
-m4trace:configure.ac:1828: -1- AC_SUBST([xauth_path], [$ac_cv_path_xauth_path])
-m4trace:configure.ac:1832: -1- AC_SUBST([XAUTH_PATH])
-m4trace:configure.ac:1834: -1- AC_DEFINE_TRACE_LITERAL([XAUTH_PATH])
-m4trace:configure.ac:1836: -1- AC_SUBST([XAUTH_PATH])
-m4trace:configure.ac:1839: -1- AC_DEFINE_TRACE_LITERAL([RSH_PATH])
-m4trace:configure.ac:1845: -1- AC_DEFINE_TRACE_LITERAL([MAIL_DIRECTORY])
-m4trace:configure.ac:1855: -1- AC_DEFINE_TRACE_LITERAL([HAVE_DEV_PTMX])
-m4trace:configure.ac:1863: -1- AC_DEFINE_TRACE_LITERAL([HAVE_DEV_PTS_AND_PTC])
-m4trace:configure.ac:1880: -1- AC_SUBST([NROFF], [$ac_cv_path_NROFF])
-m4trace:configure.ac:1889: -1- AC_SUBST([MANTYPE])
-m4trace:configure.ac:1895: -1- AC_SUBST([mansubdir])
-m4trace:configure.ac:1907: -1- AC_DEFINE_TRACE_LITERAL([HAVE_MD5_PASSWORDS])
-m4trace:configure.ac:1918: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_SHADOW])
-m4trace:configure.ac:1933: -1- AC_DEFINE_TRACE_LITERAL([HAS_SHADOW_EXPIRE])
-m4trace:configure.ac:1942: -1- AC_DEFINE_TRACE_LITERAL([IPADDR_IN_DISPLAY])
-m4trace:configure.ac:1953: -1- AC_DEFINE_TRACE_LITERAL([IPADDR_IN_DISPLAY])
-m4trace:configure.ac:2030: -1- AC_DEFINE_TRACE_LITERAL([USER_PATH])
-m4trace:configure.ac:2031: -1- AC_SUBST([user_path])
-m4trace:configure.ac:2043: -1- AC_DEFINE_TRACE_LITERAL([SUPERUSER_PATH])
-m4trace:configure.ac:2056: -1- AC_DEFINE_TRACE_LITERAL([IPV4_DEFAULT])
-m4trace:configure.ac:2079: -1- AC_DEFINE_TRACE_LITERAL([IPV4_IN_IPV6])
-m4trace:configure.ac:2079: -1- AC_DEFINE_TRACE_LITERAL([IPV4_IN_IPV6])
-m4trace:configure.ac:2091: -1- AC_DEFINE_TRACE_LITERAL([BSD_AUTH])
-m4trace:configure.ac:2115: -1- AC_DEFINE_TRACE_LITERAL([_PATH_SSH_PIDDIR])
-m4trace:configure.ac:2116: -1- AC_SUBST([piddir])
-m4trace:configure.ac:2122: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_LASTLOG])
-m4trace:configure.ac:2126: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_UTMP])
-m4trace:configure.ac:2130: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_UTMPX])
-m4trace:configure.ac:2134: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_WTMP])
-m4trace:configure.ac:2138: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_WTMPX])
-m4trace:configure.ac:2142: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_LOGIN])
-m4trace:configure.ac:2146: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_PUTUTLINE])
-m4trace:configure.ac:2150: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_PUTUTXLINE])
-m4trace:configure.ac:2160: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_LASTLOG])
-m4trace:configure.ac:2222: -1- AC_DEFINE_TRACE_LITERAL([CONF_LASTLOG_FILE])
-m4trace:configure.ac:2247: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_UTMP])
-m4trace:configure.ac:2252: -1- AC_DEFINE_TRACE_LITERAL([CONF_UTMP_FILE])
-m4trace:configure.ac:2277: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_WTMP])
-m4trace:configure.ac:2282: -1- AC_DEFINE_TRACE_LITERAL([CONF_WTMP_FILE])
-m4trace:configure.ac:2307: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_UTMPX])
-m4trace:configure.ac:2310: -1- AC_DEFINE_TRACE_LITERAL([CONF_UTMPX_FILE])
-m4trace:configure.ac:2332: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_WTMPX])
-m4trace:configure.ac:2335: -1- AC_DEFINE_TRACE_LITERAL([CONF_WTMPX_FILE])
-m4trace:configure.ac:2353: -1- AC_CONFIG_FILES([Makefile openbsd-compat/Makefile scard/Makefile ssh_prng_cmds])
+m4trace:configure.ac:1789: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBRESOLV])
+m4trace:configure.ac:1789: -1- AC_DEFINE_TRACE_LITERAL([KRB4])
+m4trace:configure.ac:1815: -1- AC_DEFINE_TRACE_LITERAL([AFS])
+m4trace:configure.ac:1829: -1- AC_SUBST([PRIVSEP_PATH])
+m4trace:configure.ac:1844: -1- AC_SUBST([xauth_path], [$ac_cv_path_xauth_path])
+m4trace:configure.ac:1848: -1- AC_SUBST([XAUTH_PATH])
+m4trace:configure.ac:1850: -1- AC_DEFINE_TRACE_LITERAL([XAUTH_PATH])
+m4trace:configure.ac:1852: -1- AC_SUBST([XAUTH_PATH])
+m4trace:configure.ac:1858: -1- AC_DEFINE_TRACE_LITERAL([MAIL_DIRECTORY])
+m4trace:configure.ac:1868: -1- AC_DEFINE_TRACE_LITERAL([HAVE_DEV_PTMX])
+m4trace:configure.ac:1876: -1- AC_DEFINE_TRACE_LITERAL([HAVE_DEV_PTS_AND_PTC])
+m4trace:configure.ac:1893: -1- AC_SUBST([NROFF], [$ac_cv_path_NROFF])
+m4trace:configure.ac:1902: -1- AC_SUBST([MANTYPE])
+m4trace:configure.ac:1908: -1- AC_SUBST([mansubdir])
+m4trace:configure.ac:1920: -1- AC_DEFINE_TRACE_LITERAL([HAVE_MD5_PASSWORDS])
+m4trace:configure.ac:1931: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_SHADOW])
+m4trace:configure.ac:1946: -1- AC_DEFINE_TRACE_LITERAL([HAS_SHADOW_EXPIRE])
+m4trace:configure.ac:1955: -1- AC_DEFINE_TRACE_LITERAL([IPADDR_IN_DISPLAY])
+m4trace:configure.ac:1966: -1- AC_DEFINE_TRACE_LITERAL([IPADDR_IN_DISPLAY])
+m4trace:configure.ac:2043: -1- AC_DEFINE_TRACE_LITERAL([USER_PATH])
+m4trace:configure.ac:2044: -1- AC_SUBST([user_path])
+m4trace:configure.ac:2056: -1- AC_DEFINE_TRACE_LITERAL([SUPERUSER_PATH])
+m4trace:configure.ac:2069: -1- AC_DEFINE_TRACE_LITERAL([IPV4_DEFAULT])
+m4trace:configure.ac:2092: -1- AC_DEFINE_TRACE_LITERAL([IPV4_IN_IPV6])
+m4trace:configure.ac:2092: -1- AC_DEFINE_TRACE_LITERAL([IPV4_IN_IPV6])
+m4trace:configure.ac:2104: -1- AC_DEFINE_TRACE_LITERAL([BSD_AUTH])
+m4trace:configure.ac:2128: -1- AC_DEFINE_TRACE_LITERAL([_PATH_SSH_PIDDIR])
+m4trace:configure.ac:2129: -1- AC_SUBST([piddir])
+m4trace:configure.ac:2135: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_LASTLOG])
+m4trace:configure.ac:2139: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_UTMP])
+m4trace:configure.ac:2143: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_UTMPX])
+m4trace:configure.ac:2147: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_WTMP])
+m4trace:configure.ac:2151: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_WTMPX])
+m4trace:configure.ac:2155: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_LOGIN])
+m4trace:configure.ac:2159: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_PUTUTLINE])
+m4trace:configure.ac:2163: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_PUTUTXLINE])
+m4trace:configure.ac:2173: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_LASTLOG])
+m4trace:configure.ac:2235: -1- AC_DEFINE_TRACE_LITERAL([CONF_LASTLOG_FILE])
+m4trace:configure.ac:2260: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_UTMP])
+m4trace:configure.ac:2265: -1- AC_DEFINE_TRACE_LITERAL([CONF_UTMP_FILE])
+m4trace:configure.ac:2290: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_WTMP])
+m4trace:configure.ac:2295: -1- AC_DEFINE_TRACE_LITERAL([CONF_WTMP_FILE])
+m4trace:configure.ac:2320: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_UTMPX])
+m4trace:configure.ac:2323: -1- AC_DEFINE_TRACE_LITERAL([CONF_UTMPX_FILE])
+m4trace:configure.ac:2345: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_WTMPX])
+m4trace:configure.ac:2348: -1- AC_DEFINE_TRACE_LITERAL([CONF_WTMPX_FILE])
+m4trace:configure.ac:2366: -1- AC_CONFIG_FILES([Makefile openbsd-compat/Makefile scard/Makefile ssh_prng_cmds])
*/
#include "includes.h"
-RCSID("$OpenBSD: bufaux.c,v 1.25 2002/04/20 09:14:58 markus Exp $");
+RCSID("$OpenBSD: bufaux.c,v 1.27 2002/06/26 08:53:12 markus Exp $");
#include <openssl/bn.h>
#include "bufaux.h"
bits = GET_16BIT(buf);
/* Compute the number of binary bytes that follow. */
bytes = (bits + 7) / 8;
+ if (bytes > 8 * 1024)
+ fatal("buffer_get_bignum: cannot handle BN of size %d", bytes);
if (buffer_len(buffer) < bytes)
fatal("buffer_get_bignum: input buffer too small");
bin = buffer_ptr(buffer);
u_char *buf = xmalloc(bytes);
int oi;
int hasnohigh = 0;
+
buf[0] = '\0';
/* Get the value of in binary */
oi = BN_bn2bin(value, buf+1);
xfree(buf);
}
+/* XXX does not handle negative BNs */
void
buffer_get_bignum2(Buffer *buffer, BIGNUM *value)
{
- /**XXX should be two's-complement */
- int len;
- u_char *bin = buffer_get_string(buffer, (u_int *)&len);
+ u_int len;
+ u_char *bin = buffer_get_string(buffer, &len);
+
+ if (len > 8 * 1024)
+ fatal("buffer_get_bignum2: cannot handle BN of size %d", len);
BN_bin2bn(bin, len, value);
xfree(bin);
}
buffer_get_short(Buffer *buffer)
{
u_char buf[2];
+
buffer_get(buffer, (char *) buf, 2);
return GET_16BIT(buf);
}
buffer_get_int(Buffer *buffer)
{
u_char buf[4];
+
buffer_get(buffer, (char *) buf, 4);
return GET_32BIT(buf);
}
buffer_get_int64(Buffer *buffer)
{
u_char buf[8];
+
buffer_get(buffer, (char *) buf, 8);
return GET_64BIT(buf);
}
buffer_put_short(Buffer *buffer, u_short value)
{
char buf[2];
+
PUT_16BIT(buf, value);
buffer_append(buffer, buf, 2);
}
buffer_put_int(Buffer *buffer, u_int value)
{
char buf[4];
+
PUT_32BIT(buf, value);
buffer_append(buffer, buf, 4);
}
buffer_put_int64(Buffer *buffer, u_int64_t value)
{
char buf[8];
+
PUT_64BIT(buf, value);
buffer_append(buffer, buf, 8);
}
void *
buffer_get_string(Buffer *buffer, u_int *length_ptr)
{
- u_int len;
u_char *value;
+ u_int len;
+
/* Get the length. */
len = buffer_get_int(buffer);
if (len > 256 * 1024)
buffer_get_char(Buffer *buffer)
{
char ch;
+
buffer_get(buffer, &ch, 1);
return (u_char) ch;
}
buffer_put_char(Buffer *buffer, int value)
{
char ch = value;
+
buffer_append(buffer, &ch, 1);
}
*/
#include "includes.h"
-RCSID("$OpenBSD: buffer.c,v 1.15 2002/01/18 18:14:17 stevesk Exp $");
+RCSID("$OpenBSD: buffer.c,v 1.16 2002/06/26 08:54:18 markus Exp $");
#include "xmalloc.h"
#include "buffer.h"
{
void *p;
+ if (len > 0x100000)
+ fatal("buffer_append_space: len %u not supported", len);
+
/* If the buffer is empty, start using it from the beginning. */
if (buffer->offset == buffer->end) {
buffer->offset = 0;
}
/* Increase the size of the buffer and retry. */
buffer->alloc += len + 32768;
+ if (buffer->alloc > 0xa00000)
+ fatal("buffer_append_space: alloc %u not supported",
+ buffer->alloc);
buffer->buf = xrealloc(buffer->buf, buffer->alloc);
goto restart;
/* NOTREACHED */
*/
#include "includes.h"
-RCSID("$OpenBSD: channels.c,v 1.175 2002/06/10 22:28:41 markus Exp $");
+RCSID("$OpenBSD: channels.c,v 1.179 2002/06/26 08:55:02 markus Exp $");
#include "ssh.h"
#include "ssh1.h"
Channel *
channel_new(char *ctype, int type, int rfd, int wfd, int efd,
- int window, int maxpack, int extusage, char *remote_name, int nonblock)
+ u_int window, u_int maxpack, int extusage, char *remote_name, int nonblock)
{
int i, found;
Channel *c;
/* There are no free slots. Take last+1 slot and expand the array. */
found = channels_alloc;
channels_alloc += 10;
+ if (channels_alloc > 10000)
+ fatal("channel_new: internal error: channels_alloc %d "
+ "too big.", channels_alloc);
debug2("channel: expanding %d", channels_alloc);
channels = xrealloc(channels, channels_alloc * sizeof(Channel *));
for (i = found; i < channels_alloc; i++)
void
channel_output_poll(void)
{
- int len, i;
Channel *c;
+ int i;
+ u_int len;
for (i = 0; i < channels_alloc; i++) {
c = channels[i];
c->remote_window > 0 &&
(len = buffer_len(&c->extended)) > 0 &&
c->extended_usage == CHAN_EXTENDED_READ) {
- debug2("channel %d: rwin %d elen %d euse %d",
+ debug2("channel %d: rwin %u elen %u euse %d",
c->self, c->remote_window, buffer_len(&c->extended),
c->extended_usage);
if (len > c->remote_window)
channel_input_extended_data(int type, u_int32_t seq, void *ctxt)
{
int id;
- int tcode;
char *data;
- u_int data_len;
+ u_int data_len, tcode;
Channel *c;
/* Get the channel number and verify it. */
c->confirm(c->self, NULL);
debug2("callback done");
}
- debug("channel %d: open confirm rwindow %d rmax %d", c->self,
+ debug("channel %d: open confirm rwindow %u rmax %u", c->self,
c->remote_window, c->remote_maxpacket);
}
packet_check_eom();
channel_input_window_adjust(int type, u_int32_t seq, void *ctxt)
{
Channel *c;
- int id, adjust;
+ int id;
+ u_int adjust;
if (!compat20)
return;
}
adjust = packet_get_int();
packet_check_eom();
- debug2("channel %d: rcvd adjust %d", id, adjust);
+ debug2("channel %d: rcvd adjust %u", id, adjust);
c->remote_window += adjust;
}
/*
* Creates an internet domain socket for listening for X11 connections.
- * Returns a suitable display number for the DISPLAY variable, or -1 if
- * an error occurs.
+ * Returns 0 and a suitable display number for the DISPLAY variable
+ * stored in display_numberp , or -1 if an error occurs.
*/
int
x11_create_display_inet(int x11_display_offset, int x11_use_localhost,
- int single_connection)
+ int single_connection, u_int *display_numberp)
{
Channel *nc = NULL;
int display_number, sock;
}
/* Return the display number for the DISPLAY environment variable. */
- return display_number;
+ *display_numberp = display_number;
+ return (0);
}
static int
-/* $OpenBSD: channels.h,v 1.68 2002/06/10 22:28:41 markus Exp $ */
+/* $OpenBSD: channels.h,v 1.70 2002/06/24 14:33:27 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
int host_port; /* remote port to connect for forwards */
char *remote_name; /* remote hostname */
- int remote_window;
- int remote_maxpacket;
- int local_window;
- int local_window_max;
- int local_consumed;
- int local_maxpacket;
+ u_int remote_window;
+ u_int remote_maxpacket;
+ u_int local_window;
+ u_int local_window_max;
+ u_int local_consumed;
+ u_int local_maxpacket;
int extended_usage;
int single_connection;
/* channel management */
Channel *channel_lookup(int);
-Channel *channel_new(char *, int, int, int, int, int, int, int, char *, int);
+Channel *channel_new(char *, int, int, int, int, u_int, u_int, int, char *, int);
void channel_set_fds(int, int, int, int, int, int, u_int);
void channel_free(Channel *);
void channel_free_all(void);
/* x11 forwarding */
int x11_connect_display(void);
-int x11_create_display_inet(int, int, int);
+int x11_create_display_inet(int, int, int, u_int *);
void x11_input_open(int, u_int32_t, void *);
void x11_request_forwarding_with_spoofing(int, const char *, const char *);
void deny_input_open(int, u_int32_t, void *);
*/
#include "includes.h"
-RCSID("$OpenBSD: cipher.c,v 1.59 2002/06/19 18:01:00 markus Exp $");
+RCSID("$OpenBSD: cipher.c,v 1.60 2002/06/23 03:26:52 deraadt Exp $");
#include "xmalloc.h"
#include "log.h"
{
return (c->block_size);
}
+
u_int
cipher_keylen(Cipher *c)
{
return (c->key_len);
}
+
u_int
cipher_get_number(Cipher *c)
{
{
EVP_CIPHER_CTX k1, k2, k3;
};
+
static int
ssh1_3des_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv,
int enc)
#endif
return (1);
}
+
static int
ssh1_3des_cbc(EVP_CIPHER_CTX *ctx, u_char *dest, const u_char *src, u_int len)
{
#endif
return (1);
}
+
static int
ssh1_3des_cleanup(EVP_CIPHER_CTX *ctx)
{
}
return (1);
}
+
static const EVP_CIPHER *
evp_ssh1_3des(void)
{
*dst++ = c[3];
}
}
+
static int (*orig_bf)(EVP_CIPHER_CTX *, u_char *, const u_char *, u_int) = NULL;
+
static int
bf_ssh1_cipher(EVP_CIPHER_CTX *ctx, u_char *out, const u_char *in, u_int len)
{
swap_bytes(out, out, len);
return (ret);
}
+
static const EVP_CIPHER *
evp_ssh1_bf(void)
{
memcpy(c->r_iv, iv, RIJNDAEL_BLOCKSIZE);
return (1);
}
+
static int
ssh_rijndael_cbc(EVP_CIPHER_CTX *ctx, u_char *dest, const u_char *src,
u_int len)
}
return (1);
}
+
static int
ssh_rijndael_cleanup(EVP_CIPHER_CTX *ctx)
{
}
return (1);
}
+
static const EVP_CIPHER *
evp_rijndael(void)
{
*/
#include "includes.h"
-RCSID("$OpenBSD: clientloop.c,v 1.101 2002/06/09 13:32:01 markus Exp $");
+RCSID("$OpenBSD: clientloop.c,v 1.102 2002/06/24 14:33:27 markus Exp $");
#include "ssh.h"
#include "ssh1.h"
{
Channel *c = NULL;
char *ctype;
- u_int len;
int rchan;
- int rmaxpack;
- int rwindow;
+ u_int rmaxpack, rwindow, len;
ctype = packet_get_string(&len);
rchan = packet_get_int();
AC_DEFINE(BROKEN_REALPATH)
dnl AIX handles lastlog as part of its login message
AC_DEFINE(DISABLE_LASTLOG)
+ AC_DEFINE(LOGIN_NEEDS_UTMPX)
;;
*-*-cygwin*)
LIBS="$LIBS /usr/lib/textmode.o"
AC_DEFINE(IPV4_DEFAULT)
AC_DEFINE(IP_TOS_IS_BROKEN)
AC_DEFINE(NO_X11_UNIX_SOCKETS)
+ AC_DEFINE(BROKEN_FD_PASSING)
AC_DEFINE(SETGROUPS_NOOP)
;;
*-*-dgux*)
CPPFLAGS="$CPPFLAGS -Dftruncate=chsize -I/usr/local/include"
LDFLAGS="$LDFLAGS -L/usr/local/lib"
LIBS="$LIBS -los -lprot -lx -ltinfo -lm"
- rsh_path="/usr/bin/rcmd"
RANLIB=true
no_dev_ptmx=1
AC_DEFINE(BROKEN_SYS_TERMIO_H)
LDFLAGS="$LDFLAGS -L/usr/local/lib"
LIBS="$LIBS -lprot -lx -ltinfo -lm"
no_dev_ptmx=1
- rsh_path="/usr/bin/rcmd"
AC_DEFINE(USE_PIPES)
AC_DEFINE(HAVE_SECUREWARE)
AC_DEFINE(DISABLE_SHADOW)
+ AC_DEFINE(BROKEN_FD_PASSING)
AC_CHECK_FUNCS(getluid setluid)
MANTYPE=man
;;
no_libsocket=1
no_libnsl=1
AC_DEFINE(USE_PIPES)
+ AC_DEFINE(BROKEN_FD_PASSING)
LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal,-L/usr/local/lib"
LIBS="$LIBS -lgen -lrsc"
;;
socketpair strerror strlcat strlcpy strmode strsep sysconf tcgetpgrp \
truncate utimes vhangup vsnprintf waitpid __b64_ntop _getpty)
+if test $ac_cv_func_mmap = yes ; then
+AC_MSG_CHECKING([for mmap anon shared])
+AC_TRY_RUN(
+ [
+#include <stdio.h>
+#include <sys/mman.h>
+#if !defined(MAP_ANON) && defined(MAP_ANONYMOUS)
+#define MAP_ANON MAP_ANONYMOUS
+#endif
+main() { char *p;
+p = (char *) mmap(NULL, 10, PROT_WRITE|PROT_READ, MAP_ANON|MAP_SHARED, -1, 0);
+if (p == (char *)-1)
+ exit(1);
+exit(0);
+}
+ ],
+ [
+ AC_MSG_RESULT(yes)
+ AC_DEFINE(HAVE_MMAP_ANON_SHARED)
+ ],
+ [ AC_MSG_RESULT(no) ]
+)
+fi
+
dnl IRIX and Solaris 2.5.1 have dirname() in libgen
AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
AC_CHECK_LIB(gen, dirname,[
)
AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout)
-ssh_privsep_user=sshd
+SSH_PRIVSEP_USER=sshd
AC_ARG_WITH(privsep-user,
[ --with-privsep-user=user Specify non-privileged user for privilege separation],
[
if test -n "$withval"; then
- ssh_privsep_user=$withval
+ SSH_PRIVSEP_USER=$withval
fi
]
)
-AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$ssh_privsep_user")
+AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER")
+AC_SUBST(SSH_PRIVSEP_USER)
# We do this little dance with the search path to insure
# that programs that we select for use by installed programs
LIBS="$LIBS $KLIBS $K5LIBS"
# Looking for programs, paths and files
-AC_ARG_WITH(rsh,
- [ --with-rsh=PATH Specify path to remote shell program ],
- [
- if test "x$withval" != "$no" ; then
- rsh_path=$withval
- fi
- ],
- [
- AC_PATH_PROG(rsh_path, rsh)
- ]
-)
PRIVSEP_PATH=/var/empty
AC_ARG_WITH(privsep-path,
XAUTH_PATH=$xauth_path
AC_SUBST(XAUTH_PATH)
fi
-if test ! -z "$rsh_path" ; then
- AC_DEFINE_UNQUOTED(RSH_PATH, "$rsh_path")
-fi
# Check for mail directory (last resort if we cannot get it from headers)
if test ! -z "$MAIL" ; then
The script treats all packages as USR packages (not ROOT+USR when
appropriate). It seems to work, though......
+If there are any patches to this that have not yet been integrated they
+may be found at http://www.zip.com.au/~dtucker/openssh/ or
+http://home.usf.advantra.com.au/~dtucker/openssh/.
+
Disclaimer:
# Based originally on Ben Lindstrom's buildpkg.sh for Solaris
#
+#
+# Tunable configuration settings
+# create a "config.local" in your build directory to override these.
+#
+PERMIT_ROOT_LOGIN=no
+X11_FORWARDING=no
+
umask 022
+
+#
+# We still support running from contrib/aix, but this is depreciated
+#
+if pwd | egrep 'contrib/aix$'
+then
+ echo "Changing directory to `pwd`/../.."
+ echo "Please run buildbff.sh from your build directory in future."
+ cd ../..
+ contribaix=1
+fi
+
+if [ ! -f Makefile ]
+then
+ echo "Makefile not found (did you run configure?)"
+ exit 1
+fi
+
+#
+# Directories used during build:
+# current dir = $objdir directory you ran ./configure in.
+# $objdir/$PKGDIR/ directory package files are constructed in
+# $objdir/$PKGDIR/root/ package root ($FAKE_ROOT)
+#
+objdir=`pwd`
PKGNAME=openssh
PKGDIR=package
-PATH=`pwd`:$PATH # set path for external tools
-export PATH
+# Path to inventory.sh: same place as buildbff.sh
+if echo $0 | egrep '^/'
+then
+ inventory=`dirname $0`/inventory.sh # absolute path
+else
+ inventory=`pwd`/`dirname $0`/inventory.sh # relative path
+fi
-# Clean build directory
-rm -rf $PKGDIR
-mkdir $PKGDIR
+#
+# Collect local configuration settings to override defaults
+#
+if [ -s ./config.local ]
+then
+ echo Reading local settings from config.local
+ . ./config.local
+fi
+
+#
+# Fill in some details from Makefile, like prefix and sysconfdir
+# the eval also expands variables like sysconfdir=${prefix}/etc
+# provided they are eval'ed in the correct order
+#
+for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir mansubdir sysconfdir piddir srcdir
+do
+ eval $confvar=`grep "^$confvar=" $objdir/Makefile | cut -d = -f 2`
+done
+
+#
+# Collect values of privsep user and privsep path
+# currently only found in config.h
+#
+for confvar in SSH_PRIVSEP_USER PRIVSEP_PATH
+do
+ eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' $objdir/config.h`
+done
-if [ ! -f ../../Makefile ]
+# Set privsep defaults if not defined
+if [ -z "$SSH_PRIVSEP_USER" ]
then
- echo "Top-level Makefile not found (did you run ./configure?)"
- exit 1
+ SSH_PRIVSEP_USER=sshd
+fi
+if [ -z "$PRIVSEP_PATH" ]
+then
+ PRIVSEP_PATH=/var/empty
fi
-## Start by faking root install
+# Clean package build directory
+rm -rf $objdir/$PKGDIR
+FAKE_ROOT=$objdir/$PKGDIR/root
+mkdir -p $FAKE_ROOT
+
+# Start by faking root install
echo "Faking root install..."
-START=`pwd`
-FAKE_ROOT=$START/$PKGDIR
-cd ../..
+cd $objdir
make install-nokeys DESTDIR=$FAKE_ROOT
if [ $? -gt 0 ]
exit 1
fi
+#
+# Copy informational files to include in package
+#
+cp $srcdir/LICENCE $objdir/$PKGDIR/
+cp $srcdir/README* $objdir/$PKGDIR/
+
#
# Extract common info requires for the 'info' part of the package.
# AIX requires 4-part version numbers
MAJOR=`echo $VERSION | cut -f 1 -d p | cut -f 1 -d .`
MINOR=`echo $VERSION | cut -f 1 -d p | cut -f 2 -d .`
PATCH=`echo $VERSION | cut -f 1 -d p | cut -f 3 -d .`
-PORTABLE=`echo $VERSION | cut -f 2 -d p`
-if [ "$PATCH" = "" ]
-then
- PATCH=0
-fi
+PORTABLE=`echo $VERSION | awk 'BEGIN{FS="p"}{print $2}'`
+[ "$PATCH" = "" ] && PATCH=0
+[ "$PORTABLE" = "" ] && PORTABLE=0
BFFVERSION=`printf "%d.%d.%d.%d" $MAJOR $MINOR $PATCH $PORTABLE`
echo "Building BFF for $PKGNAME $VERSION (package version $BFFVERSION)"
#
-# Fill in some details, like prefix and sysconfdir
-# the eval also expands variables like sysconfdir=${prefix}/etc
-# provided they are eval'ed in the correct order
+# Set ssh and sshd parameters as per config.local
#
-for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir mansubdir sysconfdir piddir
-do
- eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2`
-done
+if [ "${PERMIT_ROOT_LOGIN}" = no ]
+then
+ perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \
+ $FAKE_ROOT/${sysconfdir}/sshd_config
+fi
+if [ "${X11_FORWARDING}" = yes ]
+then
+ perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \
+ $FAKE_ROOT/${sysconfdir}/sshd_config
+fi
+
# Rename config files; postinstall script will copy them if necessary
for cfgfile in ssh_config sshd_config ssh_prng_cmds
#
# Generate lpp control files.
-# working dir is $FAKE_ROOT but files are generated in contrib/aix
+# working dir is $FAKE_ROOT but files are generated in dir above
# and moved into place just before creation of .bff
#
cd $FAKE_ROOT
echo Generating LPP control files
find . ! -name . -print >../openssh.al
-inventory.sh >../openssh.inventory
-cp ../../../LICENCE ../openssh.copyright
+$inventory >../openssh.inventory
+
+cat <<EOD >../openssh.copyright
+This software is distributed under a BSD-style license.
+For the full text of the license, see /usr/lpp/openssh/LICENCE
+EOD
#
# Create postinstall script
cat <<EOF >>../openssh.post_i
#!/bin/sh
-# Create configs from defaults if necessary
+echo Creating configs from defaults if necessary.
for cfgfile in ssh_config sshd_config ssh_prng_cmds
do
if [ ! -f $sysconfdir/\$cfgfile ]
echo "\$cfgfile already exists."
fi
done
+echo
+
+# Create PrivSep user if PrivSep not disabled in config
+echo Creating PrivSep prereqs if required.
+if egrep '^[ \t]*UsePrivilegeSeparation[ \t]+no' $sysconfdir/sshd_config >/dev/null
+then
+ echo "UsePrivilegeSeparation disabled in config, not creating PrivSep user,"
+ echo "group or chroot directory."
+else
+ echo "UsePrivilegeSeparation enabled in config (or defaulting to on)."
+
+ # create group if required
+ if cut -f1 -d: /etc/group | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
+ then
+ echo "PrivSep group $SSH_PRIVSEP_USER already exists."
+ else
+ echo "Creating PrivSep group $SSH_PRIVSEP_USER."
+ mkgroup -A $SSH_PRIVSEP_USER
+ fi
+
+ # Create user if required
+ if cut -f1 -d: /etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
+ then
+ echo "PrivSep user $SSH_PRIVSEP_USER already exists."
+ else
+ echo "Creating PrivSep user $SSH_PRIVSEP_USER."
+ mkuser gecos='SSHD PrivSep User' login=false rlogin=false account_locked=true pgrp=$SSH_PRIVSEP_USER $SSH_PRIVSEP_USER
+ fi
+
+ # create chroot directory if required
+ if [ -d $PRIVSEP_PATH ]
+ then
+ echo "PrivSep chroot directory $PRIVSEP_PATH already exists."
+ else
+ echo "Creating PrivSep chroot directory $PRIVSEP_PATH."
+ mkdir $PRIVSEP_PATH
+ chown 0 $PRIVSEP_PATH
+ chgrp 0 $PRIVSEP_PATH
+ chmod 755 $PRIVSEP_PATH
+ fi
+fi
+echo
# Generate keys unless they already exist
+echo Creating host keys if required.
if [ -f "$sysconfdir/ssh_host_key" ] ; then
echo "$sysconfdir/ssh_host_key already exists, skipping."
else
else
$bindir/ssh-keygen -t rsa -f $sysconfdir/ssh_host_rsa_key -N ""
fi
+echo
# Add to system startup if required
if grep $sbindir/sshd /etc/rc.tcpip >/dev/null
echo Creating liblpp.a
(
cd ..
- for i in al copyright inventory post_i
+ for i in openssh.al openssh.copyright openssh.inventory openssh.post_i LICENCE README*
do
- ar -r liblpp.a openssh.$i
- rm openssh.$i
+ ar -r liblpp.a $i
+ rm $i
done
)
# /usr/local/share 3
# %
# ]
+# }
+
echo Creating lpp_name
cat <<EOF >../lpp_name
4 R I $PKGNAME {
%
EOF
-for i in $bindir $sysconfdir $libexecdir $mandir/man1 $mandir/man8 $sbindir $datadir
+for i in $bindir $sysconfdir $libexecdir $mandir/${mansubdir}1 $mandir/${mansubdir}8 $sbindir $datadir /usr/lpp/openssh
do
# get size in 512 byte blocks
- size=`du $FAKE_ROOT/$i | awk '{print $1}'`
- echo "$i $size" >>../lpp_name
+ if [ -d $FAKE_ROOT/$i ]
+ then
+ size=`du $FAKE_ROOT/$i | awk '{print $1}'`
+ echo "$i $size" >>../lpp_name
+ fi
done
echo '%' >>../lpp_name
#
# Now invoke backup to create .bff file
-# note: lpp_name needs to be the first file do we generate the
+# note: lpp_name needs to be the first file so we generate the
# file list on the fly and feed it to backup using -i
#
echo Creating $PKGNAME-$VERSION.bff with backup...
find . ! -name lpp_name -a ! -name . -print
) | backup -i -q -f ../$PKGNAME-$VERSION.bff $filelist
-cd ..
+#
+# Move package into final location
+#
+if [ "$contribaix" = "1" ]
+then
+ mv ../$PKGNAME-$VERSION.bff $objdir/contrib/aix
+else
+ mv ../$PKGNAME-$VERSION.bff $objdir
+fi
+
+rm -rf $objdir/$PKGDIR
-rm -rf $PKGDIR
echo $0: done.
-%define use-stable 1
-%if %{use-stable}
- %define version 3.3p1
+
+# Some of this will need re-evaluation post-LSB. The SVIdir is there
+# because the link appeared broken. The rest is for easy compilation,
+# the tradeoff open to discussion. (LC957)
+
+%define SVIdir /etc/rc.d/init.d
+%{!?_defaultdocdir:%define _defaultdocdir %{_prefix}/share/doc/packages}
+%{!?SVIcdir:%define SVIcdir /etc/sysconfig/daemons}
+
+%define _mandir %{_prefix}/share/man/en
+%define _sysconfdir /etc/ssh
+%define _libexecdir %{_libdir}/ssh
+
+# Do we want to disable root_login? (1=yes 0=no)
+%define no_root_login 0
+
+#old cvs stuff. please update before use. may be deprecated.
+%define use_stable 1
+%if %{use_stable}
+ %define version 3.4p1
%define cvs %{nil}
- %define release 1
+ %define release 2
%else
- %define version 3.3
- %define cvs cvs20020515
+ %define version 2.9.9p2
+ %define cvs cvs20011009
%define release 0r1
%endif
%define xsa x11-ssh-askpass
%define askpass %{xsa}-1.2.4.1
+# OpenSSH privilege separation requires a user & group ID
+%define sshd_uid 67
+%define sshd_gid 67
+
Name : openssh
Version : %{version}%{cvs}
Release : %{release}
Group : System/Network
Summary : OpenSSH free Secure Shell (SSH) implementation.
+Summary(de) : OpenSSH - freie Implementation der Secure Shell (SSH).
+Summary(es) : OpenSSH implementación libre de Secure Shell (SSH).
+Summary(fr) : Implémentation libre du shell sécurisé OpenSSH (SSH).
+Summary(it) : Implementazione gratuita OpenSSH della Secure Shell.
+Summary(pt) : Implementação livre OpenSSH do protocolo 'Secure Shell' (SSH).
+Summary(pt_BR) : Implementação livre OpenSSH do protocolo Secure Shell (SSH).
Copyright : BSD
Packager : Raymund Will <ray@caldera.de>
Obsoletes : ssh, ssh-clients, openssh-clients
-BuildRoot : /tmp/%{Name}-%{Version}
+BuildRoot : /tmp/%{name}-%{version}
+BuildRequires : XFree86-imake
-# %{use-stable}==1: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable
-# %{use-stable}==0: :pserver:cvs@bass.directhit.com:/cvs/openssh_cvs
-Source0: see-above:/.../openssh-%{Version}.tar.gz
-%if %{use-stable}
-Source1: see-above:/.../openssh-%{Version}.tar.gz.sig
+# %{use_stable}==1: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable
+# %{use_stable}==0: :pserver:cvs@bass.directhit.com:/cvs/openssh_cvs
+Source0: see-above:/.../openssh-%{version}.tar.gz
+%if %{use_stable}
+Source1: see-above:/.../openssh-%{version}.tar.gz.sig
%endif
Source2: http://www.ntrnet.net/~jmknoble/software/%{xsa}/%{askpass}.tar.gz
Source3: http://www.openssh.com/faq.html
-
%Package server
Group : System/Network
-Requires : openssh = %{Version}
+Requires : openssh = %{version}
Obsoletes : ssh-server
Summary : OpenSSH Secure Shell protocol server (sshd).
+Summary(de) : OpenSSH Secure Shell Protocol-Server (sshd).
+Summary(es) : Servidor del protocolo OpenSSH Secure Shell (sshd).
+Summary(fr) : Serveur de protocole du shell sécurisé OpenSSH (sshd).
+Summary(it) : Server OpenSSH per il protocollo Secure Shell (sshd).
+Summary(pt) : Servidor do protocolo 'Secure Shell' OpenSSH (sshd).
+Summary(pt_BR) : Servidor do protocolo Secure Shell OpenSSH (sshd).
%Package askpass
Group : System/Network
-Requires : openssh = %{Version}
+Requires : openssh = %{version}
URL : http://www.ntrnet.net/~jmknoble/software/x11-ssh-askpass/
Obsoletes : ssh-extras
Summary : OpenSSH X11 pass-phrase dialog.
+Summary(de) : OpenSSH X11 Passwort-Dialog.
+Summary(es) : Aplicación de petición de frase clave OpenSSH X11.
+Summary(fr) : Dialogue pass-phrase X11 d'OpenSSH.
+Summary(it) : Finestra di dialogo X11 per la frase segreta di OpenSSH.
+Summary(pt) : Diálogo de pedido de senha para X11 do OpenSSH.
+Summary(pt_BR) : Diálogo de pedido de senha para X11 do OpenSSH.
-%Prep
-%setup %([ -z "%{cvs}" ] || echo "-n %{Name}_cvs") -a2
+%Description
+OpenSSH (Secure Shell) provides access to a remote system. It replaces
+telnet, rlogin, rexec, and rsh, and provides secure encrypted
+communications between two untrusted hosts over an insecure network.
+X11 connections and arbitrary TCP/IP ports can also be forwarded over
+the secure channel.
-%if ! %{use-stable}
+%Description -l de
+OpenSSH (Secure Shell) stellt den Zugang zu anderen Rechnern her. Es ersetzt
+telnet, rlogin, rexec und rsh und stellt eine sichere, verschlüsselte
+Verbindung zwischen zwei nicht vertrauenswürdigen Hosts über eine unsicheres
+Netzwerk her. X11 Verbindungen und beliebige andere TCP/IP Ports können ebenso
+über den sicheren Channel weitergeleitet werden.
+
+%Description -l es
+OpenSSH (Secure Shell) proporciona acceso a sistemas remotos. Reemplaza a
+telnet, rlogin, rexec, y rsh, y proporciona comunicaciones seguras encriptadas
+entre dos equipos entre los que no se ha establecido confianza a través de una
+red insegura. Las conexiones X11 y puertos TCP/IP arbitrarios también pueden
+ser canalizadas sobre el canal seguro.
+
+%Description -l fr
+OpenSSH (Secure Shell) fournit un accès à un système distant. Il remplace
+telnet, rlogin, rexec et rsh, tout en assurant des communications cryptées
+securisées entre deux hôtes non fiabilisés sur un réseau non sécurisé. Des
+connexions X11 et des ports TCP/IP arbitraires peuvent également être
+transmis sur le canal sécurisé.
+
+%Description -l it
+OpenSSH (Secure Shell) fornisce l'accesso ad un sistema remoto.
+Sostituisce telnet, rlogin, rexec, e rsh, e fornisce comunicazioni sicure
+e crittate tra due host non fidati su una rete non sicura. Le connessioni
+X11 ad una porta TCP/IP arbitraria possono essere inoltrate attraverso
+un canale sicuro.
+
+%Description -l pt
+OpenSSH (Secure Shell) fornece acesso a um sistema remoto. Substitui o
+telnet, rlogin, rexec, e o rsh e fornece comunicações seguras e cifradas
+entre duas máquinas sem confiança mútua sobre uma rede insegura.
+Ligações X11 e portos TCP/IP arbitrários também poder ser reenviados
+pelo canal seguro.
+
+%Description -l pt_BR
+O OpenSSH (Secure Shell) fornece acesso a um sistema remoto. Substitui o
+telnet, rlogin, rexec, e o rsh e fornece comunicações seguras e criptografadas
+entre duas máquinas sem confiança mútua sobre uma rede insegura.
+Ligações X11 e portas TCP/IP arbitrárias também podem ser reenviadas
+pelo canal seguro.
+
+%Description server
+This package installs the sshd, the server portion of OpenSSH.
+
+%Description -l de server
+Dieses Paket installiert den sshd, den Server-Teil der OpenSSH.
+
+%Description -l es server
+Este paquete instala sshd, la parte servidor de OpenSSH.
+
+%Description -l fr server
+Ce paquetage installe le 'sshd', partie serveur de OpenSSH.
+
+%Description -l it server
+Questo pacchetto installa sshd, il server di OpenSSH.
+
+%Description -l pt server
+Este pacote intala o sshd, o servidor do OpenSSH.
+
+%Description -l pt_BR server
+Este pacote intala o sshd, o servidor do OpenSSH.
+
+%Description askpass
+This package contains an X11-based pass-phrase dialog used per
+default by ssh-add(1). It is based on %{askpass}
+by Jim Knoble <jmknoble@pobox.com>.
+
+
+%Prep
+%setup %([ -z "%{cvs}" ] || echo "-n %{name}_cvs") -a2
+%if ! %{use_stable}
autoreconf
%endif
%Build
CFLAGS="$RPM_OPT_FLAGS" \
-./configure \
- --prefix=/usr \
- --sysconfdir=/etc/ssh \
- --libexecdir=/usr/lib/ssh \
+%configure \
--with-pam \
--with-tcp-wrappers \
--with-ipv4-default \
+ --sysconfdir=%{_sysconfdir}/ssh \
+ --libexecdir=%{_libexecdir}/openssh \
+ --with-privsep-path=%{_var}/empty/sshd \
+ #leave this line for easy edits.
-make
+%__make CFLAGS="$RPM_OPT_FLAGS"
cd %{askpass}
-./configure
+%configure \
+ #leave this line for easy edits.
+
xmkmf
-make includes
-make
+%__make includes
+%__make
%Install
-%{mkDESTDIR}
-
-make DESTDIR="$DESTDIR" install
+[ %{buildroot} != "/" ] && rm -rf %{buildroot}
-make -C %{askpass} BINDIR="/usr/lib/ssh" install
+%makeinstall
+%makeinstall -C %{askpass} \
+ BINDIR=%{_libexecdir} \
+ MANPATH=%{_mandir} \
+ DESTDIR=%{buildroot}
# OpenLinux specific configuration
-mkdir -p $DESTDIR/{etc/pam.d,%{SVIcdir},%{SVIdir}}
+mkdir -p %{buildroot}{/etc/pam.d,%{SVIcdir},%{SVIdir}}
+mkdir -p %{buildroot}%{_var}/empty/sshd
# enabling X11 forwarding on the server is convenient and okay,
-# on the client side we consider it a potential security risk!
-%{fixUP} -vT $DESTDIR/etc/ssh/sshd_config -e '
- s/#X11Forwarding no/X11Forwarding yes/i'
+# on the client side it's a potential security risk!
+%__perl -pi -e 's:#X11Forwarding no:X11Forwarding yes:g' \
+ %{buildroot}%{_sysconfdir}/sshd_config
+
+%if %{no_root_login}
+%__perl -pi -e 's:#PermitRootLogin yes:PermitRootLogin no:g' \
+ %{buildroot}%{_sysconfdir}/sshd_config
+%endif
-install -m644 contrib/caldera/sshd.pam $DESTDIR/etc/pam.d/sshd
-# FIXME: disabled, find out why this doesn't work with NIS
-%{fixUP} -vT $DESTDIR/etc/pam.d/sshd -e 's/^(.*pam_limits.*)$/#$1/'
+install -m644 contrib/caldera/sshd.pam %{buildroot}/etc/pam.d/sshd
+# FIXME: disabled, find out why this doesn't work with nis
+%__perl -pi -e 's:(.*pam_limits.*):#$1:' \
+ %{buildroot}/etc/pam.d/sshd
-install -m 0755 contrib/caldera/sshd.init $DESTDIR%{SVIdir}/sshd
-%{fixUP} -vT $DESTDIR/%{SVIdir} -e 's:\@SVIdir\@:%{SVIdir}: +
- s:\@sysconfdir\@:/etc/ssh:'
+install -m 0755 contrib/caldera/sshd.init %{buildroot}%{SVIdir}/sshd
-cat <<-EoD > $DESTDIR%{SVIcdir}/sshd
+# the last one is needless, but more future-proof
+find %{buildroot}%{SVIdir} -type f -exec \
+ %__perl -pi -e 's:\@SVIdir\@:%{SVIdir}:g;\
+ s:\@sysconfdir\@:%{_sysconfdir}:g; \
+ s:/usr/sbin:%{_sbindir}:g'\
+ \{\} \;
+
+cat <<-EoD > %{buildroot}%{SVIcdir}/sshd
IDENT=sshd
DESCRIPTIVE="OpenSSH secure shell daemon"
# This service will be marked as 'skipped' on boot if there
- # is no host key. Use ssh-host-keygen to generate one.
+ # is no host key. Use ssh-host-keygen to generate one
ONBOOT="yes"
OPTIONS=""
EoD
-SKG=$DESTDIR/usr/sbin/ssh-host-keygen
+SKG=%{buildroot}%{_sbindir}/ssh-host-keygen
install -m 0755 contrib/caldera/ssh-host-keygen $SKG
-%{fixUP} -T $SKG -e 's:\@sysconfdir\@:/etc/ssh: +
- s:\@sshkeygen\@:/usr/bin/ssh-keygen:'
-
+# Fix up some path names in the keygen toy^Hol
+ %__perl -pi -e 's:\@sysconfdir\@:%{_sysconfdir}:g; \
+ s:\@sshkeygen\@:%{_bindir}/ssh-keygen:g' \
+ %{buildroot}%{_sbindir}/ssh-host-keygen
+# This looks terrible. Expect it to change.
# install remaining docs
-DocD="$DESTDIR%{_defaultdocdir}/%{Name}-%{Version}"; mkdir -p $DocD/00-LEGAL
-cp -a LICENCE $DocD/00-LEGAL
-cp -a CREDITS ChangeLog OVERVIEW README* TODO $DocD
-install -p -m 0444 -o 0 -g 0 %{SOURCE3} $DocD/faq.html
+DocD="%{buildroot}%{_defaultdocdir}/%{name}-%{version}"
mkdir -p $DocD/%{askpass}
+cp -a CREDITS ChangeLog LICENCE OVERVIEW README* TODO $DocD
+install -p -m 0444 %{SOURCE3} $DocD/faq.html
cp -a %{askpass}/{README,ChangeLog,TODO,SshAskpass*.ad} $DocD/%{askpass}
+%if %{use_stable}
+ cp -p %{askpass}/%{xsa}.man $DocD/%{askpass}/%{xsa}.1
+%else
+ cp -p %{askpass}/%{xsa}.man %{buildroot}%{_mandir}man1/%{xsa}.1
+ ln -s %{xsa}.1 %{buildroot}%{_mandir}man1/ssh-askpass.1
+%endif
-cp -p %{askpass}/%{xsa}.man $DESTDIR/usr/man/man1/%{xsa}.1
-ln -s %{xsa}.1 $DESTDIR/usr/man/man1/ssh-askpass.1
-
-%{fixManPages}
-
-
-# generate file lists
-%{mkLists} -c %{Name}
-%{mkLists} -d %{Name} << 'EOF'
-/etc/ssh base
-^/etc/ IGNORED
-%{_defaultdocdir}/$ IGNORED
-askpass askpass
-* default
-EOF
-%{mkLists} -a -f %{Name} << 'EOF'
-^/etc * prefix(%%config)
-/usr/X11R6/lib/X11/app-defaults IGNORED
-Ssh.bin IGNORED # for now
-[Aa]skpass askpass
-%{_defaultdocdir}/%{Name}-%{Version}/ base
-ssh-keygen base
-moduli server
-sshd server
-sftp-server server
-.* base
-EOF
+find %{buildroot}%{_mandir} -type f -not -name '*.gz' -print0 | xargs -0r %__gzip -9nf
+rm %{buildroot}%{_mandir}/man1/slogin.1 && \
+ ln -s %{_mandir}/man1/ssh.1.gz \
+ %{buildroot}%{_mandir}/man1/slogin.1.gz
%Clean
-%{rmDESTDIR}
-
+#%{rmDESTDIR}
+[ %{buildroot} != "/" ] && rm -rf %{buildroot}
%Post
# Generate host key when none is present to get up and running,
/usr/sbin/ssh-host-keygen
: # to protect the rpm database
+%pre server
+%{_sbindir}/groupadd -g %{sshd_gid} sshd 2>/dev/null || :
+%{_sbindir}/useradd -d /var/empty/sshd -s /bin/false -u %{sshd_uid} \
+ -c "SSH Daemon virtual user" -g sshd sshd 2>/dev/null || :
+: # to protect the rpm database
%Post server
if [ -x %{LSBinit}-install ]; then
: # to protect the rpm database
-%Files -f files-%{Name}-base
+%Files
%defattr(-,root,root)
-
-
-%Files server -f files-%{Name}-server
+%dir %{_sysconfdir}
+%config %{_sysconfdir}/ssh_config
+%{_bindir}/*
+%dir %{_libexecdir}
+%{_sbindir}/ssh-host-keygen
+%dir %{_defaultdocdir}/%{name}-%{version}
+%{_defaultdocdir}/%{name}-%{version}/CREDITS
+%{_defaultdocdir}/%{name}-%{version}/ChangeLog
+%{_defaultdocdir}/%{name}-%{version}/LICENCE
+%{_defaultdocdir}/%{name}-%{version}/OVERVIEW
+%{_defaultdocdir}/%{name}-%{version}/README*
+%{_defaultdocdir}/%{name}-%{version}/TODO
+%{_defaultdocdir}/%{name}-%{version}/faq.html
+%{_mandir}/man1/*
+
+%Files server
%defattr(-,root,root)
-
-
-%Files askpass -f files-%{Name}-askpass
+%dir %attr(0700,root,root) %{_var}/empty/sshd
+%config %{SVIdir}/sshd
+%config /etc/pam.d/sshd
+%config %{_sysconfdir}/moduli
+%config %{_sysconfdir}/sshd_config
+%config %{SVIcdir}/sshd
+%{_libexecdir}/sftp-server
+%{_sbindir}/sshd
+%{_mandir}/man8/sftp-server.8.gz
+%{_mandir}/man8/sshd.8.gz
+
+%Files askpass
%defattr(-,root,root)
-
-
-%Description
-OpenSSH (Secure Shell) provides access to a remote system. It replaces
-telnet, rlogin, rexec, and rsh, and provides secure encrypted
-communications between two untrusted hosts over an insecure network.
-X11 connections and arbitrary TCP/IP ports can also be forwarded over
-the secure channel.
-
-%Description server
-This package installs the sshd, the server portion of OpenSSH.
-
-%Description askpass
-This package contains an X11-based pass-phrase dialog used per
-default by ssh-add(1). It is based on %{askpass}
-by Jim Knoble <jmknoble@pobox.com>.
+%{_libexecdir}/ssh-askpass
+%{_libexecdir}/x11-ssh-askpass
+%{_defaultdocdir}/%{name}-%{version}/%{askpass}
+
%ChangeLog
* Mon Jan 01 1998 ...
+Template Version: 1.31
$Id$
-%define ver 3.3p1
+%define ver 3.4p1
%define rel 1
# OpenSSH privilege separation requires a user & group ID
%if ! %{no_gnome_askpass}
BuildPreReq: gnome-libs-devel
%endif
+%if %{kerberos5}
+BuildPreReq: krb5-devel
+BuildPreReq: krb5-libs
+%endif
%package clients
Summary: OpenSSH clients.
Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation
Name: openssh
-Version: 3.3p1
+Version: 3.4p1
URL: http://www.openssh.com/
Release: 1
Source0: openssh-%{version}.tar.gz
# define _PATH_MAILDIR MAILDIR
#endif /* !defined(_PATH_MAILDIR) && defined(MAILDIR) */
-#ifndef _PATH_RSH
-# ifdef RSH_PATH
-# define _PATH_RSH RSH_PATH
-# else /* RSH_PATH */
-# define _PATH_RSH "/usr/bin/rsh"
-# endif /* RSH_PATH */
-#endif /* _PATH_RSH */
-
#ifndef _PATH_NOLOGIN
# define _PATH_NOLOGIN "/etc/nologin"
#endif
#endif
#ifndef HAVE_GETOPT_OPTRESET
-#define getopt(ac, av, o) BSDgetopt(ac, av, o)
+# undef getopt
+# undef opterr
+# undef optind
+# undef optopt
+# undef optreset
+# undef optarg
+# define getopt(ac, av, o) BSDgetopt(ac, av, o)
+# define opterr BSDopterr
+# define optind BSDoptind
+# define optopt BSDoptopt
+# define optreset BSDoptreset
+# define optarg BSDoptarg
#endif
/* In older versions of libpam, pam_strerror takes a single argument */
*/
#include "includes.h"
-RCSID("$OpenBSD: kex.c,v 1.50 2002/05/15 15:47:49 mouring Exp $");
+RCSID("$OpenBSD: kex.c,v 1.51 2002/06/24 14:55:38 markus Exp $");
#include <openssl/crypto.h>
packet_get_char();
for (i = 0; i < PROPOSAL_MAX; i++)
xfree(packet_get_string(NULL));
- packet_get_char();
- packet_get_int();
+ (void) packet_get_char();
+ (void) packet_get_int();
packet_check_eom();
kex_kexinit_finish(kex);
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
-RCSID("$OpenBSD: key.c,v 1.44 2002/05/31 13:16:48 markus Exp $");
+RCSID("$OpenBSD: key.c,v 1.45 2002/06/23 03:26:19 deraadt Exp $");
#include <openssl/evp.h>
}
return k;
}
+
Key *
key_new_private(int type)
{
}
return k;
}
+
void
key_free(Key *k)
{
*cpp = cp;
return 1;
}
+
static int
write_bignum(FILE *f, BIGNUM *num)
{
}
return success;
}
+
int
key_write(Key *key, FILE *f)
{
}
return success;
}
+
char *
key_type(Key *k)
{
}
return "unknown";
}
+
char *
key_ssh_name(Key *k)
{
}
return "ssh-unknown";
}
+
u_int
key_size(Key *k)
{
}
/* Converts a private to a public key */
-
Key *
key_demote(Key *k)
{
*/
#include "includes.h"
-RCSID("$OpenBSD: monitor.c,v 1.16 2002/06/21 05:50:51 djm Exp $");
+RCSID("$OpenBSD: monitor.c,v 1.18 2002/06/26 13:20:57 deraadt Exp $");
#include <openssl/dh.h>
{MONITOR_REQ_KEYALLOWED, MON_ISAUTH, mm_answer_keyallowed},
{MONITOR_REQ_RSACHALLENGE, MON_ONCE, mm_answer_rsa_challenge},
{MONITOR_REQ_RSARESPONSE, MON_ONCE|MON_AUTHDECIDE, mm_answer_rsa_response},
-#ifdef USE_PAM
- {MONITOR_REQ_PAM_START, MON_ONCE, mm_answer_pam_start},
-#endif
#ifdef BSD_AUTH
{MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery},
{MONITOR_REQ_BSDAUTHRESPOND, MON_AUTH,mm_answer_bsdauthrespond},
xfree(signature);
xfree(data);
+ auth_method = key_blobtype == MM_USERKEY ? "publickey" : "hostbased";
+
monitor_reset_key_state();
buffer_clear(m);
buffer_put_int(m, verified);
mm_request_send(socket, MONITOR_ANS_KEYVERIFY, m);
- auth_method = key_blobtype == MM_USERKEY ? "publickey" : "hostbased";
-
return (verified);
}
void *
mm_zalloc(struct mm_master *mm, u_int ncount, u_int size)
{
+ int len = size * ncount;
void *address;
- address = mm_malloc(mm, size * ncount);
+ if (len <= 0)
+ fatal("%s: mm_zalloc(%u, %u)", __func__, ncount, size);
+
+ address = mm_malloc(mm, len);
return (address);
}
-/* $OpenBSD: monitor_fdpass.h,v 1.2 2002/03/26 03:24:01 stevesk Exp $ */
+/* $OpenBSD: monitor_fdpass.h,v 1.2 2002/03/26 03:24:01 stevesk Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
*/
mm->mmalloc = mmalloc;
-#if defined(HAVE_MMAP) && defined(MAP_ANON)
+#ifdef HAVE_MMAP_ANON_SHARED
address = mmap(NULL, size, PROT_WRITE|PROT_READ, MAP_ANON|MAP_SHARED,
-1, 0);
if (address == MAP_FAILED)
fatal("mmap(%lu): %s", (u_long)size, strerror(errno));
#else
- fatal("%s: UsePrivilegeSeparation=yes not supported",
+ fatal("%s: UsePrivilegeSeparation=yes and Compression=yes not supported",
__func__);
#endif
mm_freelist(mm->mmalloc, &mm->rb_free);
mm_freelist(mm->mmalloc, &mm->rb_allocated);
-#ifdef HAVE_MMAP
+#ifdef HAVE_MMAP_ANON_SHARED
if (munmap(mm->address, mm->size) == -1)
fatal("munmap(%p, %lu): %s", mm->address, (u_long)mm->size,
strerror(errno));
#else
- fatal("%s: UsePrivilegeSeparation=yes not supported",
+ fatal("%s: UsePrivilegeSeparation=yes and Compression=yes not supported",
__func__);
#endif
if (mm->mmalloc == NULL)
-/* $OpenBSD: monitor_mm.h,v 1.2 2002/03/26 03:24:01 stevesk Exp $ */
+/* $OpenBSD: monitor_mm.h,v 1.2 2002/03/26 03:24:01 stevesk Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
-RCSID("$OpenBSD: msg.c,v 1.2 2002/06/19 00:27:55 deraadt Exp $");
+RCSID("$OpenBSD: msg.c,v 1.3 2002/06/24 15:49:22 itojun Exp $");
#include "buffer.h"
#include "getput.h"
u_char buf[5];
u_int mlen = buffer_len(m);
- debug3("msg_send: type %d", type);
+ debug3("msg_send: type %u", (unsigned int)type & 0xff);
PUT_32BIT(buf, mlen + 1);
buf[4] = type; /* 1st byte of payload is mesg-type */
if (res != sizeof(buf)) {
if (res == 0)
return -1;
- fatal("msg_recv: read: header %d", res);
+ fatal("msg_recv: read: header %ld", (long)res);
}
msg_len = GET_32BIT(buf);
if (msg_len > 256 * 1024)
#include <stdlib.h>
#include <string.h>
-int opterr = 1, /* if error message should be printed */
- optind = 1, /* index into parent argv vector */
- optopt, /* character checked for validity */
- optreset; /* reset getopt */
-char *optarg; /* argument associated with option */
+int BSDopterr = 1, /* if error message should be printed */
+ BSDoptind = 1, /* index into parent argv vector */
+ BSDoptopt, /* character checked for validity */
+ BSDoptreset; /* reset getopt */
+char *BSDoptarg; /* argument associated with option */
#define BADCH (int)'?'
#define BADARG (int)':'
static char *place = EMSG; /* option letter processing */
char *oli; /* option letter list index */
- if (optreset || !*place) { /* update scanning pointer */
- optreset = 0;
- if (optind >= nargc || *(place = nargv[optind]) != '-') {
+ if (BSDoptreset || !*place) { /* update scanning pointer */
+ BSDoptreset = 0;
+ if (BSDoptind >= nargc || *(place = nargv[BSDoptind]) != '-') {
place = EMSG;
return (-1);
}
if (place[1] && *++place == '-') { /* found "--" */
- ++optind;
+ ++BSDoptind;
place = EMSG;
return (-1);
}
} /* option letter okay? */
- if ((optopt = (int)*place++) == (int)':' ||
- !(oli = strchr(ostr, optopt))) {
+ if ((BSDoptopt = (int)*place++) == (int)':' ||
+ !(oli = strchr(ostr, BSDoptopt))) {
/*
* if the user didn't specify '-' as an option,
* assume it means -1.
*/
- if (optopt == (int)'-')
+ if (BSDoptopt == (int)'-')
return (-1);
if (!*place)
- ++optind;
- if (opterr && *ostr != ':')
+ ++BSDoptind;
+ if (BSDopterr && *ostr != ':')
(void)fprintf(stderr,
- "%s: illegal option -- %c\n", __progname, optopt);
+ "%s: illegal option -- %c\n", __progname, BSDoptopt);
return (BADCH);
}
if (*++oli != ':') { /* don't need argument */
- optarg = NULL;
+ BSDoptarg = NULL;
if (!*place)
- ++optind;
+ ++BSDoptind;
}
else { /* need an argument */
if (*place) /* no white space */
- optarg = place;
- else if (nargc <= ++optind) { /* no arg */
+ BSDoptarg = place;
+ else if (nargc <= ++BSDoptind) { /* no arg */
place = EMSG;
if (*ostr == ':')
return (BADARG);
- if (opterr)
+ if (BSDopterr)
(void)fprintf(stderr,
"%s: option requires an argument -- %c\n",
- __progname, optopt);
+ __progname, BSDoptopt);
return (BADCH);
}
else /* white space */
- optarg = nargv[optind];
+ BSDoptarg = nargv[BSDoptind];
place = EMSG;
- ++optind;
+ ++BSDoptind;
}
- return (optopt); /* dump back option letter */
+ return (BSDoptopt); /* dump back option letter */
}
#endif /* !defined(HAVE_GETOPT) || !defined(HAVE_OPTRESET) */
*/
#include "includes.h"
-RCSID("$OpenBSD: packet.c,v 1.95 2002/06/19 18:01:00 markus Exp $");
+RCSID("$OpenBSD: packet.c,v 1.96 2002/06/23 21:10:02 deraadt Exp $");
#include "xmalloc.h"
#include "buffer.h"
int
packet_read_poll_seqnr(u_int32_t *seqnr_p)
{
- int reason, seqnr;
+ u_int reason, seqnr;
u_char type;
char *msg;
case SSH2_MSG_DISCONNECT:
reason = packet_get_int();
msg = packet_get_string(NULL);
- log("Received disconnect from %s: %d: %.400s", get_remote_ipaddr(),
- reason, msg);
+ log("Received disconnect from %s: %u: %.400s",
+ get_remote_ipaddr(), reason, msg);
xfree(msg);
fatal_cleanup();
break;
case SSH2_MSG_UNIMPLEMENTED:
seqnr = packet_get_int();
- debug("Received SSH2_MSG_UNIMPLEMENTED for %d", seqnr);
+ debug("Received SSH2_MSG_UNIMPLEMENTED for %u",
+ seqnr);
break;
default:
return type;
break;
case SSH_MSG_DISCONNECT:
msg = packet_get_string(NULL);
- log("Received disconnect from %s: %.400s", get_remote_ipaddr(),
- msg);
+ log("Received disconnect from %s: %.400s",
+ get_remote_ipaddr(), msg);
fatal_cleanup();
xfree(msg);
break;
#include "includes.h"
#if defined(SMARTCARD) && defined(USE_SECTOK)
-RCSID("$OpenBSD: scard.c,v 1.25 2002/03/26 18:46:59 rees Exp $");
+RCSID("$OpenBSD: scard.c,v 1.26 2002/06/23 03:30:17 deraadt Exp $");
#include <openssl/evp.h>
#include <sectok.h>
status = 0;
p = key_fingerprint(k, SSH_FP_MD5, SSH_FP_HEX);
- debug("fingerprint %d %s", key_size(k), p);
+ debug("fingerprint %u %s", key_size(k), p);
xfree(p);
err:
.\"
.\" Created: Sun May 7 00:14:37 1995 ylo
.\"
-.\" $OpenBSD: scp.1,v 1.22 2002/06/20 20:00:05 stevesk Exp $
+.\" $OpenBSD: scp.1,v 1.23 2002/06/22 16:41:57 stevesk Exp $
.\"
.Dd September 25, 1999
.Dt SCP 1
.Xr ssh-add 1 ,
.Xr ssh-agent 1 ,
.Xr ssh-keygen 1 ,
-.Xr ssh_config 5
+.Xr ssh_config 5 ,
.Xr sshd 8
*/
#include "includes.h"
-RCSID("$OpenBSD: servconf.c,v 1.111 2002/06/20 23:05:55 markus Exp $");
+RCSID("$OpenBSD: servconf.c,v 1.112 2002/06/23 09:46:51 deraadt Exp $");
#if defined(KRB4)
#include <krb.h>
if (use_privsep == -1)
use_privsep = 1;
-#if !defined(HAVE_MMAP) || !defined(MAP_ANON)
+#if !defined(HAVE_MMAP_ANON_SHARED)
if (use_privsep && options->compression == 1) {
error("This platform does not support both privilege "
"separation and compression");
hints.ai_family = IPv4or6;
hints.ai_socktype = SOCK_STREAM;
hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0;
- snprintf(strport, sizeof strport, "%d", port);
+ snprintf(strport, sizeof strport, "%u", port);
if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0)
fatal("bad addr or host: %s (%s)",
addr ? addr : "<NULL>",
const char *filename, int linenum)
{
char *cp, **charptr, *arg, *p;
- int *intptr, value;
+ int *intptr, value, i, n;
ServerOpCodes opcode;
- int i, n;
cp = line;
arg = strdelim(&cp);
if (options->num_allow_users >= MAX_ALLOW_USERS)
fatal("%s line %d: too many allow users.",
filename, linenum);
- options->allow_users[options->num_allow_users++] = xstrdup(arg);
+ options->allow_users[options->num_allow_users++] =
+ xstrdup(arg);
}
break;
if (options->num_deny_users >= MAX_DENY_USERS)
fatal( "%s line %d: too many deny users.",
filename, linenum);
- options->deny_users[options->num_deny_users++] = xstrdup(arg);
+ options->deny_users[options->num_deny_users++] =
+ xstrdup(arg);
}
break;
if (options->num_allow_groups >= MAX_ALLOW_GROUPS)
fatal("%s line %d: too many allow groups.",
filename, linenum);
- options->allow_groups[options->num_allow_groups++] = xstrdup(arg);
+ options->allow_groups[options->num_allow_groups++] =
+ xstrdup(arg);
}
break;
void
read_server_config(ServerOptions *options, const char *filename)
{
- FILE *f;
+ int linenum, bad_options = 0;
char line[1024];
- int linenum;
- int bad_options = 0;
+ FILE *f;
f = fopen(filename, "r");
if (!f) {
*/
#include "includes.h"
-RCSID("$OpenBSD: serverloop.c,v 1.102 2002/06/11 05:46:20 mpech Exp $");
+RCSID("$OpenBSD: serverloop.c,v 1.103 2002/06/24 14:33:27 markus Exp $");
#include "xmalloc.h"
#include "packet.h"
{
Channel *c = NULL;
char *ctype;
- u_int len;
int rchan;
- int rmaxpack;
- int rwindow;
+ u_int rmaxpack, rwindow, len;
ctype = packet_get_string(&len);
rchan = packet_get_int();
*/
#include "includes.h"
-RCSID("$OpenBSD: session.c,v 1.138 2002/06/20 23:05:55 markus Exp $");
+RCSID("$OpenBSD: session.c,v 1.142 2002/06/26 13:49:26 deraadt Exp $");
#include "ssh.h"
#include "ssh1.h"
Session *s;
char *command;
int success, type, screen_flag;
- int compression_level = 0, enable_compression_after_reply = 0;
- u_int proto_len, data_len, dlen;
+ int enable_compression_after_reply = 0;
+ u_int proto_len, data_len, dlen, compression_level = 0;
s = session_new();
s->authctxt = authctxt;
} else {
/* New variable. Expand if necessary. */
if (i >= (*envsizep) - 1) {
+ if (*envsizep >= 1000)
+ fatal("child_set_env: too many env vars,"
+ " skipping: %.100s", name);
(*envsizep) += 50;
env = (*envp) = xrealloc(env, (*envsizep) * sizeof(char *));
}
FILE *f;
char buf[4096];
char *cp, *value;
+ u_int lineno = 0;
f = fopen(filename, "r");
if (!f)
return;
while (fgets(buf, sizeof(buf), f)) {
+ if (++lineno > 1000)
+ fatal("Too many lines in environment file %s", filename);
for (cp = buf; *cp == ' ' || *cp == '\t'; cp++)
;
if (!*cp || *cp == '#' || *cp == '\n')
*strchr(cp, '\n') = '\0';
value = strchr(cp, '=');
if (value == NULL) {
- fprintf(stderr, "Bad line in %.100s: %.200s\n", filename, buf);
+ fprintf(stderr, "Bad line %u in %.100s\n", lineno,
+ filename);
continue;
}
/*
void
do_setusercontext(struct passwd *pw)
{
+ char tty='\0';
+
#ifdef HAVE_CYGWIN
if (is_winnt) {
#else /* HAVE_CYGWIN */
setpcred(pw->pw_name);
#endif /* HAVE_SETPCRED */
#ifdef HAVE_LOGIN_CAP
+#ifdef __bsdi__
+ setpgid(0, 0);
+#endif
if (setusercontext(lc, pw, pw->pw_uid,
(LOGIN_SETALL & ~LOGIN_SETPATH)) < 0) {
perror("unable to set user context");
# if defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY)
irix_setusercontext(pw);
# endif /* defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) */
+# ifdef _AIX
+ /* XXX: Disable tty setting. Enabled if required later */
+ aix_usrinfo(pw, &tty, -1);
+# endif /* _AIX */
/* Permanently switch to the desired uid. */
permanently_set_uid(pw);
#endif
do_motd();
#else /* HAVE_OSF_SIA */
do_nologin(pw);
-# ifdef _AIX
- aix_usrinfo(pw, s->tty, s->ttyfd);
-# endif /* _AIX */
do_setusercontext(pw);
#endif /* HAVE_OSF_SIA */
}
debug("X11 display already set.");
return 0;
}
- s->display_number = x11_create_display_inet(options.x11_display_offset,
- options.x11_use_localhost, s->single_connection);
- if (s->display_number == -1) {
+ if (x11_create_display_inet(options.x11_display_offset,
+ options.x11_use_localhost, s->single_connection,
+ &s->display_number) == -1) {
debug("x11_create_display_inet failed.");
return 0;
}
* different than the DISPLAY string for localhost displays.
*/
if (options.x11_use_localhost) {
- snprintf(display, sizeof display, "localhost:%d.%d",
+ snprintf(display, sizeof display, "localhost:%u.%u",
s->display_number, s->screen);
- snprintf(auth_display, sizeof auth_display, "unix:%d.%d",
+ snprintf(auth_display, sizeof auth_display, "unix:%u.%u",
s->display_number, s->screen);
s->display = xstrdup(display);
s->auth_display = xstrdup(auth_display);
return 0;
}
memcpy(&my_addr, he->h_addr_list[0], sizeof(struct in_addr));
- snprintf(display, sizeof display, "%.50s:%d.%d", inet_ntoa(my_addr),
+ snprintf(display, sizeof display, "%.50s:%u.%u", inet_ntoa(my_addr),
s->display_number, s->screen);
#else
- snprintf(display, sizeof display, "%.400s:%d.%d", hostname,
+ snprintf(display, sizeof display, "%.400s:%u.%u", hostname,
s->display_number, s->screen);
#endif
s->display = xstrdup(display);
-/* $OpenBSD: session.h,v 1.17 2002/03/29 18:59:32 markus Exp $ */
+/* $OpenBSD: session.h,v 1.18 2002/06/23 21:06:41 deraadt Exp $ */
/*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
/* tty */
char *term;
int ptyfd, ttyfd, ptymaster;
- int row, col, xpixel, ypixel;
+ u_int row, col, xpixel, ypixel;
char tty[TTYSZ];
/* last login */
char hostname[MAXHOSTNAMELEN];
time_t last_login_time;
/* X11 */
- int display_number;
+ u_int display_number;
char *display;
- int screen;
+ u_int screen;
char *auth_display;
char *auth_proto;
char *auth_data;
/* XXX: copy between two remote sites */
#include "includes.h"
-RCSID("$OpenBSD: sftp-client.c,v 1.32 2002/06/09 13:32:01 markus Exp $");
+RCSID("$OpenBSD: sftp-client.c,v 1.33 2002/06/23 09:30:14 deraadt Exp $");
#include "openbsd-compat/fake-queue.h"
msg_len = GET_32BIT(buf);
if (msg_len > 256 * 1024)
- fatal("Received message too long %d", msg_len);
+ fatal("Received message too long %u", msg_len);
while (msg_len) {
len = atomicio(read, fd, buf, MIN(msg_len, sizeof(buf)));
buffer_put_int(&msg, id);
buffer_put_string(&msg, s, len);
send_msg(fd, &msg);
- debug3("Sent message fd %d T:%d I:%d", fd, code, id);
+ debug3("Sent message fd %d T:%u I:%u", fd, code, id);
buffer_free(&msg);
}
buffer_put_string(&msg, s, len);
encode_attrib(&msg, a);
send_msg(fd, &msg);
- debug3("Sent message fd %d T:%d I:%d", fd, code, id);
+ debug3("Sent message fd %d T:%u I:%u", fd, code, id);
buffer_free(&msg);
}
static u_int
-get_status(int fd, int expected_id)
+get_status(int fd, u_int expected_id)
{
Buffer msg;
u_int type, id, status;
id = buffer_get_int(&msg);
if (id != expected_id)
- fatal("ID mismatch (%d != %d)", id, expected_id);
+ fatal("ID mismatch (%u != %u)", id, expected_id);
if (type != SSH2_FXP_STATUS)
- fatal("Expected SSH2_FXP_STATUS(%d) packet, got %d",
+ fatal("Expected SSH2_FXP_STATUS(%u) packet, got %u",
SSH2_FXP_STATUS, type);
status = buffer_get_int(&msg);
buffer_free(&msg);
- debug3("SSH2_FXP_STATUS %d", status);
+ debug3("SSH2_FXP_STATUS %u", status);
return(status);
}
id = buffer_get_int(&msg);
if (id != expected_id)
- fatal("ID mismatch (%d != %d)", id, expected_id);
+ fatal("ID mismatch (%u != %u)", id, expected_id);
if (type == SSH2_FXP_STATUS) {
int status = buffer_get_int(&msg);
error("Couldn't get handle: %s", fx2txt(status));
return(NULL);
} else if (type != SSH2_FXP_HANDLE)
- fatal("Expected SSH2_FXP_HANDLE(%d) packet, got %d",
+ fatal("Expected SSH2_FXP_HANDLE(%u) packet, got %u",
SSH2_FXP_HANDLE, type);
handle = buffer_get_string(&msg, len);
type = buffer_get_char(&msg);
id = buffer_get_int(&msg);
- debug3("Received stat reply T:%d I:%d", type, id);
+ debug3("Received stat reply T:%u I:%u", type, id);
if (id != expected_id)
- fatal("ID mismatch (%d != %d)", id, expected_id);
+ fatal("ID mismatch (%u != %u)", id, expected_id);
if (type == SSH2_FXP_STATUS) {
int status = buffer_get_int(&msg);
error("Couldn't stat remote file: %s", fx2txt(status));
return(NULL);
} else if (type != SSH2_FXP_ATTRS) {
- fatal("Expected SSH2_FXP_ATTRS(%d) packet, got %d",
+ fatal("Expected SSH2_FXP_ATTRS(%u) packet, got %u",
SSH2_FXP_ATTRS, type);
}
a = decode_attrib(&msg);
struct sftp_conn *
do_init(int fd_in, int fd_out, u_int transfer_buflen, u_int num_requests)
{
- int type, version;
+ u_int type;
+ int version;
Buffer msg;
struct sftp_conn *ret;
/* Expecting a VERSION reply */
if ((type = buffer_get_char(&msg)) != SSH2_FXP_VERSION) {
- error("Invalid packet back from SSH2_FXP_INIT (type %d)",
+ error("Invalid packet back from SSH2_FXP_INIT (type %u)",
type);
buffer_free(&msg);
return(NULL);
buffer_put_int(&msg, id);
buffer_put_string(&msg, handle, handle_len);
send_msg(conn->fd_out, &msg);
- debug3("Sent message SSH2_FXP_CLOSE I:%d", id);
+ debug3("Sent message SSH2_FXP_CLOSE I:%u", id);
status = get_status(conn->fd_in, id);
if (status != SSH2_FX_OK)
id = expected_id = conn->msg_id++;
- debug3("Sending SSH2_FXP_READDIR I:%d", id);
+ debug3("Sending SSH2_FXP_READDIR I:%u", id);
buffer_clear(&msg);
buffer_put_char(&msg, SSH2_FXP_READDIR);
type = buffer_get_char(&msg);
id = buffer_get_int(&msg);
- debug3("Received reply T:%d I:%d", type, id);
+ debug3("Received reply T:%u I:%u", type, id);
if (id != expected_id)
- fatal("ID mismatch (%d != %d)", id, expected_id);
+ fatal("ID mismatch (%u != %u)", id, expected_id);
if (type == SSH2_FXP_STATUS) {
int status = buffer_get_int(&msg);
return(status);
}
} else if (type != SSH2_FXP_NAME)
- fatal("Expected SSH2_FXP_NAME(%d) packet, got %d",
+ fatal("Expected SSH2_FXP_NAME(%u) packet, got %u",
SSH2_FXP_NAME, type);
count = buffer_get_int(&msg);
id = buffer_get_int(&msg);
if (id != expected_id)
- fatal("ID mismatch (%d != %d)", id, expected_id);
+ fatal("ID mismatch (%u != %u)", id, expected_id);
if (type == SSH2_FXP_STATUS) {
u_int status = buffer_get_int(&msg);
error("Couldn't canonicalise: %s", fx2txt(status));
return(NULL);
} else if (type != SSH2_FXP_NAME)
- fatal("Expected SSH2_FXP_NAME(%d) packet, got %d",
+ fatal("Expected SSH2_FXP_NAME(%u) packet, got %u",
SSH2_FXP_NAME, type);
count = buffer_get_int(&msg);
id = buffer_get_int(&msg);
if (id != expected_id)
- fatal("ID mismatch (%d != %d)", id, expected_id);
+ fatal("ID mismatch (%u != %u)", id, expected_id);
if (type == SSH2_FXP_STATUS) {
u_int status = buffer_get_int(&msg);
error("Couldn't readlink: %s", fx2txt(status));
return(NULL);
} else if (type != SSH2_FXP_NAME)
- fatal("Expected SSH2_FXP_NAME(%d) packet, got %d",
+ fatal("Expected SSH2_FXP_NAME(%u) packet, got %u",
SSH2_FXP_NAME, type);
count = buffer_get_int(&msg);
attrib_clear(&junk); /* Send empty attributes */
encode_attrib(&msg, &junk);
send_msg(conn->fd_out, &msg);
- debug3("Sent message SSH2_FXP_OPEN I:%d P:%s", id, remote_path);
+ debug3("Sent message SSH2_FXP_OPEN I:%u P:%s", id, remote_path);
handle = get_handle(conn->fd_in, id, &handle_len);
if (handle == NULL) {
get_msg(conn->fd_in, &msg);
type = buffer_get_char(&msg);
id = buffer_get_int(&msg);
- debug3("Received reply T:%d I:%d R:%d", type, id, max_req);
+ debug3("Received reply T:%u I:%u R:%d", type, id, max_req);
/* Find the request in our queue */
for(req = TAILQ_FIRST(&requests);
(unsigned long long)req->offset + len - 1);
if (len > req->len)
fatal("Received more data than asked for "
- "%d > %d", len, req->len);
+ "%u > %u", len, req->len);
if ((lseek(local_fd, req->offset, SEEK_SET) == -1 ||
atomicio(write, local_fd, data, len) != len) &&
!write_error) {
}
break;
default:
- fatal("Expected SSH2_FXP_DATA(%d) packet, got %d",
+ fatal("Expected SSH2_FXP_DATA(%u) packet, got %u",
SSH2_FXP_DATA, type);
}
}
buffer_put_int(&msg, SSH2_FXF_WRITE|SSH2_FXF_CREAT|SSH2_FXF_TRUNC);
encode_attrib(&msg, &a);
send_msg(conn->fd_out, &msg);
- debug3("Sent message SSH2_FXP_OPEN I:%d P:%s", id, remote_path);
+ debug3("Sent message SSH2_FXP_OPEN I:%u P:%s", id, remote_path);
buffer_clear(&msg);
buffer_put_int64(&msg, offset);
buffer_put_string(&msg, data, len);
send_msg(conn->fd_out, &msg);
- debug3("Sent message SSH2_FXP_WRITE I:%d O:%llu S:%u",
+ debug3("Sent message SSH2_FXP_WRITE I:%u O:%llu S:%u",
id, (unsigned long long)offset, len);
} else if (TAILQ_FIRST(&acks) == NULL)
break;
ack = TAILQ_NEXT(ack, tq))
;
if (ack == NULL)
- fatal("Can't find request for ID %d", r_id);
+ fatal("Can't find request for ID %u", r_id);
TAILQ_REMOVE(&acks, ack, tq);
if (status != SSH2_FX_OK) {
close(local_fd);
goto done;
}
- debug3("In write loop, ack for %u %d bytes at %llu",
+ debug3("In write loop, ack for %u %u bytes at %llu",
ack->id, ack->len, (unsigned long long)ack->offset);
++ackid;
free(ack);
-/* $OpenBSD: sftp-client.h,v 1.9 2002/02/13 00:59:23 djm Exp $ */
+/* $OpenBSD: sftp-client.h,v 1.10 2002/06/23 09:30:14 deraadt Exp $ */
/*
* Copyright (c) 2001,2002 Damien Miller. All rights reserved.
* Initialiase a SSH filexfer connection. Returns -1 on error or
* protocol version on success.
*/
-struct sftp_conn *
-do_init(int, int, u_int, u_int);
+struct sftp_conn *do_init(int, int, u_int, u_int);
-u_int
-sftp_proto_version(struct sftp_conn *);
+u_int sftp_proto_version(struct sftp_conn *);
/* Close file referred to by 'handle' */
int do_close(struct sftp_conn *, char *, u_int);
*/
#include "includes.h"
-RCSID("$OpenBSD: sftp-common.c,v 1.5 2001/12/02 02:08:32 deraadt Exp $");
+RCSID("$OpenBSD: sftp-common.c,v 1.6 2002/06/23 09:30:14 deraadt Exp $");
#include "buffer.h"
#include "bufaux.h"
decode_attrib(Buffer *b)
{
static Attrib a;
+
attrib_clear(&a);
a.flags = buffer_get_int(b);
if (a.flags & SSH2_FILEXFER_ATTR_SIZE)
if (a.flags & SSH2_FILEXFER_ATTR_EXTENDED) {
char *type, *data;
int i, count;
+
count = buffer_get_int(b);
for (i = 0; i < count; i++) {
type = buffer_get_string(b, NULL);
/* XXX: recursive operations */
#include "includes.h"
-RCSID("$OpenBSD: sftp-int.c,v 1.46 2002/03/30 18:51:15 markus Exp $");
+RCSID("$OpenBSD: sftp-int.c,v 1.47 2002/06/23 09:30:14 deraadt Exp $");
#include "buffer.h"
#include "xmalloc.h"
help();
break;
case I_VERSION:
- printf("SFTP protocol version %d\n", sftp_proto_version(conn));
+ printf("SFTP protocol version %u\n", sftp_proto_version(conn));
break;
default:
fatal("%d is not implemented", cmdnum);
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
-RCSID("$OpenBSD: sftp-server.c,v 1.35 2002/06/06 17:30:11 markus Exp $");
+RCSID("$OpenBSD: sftp-server.c,v 1.37 2002/06/24 17:57:20 deraadt Exp $");
#include "buffer.h"
#include "bufaux.h"
"Unknown error" /* Others */
};
- TRACE("sent status id %d error %d", id, error);
+ TRACE("sent status id %u error %u", id, error);
buffer_init(&msg);
buffer_put_char(&msg, SSH2_FXP_STATUS);
buffer_put_int(&msg, id);
static void
send_data(u_int32_t id, char *data, int dlen)
{
- TRACE("sent data id %d len %d", id, dlen);
+ TRACE("sent data id %u len %d", id, dlen);
send_data_or_handle(SSH2_FXP_DATA, id, data, dlen);
}
int hlen;
handle_to_string(handle, &string, &hlen);
- TRACE("sent handle id %d handle %d", id, handle);
+ TRACE("sent handle id %u handle %d", id, handle);
send_data_or_handle(SSH2_FXP_HANDLE, id, string, hlen);
xfree(string);
}
buffer_put_char(&msg, SSH2_FXP_NAME);
buffer_put_int(&msg, id);
buffer_put_int(&msg, count);
- TRACE("sent names id %d count %d", id, count);
+ TRACE("sent names id %u count %d", id, count);
for (i = 0; i < count; i++) {
buffer_put_cstring(&msg, stats[i].name);
buffer_put_cstring(&msg, stats[i].long_name);
{
Buffer msg;
- TRACE("sent attrib id %d have 0x%x", id, a->flags);
+ TRACE("sent attrib id %u have 0x%x", id, a->flags);
buffer_init(&msg);
buffer_put_char(&msg, SSH2_FXP_ATTRS);
buffer_put_int(&msg, id);
a = get_attrib();
flags = flags_from_portable(pflags);
mode = (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ? a->perm : 0666;
- TRACE("open id %d name %s flags %d mode 0%o", id, name, pflags, mode);
+ TRACE("open id %u name %s flags %d mode 0%o", id, name, pflags, mode);
fd = open(name, flags, mode);
if (fd < 0) {
status = errno_to_portable(errno);
id = get_int();
handle = get_handle();
- TRACE("close id %d handle %d", id, handle);
+ TRACE("close id %u handle %d", id, handle);
ret = handle_close(handle);
status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
send_status(id, status);
off = get_int64();
len = get_int();
- TRACE("read id %d handle %d off %llu len %d", id, handle,
+ TRACE("read id %u handle %d off %llu len %d", id, handle,
(u_int64_t)off, len);
if (len > sizeof buf) {
len = sizeof buf;
off = get_int64();
data = get_string(&len);
- TRACE("write id %d handle %d off %llu len %d", id, handle,
+ TRACE("write id %u handle %d off %llu len %d", id, handle,
(u_int64_t)off, len);
fd = handle_to_fd(handle);
if (fd >= 0) {
id = get_int();
name = get_string(NULL);
- TRACE("%sstat id %d name %s", do_lstat ? "l" : "", id, name);
+ TRACE("%sstat id %u name %s", do_lstat ? "l" : "", id, name);
ret = do_lstat ? lstat(name, &st) : stat(name, &st);
if (ret < 0) {
status = errno_to_portable(errno);
id = get_int();
handle = get_handle();
- TRACE("fstat id %d handle %d", id, handle);
+ TRACE("fstat id %u handle %d", id, handle);
fd = handle_to_fd(handle);
if (fd >= 0) {
ret = fstat(fd, &st);
Attrib *a;
u_int32_t id;
char *name;
- int ret;
- int status = SSH2_FX_OK;
+ int status = SSH2_FX_OK, ret;
id = get_int();
name = get_string(NULL);
a = get_attrib();
- TRACE("setstat id %d name %s", id, name);
+ TRACE("setstat id %u name %s", id, name);
if (a->flags & SSH2_FILEXFER_ATTR_SIZE) {
ret = truncate(name, a->size);
if (ret == -1)
id = get_int();
handle = get_handle();
a = get_attrib();
- TRACE("fsetstat id %d handle %d", id, handle);
+ TRACE("fsetstat id %u handle %d", id, handle);
fd = handle_to_fd(handle);
name = handle_to_name(handle);
if (fd < 0 || name == NULL) {
id = get_int();
path = get_string(NULL);
- TRACE("opendir id %d path %s", id, path);
+ TRACE("opendir id %u path %s", id, path);
dirp = opendir(path);
if (dirp == NULL) {
status = errno_to_portable(errno);
if ((pw = getpwuid(st->st_uid)) != NULL) {
user = pw->pw_name;
} else {
- snprintf(ubuf, sizeof ubuf, "%d", st->st_uid);
+ snprintf(ubuf, sizeof ubuf, "%u", (u_int)st->st_uid);
user = ubuf;
}
if ((gr = getgrgid(st->st_gid)) != NULL) {
group = gr->gr_name;
} else {
- snprintf(gbuf, sizeof gbuf, "%d", st->st_gid);
+ snprintf(gbuf, sizeof gbuf, "%u", (u_int)st->st_gid);
group = gbuf;
}
if (ltime != NULL) {
id = get_int();
handle = get_handle();
- TRACE("readdir id %d handle %d", id, handle);
+ TRACE("readdir id %u handle %d", id, handle);
dirp = handle_to_dir(handle);
path = handle_to_name(handle);
if (dirp == NULL || path == NULL) {
char pathname[1024];
Stat *stats;
int nstats = 10, count = 0, i;
+
stats = xmalloc(nstats * sizeof(Stat));
while ((dp = readdir(dirp)) != NULL) {
if (count >= nstats) {
id = get_int();
name = get_string(NULL);
- TRACE("remove id %d name %s", id, name);
+ TRACE("remove id %u name %s", id, name);
ret = unlink(name);
status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
send_status(id, status);
a = get_attrib();
mode = (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ?
a->perm & 0777 : 0777;
- TRACE("mkdir id %d name %s mode 0%o", id, name, mode);
+ TRACE("mkdir id %u name %s mode 0%o", id, name, mode);
ret = mkdir(name, mode);
status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
send_status(id, status);
id = get_int();
name = get_string(NULL);
- TRACE("rmdir id %d name %s", id, name);
+ TRACE("rmdir id %u name %s", id, name);
ret = rmdir(name);
status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
send_status(id, status);
xfree(path);
path = xstrdup(".");
}
- TRACE("realpath id %d path %s", id, path);
+ TRACE("realpath id %u path %s", id, path);
if (realpath(path, resolvedname) == NULL) {
send_status(id, errno_to_portable(errno));
} else {
id = get_int();
oldpath = get_string(NULL);
newpath = get_string(NULL);
- TRACE("rename id %d old %s new %s", id, oldpath, newpath);
+ TRACE("rename id %u old %s new %s", id, oldpath, newpath);
/* fail if 'newpath' exists */
if (stat(newpath, &st) == -1) {
ret = rename(oldpath, newpath);
id = get_int();
path = get_string(NULL);
- TRACE("readlink id %d path %s", id, path);
+ TRACE("readlink id %u path %s", id, path);
if ((len = readlink(path, link, sizeof(link) - 1)) == -1)
send_status(id, errno_to_portable(errno));
else {
id = get_int();
oldpath = get_string(NULL);
newpath = get_string(NULL);
- TRACE("symlink id %d old %s new %s", id, oldpath, newpath);
+ TRACE("symlink id %u old %s new %s", id, oldpath, newpath);
/* fail if 'newpath' exists */
if (stat(newpath, &st) == -1) {
ret = symlink(oldpath, newpath);
#include "includes.h"
-RCSID("$OpenBSD: sftp.c,v 1.29 2002/04/02 17:37:48 markus Exp $");
+RCSID("$OpenBSD: sftp.c,v 1.30 2002/06/23 09:30:14 deraadt Exp $");
/* XXX: short-form remote directory listings (like 'ls -C') */
connect_to_server(char *path, char **args, int *in, int *out, pid_t *sshpid)
{
int c_in, c_out;
+
#ifdef USE_PIPES
int pin[2], pout[2];
+
if ((pipe(pin) == -1) || (pipe(pout) == -1))
fatal("pipe: %s", strerror(errno));
*in = pin[0];
c_out = pin[1];
#else /* USE_PIPES */
int inout[2];
+
if (socketpair(AF_UNIX, SOCK_STREAM, 0, inout) == -1)
fatal("socketpair: %s", strerror(errno));
*in = *out = inout[0];
-.\" $OpenBSD: ssh-agent.1,v 1.33 2002/06/19 00:27:55 deraadt Exp $
+.\" $OpenBSD: ssh-agent.1,v 1.35 2002/06/24 13:12:23 markus Exp $
.\"
.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
Bind the agent to the unix-domain socket
.Ar bind_address .
The default is
-.Pa /tmp/ssh-XXXXXXXX/agent.<pid> .
+.Pa /tmp/ssh-XXXXXXXX/agent.<ppid> .
.It Fl c
Generate C-shell commands on
.Dv stdout .
.Pp
The
.Ev SSH_AGENT_PID
-environment variable holds the agent's PID.
+environment variable holds the agent's process ID.
.Pp
The agent exits automatically when the command given on the command
line terminates.
Contains the protocol version 2 DSA authentication identity of the user.
.It Pa $HOME/.ssh/id_rsa
Contains the protocol version 2 RSA authentication identity of the user.
-.It Pa /tmp/ssh-XXXXXXXX/agent.<pid>
+.It Pa /tmp/ssh-XXXXXXXX/agent.<ppid>
Unix-domain sockets used to contain the connection to the
authentication agent.
These sockets should only be readable by the owner.
#include "includes.h"
#include "openbsd-compat/fake-queue.h"
-RCSID("$OpenBSD: ssh-agent.c,v 1.95 2002/06/19 00:27:55 deraadt Exp $");
+RCSID("$OpenBSD: ssh-agent.c,v 1.97 2002/06/24 14:55:38 markus Exp $");
#include <openssl/evp.h>
#include <openssl/md5.h>
idtab_init(void)
{
int i;
+
for (i = 0; i <=2; i++) {
TAILQ_INIT(&idtable[i].idlist);
idtable[i].nentries = 0;
process_request_identities(SocketEntry *e, int version)
{
Idtab *tab = idtab_lookup(version);
- Buffer msg;
Identity *id;
+ Buffer msg;
buffer_init(&msg);
buffer_put_char(&msg, (version == 1) ?
static void
process_authentication_challenge1(SocketEntry *e)
{
- Identity *id;
- Key *key;
+ u_char buf[32], mdbuf[16], session_id[16];
+ u_int response_type;
BIGNUM *challenge;
+ Identity *id;
int i, len;
Buffer msg;
MD5_CTX md;
- u_char buf[32], mdbuf[16], session_id[16];
- u_int response_type;
+ Key *key;
buffer_init(&msg);
key = key_new(KEY_RSA1);
if ((challenge = BN_new()) == NULL)
fatal("process_authentication_challenge1: BN_new failed");
- buffer_get_int(&e->request); /* ignored */
+ (void) buffer_get_int(&e->request); /* ignored */
buffer_get_bignum(&e->request, key->rsa->e);
buffer_get_bignum(&e->request, key->rsa->n);
buffer_get_bignum(&e->request, challenge);
static void
process_sign_request2(SocketEntry *e)
{
- extern int datafellows;
- Key *key;
u_char *blob, *data, *signature = NULL;
u_int blen, dlen, slen = 0;
- int flags;
+ extern int datafellows;
+ int ok = -1, flags;
Buffer msg;
- int ok = -1;
+ Key *key;
datafellows = 0;
static void
process_remove_identity(SocketEntry *e, int version)
{
+ u_int blen, bits;
+ int success = 0;
Key *key = NULL;
u_char *blob;
- u_int blen;
- u_int bits;
- int success = 0;
switch (version) {
case 1:
buffer_get_bignum(&e->request, key->rsa->n);
if (bits != key_size(key))
- log("Warning: identity keysize mismatch: actual %d, announced %d",
+ log("Warning: identity keysize mismatch: actual %u, announced %u",
key_size(key), bits);
break;
case 2:
static void
reaper(void)
{
- Idtab *tab;
+ u_int now = time(NULL);
Identity *id, *nxt;
int version;
- u_int now = time(NULL);
+ Idtab *tab;
for (version = 1; version < 3; version++) {
tab = idtab_lookup(version);
static void
process_add_identity(SocketEntry *e, int version)
{
- Key *k = NULL;
- char *type_name;
- char *comment;
- int type, success = 0, death = 0;
Idtab *tab = idtab_lookup(version);
+ int type, success = 0, death = 0;
+ char *type_name, *comment;
+ Key *k = NULL;
switch (version) {
case 1:
k = key_new_private(KEY_RSA1);
- buffer_get_int(&e->request); /* ignored */
+ (void) buffer_get_int(&e->request); /* ignored */
buffer_get_bignum(&e->request, k->rsa->n);
buffer_get_bignum(&e->request, k->rsa->e);
buffer_get_bignum(&e->request, k->rsa->d);
static void
process_lock_agent(SocketEntry *e, int lock)
{
- char *passwd;
int success = 0;
+ char *passwd;
passwd = buffer_get_string(&e->request, NULL);
if (locked && !lock && strcmp(passwd, lock_passwd) == 0) {
static void
process_add_smartcard_key (SocketEntry *e)
{
- Identity *id;
- Idtab *tab;
- Key **keys, *k;
char *sc_reader_id = NULL, *pin;
int i, version, success = 0;
+ Key **keys, *k;
+ Identity *id;
+ Idtab *tab;
sc_reader_id = buffer_get_string(&e->request, NULL);
pin = buffer_get_string(&e->request, NULL);
static void
process_remove_smartcard_key(SocketEntry *e)
{
- Identity *id;
- Idtab *tab;
- Key **keys, *k = NULL;
char *sc_reader_id = NULL, *pin;
int i, version, success = 0;
+ Key **keys, *k = NULL;
+ Identity *id;
+ Idtab *tab;
sc_reader_id = buffer_get_string(&e->request, NULL);
pin = buffer_get_string(&e->request, NULL);
static void
process_message(SocketEntry *e)
{
- u_int msg_len;
- u_int type;
+ u_int msg_len, type;
u_char *cp;
/* kill dead keys */
if (msg_len > 256 * 1024) {
shutdown(e->fd, SHUT_RDWR);
close(e->fd);
+ e->fd = -1;
e->type = AUTH_UNUSED;
buffer_free(&e->input);
buffer_free(&e->output);
new_socket(sock_type type, int fd)
{
u_int i, old_alloc;
+
if (fcntl(fd, F_SETFL, O_NONBLOCK) < 0)
error("fcntl O_NONBLOCK: %s", strerror(errno));
static void
after_select(fd_set *readset, fd_set *writeset)
{
- u_int i;
- int len, sock;
+ struct sockaddr_un sunaddr;
socklen_t slen;
char buf[1024];
- struct sockaddr_un sunaddr;
+ int len, sock;
+ u_int i;
for (i = 0; i < sockets_alloc; i++)
switch (sockets[i].type) {
if (len <= 0) {
shutdown(sockets[i].fd, SHUT_RDWR);
close(sockets[i].fd);
+ sockets[i].fd = -1;
sockets[i].type = AUTH_UNUSED;
buffer_free(&sockets[i].input);
buffer_free(&sockets[i].output);
if (len <= 0) {
shutdown(sockets[i].fd, SHUT_RDWR);
close(sockets[i].fd);
+ sockets[i].fd = -1;
sockets[i].type = AUTH_UNUSED;
buffer_free(&sockets[i].input);
buffer_free(&sockets[i].output);
main(int ac, char **av)
{
int sock, c_flag = 0, d_flag = 0, k_flag = 0, s_flag = 0, ch, nalloc;
+ char *shell, *format, *pidstr, *agentsocket = NULL;
+ fd_set *readsetp = NULL, *writesetp = NULL;
struct sockaddr_un sunaddr;
#ifdef HAVE_SETRLIMIT
struct rlimit rlim;
#ifdef HAVE_CYGWIN
int prev_mask;
#endif
- pid_t pid;
- char *shell, *format, *pidstr, pidstrbuf[1 + 3 * sizeof pid];
- char *agentsocket = NULL;
extern int optind;
- fd_set *readsetp = NULL, *writesetp = NULL;
+ extern char *optarg;
+ pid_t pid;
+ char pidstrbuf[1 + 3 * sizeof pid];
SSLeay_add_all_algorithms();
init_rng();
seed_rng();
-#ifdef __GNU_LIBRARY__
- while ((ch = getopt(ac, av, "+cdksa:")) != -1) {
-#else /* __GNU_LIBRARY__ */
while ((ch = getopt(ac, av, "cdksa:")) != -1) {
-#endif /* __GNU_LIBRARY__ */
switch (ch) {
case 'c':
if (s_flag)
*/
#include "includes.h"
-RCSID("$OpenBSD: ssh-dss.c,v 1.14 2002/02/28 15:46:33 markus Exp $");
+RCSID("$OpenBSD: ssh-dss.c,v 1.15 2002/06/23 03:30:17 deraadt Exp $");
#include <openssl/bn.h>
#include <openssl/evp.h>
#define SIGBLOB_LEN (2*INTBLOB_LEN)
int
-ssh_dss_sign(
- Key *key,
- u_char **sigp, u_int *lenp,
+ssh_dss_sign(Key *key, u_char **sigp, u_int *lenp,
u_char *data, u_int datalen)
{
DSA_SIG *sig;
rlen = BN_num_bytes(sig->r);
slen = BN_num_bytes(sig->s);
if (rlen > INTBLOB_LEN || slen > INTBLOB_LEN) {
- error("bad sig size %d %d", rlen, slen);
+ error("bad sig size %u %u", rlen, slen);
DSA_SIG_free(sig);
return -1;
}
return 0;
}
int
-ssh_dss_verify(
- Key *key,
- u_char *signature, u_int signaturelen,
+ssh_dss_verify(Key *key, u_char *signature, u_int signaturelen,
u_char *data, u_int datalen)
{
DSA_SIG *sig;
}
if (len != SIGBLOB_LEN) {
- fatal("bad sigbloblen %d != SIGBLOB_LEN", len);
+ fatal("bad sigbloblen %u != SIGBLOB_LEN", len);
}
/* parse signature */
*/
#include "includes.h"
-RCSID("$OpenBSD: ssh-keygen.c,v 1.100 2002/06/19 00:27:55 deraadt Exp $");
+RCSID("$OpenBSD: ssh-keygen.c,v 1.101 2002/06/23 09:39:55 deraadt Exp $");
#include <openssl/evp.h>
#include <openssl/pem.h>
}
fprintf(stdout, "%s\n", SSH_COM_PUBLIC_BEGIN);
fprintf(stdout,
- "Comment: \"%d-bit %s, converted from OpenSSH by %s@%s\"\n",
+ "Comment: \"%u-bit %s, converted from OpenSSH by %s@%s\"\n",
key_size(k), key_type(k),
pw->pw_name, hostname);
dump_base64(stdout, blob, len);
public = key_load_public(identity_file, &comment);
if (public != NULL) {
fp = key_fingerprint(public, fptype, rep);
- printf("%d %s %s\n", key_size(public), fp, comment);
+ printf("%u %s %s\n", key_size(public), fp, comment);
key_free(public);
xfree(comment);
xfree(fp);
if (i == 0 || ep == NULL || (*ep != ' ' && *ep != '\t')) {
int quoted = 0;
comment = cp;
- for (; *cp && (quoted || (*cp != ' ' && *cp != '\t')); cp++) {
+ for (; *cp && (quoted || (*cp != ' ' &&
+ *cp != '\t')); cp++) {
if (*cp == '\\' && cp[1] == '"')
cp++; /* Skip both */
else if (*cp == '"')
}
comment = *cp ? cp : comment;
fp = key_fingerprint(public, fptype, rep);
- printf("%d %s %s\n", key_size(public), fp,
+ printf("%u %s %s\n", key_size(public), fp,
comment ? comment : "no comment");
xfree(fp);
key_free(public);
*/
#include "includes.h"
-RCSID("$OpenBSD: ssh-rsa.c,v 1.20 2002/06/10 16:53:06 stevesk Exp $");
+RCSID("$OpenBSD: ssh-rsa.c,v 1.21 2002/06/23 03:30:17 deraadt Exp $");
#include <openssl/evp.h>
#include <openssl/err.h>
/* RSASSA-PKCS1-v1_5 (PKCS #1 v2.0 signature) with SHA1 */
int
-ssh_rsa_sign(
- Key *key,
- u_char **sigp, u_int *lenp,
+ssh_rsa_sign(Key *key, u_char **sigp, u_int *lenp,
u_char *data, u_int datalen)
{
const EVP_MD *evp_md;
if (ok != 1) {
int ecode = ERR_get_error();
- error("ssh_rsa_sign: RSA_sign failed: %s", ERR_error_string(ecode, NULL));
+ error("ssh_rsa_sign: RSA_sign failed: %s",
+ ERR_error_string(ecode, NULL));
xfree(sig);
return -1;
}
if (len < slen) {
int diff = slen - len;
- debug("slen %d > len %d", slen, len);
+ debug("slen %u > len %u", slen, len);
memmove(sig + diff, sig, len);
memset(sig, 0, diff);
} else if (len > slen) {
- error("ssh_rsa_sign: slen %d slen2 %d", slen, len);
+ error("ssh_rsa_sign: slen %u slen2 %u", slen, len);
xfree(sig);
return -1;
}
}
int
-ssh_rsa_verify(
- Key *key,
- u_char *signature, u_int signaturelen,
+ssh_rsa_verify(Key *key, u_char *signature, u_int signaturelen,
u_char *data, u_int datalen)
{
Buffer b;
/* RSA_verify expects a signature of RSA_size */
modlen = RSA_size(key->rsa);
if (len > modlen) {
- error("ssh_rsa_verify: len %d > modlen %d", len, modlen);
+ error("ssh_rsa_verify: len %u > modlen %u", len, modlen);
xfree(sigblob);
return -1;
} else if (len < modlen) {
int diff = modlen - len;
- debug("ssh_rsa_verify: add padding: modlen %d > len %d",
+ debug("ssh_rsa_verify: add padding: modlen %u > len %u",
modlen, len);
sigblob = xrealloc(sigblob, modlen);
memmove(sigblob + diff, sigblob, len);
xfree(sigblob);
if (ret == 0) {
int ecode = ERR_get_error();
- error("ssh_rsa_verify: RSA_verify failed: %s", ERR_error_string(ecode, NULL));
+ error("ssh_rsa_verify: RSA_verify failed: %s",
+ ERR_error_string(ecode, NULL));
}
debug("ssh_rsa_verify: signature %scorrect", (ret==0) ? "in" : "");
return ret;
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: ssh.1,v 1.158 2002/06/20 19:56:07 stevesk Exp $
+.\" $OpenBSD: ssh.1,v 1.160 2002/06/22 11:51:39 naddy Exp $
.Dd September 25, 1999
.Dt SSH 1
.Os
.Xr ssh-agent 1 ,
.Xr ssh-keygen 1 ,
.Xr telnet 1 ,
-.Xr ssh_config 4 ,
-.Xr ssh-keysign 8,
+.Xr ssh_config 5 ,
+.Xr ssh-keysign 8 ,
.Xr sshd 8
.Rs
.%A T. Ylonen
-/* $OpenBSD: ssh.h,v 1.70 2002/06/03 12:04:07 deraadt Exp $ */
+/* $OpenBSD: ssh.h,v 1.71 2002/06/22 02:00:29 stevesk Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
#endif
/*
- * Name of the environment variable containing the pathname of the
- * authentication socket.
+ * Name of the environment variable containing the process ID of the
+ * authentication agent.
*/
#define SSH_AGENTPID_ENV_NAME "SSH_AGENT_PID"
*/
#include "includes.h"
-RCSID("$OpenBSD: sshconnect.c,v 1.125 2002/06/19 00:27:55 deraadt Exp $");
+RCSID("$OpenBSD: sshconnect.c,v 1.126 2002/06/23 03:30:17 deraadt Exp $");
#include <openssl/bn.h>
memset(&hints, 0, sizeof(hints));
hints.ai_family = family;
hints.ai_socktype = SOCK_STREAM;
- snprintf(strport, sizeof strport, "%d", port);
+ snprintf(strport, sizeof strport, "%u", port);
if ((gaierr = getaddrinfo(host, strport, &hints, &aitop)) != 0)
fatal("%s: %.100s: %s", __progname, host,
gai_strerror(gaierr));
* check whether the supplied host key is valid, return -1 if the key
* is not valid. the user_hostfile will not be updated if 'readonly' is true.
*/
-
static int
check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
int readonly, const char *user_hostfile, const char *system_hostfile)
*/
#include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.104 2002/06/19 00:27:55 deraadt Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.105 2002/06/23 03:30:17 deraadt Exp $");
#include "ssh.h"
#include "ssh2.h"
}
}
}
+
void
input_userauth_error(int type, u_int32_t seq, void *ctxt)
{
fatal("input_userauth_error: bad message during authentication: "
"type %d", type);
}
+
void
input_userauth_banner(int type, u_int32_t seq, void *ctxt)
{
xfree(msg);
xfree(lang);
}
+
void
input_userauth_success(int type, u_int32_t seq, void *ctxt)
{
clear_auth_state(authctxt);
authctxt->success = 1; /* break out */
}
+
void
input_userauth_failure(int type, u_int32_t seq, void *ctxt)
{
}
packet_check_eom();
- debug("input_userauth_pk_ok: pkalg %s blen %d lastkey %p hint %d",
+ debug("input_userauth_pk_ok: pkalg %s blen %u lastkey %p hint %d",
pkalg, blen, authctxt->last_key, authctxt->last_key_hint);
do {
}
static int
-ssh_keysign(
- Key *key,
- u_char **sigp, u_int *lenp,
+ssh_keysign(Key *key, u_char **sigp, u_int *lenp,
u_char *data, u_int datalen)
{
Buffer b;
static Authmethod *current = NULL;
static char *supported = NULL;
static char *preferred = NULL;
+
/*
* Given the authentication method list sent by the server, return the
* next method we should try. If the server initially sends a nil list,
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: sshd.8,v 1.184 2002/06/20 19:56:07 stevesk Exp $
+.\" $OpenBSD: sshd.8,v 1.186 2002/06/22 16:45:29 stevesk Exp $
.Dd September 25, 1999
.Dt SSHD 8
.Os
.Xr ssh-keygen 1 .
.It Pa /etc/moduli
Contains Diffie-Hellman groups used for the "Diffie-Hellman Group Exchange".
+.It Pa /var/empty
+.Xr chroot 2
+directory used by
+.Nm
+during privilege separation in the pre-authentication phase.
+The directory should not contain any files and must be owned by root
+and not group or world-writable.
.It Pa /var/run/sshd.pid
Contains the process ID of the
.Nm
listening for connections (if there are several daemons running
-concurrently for different ports, this contains the pid of the one
+concurrently for different ports, this contains the process ID of the one
started last).
The content of this file is not sensitive; it can be world-readable.
.It Pa $HOME/.ssh/authorized_keys
*/
#include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.246 2002/06/20 23:05:56 markus Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.251 2002/06/25 18:51:04 markus Exp $");
#include <openssl/dh.h>
#include <openssl/bn.h>
close_listen_socks(void)
{
int i;
+
for (i = 0; i < num_listen_socks; i++)
close(listen_socks[i]);
num_listen_socks = -1;
close_startup_pipes(void)
{
int i;
+
if (startup_pipes)
for (i = 0; i < options.max_startups; i++)
if (startup_pipes[i] != -1)
close_listen_socks();
close_startup_pipes();
execv(saved_argv[0], saved_argv);
- log("RESTART FAILED: av[0]='%.100s', error: %.100s.", saved_argv[0], strerror(errno));
+ log("RESTART FAILED: av[0]='%.100s', error: %.100s.", saved_argv[0],
+ strerror(errno));
exit(1);
}
static void
main_sigchld_handler(int sig)
{
- pid_t pid;
int save_errno = errno;
+ pid_t pid;
int status;
while ((pid = waitpid(-1, &status, WNOHANG)) > 0 ||
key_regeneration_alarm(int sig)
{
int save_errno = errno;
+
signal(SIGALRM, SIG_DFL);
errno = save_errno;
key_do_regen = 1;
if (client_version_string == NULL) {
/* Send our protocol version identification. */
- if (atomicio(write, sock_out, server_version_string, strlen(server_version_string))
+ if (atomicio(write, sock_out, server_version_string,
+ strlen(server_version_string))
!= strlen(server_version_string)) {
log("Could not write ident string to %s", get_remote_ipaddr());
fatal_cleanup();
}
}
-
/* Destroy the host and server keys. They will no longer be needed. */
void
destroy_sensitive_data(void)
privsep_preauth_child(void)
{
u_int32_t rand[256];
- int i;
+ gid_t gidset[2];
struct passwd *pw;
+ int i;
/* Enable challenge-response authentication for privilege separation */
privsep_challenge_enable();
/* Drop our privileges */
debug3("privsep user:group %u:%u", (u_int)pw->pw_uid,
(u_int)pw->pw_gid);
+#if 0
+ /* XXX not ready, to heavy after chroot */
do_setusercontext(pw);
+#else
+ gidset[0] = pw->pw_gid;
+ if (setgid(pw->pw_gid) < 0)
+ fatal("setgid failed for %u", pw->pw_gid );
+ if (setgroups(1, gidset) < 0)
+ fatal("setgroups: %.100s", strerror(errno));
+ permanently_set_uid(pw);
+#endif
}
static Authctxt*
/* XXX - Remote port forwarding */
x_authctxt = authctxt;
+#ifdef BROKEN_FD_PASSING
+ if (1) {
+#else
if (authctxt->pw->pw_uid == 0 || options.use_login) {
+#endif
/* File descriptor passing is broken or root login */
monitor_apply_keystate(pmonitor);
use_privsep = 0;
get_hostkey_by_type(int type)
{
int i;
+
for (i = 0; i < options.num_host_key_files; i++) {
Key *key = sensitive_data.host_keys[i];
if (key != NULL && key->type == type)
get_hostkey_index(Key *key)
{
int i;
+
for (i = 0; i < options.num_host_key_files; i++) {
if (key == sensitive_data.host_keys[i])
return (i);
* hate software patents. I dont know if this can go? Niels
*/
if (options.server_key_bits >
- BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) - SSH_KEY_BITS_RESERVED &&
- options.server_key_bits <
- BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) + SSH_KEY_BITS_RESERVED) {
+ BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) -
+ SSH_KEY_BITS_RESERVED && options.server_key_bits <
+ BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) +
+ SSH_KEY_BITS_RESERVED) {
options.server_key_bits =
- BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) + SSH_KEY_BITS_RESERVED;
+ BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) +
+ SSH_KEY_BITS_RESERVED;
debug("Forcing server key to %d bits to make it differ from host key.",
options.server_key_bits);
}
(S_ISDIR(st.st_mode) == 0))
fatal("Missing privilege separation directory: %s",
_PATH_PRIVSEP_CHROOT_DIR);
+ if (st.st_uid != 0 || (st.st_mode & (S_IWGRP|S_IWOTH)) != 0)
+ fatal("Bad owner or mode for %s",
+ _PATH_PRIVSEP_CHROOT_DIR);
}
/* Configuration looks good, so exit if in test mode. */
*/
#if 0
/* XXX: this breaks Solaris */
- if (setsid() < 0)
+ if (!debug_flag && !inetd_flag && setsid() < 0)
error("setsid: %.100s", strerror(errno));
#endif
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: sshd_config.5,v 1.3 2002/06/20 23:37:12 markus Exp $
+.\" $OpenBSD: sshd_config.5,v 1.4 2002/06/22 16:45:29 stevesk Exp $
.Dd September 25, 1999
.Dt SSHD_CONFIG 5
.Os
.It Cm KerberosAuthentication
Specifies whether Kerberos authentication is allowed.
This can be in the form of a Kerberos ticket, or if
-.It Cm PAMAuthenticationViaKbdInt
-Specifies whether PAM challenge response authentication is allowed. This
-allows the use of most PAM challenge response authentication modules, but
-it will allow password authentication regardless of whether
.Cm PasswordAuthentication
is yes, the password provided by the user will be validated through
the Kerberos KDC.
are refused if the number of unauthenticated connections reaches
.Dq full
(60).
+.It Cm PAMAuthenticationViaKbdInt
+Specifies whether PAM challenge response authentication is allowed. This
+allows the use of most PAM challenge response authentication modules, but
+it will allow password authentication regardless of whether
+.Cm PasswordAuthentication
+is enabled.
.It Cm PasswordAuthentication
Specifies whether password authentication is allowed.
The default is
.Dq no
root is not allowed to login.
.It Cm PidFile
-Specifies the file that contains the process identifier of the
+Specifies the file that contains the process ID of the
.Nm sshd
daemon.
The default is
*/
#include "includes.h"
-RCSID("$OpenBSD: sshlogin.c,v 1.3 2001/12/19 07:18:56 deraadt Exp $");
+RCSID("$OpenBSD: sshlogin.c,v 1.4 2002/06/23 03:30:17 deraadt Exp $");
#include "loginrec.h"
* information is not available. This must be called before record_login.
* The host the user logged in from will be returned in buf.
*/
-
u_long
get_last_login_time(uid_t uid, const char *logname,
- char *buf, u_int bufsize)
+ char *buf, u_int bufsize)
{
struct logininfo li;
* Records that the user has logged in. I these parts of operating systems
* were more standardized.
*/
-
void
record_login(pid_t pid, const char *ttyname, const char *user, uid_t uid,
- const char *host, struct sockaddr * addr)
+ const char *host, struct sockaddr * addr)
{
struct logininfo *li;
#endif
/* Records that the user has logged out. */
-
void
record_logout(pid_t pid, const char *ttyname, const char *user)
{
*/
#include "includes.h"
-RCSID("$OpenBSD: sshpty.c,v 1.4 2001/12/19 07:18:56 deraadt Exp $");
+RCSID("$OpenBSD: sshpty.c,v 1.7 2002/06/24 17:57:20 deraadt Exp $");
#ifdef HAVE_UTIL_H
# include <util.h>
if (fd < 0)
error("open /dev/tty failed - could not set controlling tty: %.100s",
strerror(errno));
- else {
+ else
close(fd);
- }
#endif /* _CRAY */
}
int xpixel, int ypixel)
{
struct winsize w;
+
w.ws_row = row;
w.ws_col = col;
w.ws_xpixel = xpixel;
if (st.st_uid != pw->pw_uid || st.st_gid != gid) {
if (chown(ttyname, pw->pw_uid, gid) < 0) {
if (errno == EROFS &&
- (st.st_uid == pw->pw_uid || st.st_uid == 0))
- error("chown(%.100s, %d, %d) failed: %.100s",
- ttyname, pw->pw_uid, gid,
+ (st.st_uid == pw->pw_uid || st.st_uid == 0))
+ error("chown(%.100s, %u, %u) failed: %.100s",
+ ttyname, (u_int)pw->pw_uid, (u_int)gid,
strerror(errno));
else
- fatal("chown(%.100s, %d, %d) failed: %.100s",
- ttyname, pw->pw_uid, gid,
+ fatal("chown(%.100s, %u, %u) failed: %.100s",
+ ttyname, (u_int)pw->pw_uid, (u_int)gid,
strerror(errno));
}
}
*/
#include "includes.h"
-RCSID("$OpenBSD: tildexpand.c,v 1.12 2001/08/11 22:51:27 jakob Exp $");
+RCSID("$OpenBSD: tildexpand.c,v 1.13 2002/06/23 03:25:50 deraadt Exp $");
#include "xmalloc.h"
#include "log.h"
if (len > MAXPATHLEN)
fatal("Home directory too long (%d > %d", len-1, MAXPATHLEN-1);
expanded = xmalloc(len);
- snprintf(expanded, len, "%s%s%s", pw->pw_dir, strcmp(pw->pw_dir, "/") ? "/" : "", cp + 1);
+ snprintf(expanded, len, "%s%s%s", pw->pw_dir,
+ strcmp(pw->pw_dir, "/") ? "/" : "", cp + 1);
return expanded;
}
-/* $OpenBSD: version.h,v 1.33 2002/06/21 15:41:20 markus Exp $ */
+/* $OpenBSD: version.h,v 1.34 2002/06/26 13:56:27 markus Exp $ */
-#define SSH_VERSION "OpenSSH_3.3"
+#define SSH_VERSION "OpenSSH_3.4p1"