From 680cee3b13f3b5197cc438649719a36181466d1b Mon Sep 17 00:00:00 2001 From: jbasney Date: Mon, 1 Jul 2002 15:11:20 +0000 Subject: [PATCH] Import of OpenSSH 3.4p1 --- openssh/.cvsignore | 1 + openssh/ChangeLog | 163 +++++ openssh/INSTALL | 5 - openssh/Makefile.in | 11 +- openssh/README.privsep | 19 +- openssh/TODO | 16 + openssh/acconfig.h | 9 +- openssh/auth2-chall.c | 18 +- openssh/auth2-pam.c | 9 + openssh/authfd.c | 4 +- openssh/authfile.c | 6 +- openssh/autom4te-2.53.cache/output.0 | 144 ++-- openssh/autom4te-2.53.cache/traces.0 | 960 ++++++++++++++------------- openssh/bufaux.c | 25 +- openssh/buffer.c | 8 +- openssh/channels.c | 31 +- openssh/channels.h | 18 +- openssh/cipher.c | 14 +- openssh/clientloop.c | 6 +- openssh/configure.ac | 51 +- openssh/contrib/aix/README | 4 + openssh/contrib/aix/buildbff.sh | 213 ++++-- openssh/contrib/caldera/openssh.spec | 335 +++++++--- openssh/contrib/redhat/openssh.spec | 6 +- openssh/contrib/suse/openssh.spec | 2 +- openssh/defines.h | 21 +- openssh/kex.c | 6 +- openssh/key.c | 10 +- openssh/monitor.c | 15 +- openssh/monitor_fdpass.h | 2 +- openssh/monitor_mm.c | 8 +- openssh/monitor_mm.h | 2 +- openssh/msg.c | 6 +- openssh/openbsd-compat/getopt.c | 48 +- openssh/packet.c | 15 +- openssh/scard.c | 4 +- openssh/scp.1 | 4 +- openssh/servconf.c | 23 +- openssh/serverloop.c | 6 +- openssh/session.c | 41 +- openssh/session.h | 8 +- openssh/sftp-client.c | 65 +- openssh/sftp-client.h | 8 +- openssh/sftp-common.c | 4 +- openssh/sftp-int.c | 4 +- openssh/sftp-server.c | 54 +- openssh/sftp.c | 5 +- openssh/ssh-agent.1 | 8 +- openssh/ssh-agent.c | 82 ++- openssh/ssh-dss.c | 14 +- openssh/ssh-keygen.c | 11 +- openssh/ssh-rsa.c | 24 +- openssh/ssh.1 | 6 +- openssh/ssh.h | 6 +- openssh/sshconnect.c | 5 +- openssh/sshconnect2.c | 13 +- openssh/sshd.8 | 11 +- openssh/sshd.c | 48 +- openssh/sshd_config.5 | 14 +- openssh/sshlogin.c | 9 +- openssh/sshpty.c | 16 +- openssh/tildexpand.c | 5 +- openssh/version.h | 4 +- 63 files changed, 1656 insertions(+), 1057 deletions(-) diff --git a/openssh/.cvsignore b/openssh/.cvsignore index 549c5e4..12de9ef 100644 --- a/openssh/.cvsignore +++ b/openssh/.cvsignore @@ -4,6 +4,7 @@ sshd ssh-add ssh-keygen ssh-keyscan +ssh-keysign ssh-agent sftp-server sftp diff --git a/openssh/ChangeLog b/openssh/ChangeLog index 3d59335..53a2e38 100644 --- a/openssh/ChangeLog +++ b/openssh/ChangeLog @@ -1,6 +1,169 @@ +20020626 + - (stevesk) [monitor.c] remove duplicate proto15 dispatch entry for PAM + - (bal) OpenBSD CVS Sync + - markus@cvs.openbsd.org 2002/06/23 21:34:07 + [channels.c] + tcode is u_int + - markus@cvs.openbsd.org 2002/06/24 13:12:23 + [ssh-agent.1] + the socket name contains ssh-agent's ppid; via mpech@ from form@ + - markus@cvs.openbsd.org 2002/06/24 14:33:27 + [channels.c channels.h clientloop.c serverloop.c] + move channel counter to u_int + - markus@cvs.openbsd.org 2002/06/24 14:55:38 + [authfile.c kex.c ssh-agent.c] + cat to (void) when output from buffer_get_X is ignored + - itojun@cvs.openbsd.org 2002/06/24 15:49:22 + [msg.c] + printf type pedant + - deraadt@cvs.openbsd.org 2002/06/24 17:57:20 + [sftp-server.c sshpty.c] + explicit (u_int) for uid and gid + - markus@cvs.openbsd.org 2002/06/25 16:22:42 + [authfd.c] + unnecessary cast + - markus@cvs.openbsd.org 2002/06/25 18:51:04 + [sshd.c] + lightweight do_setusercontext after chroot() + - (bal) Updated AIX package build. Patch by dtucker@zip.com.au + - (tim) [Makefile.in] fix test on installing ssh-rand-helper.8 + - (bal) added back in error check for mmap(). I screwed up, Pointed + out by stevesk@ + - (tim) [README.privsep] UnixWare tip no longer needed. + - (bal) fixed NeXTStep missing munmap() issue. It defines HAVE_MMAP, + but it all damned lies. + - (stevesk) [README.privsep] more for sshd pseudo-account. + - (tim) [contrib/caldera/openssh.spec] add support for privsep + - (djm) setlogin needs pgid==pid on BSD/OS; from itojun@ + - (djm) OpenBSD CVS Sync + - markus@cvs.openbsd.org 2002/06/26 08:53:12 + [bufaux.c] + limit size of BNs to 8KB; ok provos/deraadt + - markus@cvs.openbsd.org 2002/06/26 08:54:18 + [buffer.c] + limit append to 1MB and buffers to 10MB + - markus@cvs.openbsd.org 2002/06/26 08:55:02 + [channels.c] + limit # of channels to 10000 + - markus@cvs.openbsd.org 2002/06/26 08:58:26 + [session.c] + limit # of env vars to 1000; ok deraadt/djm + - deraadt@cvs.openbsd.org 2002/06/26 13:20:57 + [monitor.c] + be careful in mm_zalloc + - deraadt@cvs.openbsd.org 2002/06/26 13:49:26 + [session.c] + disclose less information from environment files; based on input + from djm, and dschultz@uclink.Berkeley.EDU + - markus@cvs.openbsd.org 2002/06/26 13:55:37 + [auth2-chall.c] + make sure # of response matches # of queries, fixes int overflow; + from ISS + - markus@cvs.openbsd.org 2002/06/26 13:56:27 + [version.h] + 3.4 + - (djm) Require krb5 devel for RPM build w/ KrbV + - (djm) Improve PAMAuthenticationViaKbdInt text from Nalin Dahyabhai + + - (djm) Update spec files for release + - (djm) Fix int overflow in auth2-pam.c, similar to one discovered by ISS + - (djm) Release 3.4p1 + +20020625 + - (stevesk) [INSTALL acconfig.h configure.ac defines.h] remove --with-rsh + - (stevesk) [README.privsep] minor updates + - (djm) Create privsep directory and warn if privsep user is missing + during make install + - (bal) Started list of PrivSep issues in TODO + - (bal) if mmap() is substandard, don't allow compression on server side. + Post 'event' we will add more options. + - (tim) [contrib/caldera/openssh.spec] Sync with Caldera + - (bal) moved aix_usrinfo() and noted not setting real TTY. Patch by + dtucker@zip.com.au + - (tim) [acconfig.h configure.ac sshd.c] BROKEN_FD_PASSING fix from Markus + for Cygwin, Cray, & SCO + +20020624 + - OpenBSD CVS Sync + - deraadt@cvs.openbsd.org 2002/06/23 03:25:50 + [tildexpand.c] + KNF + - deraadt@cvs.openbsd.org 2002/06/23 03:26:19 + [cipher.c key.c] + KNF + - deraadt@cvs.openbsd.org 2002/06/23 03:30:58 + [scard.c ssh-dss.c ssh-rsa.c sshconnect.c sshconnect2.c sshd.c sshlogin.c + sshpty.c] + various KNF and %d for unsigned + - deraadt@cvs.openbsd.org 2002/06/23 09:30:14 + [sftp-client.c sftp-client.h sftp-common.c sftp-int.c sftp-server.c + sftp.c] + bunch of u_int vs int stuff + - deraadt@cvs.openbsd.org 2002/06/23 09:39:55 + [ssh-keygen.c] + u_int stuff + - deraadt@cvs.openbsd.org 2002/06/23 09:46:51 + [bufaux.c servconf.c] + minor KNF. things the fingers do while you read + - deraadt@cvs.openbsd.org 2002/06/23 10:29:52 + [ssh-agent.c sshd.c] + some minor KNF and %u + - deraadt@cvs.openbsd.org 2002/06/23 20:39:45 + [session.c] + compression_level is u_int + - deraadt@cvs.openbsd.org 2002/06/23 21:06:13 + [sshpty.c] + KNF + - deraadt@cvs.openbsd.org 2002/06/23 21:06:41 + [channels.c channels.h session.c session.h] + display, screen, row, col, xpixel, ypixel are u_int; markus ok + - deraadt@cvs.openbsd.org 2002/06/23 21:10:02 + [packet.c] + packet_get_int() returns unsigned for reason & seqnr + - (bal) Also fixed IPADDR_IN_DISPLAY case where display, screen, row, col, + xpixel are u_int. + + +20020623 + - (stevesk) [configure.ac] bug #255 LOGIN_NEEDS_UTMPX for AIX. + - (bal) removed GNUism for getops in ssh-agent since glibc lacks optreset. + - (bal) add extern char *getopt. Based on report by dtucker@zip.com.au + - OpenBSD CVS Sync + - stevesk@cvs.openbsd.org 2002/06/22 02:00:29 + [ssh.h] + correct comment + - stevesk@cvs.openbsd.org 2002/06/22 02:40:23 + [ssh.1] + section 5 not 4 for ssh_config + - naddy@cvs.openbsd.org 2002/06/22 11:51:39 + [ssh.1] + typo + - stevesk@cvs.openbsd.org 2002/06/22 16:32:54 + [sshd.8] + add /var/empty in FILES section + - stevesk@cvs.openbsd.org 2002/06/22 16:40:19 + [sshd.c] + check /var/empty owner mode; ok provos@ + - stevesk@cvs.openbsd.org 2002/06/22 16:41:57 + [scp.1] + typo + - stevesk@cvs.openbsd.org 2002/06/22 16:45:29 + [ssh-agent.1 sshd.8 sshd_config.5] + use process ID vs. pid/PID/process identifier + - stevesk@cvs.openbsd.org 2002/06/22 20:05:27 + [sshd.c] + don't call setsid() if debugging or run from inetd; no "Operation not + permitted" errors now; ok millert@ markus@ + - stevesk@cvs.openbsd.org 2002/06/22 23:09:51 + [monitor.c] + save auth method before monitor_reset_key_state(); bugzilla bug #284; + ok provos@ + 20020622 - (djm) Update README.privsep; spotted by fries@ - (djm) Release 3.3p1 + - (bal) getopt now can be staticly compiled on those platforms missing + optreset. Patch by binder@arago.de 20020621 - (djm) Sync: diff --git a/openssh/INSTALL b/openssh/INSTALL index 84e7b47..f5b3546 100644 --- a/openssh/INSTALL +++ b/openssh/INSTALL @@ -105,11 +105,6 @@ name). There are a few other options to the configure script: ---with-rsh=PATH allows you to specify the path to your rsh program. -Normally ./configure will search the current $PATH for 'rsh'. You -may need to specify this option if rsh is not in your path or has a -different name. - --with-pam enables PAM support. --enable-gnome-askpass will build the GNOME passphrase dialog. You diff --git a/openssh/Makefile.in b/openssh/Makefile.in index fd4419d..67e9486 100644 --- a/openssh/Makefile.in +++ b/openssh/Makefile.in @@ -26,6 +26,7 @@ SFTP_SERVER=$(libexecdir)/sftp-server SSH_KEYSIGN=$(libexecdir)/ssh-keysign RAND_HELPER=$(libexecdir)/ssh-rand-helper PRIVSEP_PATH=@PRIVSEP_PATH@ +SSH_PRIVSEP_USER=@SSH_PRIVSEP_USER@ PATHS= -DSSHDIR=\"$(sysconfdir)\" \ -D_PATH_SSH_PROGRAM=\"$(SSH_PROGRAM)\" \ @@ -197,9 +198,13 @@ distprep: catman-do $(AUTORECONF) (cd scard && $(MAKE) -f Makefile.in distprep) -install: $(CONFIGFILES) $(MANPAGES) $(TARGETS) install-files host-key +install: $(CONFIGFILES) $(MANPAGES) $(TARGETS) install-files host-key check-user install-nokeys: $(CONFIGFILES) $(MANPAGES) $(TARGETS) install-files +check-user: + id $(SSH_PRIVSEP_USER) || \ + echo "WARNING: Privilege separation user \"$(SSH_PRIVSEP_USER)\" does not exist" + scard-install: (cd scard && $(MAKE) DESTDIR=$(DESTDIR) install) @@ -212,6 +217,8 @@ install-files: scard-install $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)5 $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)8 $(srcdir)/mkinstalldirs $(DESTDIR)$(libexecdir) + $(srcdir)/mkinstalldirs $(DESTDIR)$(PRIVSEP_PATH) + chmod 0700 $(DESTDIR)$(PRIVSEP_PATH) $(INSTALL) -m 0755 -s ssh $(DESTDIR)$(bindir)/ssh $(INSTALL) -m 0755 -s scp $(DESTDIR)$(bindir)/scp $(INSTALL) -m 0755 -s ssh-add $(DESTDIR)$(bindir)/ssh-add @@ -234,7 +241,7 @@ install-files: scard-install $(INSTALL) -m 644 sshd_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/sshd_config.5 $(INSTALL) -m 644 ssh_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/ssh_config.5 $(INSTALL) -m 644 sshd.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8 - if [ ! -z "$(INSTALL_SSH_PRNG_CMDS)" ]; then \ + if [ ! -z "$(INSTALL_SSH_RAND_HELPER)" ]; then \ $(INSTALL) -m 644 ssh-rand-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-rand-helper.8 ; \ fi @NO_SFTP@$(INSTALL) -m 644 sftp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/sftp.1 diff --git a/openssh/README.privsep b/openssh/README.privsep index c2ce935..b99a667 100644 --- a/openssh/README.privsep +++ b/openssh/README.privsep @@ -12,19 +12,20 @@ On systems which lack mmap or anonymous (MAP_ANON) memory mapping, compression must be disabled in order for privilege separation to function. -When privsep is enabled, the pre-authentication sshd process will +When privsep is enabled, during the pre-authentication phase sshd will chroot(2) to "/var/empty" and change its privileges to the "sshd" user -and its primary group. You should do something like the following to -prepare the privsep preauth environment: +and its primary group. sshd is a pseudo-account that should not be +used by other daemons, and must be locked and should contain a +"nologin" or invalid shell. + +You should do something like the following to prepare the privsep +preauth environment: # mkdir /var/empty # chown root:sys /var/empty # chmod 755 /var/empty # groupadd sshd - # useradd -g sshd sshd - -If you are on UnixWare 7 or OpenUNIX 8 do this additional step. - # ln /usr/lib/.ns.so /usr/lib/ns.so.1 + # useradd -g sshd -c 'sshd privsep' -d /var/empty -s /bin/false sshd /var/empty should not contain any files. @@ -34,8 +35,8 @@ privsep user and chroot directory: --with-privsep-path=xxx Path for privilege separation chroot --with-privsep-user=user Specify non-privileged user for privilege separation -Privsep requires operating system support for file descriptor passing -and mmap(MAP_ANON). +Privsep requires operating system support for file descriptor passing. +Compression will be disabled on systems without a working mmap MAP_ANON. PAM-enabled OpenSSH is known to function with privsep on Linux. It does not function on HP-UX with a trusted system diff --git a/openssh/TODO b/openssh/TODO index 11abaf6..d47a7fc 100644 --- a/openssh/TODO +++ b/openssh/TODO @@ -87,4 +87,20 @@ Packaging: - HP-UX: Provide DEPOT package scripts. (gilbert.r.loomis@saic.com) + +PrivSep Issues: +- mmap() issues. + + /dev/zero solution (Solaris) + + No/broken MAP_ANON (Irix) + + broken /dev/zero parse (Linux) +- PAM + + See above PAM notes +- AIX + + usrinfo() does not set TTY, but only required for legicy systems. Works + with PrivSep. +- OSF + + SIA is broken +- Cygwin + + Privsep for Pre-auth only (no fd passing) + $Id$ diff --git a/openssh/acconfig.h b/openssh/acconfig.h index 9658533..37227e7 100644 --- a/openssh/acconfig.h +++ b/openssh/acconfig.h @@ -228,9 +228,6 @@ /* Define if xauth is found in your path */ #undef XAUTH_PATH -/* Define if rsh is found in your path */ -#undef RSH_PATH - /* Define if you want to allow MD5 passwords */ #undef HAVE_MD5_PASSWORDS @@ -358,6 +355,12 @@ /* Path that unprivileged child will chroot() to in privep mode */ #undef PRIVSEP_PATH +/* Define if you have the `mmap' function that supports MAP_ANON|SHARED */ +#undef HAVE_MMAP_ANON_SHARED + +/* Define if sendmsg()/recvmsg() has problems passing file descriptors */ +#undef BROKEN_FD_PASSING + @BOTTOM@ /* ******************* Shouldn't need to edit below this line ************** */ diff --git a/openssh/auth2-chall.c b/openssh/auth2-chall.c index f35bfb2..e1440f4 100644 --- a/openssh/auth2-chall.c +++ b/openssh/auth2-chall.c @@ -23,7 +23,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -RCSID("$OpenBSD: auth2-chall.c,v 1.18 2002/06/19 00:27:55 deraadt Exp $"); +RCSID("$OpenBSD: auth2-chall.c,v 1.19 2002/06/26 13:55:37 markus Exp $"); #include "ssh2.h" #include "auth.h" @@ -63,6 +63,7 @@ struct KbdintAuthctxt char *devices; void *ctxt; KbdintDevice *device; + u_int nreq; }; static KbdintAuthctxt * @@ -90,6 +91,7 @@ kbdint_alloc(const char *devs) debug("kbdint_alloc: devices '%s'", kbdintctxt->devices); kbdintctxt->ctxt = NULL; kbdintctxt->device = NULL; + kbdintctxt->nreq = 0; return kbdintctxt; } @@ -209,26 +211,26 @@ send_userauth_info_request(Authctxt *authctxt) KbdintAuthctxt *kbdintctxt; char *name, *instr, **prompts; int i; - u_int numprompts, *echo_on; + u_int *echo_on; kbdintctxt = authctxt->kbdintctxt; if (kbdintctxt->device->query(kbdintctxt->ctxt, - &name, &instr, &numprompts, &prompts, &echo_on)) + &name, &instr, &kbdintctxt->nreq, &prompts, &echo_on)) return 0; packet_start(SSH2_MSG_USERAUTH_INFO_REQUEST); packet_put_cstring(name); packet_put_cstring(instr); packet_put_cstring(""); /* language not used */ - packet_put_int(numprompts); - for (i = 0; i < numprompts; i++) { + packet_put_int(kbdintctxt->nreq); + for (i = 0; i < kbdintctxt->nreq; i++) { packet_put_cstring(prompts[i]); packet_put_char(echo_on[i]); } packet_send(); packet_write_wait(); - for (i = 0; i < numprompts; i++) + for (i = 0; i < kbdintctxt->nreq; i++) xfree(prompts[i]); xfree(prompts); xfree(echo_on); @@ -256,6 +258,10 @@ input_userauth_info_response(int type, u_int32_t seq, void *ctxt) authctxt->postponed = 0; /* reset */ nresp = packet_get_int(); + if (nresp != kbdintctxt->nreq) + fatal("input_userauth_info_response: wrong number of replies"); + if (nresp > 100) + fatal("input_userauth_info_response: too many replies"); if (nresp > 0) { response = xmalloc(nresp * sizeof(char*)); for (i = 0; i < nresp; i++) diff --git a/openssh/auth2-pam.c b/openssh/auth2-pam.c index e442ca2..b2bfa81 100644 --- a/openssh/auth2-pam.c +++ b/openssh/auth2-pam.c @@ -140,6 +140,15 @@ input_userauth_info_response_pam(int type, u_int32_t seqnr, void *ctxt) nresp = packet_get_int(); /* Number of responses. */ debug("got %d responses", nresp); + + if (nresp != context_pam2.num_expected) + fatal("%s: Received incorrect number of responses " + "(expected %u, received %u)", __func__, nresp, + context_pam2.num_expected); + + if (nresp > 100) + fatal("%s: too many replies", __func__); + for (i = 0; i < nresp; i++) { int j = context_pam2.prompts[i]; diff --git a/openssh/authfd.c b/openssh/authfd.c index a452a79..4c4552d 100644 --- a/openssh/authfd.c +++ b/openssh/authfd.c @@ -35,7 +35,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: authfd.c,v 1.55 2002/06/19 00:27:55 deraadt Exp $"); +RCSID("$OpenBSD: authfd.c,v 1.56 2002/06/25 16:22:42 markus Exp $"); #include @@ -144,7 +144,7 @@ ssh_request_reply(AuthenticationConnection *auth, Buffer *request, Buffer *reply error("Error reading response from authentication socket."); return 0; } - buffer_append(reply, (char *) buf, l); + buffer_append(reply, buf, l); len -= l; } return 1; diff --git a/openssh/authfile.c b/openssh/authfile.c index 6d936de..1fa5d81 100644 --- a/openssh/authfile.c +++ b/openssh/authfile.c @@ -36,7 +36,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: authfile.c,v 1.49 2002/05/23 19:24:30 markus Exp $"); +RCSID("$OpenBSD: authfile.c,v 1.50 2002/06/24 14:55:38 markus Exp $"); #include #include @@ -270,7 +270,7 @@ key_load_public_rsa1(int fd, const char *filename, char **commentp) (void) buffer_get_int(&buffer); /* reserved */ /* Read the public key from the buffer. */ - buffer_get_int(&buffer); + (void) buffer_get_int(&buffer); pub = key_new(KEY_RSA1); buffer_get_bignum(&buffer, pub->rsa->n); buffer_get_bignum(&buffer, pub->rsa->e); @@ -357,7 +357,7 @@ key_load_private_rsa1(int fd, const char *filename, const char *passphrase, (void) buffer_get_int(&buffer); /* Reserved data. */ /* Read the public key from the buffer. */ - buffer_get_int(&buffer); + (void) buffer_get_int(&buffer); prv = key_new_private(KEY_RSA1); buffer_get_bignum(&buffer, prv->rsa->n); diff --git a/openssh/autom4te-2.53.cache/output.0 b/openssh/autom4te-2.53.cache/output.0 index 7213f80..9219781 100644 --- a/openssh/autom4te-2.53.cache/output.0 +++ b/openssh/autom4te-2.53.cache/output.0 @@ -862,7 +862,6 @@ Optional Packages: --with-kerberos5=PATH Enable Kerberos 5 support --with-kerberos4=PATH Enable Kerberos 4 support --with-afs=PATH Enable AFS support - --with-rsh=PATH Specify path to remote shell program --with-privsep-path=xxx Path for privilege separation chroot --with-xauth=PATH Specify path to xauth program --with-mantype=man|cat|doc Set man page type @@ -3635,6 +3634,10 @@ _ACEOF cat >>confdefs.h <<\_ACEOF @%:@define DISABLE_LASTLOG 1 +_ACEOF + + cat >>confdefs.h <<\_ACEOF +@%:@define LOGIN_NEEDS_UTMPX 1 _ACEOF ;; @@ -3662,6 +3665,10 @@ _ACEOF cat >>confdefs.h <<\_ACEOF @%:@define NO_X11_UNIX_SOCKETS 1 +_ACEOF + + cat >>confdefs.h <<\_ACEOF +@%:@define BROKEN_FD_PASSING 1 _ACEOF cat >>confdefs.h <<\_ACEOF @@ -4123,7 +4130,6 @@ _ACEOF CPPFLAGS="$CPPFLAGS -Dftruncate=chsize -I/usr/local/include" LDFLAGS="$LDFLAGS -L/usr/local/lib" LIBS="$LIBS -los -lprot -lx -ltinfo -lm" - rsh_path="/usr/bin/rcmd" RANLIB=true no_dev_ptmx=1 cat >>confdefs.h <<\_ACEOF @@ -4231,7 +4237,6 @@ done LDFLAGS="$LDFLAGS -L/usr/local/lib" LIBS="$LIBS -lprot -lx -ltinfo -lm" no_dev_ptmx=1 - rsh_path="/usr/bin/rcmd" cat >>confdefs.h <<\_ACEOF @%:@define USE_PIPES 1 _ACEOF @@ -4244,6 +4249,10 @@ _ACEOF @%:@define DISABLE_SHADOW 1 _ACEOF + cat >>confdefs.h <<\_ACEOF +@%:@define BROKEN_FD_PASSING 1 +_ACEOF + for ac_func in getluid setluid @@ -4328,6 +4337,10 @@ done no_libnsl=1 cat >>confdefs.h <<\_ACEOF @%:@define USE_PIPES 1 +_ACEOF + + cat >>confdefs.h <<\_ACEOF +@%:@define BROKEN_FD_PASSING 1 _ACEOF LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal,-L/usr/local/lib" @@ -6515,6 +6528,63 @@ fi done +if test $ac_cv_func_mmap = yes ; then +echo "$as_me:$LINENO: checking for mmap anon shared" >&5 +echo $ECHO_N "checking for mmap anon shared... $ECHO_C" >&6 +if test "$cross_compiling" = yes; then + { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling" >&5 +echo "$as_me: error: cannot run test program while cross compiling" >&2;} + { (exit 1); exit 1; }; } +else + cat >conftest.$ac_ext <<_ACEOF +#line $LINENO "configure" +#include "confdefs.h" + +#include +#include +#if !defined(MAP_ANON) && defined(MAP_ANONYMOUS) +#define MAP_ANON MAP_ANONYMOUS +#endif +main() { char *p; +p = (char *) mmap(NULL, 10, PROT_WRITE|PROT_READ, MAP_ANON|MAP_SHARED, -1, 0); +if (p == (char *)-1) + exit(1); +exit(0); +} + +_ACEOF +rm -f conftest$ac_exeext +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 + (eval $ac_link) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && { ac_try='./conftest$ac_exeext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + + echo "$as_me:$LINENO: result: yes" >&5 +echo "${ECHO_T}yes" >&6 + cat >>confdefs.h <<\_ACEOF +@%:@define HAVE_MMAP_ANON_SHARED 1 +_ACEOF + + +else + echo "$as_me: program exited with status $ac_status" >&5 +echo "$as_me: failed program was:" >&5 +cat conftest.$ac_ext >&5 +( exit $ac_status ) + echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6 + +fi +rm -f core core.* *.core conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext +fi +fi + for ac_func in dirname do @@ -8482,23 +8552,24 @@ cat >>confdefs.h <<_ACEOF _ACEOF -ssh_privsep_user=sshd +SSH_PRIVSEP_USER=sshd # Check whether --with-privsep-user or --without-privsep-user was given. if test "${with_privsep_user+set}" = set; then withval="$with_privsep_user" if test -n "$withval"; then - ssh_privsep_user=$withval + SSH_PRIVSEP_USER=$withval fi fi; cat >>confdefs.h <<_ACEOF -@%:@define SSH_PRIVSEP_USER "$ssh_privsep_user" +@%:@define SSH_PRIVSEP_USER "$SSH_PRIVSEP_USER" _ACEOF + # We do this little dance with the search path to insure # that programs that we select for use by installed programs # (which may be run by the super-user) come from trusted @@ -15238,59 +15309,6 @@ LIBS="$LIBS $KLIBS $K5LIBS" # Looking for programs, paths and files -# Check whether --with-rsh or --without-rsh was given. -if test "${with_rsh+set}" = set; then - withval="$with_rsh" - - if test "x$withval" != "$no" ; then - rsh_path=$withval - fi - -else - - # Extract the first word of "rsh", so it can be a program name with args. -set dummy rsh; ac_word=$2 -echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 -if test "${ac_cv_path_rsh_path+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - case $rsh_path in - [\\/]* | ?:[\\/]*) - ac_cv_path_rsh_path="$rsh_path" # Let the user override the test with a path. - ;; - *) - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_path_rsh_path="$as_dir/$ac_word$ac_exec_ext" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done - - ;; -esac -fi -rsh_path=$ac_cv_path_rsh_path - -if test -n "$rsh_path"; then - echo "$as_me:$LINENO: result: $rsh_path" >&5 -echo "${ECHO_T}$rsh_path" >&6 -else - echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6 -fi - - - -fi; - PRIVSEP_PATH=/var/empty # Check whether --with-privsep-path or --without-privsep-path was given. @@ -15372,12 +15390,6 @@ _ACEOF XAUTH_PATH=$xauth_path -fi -if test ! -z "$rsh_path" ; then - cat >>confdefs.h <<_ACEOF -@%:@define RSH_PATH "$rsh_path" -_ACEOF - fi # Check for mail directory (last resort if we cannot get it from headers) @@ -16993,6 +17005,7 @@ s,@LD@,$LD,;t t s,@LIBWRAP@,$LIBWRAP,;t t s,@LIBPAM@,$LIBPAM,;t t s,@INSTALL_SSH_RAND_HELPER@,$INSTALL_SSH_RAND_HELPER,;t t +s,@SSH_PRIVSEP_USER@,$SSH_PRIVSEP_USER,;t t s,@PROG_LS@,$PROG_LS,;t t s,@PROG_NETSTAT@,$PROG_NETSTAT,;t t s,@PROG_ARP@,$PROG_ARP,;t t @@ -17012,7 +17025,6 @@ s,@PROG_TAIL@,$PROG_TAIL,;t t s,@INSTALL_SSH_PRNG_CMDS@,$INSTALL_SSH_PRNG_CMDS,;t t s,@NO_SFTP@,$NO_SFTP,;t t s,@OPENSC_CONFIG@,$OPENSC_CONFIG,;t t -s,@rsh_path@,$rsh_path,;t t s,@PRIVSEP_PATH@,$PRIVSEP_PATH,;t t s,@xauth_path@,$xauth_path,;t t s,@XAUTH_PATH@,$XAUTH_PATH,;t t diff --git a/openssh/autom4te-2.53.cache/traces.0 b/openssh/autom4te-2.53.cache/traces.0 index 1e40d5f..6eb0daa 100644 --- a/openssh/autom4te-2.53.cache/traces.0 +++ b/openssh/autom4te-2.53.cache/traces.0 @@ -119,93 +119,97 @@ m4trace:configure.ac:74: -1- AC_DEFINE_TRACE_LITERAL([WITH_AIXAUTHENTICATE]) m4trace:configure.ac:75: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_GETADDRINFO]) m4trace:configure.ac:76: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_REALPATH]) m4trace:configure.ac:78: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_LASTLOG]) -m4trace:configure.ac:82: -1- AC_DEFINE_TRACE_LITERAL([HAVE_CYGWIN]) -m4trace:configure.ac:83: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES]) -m4trace:configure.ac:84: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_SHADOW]) -m4trace:configure.ac:85: -1- AC_DEFINE_TRACE_LITERAL([IPV4_DEFAULT]) -m4trace:configure.ac:86: -1- AC_DEFINE_TRACE_LITERAL([IP_TOS_IS_BROKEN]) -m4trace:configure.ac:87: -1- AC_DEFINE_TRACE_LITERAL([NO_X11_UNIX_SOCKETS]) -m4trace:configure.ac:88: -1- AC_DEFINE_TRACE_LITERAL([SETGROUPS_NOOP]) -m4trace:configure.ac:91: -1- AC_DEFINE_TRACE_LITERAL([IP_TOS_IS_BROKEN]) -m4trace:configure.ac:94: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_GETADDRINFO]) -m4trace:configure.ac:102: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SECUREWARE]) -m4trace:configure.ac:103: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES]) -m4trace:configure.ac:104: -1- AC_DEFINE_TRACE_LITERAL([LOGIN_NO_ENDOPT]) -m4trace:configure.ac:105: -1- AC_DEFINE_TRACE_LITERAL([LOGIN_NEEDS_UTMPX]) -m4trace:configure.ac:106: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_SHADOW]) -m4trace:configure.ac:107: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_UTMP]) -m4trace:configure.ac:108: -1- AC_DEFINE_TRACE_LITERAL([SPT_TYPE]) -m4trace:configure.ac:118: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES]) -m4trace:configure.ac:119: -1- AC_DEFINE_TRACE_LITERAL([LOGIN_NO_ENDOPT]) -m4trace:configure.ac:120: -1- AC_DEFINE_TRACE_LITERAL([LOGIN_NEEDS_UTMPX]) -m4trace:configure.ac:121: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_SHADOW]) -m4trace:configure.ac:122: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_UTMP]) -m4trace:configure.ac:123: -1- AC_DEFINE_TRACE_LITERAL([SPT_TYPE]) -m4trace:configure.ac:129: -1- AC_DEFINE_TRACE_LITERAL([PAM_SUN_CODEBASE]) -m4trace:configure.ac:130: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES]) -m4trace:configure.ac:131: -1- AC_DEFINE_TRACE_LITERAL([LOGIN_NO_ENDOPT]) -m4trace:configure.ac:132: -1- AC_DEFINE_TRACE_LITERAL([LOGIN_NEEDS_UTMPX]) -m4trace:configure.ac:133: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_SHADOW]) -m4trace:configure.ac:134: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_UTMP]) -m4trace:configure.ac:135: -1- AC_DEFINE_TRACE_LITERAL([SPT_TYPE]) -m4trace:configure.ac:142: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_INET_NTOA]) -m4trace:configure.ac:143: -1- AC_DEFINE_TRACE_LITERAL([WITH_ABBREV_NO_TTY]) -m4trace:configure.ac:149: -1- AC_DEFINE_TRACE_LITERAL([WITH_IRIX_ARRAY]) -m4trace:configure.ac:150: -1- AC_DEFINE_TRACE_LITERAL([WITH_IRIX_PROJECT]) -m4trace:configure.ac:151: -1- AC_DEFINE_TRACE_LITERAL([WITH_IRIX_AUDIT]) -m4trace:configure.ac:152: -1- AC_DEFINE_TRACE_LITERAL([WITH_IRIX_JOBS]) -m4trace:configure.ac:153: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_INET_NTOA]) -m4trace:configure.ac:154: -1- AC_DEFINE_TRACE_LITERAL([WITH_ABBREV_NO_TTY]) -m4trace:configure.ac:159: -1- AC_DEFINE_TRACE_LITERAL([DONT_TRY_OTHER_AF]) -m4trace:configure.ac:160: -1- AC_DEFINE_TRACE_LITERAL([PAM_TTY_KLUDGE]) -m4trace:configure.ac:164: -1- AC_DEFINE_TRACE_LITERAL([HAVE_NEWS4]) -m4trace:configure.ac:178: -1- AC_DEFINE_TRACE_LITERAL([HAVE_NEXT]) -m4trace:configure.ac:179: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_REALPATH]) -m4trace:configure.ac:180: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES]) -m4trace:configure.ac:181: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_SAVED_UIDS]) -m4trace:configure.ac:189: -1- AC_DEFINE_TRACE_LITERAL([PAM_SUN_CODEBASE]) -m4trace:configure.ac:190: -1- AC_DEFINE_TRACE_LITERAL([LOGIN_NEEDS_UTMPX]) -m4trace:configure.ac:191: -1- AC_DEFINE_TRACE_LITERAL([LOGIN_NEEDS_TERM]) -m4trace:configure.ac:192: -1- AC_DEFINE_TRACE_LITERAL([PAM_TTY_KLUDGE]) -m4trace:configure.ac:199: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_UTMP]) -m4trace:configure.ac:200: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_WTMP]) -m4trace:configure.ac:207: -1- AC_CHECK_FUNCS([getpwanam]) -m4trace:configure.ac:207: -1- AH_OUTPUT([HAVE_GETPWANAM], [/* Define to 1 if you have the \`getpwanam' function. */ +m4trace:configure.ac:79: -1- AC_DEFINE_TRACE_LITERAL([LOGIN_NEEDS_UTMPX]) +m4trace:configure.ac:83: -1- AC_DEFINE_TRACE_LITERAL([HAVE_CYGWIN]) +m4trace:configure.ac:84: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES]) +m4trace:configure.ac:85: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_SHADOW]) +m4trace:configure.ac:86: -1- AC_DEFINE_TRACE_LITERAL([IPV4_DEFAULT]) +m4trace:configure.ac:87: -1- AC_DEFINE_TRACE_LITERAL([IP_TOS_IS_BROKEN]) +m4trace:configure.ac:88: -1- AC_DEFINE_TRACE_LITERAL([NO_X11_UNIX_SOCKETS]) +m4trace:configure.ac:89: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_FD_PASSING]) +m4trace:configure.ac:90: -1- AC_DEFINE_TRACE_LITERAL([SETGROUPS_NOOP]) +m4trace:configure.ac:93: -1- AC_DEFINE_TRACE_LITERAL([IP_TOS_IS_BROKEN]) +m4trace:configure.ac:96: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_GETADDRINFO]) +m4trace:configure.ac:104: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SECUREWARE]) +m4trace:configure.ac:105: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES]) +m4trace:configure.ac:106: -1- AC_DEFINE_TRACE_LITERAL([LOGIN_NO_ENDOPT]) +m4trace:configure.ac:107: -1- AC_DEFINE_TRACE_LITERAL([LOGIN_NEEDS_UTMPX]) +m4trace:configure.ac:108: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_SHADOW]) +m4trace:configure.ac:109: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_UTMP]) +m4trace:configure.ac:110: -1- AC_DEFINE_TRACE_LITERAL([SPT_TYPE]) +m4trace:configure.ac:120: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES]) +m4trace:configure.ac:121: -1- AC_DEFINE_TRACE_LITERAL([LOGIN_NO_ENDOPT]) +m4trace:configure.ac:122: -1- AC_DEFINE_TRACE_LITERAL([LOGIN_NEEDS_UTMPX]) +m4trace:configure.ac:123: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_SHADOW]) +m4trace:configure.ac:124: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_UTMP]) +m4trace:configure.ac:125: -1- AC_DEFINE_TRACE_LITERAL([SPT_TYPE]) +m4trace:configure.ac:131: -1- AC_DEFINE_TRACE_LITERAL([PAM_SUN_CODEBASE]) +m4trace:configure.ac:132: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES]) +m4trace:configure.ac:133: -1- AC_DEFINE_TRACE_LITERAL([LOGIN_NO_ENDOPT]) +m4trace:configure.ac:134: -1- AC_DEFINE_TRACE_LITERAL([LOGIN_NEEDS_UTMPX]) +m4trace:configure.ac:135: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_SHADOW]) +m4trace:configure.ac:136: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_UTMP]) +m4trace:configure.ac:137: -1- AC_DEFINE_TRACE_LITERAL([SPT_TYPE]) +m4trace:configure.ac:144: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_INET_NTOA]) +m4trace:configure.ac:145: -1- AC_DEFINE_TRACE_LITERAL([WITH_ABBREV_NO_TTY]) +m4trace:configure.ac:151: -1- AC_DEFINE_TRACE_LITERAL([WITH_IRIX_ARRAY]) +m4trace:configure.ac:152: -1- AC_DEFINE_TRACE_LITERAL([WITH_IRIX_PROJECT]) +m4trace:configure.ac:153: -1- AC_DEFINE_TRACE_LITERAL([WITH_IRIX_AUDIT]) +m4trace:configure.ac:154: -1- AC_DEFINE_TRACE_LITERAL([WITH_IRIX_JOBS]) +m4trace:configure.ac:155: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_INET_NTOA]) +m4trace:configure.ac:156: -1- AC_DEFINE_TRACE_LITERAL([WITH_ABBREV_NO_TTY]) +m4trace:configure.ac:161: -1- AC_DEFINE_TRACE_LITERAL([DONT_TRY_OTHER_AF]) +m4trace:configure.ac:162: -1- AC_DEFINE_TRACE_LITERAL([PAM_TTY_KLUDGE]) +m4trace:configure.ac:166: -1- AC_DEFINE_TRACE_LITERAL([HAVE_NEWS4]) +m4trace:configure.ac:180: -1- AC_DEFINE_TRACE_LITERAL([HAVE_NEXT]) +m4trace:configure.ac:181: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_REALPATH]) +m4trace:configure.ac:182: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES]) +m4trace:configure.ac:183: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_SAVED_UIDS]) +m4trace:configure.ac:191: -1- AC_DEFINE_TRACE_LITERAL([PAM_SUN_CODEBASE]) +m4trace:configure.ac:192: -1- AC_DEFINE_TRACE_LITERAL([LOGIN_NEEDS_UTMPX]) +m4trace:configure.ac:193: -1- AC_DEFINE_TRACE_LITERAL([LOGIN_NEEDS_TERM]) +m4trace:configure.ac:194: -1- AC_DEFINE_TRACE_LITERAL([PAM_TTY_KLUDGE]) +m4trace:configure.ac:201: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_UTMP]) +m4trace:configure.ac:202: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_WTMP]) +m4trace:configure.ac:209: -1- AC_CHECK_FUNCS([getpwanam]) +m4trace:configure.ac:209: -1- AH_OUTPUT([HAVE_GETPWANAM], [/* Define to 1 if you have the \`getpwanam' function. */ #undef HAVE_GETPWANAM]) -m4trace:configure.ac:208: -1- AC_DEFINE_TRACE_LITERAL([PAM_SUN_CODEBASE]) -m4trace:configure.ac:212: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES]) -m4trace:configure.ac:218: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES]) -m4trace:configure.ac:225: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES]) -m4trace:configure.ac:226: -1- AC_DEFINE_TRACE_LITERAL([IP_TOS_IS_BROKEN]) -m4trace:configure.ac:234: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES]) -m4trace:configure.ac:239: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES]) -m4trace:configure.ac:252: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_SYS_TERMIO_H]) -m4trace:configure.ac:253: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES]) -m4trace:configure.ac:254: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SECUREWARE]) -m4trace:configure.ac:255: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_SHADOW]) -m4trace:configure.ac:256: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_SAVED_UIDS]) -m4trace:configure.ac:257: -1- AC_CHECK_FUNCS([getluid setluid]) -m4trace:configure.ac:257: -1- AH_OUTPUT([HAVE_GETLUID], [/* Define to 1 if you have the \`getluid' function. */ +m4trace:configure.ac:210: -1- AC_DEFINE_TRACE_LITERAL([PAM_SUN_CODEBASE]) +m4trace:configure.ac:214: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES]) +m4trace:configure.ac:220: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES]) +m4trace:configure.ac:227: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES]) +m4trace:configure.ac:228: -1- AC_DEFINE_TRACE_LITERAL([IP_TOS_IS_BROKEN]) +m4trace:configure.ac:236: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES]) +m4trace:configure.ac:241: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES]) +m4trace:configure.ac:253: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_SYS_TERMIO_H]) +m4trace:configure.ac:254: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES]) +m4trace:configure.ac:255: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SECUREWARE]) +m4trace:configure.ac:256: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_SHADOW]) +m4trace:configure.ac:257: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_SAVED_UIDS]) +m4trace:configure.ac:258: -1- AC_CHECK_FUNCS([getluid setluid]) +m4trace:configure.ac:258: -1- AH_OUTPUT([HAVE_GETLUID], [/* Define to 1 if you have the \`getluid' function. */ #undef HAVE_GETLUID]) -m4trace:configure.ac:257: -1- AH_OUTPUT([HAVE_SETLUID], [/* Define to 1 if you have the \`setluid' function. */ +m4trace:configure.ac:258: -1- AH_OUTPUT([HAVE_SETLUID], [/* Define to 1 if you have the \`setluid' function. */ #undef HAVE_SETLUID]) m4trace:configure.ac:267: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES]) m4trace:configure.ac:268: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SECUREWARE]) m4trace:configure.ac:269: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_SHADOW]) -m4trace:configure.ac:270: -1- AC_CHECK_FUNCS([getluid setluid]) -m4trace:configure.ac:270: -1- AH_OUTPUT([HAVE_GETLUID], [/* Define to 1 if you have the \`getluid' function. */ +m4trace:configure.ac:270: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_FD_PASSING]) +m4trace:configure.ac:271: -1- AC_CHECK_FUNCS([getluid setluid]) +m4trace:configure.ac:271: -1- AH_OUTPUT([HAVE_GETLUID], [/* Define to 1 if you have the \`getluid' function. */ #undef HAVE_GETLUID]) -m4trace:configure.ac:270: -1- AH_OUTPUT([HAVE_SETLUID], [/* Define to 1 if you have the \`setluid' function. */ +m4trace:configure.ac:271: -1- AH_OUTPUT([HAVE_SETLUID], [/* Define to 1 if you have the \`setluid' function. */ #undef HAVE_SETLUID]) -m4trace:configure.ac:276: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES]) -m4trace:configure.ac:295: -1- AC_DEFINE_TRACE_LITERAL([HAVE_OSF_SIA]) -m4trace:configure.ac:296: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_LOGIN]) -m4trace:configure.ac:305: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES]) -m4trace:configure.ac:306: -1- AC_DEFINE_TRACE_LITERAL([NO_X11_UNIX_SOCKETS]) -m4trace:configure.ac:307: -1- AC_DEFINE_TRACE_LITERAL([MISSING_NFDBITS]) -m4trace:configure.ac:308: -1- AC_DEFINE_TRACE_LITERAL([MISSING_HOWMANY]) -m4trace:configure.ac:309: -1- AC_DEFINE_TRACE_LITERAL([MISSING_FD_MASK]) -m4trace:configure.ac:357: -1- AC_CHECK_HEADERS([bstring.h crypt.h endian.h floatingpoint.h \ +m4trace:configure.ac:277: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES]) +m4trace:configure.ac:278: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_FD_PASSING]) +m4trace:configure.ac:297: -1- AC_DEFINE_TRACE_LITERAL([HAVE_OSF_SIA]) +m4trace:configure.ac:298: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_LOGIN]) +m4trace:configure.ac:307: -1- AC_DEFINE_TRACE_LITERAL([USE_PIPES]) +m4trace:configure.ac:308: -1- AC_DEFINE_TRACE_LITERAL([NO_X11_UNIX_SOCKETS]) +m4trace:configure.ac:309: -1- AC_DEFINE_TRACE_LITERAL([MISSING_NFDBITS]) +m4trace:configure.ac:310: -1- AC_DEFINE_TRACE_LITERAL([MISSING_HOWMANY]) +m4trace:configure.ac:311: -1- AC_DEFINE_TRACE_LITERAL([MISSING_FD_MASK]) +m4trace:configure.ac:359: -1- AC_CHECK_HEADERS([bstring.h crypt.h endian.h floatingpoint.h \ getopt.h glob.h lastlog.h limits.h login.h \ login_cap.h maillock.h netdb.h netgroup.h \ netinet/in_systm.h paths.h pty.h readpassphrase.h \ @@ -215,156 +219,156 @@ m4trace:configure.ac:357: -1- AC_CHECK_HEADERS([bstring.h crypt.h endian.h float sys/stropts.h sys/sysmacros.h sys/time.h \ sys/un.h time.h ttyent.h usersec.h \ util.h utime.h utmp.h utmpx.h]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_BSTRING_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_BSTRING_H], [/* Define to 1 if you have the header file. */ #undef HAVE_BSTRING_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_CRYPT_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_CRYPT_H], [/* Define to 1 if you have the header file. */ #undef HAVE_CRYPT_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_ENDIAN_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_ENDIAN_H], [/* Define to 1 if you have the header file. */ #undef HAVE_ENDIAN_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_FLOATINGPOINT_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_FLOATINGPOINT_H], [/* Define to 1 if you have the header file. */ #undef HAVE_FLOATINGPOINT_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_GETOPT_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_GETOPT_H], [/* Define to 1 if you have the header file. */ #undef HAVE_GETOPT_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_GLOB_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_GLOB_H], [/* Define to 1 if you have the header file. */ #undef HAVE_GLOB_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_LASTLOG_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_LASTLOG_H], [/* Define to 1 if you have the header file. */ #undef HAVE_LASTLOG_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_LIMITS_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_LIMITS_H], [/* Define to 1 if you have the header file. */ #undef HAVE_LIMITS_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_LOGIN_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_LOGIN_H], [/* Define to 1 if you have the header file. */ #undef HAVE_LOGIN_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_LOGIN_CAP_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_LOGIN_CAP_H], [/* Define to 1 if you have the header file. */ #undef HAVE_LOGIN_CAP_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_MAILLOCK_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_MAILLOCK_H], [/* Define to 1 if you have the header file. */ #undef HAVE_MAILLOCK_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_NETDB_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_NETDB_H], [/* Define to 1 if you have the header file. */ #undef HAVE_NETDB_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_NETGROUP_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_NETGROUP_H], [/* Define to 1 if you have the header file. */ #undef HAVE_NETGROUP_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_NETINET_IN_SYSTM_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_NETINET_IN_SYSTM_H], [/* Define to 1 if you have the header file. */ #undef HAVE_NETINET_IN_SYSTM_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_PATHS_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_PATHS_H], [/* Define to 1 if you have the header file. */ #undef HAVE_PATHS_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_PTY_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_PTY_H], [/* Define to 1 if you have the header file. */ #undef HAVE_PTY_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_READPASSPHRASE_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_READPASSPHRASE_H], [/* Define to 1 if you have the header file. */ #undef HAVE_READPASSPHRASE_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_RPC_TYPES_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_RPC_TYPES_H], [/* Define to 1 if you have the header file. */ #undef HAVE_RPC_TYPES_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_SECURITY_PAM_APPL_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_SECURITY_PAM_APPL_H], [/* Define to 1 if you have the header file. */ #undef HAVE_SECURITY_PAM_APPL_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_SHADOW_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_SHADOW_H], [/* Define to 1 if you have the header file. */ #undef HAVE_SHADOW_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_STDDEF_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_STDDEF_H], [/* Define to 1 if you have the header file. */ #undef HAVE_STDDEF_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_STDINT_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_STDINT_H], [/* Define to 1 if you have the header file. */ #undef HAVE_STDINT_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_STRINGS_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_STRINGS_H], [/* Define to 1 if you have the header file. */ #undef HAVE_STRINGS_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_SYS_BITYPES_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_SYS_BITYPES_H], [/* Define to 1 if you have the header file. */ #undef HAVE_SYS_BITYPES_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_SYS_BSDTTY_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_SYS_BSDTTY_H], [/* Define to 1 if you have the header file. */ #undef HAVE_SYS_BSDTTY_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_SYS_CDEFS_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_SYS_CDEFS_H], [/* Define to 1 if you have the header file. */ #undef HAVE_SYS_CDEFS_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_SYS_MMAN_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_SYS_MMAN_H], [/* Define to 1 if you have the header file. */ #undef HAVE_SYS_MMAN_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_SYS_SELECT_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_SYS_SELECT_H], [/* Define to 1 if you have the header file. */ #undef HAVE_SYS_SELECT_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_SYS_STAT_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_SYS_STAT_H], [/* Define to 1 if you have the header file. */ #undef HAVE_SYS_STAT_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_SYS_STROPTS_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_SYS_STROPTS_H], [/* Define to 1 if you have the header file. */ #undef HAVE_SYS_STROPTS_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_SYS_SYSMACROS_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_SYS_SYSMACROS_H], [/* Define to 1 if you have the header file. */ #undef HAVE_SYS_SYSMACROS_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_SYS_TIME_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_SYS_TIME_H], [/* Define to 1 if you have the header file. */ #undef HAVE_SYS_TIME_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_SYS_UN_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_SYS_UN_H], [/* Define to 1 if you have the header file. */ #undef HAVE_SYS_UN_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_TIME_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_TIME_H], [/* Define to 1 if you have the header file. */ #undef HAVE_TIME_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_TTYENT_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_TTYENT_H], [/* Define to 1 if you have the header file. */ #undef HAVE_TTYENT_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_USERSEC_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_USERSEC_H], [/* Define to 1 if you have the header file. */ #undef HAVE_USERSEC_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_UTIL_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_UTIL_H], [/* Define to 1 if you have the header file. */ #undef HAVE_UTIL_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_UTIME_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_UTIME_H], [/* Define to 1 if you have the header file. */ #undef HAVE_UTIME_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_UTMP_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_UTMP_H], [/* Define to 1 if you have the header file. */ #undef HAVE_UTMP_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_UTMPX_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_UTMPX_H], [/* Define to 1 if you have the header file. */ #undef HAVE_UTMPX_H]) -m4trace:configure.ac:357: -1- AC_HEADER_STDC -m4trace:configure.ac:357: -1- AC_DEFINE_TRACE_LITERAL([STDC_HEADERS]) -m4trace:configure.ac:357: -1- AH_OUTPUT([STDC_HEADERS], [/* Define to 1 if you have the ANSI C header files. */ +m4trace:configure.ac:359: -1- AC_HEADER_STDC +m4trace:configure.ac:359: -1- AC_DEFINE_TRACE_LITERAL([STDC_HEADERS]) +m4trace:configure.ac:359: -1- AH_OUTPUT([STDC_HEADERS], [/* Define to 1 if you have the ANSI C header files. */ #undef STDC_HEADERS]) -m4trace:configure.ac:357: -1- AC_CHECK_HEADERS([sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \ +m4trace:configure.ac:359: -1- AC_CHECK_HEADERS([sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \ inttypes.h stdint.h unistd.h], [], [], [$ac_includes_default]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_SYS_TYPES_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_SYS_TYPES_H], [/* Define to 1 if you have the header file. */ #undef HAVE_SYS_TYPES_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_SYS_STAT_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_SYS_STAT_H], [/* Define to 1 if you have the header file. */ #undef HAVE_SYS_STAT_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_STDLIB_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_STDLIB_H], [/* Define to 1 if you have the header file. */ #undef HAVE_STDLIB_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_STRING_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_STRING_H], [/* Define to 1 if you have the header file. */ #undef HAVE_STRING_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_MEMORY_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_MEMORY_H], [/* Define to 1 if you have the header file. */ #undef HAVE_MEMORY_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_STRINGS_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_STRINGS_H], [/* Define to 1 if you have the header file. */ #undef HAVE_STRINGS_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_INTTYPES_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_INTTYPES_H], [/* Define to 1 if you have the header file. */ #undef HAVE_INTTYPES_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_STDINT_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_STDINT_H], [/* Define to 1 if you have the header file. */ #undef HAVE_STDINT_H]) -m4trace:configure.ac:357: -1- AH_OUTPUT([HAVE_UNISTD_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:359: -1- AH_OUTPUT([HAVE_UNISTD_H], [/* Define to 1 if you have the header file. */ #undef HAVE_UNISTD_H]) -m4trace:configure.ac:360: -2- AC_CHECK_LIB([nsl], [yp_match]) -m4trace:configure.ac:360: -2- AH_OUTPUT([HAVE_LIBNSL], [/* Define to 1 if you have the \`nsl' library (-lnsl). */ +m4trace:configure.ac:362: -2- AC_CHECK_LIB([nsl], [yp_match]) +m4trace:configure.ac:362: -2- AH_OUTPUT([HAVE_LIBNSL], [/* Define to 1 if you have the \`nsl' library (-lnsl). */ #undef HAVE_LIBNSL]) -m4trace:configure.ac:360: -2- AC_DEFINE_TRACE_LITERAL([HAVE_LIBNSL]) -m4trace:configure.ac:361: -2- AC_CHECK_LIB([socket], [setsockopt]) -m4trace:configure.ac:361: -2- AH_OUTPUT([HAVE_LIBSOCKET], [/* Define to 1 if you have the \`socket' library (-lsocket). */ +m4trace:configure.ac:362: -2- AC_DEFINE_TRACE_LITERAL([HAVE_LIBNSL]) +m4trace:configure.ac:363: -2- AC_CHECK_LIB([socket], [setsockopt]) +m4trace:configure.ac:363: -2- AH_OUTPUT([HAVE_LIBSOCKET], [/* Define to 1 if you have the \`socket' library (-lsocket). */ #undef HAVE_LIBSOCKET]) -m4trace:configure.ac:361: -2- AC_DEFINE_TRACE_LITERAL([HAVE_LIBSOCKET]) -m4trace:configure.ac:366: -1- AC_CHECK_LIB([rpc], [innetgr], [LIBS="-lrpc -lyp -lrpc $LIBS" ], [], [-lyp -lrpc]) -m4trace:configure.ac:371: -2- AC_CHECK_LIB([gen], [getspnam], [LIBS="$LIBS -lgen"]) -m4trace:configure.ac:413: -1- AC_CHECK_LIB([z], [deflate], [], [{ { echo "$as_me:$LINENO: error: *** zlib missing - please install first or check config.log ***" >&5 +m4trace:configure.ac:363: -2- AC_DEFINE_TRACE_LITERAL([HAVE_LIBSOCKET]) +m4trace:configure.ac:368: -1- AC_CHECK_LIB([rpc], [innetgr], [LIBS="-lrpc -lyp -lrpc $LIBS" ], [], [-lyp -lrpc]) +m4trace:configure.ac:373: -2- AC_CHECK_LIB([gen], [getspnam], [LIBS="$LIBS -lgen"]) +m4trace:configure.ac:415: -1- AC_CHECK_LIB([z], [deflate], [], [{ { echo "$as_me:$LINENO: error: *** zlib missing - please install first or check config.log ***" >&5 echo "$as_me: error: *** zlib missing - please install first or check config.log ***" >&2;} { (exit 1); exit 1; }; }]) -m4trace:configure.ac:413: -1- AH_OUTPUT([HAVE_LIBZ], [/* Define to 1 if you have the \`z' library (-lz). */ +m4trace:configure.ac:415: -1- AH_OUTPUT([HAVE_LIBZ], [/* Define to 1 if you have the \`z' library (-lz). */ #undef HAVE_LIBZ]) -m4trace:configure.ac:413: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBZ]) -m4trace:configure.ac:418: -1- AC_CHECK_LIB([resolv], [strcasecmp], [LIBS="$LIBS -lresolv"]) -m4trace:configure.ac:421: -1- AC_CHECK_LIB([c89], [utimes], [LIBS="$LIBS -lc89"]) -m4trace:configure.ac:424: -1- AC_CHECK_HEADERS([libutil.h]) -m4trace:configure.ac:424: -1- AH_OUTPUT([HAVE_LIBUTIL_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:415: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBZ]) +m4trace:configure.ac:420: -1- AC_CHECK_LIB([resolv], [strcasecmp], [LIBS="$LIBS -lresolv"]) +m4trace:configure.ac:423: -1- AC_CHECK_LIB([c89], [utimes], [LIBS="$LIBS -lc89"]) +m4trace:configure.ac:426: -1- AC_CHECK_HEADERS([libutil.h]) +m4trace:configure.ac:426: -1- AH_OUTPUT([HAVE_LIBUTIL_H], [/* Define to 1 if you have the header file. */ #undef HAVE_LIBUTIL_H]) -m4trace:configure.ac:425: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LOGIN]) -m4trace:configure.ac:426: -1- AC_CHECK_FUNCS([logout updwtmp logwtmp]) -m4trace:configure.ac:426: -1- AH_OUTPUT([HAVE_LOGOUT], [/* Define to 1 if you have the \`logout' function. */ +m4trace:configure.ac:427: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LOGIN]) +m4trace:configure.ac:428: -1- AC_CHECK_FUNCS([logout updwtmp logwtmp]) +m4trace:configure.ac:428: -1- AH_OUTPUT([HAVE_LOGOUT], [/* Define to 1 if you have the \`logout' function. */ #undef HAVE_LOGOUT]) -m4trace:configure.ac:426: -1- AH_OUTPUT([HAVE_UPDWTMP], [/* Define to 1 if you have the \`updwtmp' function. */ +m4trace:configure.ac:428: -1- AH_OUTPUT([HAVE_UPDWTMP], [/* Define to 1 if you have the \`updwtmp' function. */ #undef HAVE_UPDWTMP]) -m4trace:configure.ac:426: -1- AH_OUTPUT([HAVE_LOGWTMP], [/* Define to 1 if you have the \`logwtmp' function. */ +m4trace:configure.ac:428: -1- AH_OUTPUT([HAVE_LOGWTMP], [/* Define to 1 if you have the \`logwtmp' function. */ #undef HAVE_LOGWTMP]) -m4trace:configure.ac:428: -1- AC_FUNC_STRFTIME -m4trace:configure.ac:428: -1- AC_CHECK_FUNCS([strftime], [], [# strftime is in -lintl on SCO UNIX. +m4trace:configure.ac:430: -1- AC_FUNC_STRFTIME +m4trace:configure.ac:430: -1- AC_CHECK_FUNCS([strftime], [], [# strftime is in -lintl on SCO UNIX. AC_CHECK_LIB(intl, strftime, [AC_DEFINE(HAVE_STRFTIME) LIBS="-lintl $LIBS"])]) -m4trace:configure.ac:428: -1- AH_OUTPUT([HAVE_STRFTIME], [/* Define to 1 if you have the \`strftime' function. */ +m4trace:configure.ac:430: -1- AH_OUTPUT([HAVE_STRFTIME], [/* Define to 1 if you have the \`strftime' function. */ #undef HAVE_STRFTIME]) -m4trace:configure.ac:428: -1- AC_CHECK_LIB([intl], [strftime], [AC_DEFINE(HAVE_STRFTIME) +m4trace:configure.ac:430: -1- AC_CHECK_LIB([intl], [strftime], [AC_DEFINE(HAVE_STRFTIME) LIBS="-lintl $LIBS"]) -m4trace:configure.ac:428: -1- AC_DEFINE_TRACE_LITERAL([HAVE_STRFTIME]) -m4trace:configure.ac:446: -1- AC_DEFINE_TRACE_LITERAL([GLOB_HAS_ALTDIRFUNC]) -m4trace:configure.ac:462: -1- AC_DEFINE_TRACE_LITERAL([GLOB_HAS_GL_MATCHC]) -m4trace:configure.ac:476: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_ONE_BYTE_DIRENT_D_NAME]) -m4trace:configure.ac:509: -1- AC_DEFINE_TRACE_LITERAL([SKEY]) -m4trace:configure.ac:563: -1- AC_DEFINE_TRACE_LITERAL([LIBWRAP]) -m4trace:configure.ac:563: -1- AC_SUBST([LIBWRAP]) -m4trace:configure.ac:576: -1- AC_CHECK_FUNCS([arc4random b64_ntop bcopy bindresvport_sa \ +m4trace:configure.ac:430: -1- AC_DEFINE_TRACE_LITERAL([HAVE_STRFTIME]) +m4trace:configure.ac:448: -1- AC_DEFINE_TRACE_LITERAL([GLOB_HAS_ALTDIRFUNC]) +m4trace:configure.ac:464: -1- AC_DEFINE_TRACE_LITERAL([GLOB_HAS_GL_MATCHC]) +m4trace:configure.ac:478: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_ONE_BYTE_DIRENT_D_NAME]) +m4trace:configure.ac:511: -1- AC_DEFINE_TRACE_LITERAL([SKEY]) +m4trace:configure.ac:565: -1- AC_DEFINE_TRACE_LITERAL([LIBWRAP]) +m4trace:configure.ac:565: -1- AC_SUBST([LIBWRAP]) +m4trace:configure.ac:578: -1- AC_CHECK_FUNCS([arc4random b64_ntop bcopy bindresvport_sa \ clock fchmod fchown freeaddrinfo futimes gai_strerror \ getaddrinfo getcwd getgrouplist getnameinfo getopt \ getrlimit getrusage getttyent glob inet_aton inet_ntoa \ @@ -375,141 +379,142 @@ m4trace:configure.ac:576: -1- AC_CHECK_FUNCS([arc4random b64_ntop bcopy bindresv setrlimit setsid setpcred setvbuf sigaction sigvec snprintf \ socketpair strerror strlcat strlcpy strmode strsep sysconf tcgetpgrp \ truncate utimes vhangup vsnprintf waitpid __b64_ntop _getpty]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_ARC4RANDOM], [/* Define to 1 if you have the \`arc4random' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_ARC4RANDOM], [/* Define to 1 if you have the \`arc4random' function. */ #undef HAVE_ARC4RANDOM]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_B64_NTOP], [/* Define to 1 if you have the \`b64_ntop' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_B64_NTOP], [/* Define to 1 if you have the \`b64_ntop' function. */ #undef HAVE_B64_NTOP]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_BCOPY], [/* Define to 1 if you have the \`bcopy' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_BCOPY], [/* Define to 1 if you have the \`bcopy' function. */ #undef HAVE_BCOPY]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_BINDRESVPORT_SA], [/* Define to 1 if you have the \`bindresvport_sa' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_BINDRESVPORT_SA], [/* Define to 1 if you have the \`bindresvport_sa' function. */ #undef HAVE_BINDRESVPORT_SA]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_CLOCK], [/* Define to 1 if you have the \`clock' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_CLOCK], [/* Define to 1 if you have the \`clock' function. */ #undef HAVE_CLOCK]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_FCHMOD], [/* Define to 1 if you have the \`fchmod' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_FCHMOD], [/* Define to 1 if you have the \`fchmod' function. */ #undef HAVE_FCHMOD]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_FCHOWN], [/* Define to 1 if you have the \`fchown' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_FCHOWN], [/* Define to 1 if you have the \`fchown' function. */ #undef HAVE_FCHOWN]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_FREEADDRINFO], [/* Define to 1 if you have the \`freeaddrinfo' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_FREEADDRINFO], [/* Define to 1 if you have the \`freeaddrinfo' function. */ #undef HAVE_FREEADDRINFO]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_FUTIMES], [/* Define to 1 if you have the \`futimes' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_FUTIMES], [/* Define to 1 if you have the \`futimes' function. */ #undef HAVE_FUTIMES]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_GAI_STRERROR], [/* Define to 1 if you have the \`gai_strerror' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_GAI_STRERROR], [/* Define to 1 if you have the \`gai_strerror' function. */ #undef HAVE_GAI_STRERROR]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_GETADDRINFO], [/* Define to 1 if you have the \`getaddrinfo' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_GETADDRINFO], [/* Define to 1 if you have the \`getaddrinfo' function. */ #undef HAVE_GETADDRINFO]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_GETCWD], [/* Define to 1 if you have the \`getcwd' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_GETCWD], [/* Define to 1 if you have the \`getcwd' function. */ #undef HAVE_GETCWD]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_GETGROUPLIST], [/* Define to 1 if you have the \`getgrouplist' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_GETGROUPLIST], [/* Define to 1 if you have the \`getgrouplist' function. */ #undef HAVE_GETGROUPLIST]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_GETNAMEINFO], [/* Define to 1 if you have the \`getnameinfo' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_GETNAMEINFO], [/* Define to 1 if you have the \`getnameinfo' function. */ #undef HAVE_GETNAMEINFO]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_GETOPT], [/* Define to 1 if you have the \`getopt' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_GETOPT], [/* Define to 1 if you have the \`getopt' function. */ #undef HAVE_GETOPT]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_GETRLIMIT], [/* Define to 1 if you have the \`getrlimit' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_GETRLIMIT], [/* Define to 1 if you have the \`getrlimit' function. */ #undef HAVE_GETRLIMIT]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_GETRUSAGE], [/* Define to 1 if you have the \`getrusage' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_GETRUSAGE], [/* Define to 1 if you have the \`getrusage' function. */ #undef HAVE_GETRUSAGE]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_GETTTYENT], [/* Define to 1 if you have the \`getttyent' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_GETTTYENT], [/* Define to 1 if you have the \`getttyent' function. */ #undef HAVE_GETTTYENT]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_GLOB], [/* Define to 1 if you have the \`glob' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_GLOB], [/* Define to 1 if you have the \`glob' function. */ #undef HAVE_GLOB]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_INET_ATON], [/* Define to 1 if you have the \`inet_aton' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_INET_ATON], [/* Define to 1 if you have the \`inet_aton' function. */ #undef HAVE_INET_ATON]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_INET_NTOA], [/* Define to 1 if you have the \`inet_ntoa' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_INET_NTOA], [/* Define to 1 if you have the \`inet_ntoa' function. */ #undef HAVE_INET_NTOA]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_INET_NTOP], [/* Define to 1 if you have the \`inet_ntop' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_INET_NTOP], [/* Define to 1 if you have the \`inet_ntop' function. */ #undef HAVE_INET_NTOP]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_INNETGR], [/* Define to 1 if you have the \`innetgr' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_INNETGR], [/* Define to 1 if you have the \`innetgr' function. */ #undef HAVE_INNETGR]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_LOGIN_GETCAPBOOL], [/* Define to 1 if you have the \`login_getcapbool' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_LOGIN_GETCAPBOOL], [/* Define to 1 if you have the \`login_getcapbool' function. */ #undef HAVE_LOGIN_GETCAPBOOL]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_MD5_CRYPT], [/* Define to 1 if you have the \`md5_crypt' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_MD5_CRYPT], [/* Define to 1 if you have the \`md5_crypt' function. */ #undef HAVE_MD5_CRYPT]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_MEMMOVE], [/* Define to 1 if you have the \`memmove' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_MEMMOVE], [/* Define to 1 if you have the \`memmove' function. */ #undef HAVE_MEMMOVE]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_MKDTEMP], [/* Define to 1 if you have the \`mkdtemp' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_MKDTEMP], [/* Define to 1 if you have the \`mkdtemp' function. */ #undef HAVE_MKDTEMP]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_MMAP], [/* Define to 1 if you have the \`mmap' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_MMAP], [/* Define to 1 if you have the \`mmap' function. */ #undef HAVE_MMAP]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_NGETADDRINFO], [/* Define to 1 if you have the \`ngetaddrinfo' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_NGETADDRINFO], [/* Define to 1 if you have the \`ngetaddrinfo' function. */ #undef HAVE_NGETADDRINFO]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_OPENPTY], [/* Define to 1 if you have the \`openpty' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_OPENPTY], [/* Define to 1 if you have the \`openpty' function. */ #undef HAVE_OPENPTY]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_OGETADDRINFO], [/* Define to 1 if you have the \`ogetaddrinfo' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_OGETADDRINFO], [/* Define to 1 if you have the \`ogetaddrinfo' function. */ #undef HAVE_OGETADDRINFO]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_READPASSPHRASE], [/* Define to 1 if you have the \`readpassphrase' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_READPASSPHRASE], [/* Define to 1 if you have the \`readpassphrase' function. */ #undef HAVE_READPASSPHRASE]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_REALPATH], [/* Define to 1 if you have the \`realpath' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_REALPATH], [/* Define to 1 if you have the \`realpath' function. */ #undef HAVE_REALPATH]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_RECVMSG], [/* Define to 1 if you have the \`recvmsg' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_RECVMSG], [/* Define to 1 if you have the \`recvmsg' function. */ #undef HAVE_RECVMSG]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_RRESVPORT_AF], [/* Define to 1 if you have the \`rresvport_af' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_RRESVPORT_AF], [/* Define to 1 if you have the \`rresvport_af' function. */ #undef HAVE_RRESVPORT_AF]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_SENDMSG], [/* Define to 1 if you have the \`sendmsg' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_SENDMSG], [/* Define to 1 if you have the \`sendmsg' function. */ #undef HAVE_SENDMSG]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_SETDTABLESIZE], [/* Define to 1 if you have the \`setdtablesize' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_SETDTABLESIZE], [/* Define to 1 if you have the \`setdtablesize' function. */ #undef HAVE_SETDTABLESIZE]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_SETEGID], [/* Define to 1 if you have the \`setegid' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_SETEGID], [/* Define to 1 if you have the \`setegid' function. */ #undef HAVE_SETEGID]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_SETENV], [/* Define to 1 if you have the \`setenv' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_SETENV], [/* Define to 1 if you have the \`setenv' function. */ #undef HAVE_SETENV]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_SETEUID], [/* Define to 1 if you have the \`seteuid' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_SETEUID], [/* Define to 1 if you have the \`seteuid' function. */ #undef HAVE_SETEUID]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_SETGROUPS], [/* Define to 1 if you have the \`setgroups' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_SETGROUPS], [/* Define to 1 if you have the \`setgroups' function. */ #undef HAVE_SETGROUPS]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_SETLOGIN], [/* Define to 1 if you have the \`setlogin' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_SETLOGIN], [/* Define to 1 if you have the \`setlogin' function. */ #undef HAVE_SETLOGIN]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_SETPROCTITLE], [/* Define to 1 if you have the \`setproctitle' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_SETPROCTITLE], [/* Define to 1 if you have the \`setproctitle' function. */ #undef HAVE_SETPROCTITLE]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_SETRESGID], [/* Define to 1 if you have the \`setresgid' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_SETRESGID], [/* Define to 1 if you have the \`setresgid' function. */ #undef HAVE_SETRESGID]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_SETREUID], [/* Define to 1 if you have the \`setreuid' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_SETREUID], [/* Define to 1 if you have the \`setreuid' function. */ #undef HAVE_SETREUID]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_SETRLIMIT], [/* Define to 1 if you have the \`setrlimit' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_SETRLIMIT], [/* Define to 1 if you have the \`setrlimit' function. */ #undef HAVE_SETRLIMIT]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_SETSID], [/* Define to 1 if you have the \`setsid' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_SETSID], [/* Define to 1 if you have the \`setsid' function. */ #undef HAVE_SETSID]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_SETPCRED], [/* Define to 1 if you have the \`setpcred' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_SETPCRED], [/* Define to 1 if you have the \`setpcred' function. */ #undef HAVE_SETPCRED]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_SETVBUF], [/* Define to 1 if you have the \`setvbuf' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_SETVBUF], [/* Define to 1 if you have the \`setvbuf' function. */ #undef HAVE_SETVBUF]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_SIGACTION], [/* Define to 1 if you have the \`sigaction' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_SIGACTION], [/* Define to 1 if you have the \`sigaction' function. */ #undef HAVE_SIGACTION]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_SIGVEC], [/* Define to 1 if you have the \`sigvec' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_SIGVEC], [/* Define to 1 if you have the \`sigvec' function. */ #undef HAVE_SIGVEC]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_SNPRINTF], [/* Define to 1 if you have the \`snprintf' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_SNPRINTF], [/* Define to 1 if you have the \`snprintf' function. */ #undef HAVE_SNPRINTF]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_SOCKETPAIR], [/* Define to 1 if you have the \`socketpair' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_SOCKETPAIR], [/* Define to 1 if you have the \`socketpair' function. */ #undef HAVE_SOCKETPAIR]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_STRERROR], [/* Define to 1 if you have the \`strerror' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_STRERROR], [/* Define to 1 if you have the \`strerror' function. */ #undef HAVE_STRERROR]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_STRLCAT], [/* Define to 1 if you have the \`strlcat' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_STRLCAT], [/* Define to 1 if you have the \`strlcat' function. */ #undef HAVE_STRLCAT]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_STRLCPY], [/* Define to 1 if you have the \`strlcpy' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_STRLCPY], [/* Define to 1 if you have the \`strlcpy' function. */ #undef HAVE_STRLCPY]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_STRMODE], [/* Define to 1 if you have the \`strmode' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_STRMODE], [/* Define to 1 if you have the \`strmode' function. */ #undef HAVE_STRMODE]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_STRSEP], [/* Define to 1 if you have the \`strsep' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_STRSEP], [/* Define to 1 if you have the \`strsep' function. */ #undef HAVE_STRSEP]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_SYSCONF], [/* Define to 1 if you have the \`sysconf' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_SYSCONF], [/* Define to 1 if you have the \`sysconf' function. */ #undef HAVE_SYSCONF]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_TCGETPGRP], [/* Define to 1 if you have the \`tcgetpgrp' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_TCGETPGRP], [/* Define to 1 if you have the \`tcgetpgrp' function. */ #undef HAVE_TCGETPGRP]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_TRUNCATE], [/* Define to 1 if you have the \`truncate' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_TRUNCATE], [/* Define to 1 if you have the \`truncate' function. */ #undef HAVE_TRUNCATE]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_UTIMES], [/* Define to 1 if you have the \`utimes' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_UTIMES], [/* Define to 1 if you have the \`utimes' function. */ #undef HAVE_UTIMES]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_VHANGUP], [/* Define to 1 if you have the \`vhangup' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_VHANGUP], [/* Define to 1 if you have the \`vhangup' function. */ #undef HAVE_VHANGUP]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_VSNPRINTF], [/* Define to 1 if you have the \`vsnprintf' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_VSNPRINTF], [/* Define to 1 if you have the \`vsnprintf' function. */ #undef HAVE_VSNPRINTF]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE_WAITPID], [/* Define to 1 if you have the \`waitpid' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE_WAITPID], [/* Define to 1 if you have the \`waitpid' function. */ #undef HAVE_WAITPID]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE___B64_NTOP], [/* Define to 1 if you have the \`__b64_ntop' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE___B64_NTOP], [/* Define to 1 if you have the \`__b64_ntop' function. */ #undef HAVE___B64_NTOP]) -m4trace:configure.ac:576: -1- AH_OUTPUT([HAVE__GETPTY], [/* Define to 1 if you have the \`_getpty' function. */ +m4trace:configure.ac:578: -1- AH_OUTPUT([HAVE__GETPTY], [/* Define to 1 if you have the \`_getpty' function. */ #undef HAVE__GETPTY]) -m4trace:configure.ac:613: -1- AC_CHECK_FUNCS([dirname], [AC_CHECK_HEADERS(libgen.h) ], [ +m4trace:configure.ac:601: -1- AC_DEFINE_TRACE_LITERAL([HAVE_MMAP_ANON_SHARED]) +m4trace:configure.ac:639: -1- AC_CHECK_FUNCS([dirname], [AC_CHECK_HEADERS(libgen.h) ], [ AC_CHECK_LIB(gen, dirname,[ AC_CACHE_CHECK([for broken dirname], ac_cv_have_broken_dirname, [ @@ -544,12 +549,12 @@ int main(int argc, char **argv) { fi ]) ]) -m4trace:configure.ac:613: -1- AH_OUTPUT([HAVE_DIRNAME], [/* Define to 1 if you have the \`dirname' function. */ +m4trace:configure.ac:639: -1- AH_OUTPUT([HAVE_DIRNAME], [/* Define to 1 if you have the \`dirname' function. */ #undef HAVE_DIRNAME]) -m4trace:configure.ac:613: -1- AC_CHECK_HEADERS([libgen.h]) -m4trace:configure.ac:613: -1- AH_OUTPUT([HAVE_LIBGEN_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:639: -1- AC_CHECK_HEADERS([libgen.h]) +m4trace:configure.ac:639: -1- AH_OUTPUT([HAVE_LIBGEN_H], [/* Define to 1 if you have the header file. */ #undef HAVE_LIBGEN_H]) -m4trace:configure.ac:613: -1- AC_CHECK_LIB([gen], [dirname], [ +m4trace:configure.ac:639: -1- AC_CHECK_LIB([gen], [dirname], [ AC_CACHE_CHECK([for broken dirname], ac_cv_have_broken_dirname, [ save_LIBS="$LIBS" @@ -582,286 +587,285 @@ int main(int argc, char **argv) { AC_CHECK_HEADERS(libgen.h) fi ]) -m4trace:configure.ac:613: -1- AC_DEFINE_TRACE_LITERAL([HAVE_DIRNAME]) -m4trace:configure.ac:613: -1- AC_CHECK_HEADERS([libgen.h]) -m4trace:configure.ac:613: -1- AH_OUTPUT([HAVE_LIBGEN_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:639: -1- AC_DEFINE_TRACE_LITERAL([HAVE_DIRNAME]) +m4trace:configure.ac:639: -1- AC_CHECK_HEADERS([libgen.h]) +m4trace:configure.ac:639: -1- AH_OUTPUT([HAVE_LIBGEN_H], [/* Define to 1 if you have the header file. */ #undef HAVE_LIBGEN_H]) -m4trace:configure.ac:616: -1- AC_CHECK_FUNCS([gettimeofday time]) -m4trace:configure.ac:616: -1- AH_OUTPUT([HAVE_GETTIMEOFDAY], [/* Define to 1 if you have the \`gettimeofday' function. */ +m4trace:configure.ac:642: -1- AC_CHECK_FUNCS([gettimeofday time]) +m4trace:configure.ac:642: -1- AH_OUTPUT([HAVE_GETTIMEOFDAY], [/* Define to 1 if you have the \`gettimeofday' function. */ #undef HAVE_GETTIMEOFDAY]) -m4trace:configure.ac:616: -1- AH_OUTPUT([HAVE_TIME], [/* Define to 1 if you have the \`time' function. */ +m4trace:configure.ac:642: -1- AH_OUTPUT([HAVE_TIME], [/* Define to 1 if you have the \`time' function. */ #undef HAVE_TIME]) -m4trace:configure.ac:618: -1- AC_CHECK_FUNCS([endutent getutent getutid getutline pututline setutent]) -m4trace:configure.ac:618: -1- AH_OUTPUT([HAVE_ENDUTENT], [/* Define to 1 if you have the \`endutent' function. */ +m4trace:configure.ac:644: -1- AC_CHECK_FUNCS([endutent getutent getutid getutline pututline setutent]) +m4trace:configure.ac:644: -1- AH_OUTPUT([HAVE_ENDUTENT], [/* Define to 1 if you have the \`endutent' function. */ #undef HAVE_ENDUTENT]) -m4trace:configure.ac:618: -1- AH_OUTPUT([HAVE_GETUTENT], [/* Define to 1 if you have the \`getutent' function. */ +m4trace:configure.ac:644: -1- AH_OUTPUT([HAVE_GETUTENT], [/* Define to 1 if you have the \`getutent' function. */ #undef HAVE_GETUTENT]) -m4trace:configure.ac:618: -1- AH_OUTPUT([HAVE_GETUTID], [/* Define to 1 if you have the \`getutid' function. */ +m4trace:configure.ac:644: -1- AH_OUTPUT([HAVE_GETUTID], [/* Define to 1 if you have the \`getutid' function. */ #undef HAVE_GETUTID]) -m4trace:configure.ac:618: -1- AH_OUTPUT([HAVE_GETUTLINE], [/* Define to 1 if you have the \`getutline' function. */ +m4trace:configure.ac:644: -1- AH_OUTPUT([HAVE_GETUTLINE], [/* Define to 1 if you have the \`getutline' function. */ #undef HAVE_GETUTLINE]) -m4trace:configure.ac:618: -1- AH_OUTPUT([HAVE_PUTUTLINE], [/* Define to 1 if you have the \`pututline' function. */ +m4trace:configure.ac:644: -1- AH_OUTPUT([HAVE_PUTUTLINE], [/* Define to 1 if you have the \`pututline' function. */ #undef HAVE_PUTUTLINE]) -m4trace:configure.ac:618: -1- AH_OUTPUT([HAVE_SETUTENT], [/* Define to 1 if you have the \`setutent' function. */ +m4trace:configure.ac:644: -1- AH_OUTPUT([HAVE_SETUTENT], [/* Define to 1 if you have the \`setutent' function. */ #undef HAVE_SETUTENT]) -m4trace:configure.ac:619: -1- AC_CHECK_FUNCS([utmpname]) -m4trace:configure.ac:619: -1- AH_OUTPUT([HAVE_UTMPNAME], [/* Define to 1 if you have the \`utmpname' function. */ +m4trace:configure.ac:645: -1- AC_CHECK_FUNCS([utmpname]) +m4trace:configure.ac:645: -1- AH_OUTPUT([HAVE_UTMPNAME], [/* Define to 1 if you have the \`utmpname' function. */ #undef HAVE_UTMPNAME]) -m4trace:configure.ac:621: -1- AC_CHECK_FUNCS([endutxent getutxent getutxid getutxline pututxline ]) -m4trace:configure.ac:621: -1- AH_OUTPUT([HAVE_ENDUTXENT], [/* Define to 1 if you have the \`endutxent' function. */ +m4trace:configure.ac:647: -1- AC_CHECK_FUNCS([endutxent getutxent getutxid getutxline pututxline ]) +m4trace:configure.ac:647: -1- AH_OUTPUT([HAVE_ENDUTXENT], [/* Define to 1 if you have the \`endutxent' function. */ #undef HAVE_ENDUTXENT]) -m4trace:configure.ac:621: -1- AH_OUTPUT([HAVE_GETUTXENT], [/* Define to 1 if you have the \`getutxent' function. */ +m4trace:configure.ac:647: -1- AH_OUTPUT([HAVE_GETUTXENT], [/* Define to 1 if you have the \`getutxent' function. */ #undef HAVE_GETUTXENT]) -m4trace:configure.ac:621: -1- AH_OUTPUT([HAVE_GETUTXID], [/* Define to 1 if you have the \`getutxid' function. */ +m4trace:configure.ac:647: -1- AH_OUTPUT([HAVE_GETUTXID], [/* Define to 1 if you have the \`getutxid' function. */ #undef HAVE_GETUTXID]) -m4trace:configure.ac:621: -1- AH_OUTPUT([HAVE_GETUTXLINE], [/* Define to 1 if you have the \`getutxline' function. */ +m4trace:configure.ac:647: -1- AH_OUTPUT([HAVE_GETUTXLINE], [/* Define to 1 if you have the \`getutxline' function. */ #undef HAVE_GETUTXLINE]) -m4trace:configure.ac:621: -1- AH_OUTPUT([HAVE_PUTUTXLINE], [/* Define to 1 if you have the \`pututxline' function. */ +m4trace:configure.ac:647: -1- AH_OUTPUT([HAVE_PUTUTXLINE], [/* Define to 1 if you have the \`pututxline' function. */ #undef HAVE_PUTUTXLINE]) -m4trace:configure.ac:622: -1- AC_CHECK_FUNCS([setutxent utmpxname]) -m4trace:configure.ac:622: -1- AH_OUTPUT([HAVE_SETUTXENT], [/* Define to 1 if you have the \`setutxent' function. */ +m4trace:configure.ac:648: -1- AC_CHECK_FUNCS([setutxent utmpxname]) +m4trace:configure.ac:648: -1- AH_OUTPUT([HAVE_SETUTXENT], [/* Define to 1 if you have the \`setutxent' function. */ #undef HAVE_SETUTXENT]) -m4trace:configure.ac:622: -1- AH_OUTPUT([HAVE_UTMPXNAME], [/* Define to 1 if you have the \`utmpxname' function. */ +m4trace:configure.ac:648: -1- AH_OUTPUT([HAVE_UTMPXNAME], [/* Define to 1 if you have the \`utmpxname' function. */ #undef HAVE_UTMPXNAME]) -m4trace:configure.ac:627: -1- AC_DEFINE_TRACE_LITERAL([HAVE_DAEMON]) -m4trace:configure.ac:627: -1- AC_CHECK_LIB([bsd], [daemon], [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)]) -m4trace:configure.ac:627: -1- AC_DEFINE_TRACE_LITERAL([HAVE_DAEMON]) -m4trace:configure.ac:632: -1- AC_DEFINE_TRACE_LITERAL([HAVE_GETPAGESIZE]) -m4trace:configure.ac:632: -1- AC_CHECK_LIB([ucb], [getpagesize], [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)]) -m4trace:configure.ac:632: -1- AC_DEFINE_TRACE_LITERAL([HAVE_GETPAGESIZE]) -m4trace:configure.ac:648: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_SNPRINTF]) -m4trace:configure.ac:651: -1- AC_FUNC_GETPGRP -m4trace:configure.ac:651: -1- AC_DEFINE_TRACE_LITERAL([GETPGRP_VOID]) -m4trace:configure.ac:651: -1- AH_OUTPUT([GETPGRP_VOID], [/* Define to 1 if the \`getpgrp' function requires zero arguments. */ +m4trace:configure.ac:653: -1- AC_DEFINE_TRACE_LITERAL([HAVE_DAEMON]) +m4trace:configure.ac:653: -1- AC_CHECK_LIB([bsd], [daemon], [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)]) +m4trace:configure.ac:653: -1- AC_DEFINE_TRACE_LITERAL([HAVE_DAEMON]) +m4trace:configure.ac:658: -1- AC_DEFINE_TRACE_LITERAL([HAVE_GETPAGESIZE]) +m4trace:configure.ac:658: -1- AC_CHECK_LIB([ucb], [getpagesize], [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)]) +m4trace:configure.ac:658: -1- AC_DEFINE_TRACE_LITERAL([HAVE_GETPAGESIZE]) +m4trace:configure.ac:674: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_SNPRINTF]) +m4trace:configure.ac:677: -1- AC_FUNC_GETPGRP +m4trace:configure.ac:677: -1- AC_DEFINE_TRACE_LITERAL([GETPGRP_VOID]) +m4trace:configure.ac:677: -1- AH_OUTPUT([GETPGRP_VOID], [/* Define to 1 if the \`getpgrp' function requires zero arguments. */ #undef GETPGRP_VOID]) -m4trace:configure.ac:679: -1- AC_CHECK_LIB([dl], [dlopen], [], []) -m4trace:configure.ac:679: -1- AH_OUTPUT([HAVE_LIBDL], [/* Define to 1 if you have the \`dl' library (-ldl). */ +m4trace:configure.ac:705: -1- AC_CHECK_LIB([dl], [dlopen], [], []) +m4trace:configure.ac:705: -1- AH_OUTPUT([HAVE_LIBDL], [/* Define to 1 if you have the \`dl' library (-ldl). */ #undef HAVE_LIBDL]) -m4trace:configure.ac:679: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBDL]) -m4trace:configure.ac:679: -1- AC_CHECK_LIB([pam], [pam_set_item], [], [{ { echo "$as_me:$LINENO: error: *** libpam missing" >&5 +m4trace:configure.ac:705: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBDL]) +m4trace:configure.ac:705: -1- AC_CHECK_LIB([pam], [pam_set_item], [], [{ { echo "$as_me:$LINENO: error: *** libpam missing" >&5 echo "$as_me: error: *** libpam missing" >&2;} { (exit 1); exit 1; }; }]) -m4trace:configure.ac:679: -1- AH_OUTPUT([HAVE_LIBPAM], [/* Define to 1 if you have the \`pam' library (-lpam). */ +m4trace:configure.ac:705: -1- AH_OUTPUT([HAVE_LIBPAM], [/* Define to 1 if you have the \`pam' library (-lpam). */ #undef HAVE_LIBPAM]) -m4trace:configure.ac:679: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBPAM]) -m4trace:configure.ac:679: -1- AC_CHECK_FUNCS([pam_getenvlist]) -m4trace:configure.ac:679: -1- AH_OUTPUT([HAVE_PAM_GETENVLIST], [/* Define to 1 if you have the \`pam_getenvlist' function. */ +m4trace:configure.ac:705: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBPAM]) +m4trace:configure.ac:705: -1- AC_CHECK_FUNCS([pam_getenvlist]) +m4trace:configure.ac:705: -1- AH_OUTPUT([HAVE_PAM_GETENVLIST], [/* Define to 1 if you have the \`pam_getenvlist' function. */ #undef HAVE_PAM_GETENVLIST]) -m4trace:configure.ac:679: -1- AC_DEFINE_TRACE_LITERAL([USE_PAM]) -m4trace:configure.ac:679: -1- AC_SUBST([LIBPAM]) -m4trace:configure.ac:697: -1- AC_DEFINE_TRACE_LITERAL([HAVE_OLD_PAM]) -m4trace:configure.ac:729: -2- AC_DEFINE_TRACE_LITERAL([HAVE_OPENSSL]) -m4trace:configure.ac:744: -2- AC_DEFINE_TRACE_LITERAL([HAVE_OPENSSL]) -m4trace:configure.ac:767: -1- AC_CHECK_LIB([crypt], [crypt], [LIBS="$LIBS -lcrypt"]) -m4trace:configure.ac:815: -1- AC_DEFINE_TRACE_LITERAL([OPENSSL_PRNG_ONLY]) -m4trace:configure.ac:823: -1- AC_SUBST([INSTALL_SSH_RAND_HELPER]) -m4trace:configure.ac:846: -1- AC_DEFINE_TRACE_LITERAL([PRNGD_PORT]) -m4trace:configure.ac:896: -1- AC_DEFINE_TRACE_LITERAL([PRNGD_SOCKET]) -m4trace:configure.ac:896: -1- AC_DEFINE_TRACE_LITERAL([PRNGD_SOCKET]) -m4trace:configure.ac:908: -1- AC_DEFINE_TRACE_LITERAL([ENTROPY_TIMEOUT_MSEC]) -m4trace:configure.ac:919: -1- AC_DEFINE_TRACE_LITERAL([SSH_PRIVSEP_USER]) -m4trace:configure.ac:936: -1- AC_SUBST([PROG_LS], [$ac_cv_path_PROG_LS]) -m4trace:configure.ac:936: -1- AC_SUBST([PROG_LS]) -m4trace:configure.ac:937: -1- AC_SUBST([PROG_NETSTAT], [$ac_cv_path_PROG_NETSTAT]) -m4trace:configure.ac:937: -1- AC_SUBST([PROG_NETSTAT]) -m4trace:configure.ac:938: -1- AC_SUBST([PROG_ARP], [$ac_cv_path_PROG_ARP]) -m4trace:configure.ac:938: -1- AC_SUBST([PROG_ARP]) -m4trace:configure.ac:939: -1- AC_SUBST([PROG_IFCONFIG], [$ac_cv_path_PROG_IFCONFIG]) -m4trace:configure.ac:939: -1- AC_SUBST([PROG_IFCONFIG]) -m4trace:configure.ac:940: -1- AC_SUBST([PROG_JSTAT], [$ac_cv_path_PROG_JSTAT]) -m4trace:configure.ac:940: -1- AC_SUBST([PROG_JSTAT]) -m4trace:configure.ac:941: -1- AC_SUBST([PROG_PS], [$ac_cv_path_PROG_PS]) -m4trace:configure.ac:941: -1- AC_SUBST([PROG_PS]) -m4trace:configure.ac:942: -1- AC_SUBST([PROG_SAR], [$ac_cv_path_PROG_SAR]) -m4trace:configure.ac:942: -1- AC_SUBST([PROG_SAR]) -m4trace:configure.ac:943: -1- AC_SUBST([PROG_W], [$ac_cv_path_PROG_W]) -m4trace:configure.ac:943: -1- AC_SUBST([PROG_W]) -m4trace:configure.ac:944: -1- AC_SUBST([PROG_WHO], [$ac_cv_path_PROG_WHO]) -m4trace:configure.ac:944: -1- AC_SUBST([PROG_WHO]) -m4trace:configure.ac:945: -1- AC_SUBST([PROG_LAST], [$ac_cv_path_PROG_LAST]) -m4trace:configure.ac:945: -1- AC_SUBST([PROG_LAST]) -m4trace:configure.ac:946: -1- AC_SUBST([PROG_LASTLOG], [$ac_cv_path_PROG_LASTLOG]) -m4trace:configure.ac:946: -1- AC_SUBST([PROG_LASTLOG]) -m4trace:configure.ac:947: -1- AC_SUBST([PROG_DF], [$ac_cv_path_PROG_DF]) -m4trace:configure.ac:947: -1- AC_SUBST([PROG_DF]) -m4trace:configure.ac:948: -1- AC_SUBST([PROG_VMSTAT], [$ac_cv_path_PROG_VMSTAT]) -m4trace:configure.ac:948: -1- AC_SUBST([PROG_VMSTAT]) -m4trace:configure.ac:949: -1- AC_SUBST([PROG_UPTIME], [$ac_cv_path_PROG_UPTIME]) -m4trace:configure.ac:949: -1- AC_SUBST([PROG_UPTIME]) -m4trace:configure.ac:950: -1- AC_SUBST([PROG_IPCS], [$ac_cv_path_PROG_IPCS]) -m4trace:configure.ac:950: -1- AC_SUBST([PROG_IPCS]) -m4trace:configure.ac:951: -1- AC_SUBST([PROG_TAIL], [$ac_cv_path_PROG_TAIL]) -m4trace:configure.ac:951: -1- AC_SUBST([PROG_TAIL]) -m4trace:configure.ac:968: -1- AC_SUBST([INSTALL_SSH_PRNG_CMDS]) -m4trace:configure.ac:977: -1- AC_DEFINE_TRACE_LITERAL([SIZEOF_CHAR]) -m4trace:configure.ac:977: -1- AH_OUTPUT([SIZEOF_CHAR], [/* The size of a \`char', as computed by sizeof. */ +m4trace:configure.ac:705: -1- AC_DEFINE_TRACE_LITERAL([USE_PAM]) +m4trace:configure.ac:705: -1- AC_SUBST([LIBPAM]) +m4trace:configure.ac:723: -1- AC_DEFINE_TRACE_LITERAL([HAVE_OLD_PAM]) +m4trace:configure.ac:755: -2- AC_DEFINE_TRACE_LITERAL([HAVE_OPENSSL]) +m4trace:configure.ac:770: -2- AC_DEFINE_TRACE_LITERAL([HAVE_OPENSSL]) +m4trace:configure.ac:793: -1- AC_CHECK_LIB([crypt], [crypt], [LIBS="$LIBS -lcrypt"]) +m4trace:configure.ac:841: -1- AC_DEFINE_TRACE_LITERAL([OPENSSL_PRNG_ONLY]) +m4trace:configure.ac:849: -1- AC_SUBST([INSTALL_SSH_RAND_HELPER]) +m4trace:configure.ac:872: -1- AC_DEFINE_TRACE_LITERAL([PRNGD_PORT]) +m4trace:configure.ac:922: -1- AC_DEFINE_TRACE_LITERAL([PRNGD_SOCKET]) +m4trace:configure.ac:922: -1- AC_DEFINE_TRACE_LITERAL([PRNGD_SOCKET]) +m4trace:configure.ac:934: -1- AC_DEFINE_TRACE_LITERAL([ENTROPY_TIMEOUT_MSEC]) +m4trace:configure.ac:945: -1- AC_DEFINE_TRACE_LITERAL([SSH_PRIVSEP_USER]) +m4trace:configure.ac:946: -1- AC_SUBST([SSH_PRIVSEP_USER]) +m4trace:configure.ac:963: -1- AC_SUBST([PROG_LS], [$ac_cv_path_PROG_LS]) +m4trace:configure.ac:963: -1- AC_SUBST([PROG_LS]) +m4trace:configure.ac:964: -1- AC_SUBST([PROG_NETSTAT], [$ac_cv_path_PROG_NETSTAT]) +m4trace:configure.ac:964: -1- AC_SUBST([PROG_NETSTAT]) +m4trace:configure.ac:965: -1- AC_SUBST([PROG_ARP], [$ac_cv_path_PROG_ARP]) +m4trace:configure.ac:965: -1- AC_SUBST([PROG_ARP]) +m4trace:configure.ac:966: -1- AC_SUBST([PROG_IFCONFIG], [$ac_cv_path_PROG_IFCONFIG]) +m4trace:configure.ac:966: -1- AC_SUBST([PROG_IFCONFIG]) +m4trace:configure.ac:967: -1- AC_SUBST([PROG_JSTAT], [$ac_cv_path_PROG_JSTAT]) +m4trace:configure.ac:967: -1- AC_SUBST([PROG_JSTAT]) +m4trace:configure.ac:968: -1- AC_SUBST([PROG_PS], [$ac_cv_path_PROG_PS]) +m4trace:configure.ac:968: -1- AC_SUBST([PROG_PS]) +m4trace:configure.ac:969: -1- AC_SUBST([PROG_SAR], [$ac_cv_path_PROG_SAR]) +m4trace:configure.ac:969: -1- AC_SUBST([PROG_SAR]) +m4trace:configure.ac:970: -1- AC_SUBST([PROG_W], [$ac_cv_path_PROG_W]) +m4trace:configure.ac:970: -1- AC_SUBST([PROG_W]) +m4trace:configure.ac:971: -1- AC_SUBST([PROG_WHO], [$ac_cv_path_PROG_WHO]) +m4trace:configure.ac:971: -1- AC_SUBST([PROG_WHO]) +m4trace:configure.ac:972: -1- AC_SUBST([PROG_LAST], [$ac_cv_path_PROG_LAST]) +m4trace:configure.ac:972: -1- AC_SUBST([PROG_LAST]) +m4trace:configure.ac:973: -1- AC_SUBST([PROG_LASTLOG], [$ac_cv_path_PROG_LASTLOG]) +m4trace:configure.ac:973: -1- AC_SUBST([PROG_LASTLOG]) +m4trace:configure.ac:974: -1- AC_SUBST([PROG_DF], [$ac_cv_path_PROG_DF]) +m4trace:configure.ac:974: -1- AC_SUBST([PROG_DF]) +m4trace:configure.ac:975: -1- AC_SUBST([PROG_VMSTAT], [$ac_cv_path_PROG_VMSTAT]) +m4trace:configure.ac:975: -1- AC_SUBST([PROG_VMSTAT]) +m4trace:configure.ac:976: -1- AC_SUBST([PROG_UPTIME], [$ac_cv_path_PROG_UPTIME]) +m4trace:configure.ac:976: -1- AC_SUBST([PROG_UPTIME]) +m4trace:configure.ac:977: -1- AC_SUBST([PROG_IPCS], [$ac_cv_path_PROG_IPCS]) +m4trace:configure.ac:977: -1- AC_SUBST([PROG_IPCS]) +m4trace:configure.ac:978: -1- AC_SUBST([PROG_TAIL], [$ac_cv_path_PROG_TAIL]) +m4trace:configure.ac:978: -1- AC_SUBST([PROG_TAIL]) +m4trace:configure.ac:995: -1- AC_SUBST([INSTALL_SSH_PRNG_CMDS]) +m4trace:configure.ac:1004: -1- AC_DEFINE_TRACE_LITERAL([SIZEOF_CHAR]) +m4trace:configure.ac:1004: -1- AH_OUTPUT([SIZEOF_CHAR], [/* The size of a \`char', as computed by sizeof. */ #undef SIZEOF_CHAR]) -m4trace:configure.ac:978: -1- AC_DEFINE_TRACE_LITERAL([SIZEOF_SHORT_INT]) -m4trace:configure.ac:978: -1- AH_OUTPUT([SIZEOF_SHORT_INT], [/* The size of a \`short int', as computed by sizeof. */ +m4trace:configure.ac:1005: -1- AC_DEFINE_TRACE_LITERAL([SIZEOF_SHORT_INT]) +m4trace:configure.ac:1005: -1- AH_OUTPUT([SIZEOF_SHORT_INT], [/* The size of a \`short int', as computed by sizeof. */ #undef SIZEOF_SHORT_INT]) -m4trace:configure.ac:979: -1- AC_DEFINE_TRACE_LITERAL([SIZEOF_INT]) -m4trace:configure.ac:979: -1- AH_OUTPUT([SIZEOF_INT], [/* The size of a \`int', as computed by sizeof. */ +m4trace:configure.ac:1006: -1- AC_DEFINE_TRACE_LITERAL([SIZEOF_INT]) +m4trace:configure.ac:1006: -1- AH_OUTPUT([SIZEOF_INT], [/* The size of a \`int', as computed by sizeof. */ #undef SIZEOF_INT]) -m4trace:configure.ac:980: -1- AC_DEFINE_TRACE_LITERAL([SIZEOF_LONG_INT]) -m4trace:configure.ac:980: -1- AH_OUTPUT([SIZEOF_LONG_INT], [/* The size of a \`long int', as computed by sizeof. */ +m4trace:configure.ac:1007: -1- AC_DEFINE_TRACE_LITERAL([SIZEOF_LONG_INT]) +m4trace:configure.ac:1007: -1- AH_OUTPUT([SIZEOF_LONG_INT], [/* The size of a \`long int', as computed by sizeof. */ #undef SIZEOF_LONG_INT]) -m4trace:configure.ac:981: -1- AC_DEFINE_TRACE_LITERAL([SIZEOF_LONG_LONG_INT]) -m4trace:configure.ac:981: -1- AH_OUTPUT([SIZEOF_LONG_LONG_INT], [/* The size of a \`long long int', as computed by sizeof. */ +m4trace:configure.ac:1008: -1- AC_DEFINE_TRACE_LITERAL([SIZEOF_LONG_LONG_INT]) +m4trace:configure.ac:1008: -1- AH_OUTPUT([SIZEOF_LONG_LONG_INT], [/* The size of a \`long long int', as computed by sizeof. */ #undef SIZEOF_LONG_LONG_INT]) -m4trace:configure.ac:998: -1- AC_DEFINE_TRACE_LITERAL([HAVE_U_INT]) -m4trace:configure.ac:1011: -1- AC_DEFINE_TRACE_LITERAL([HAVE_INTXX_T]) -m4trace:configure.ac:1027: -1- AC_DEFINE_TRACE_LITERAL([HAVE_INTXX_T]) -m4trace:configure.ac:1039: -1- AC_DEFINE_TRACE_LITERAL([HAVE_INT64_T]) -m4trace:configure.ac:1053: -1- AC_DEFINE_TRACE_LITERAL([HAVE_INT64_T]) +m4trace:configure.ac:1025: -1- AC_DEFINE_TRACE_LITERAL([HAVE_U_INT]) +m4trace:configure.ac:1038: -1- AC_DEFINE_TRACE_LITERAL([HAVE_INTXX_T]) +m4trace:configure.ac:1054: -1- AC_DEFINE_TRACE_LITERAL([HAVE_INTXX_T]) m4trace:configure.ac:1066: -1- AC_DEFINE_TRACE_LITERAL([HAVE_INT64_T]) -m4trace:configure.ac:1078: -1- AC_DEFINE_TRACE_LITERAL([HAVE_U_INTXX_T]) -m4trace:configure.ac:1092: -1- AC_DEFINE_TRACE_LITERAL([HAVE_U_INTXX_T]) -m4trace:configure.ac:1104: -1- AC_DEFINE_TRACE_LITERAL([HAVE_U_INT64_T]) -m4trace:configure.ac:1118: -1- AC_DEFINE_TRACE_LITERAL([HAVE_U_INT64_T]) -m4trace:configure.ac:1133: -1- AC_DEFINE_TRACE_LITERAL([HAVE_UINTXX_T]) -m4trace:configure.ac:1147: -1- AC_DEFINE_TRACE_LITERAL([HAVE_UINTXX_T]) -m4trace:configure.ac:1169: -1- AC_DEFINE_TRACE_LITERAL([HAVE_U_INTXX_T]) -m4trace:configure.ac:1169: -1- AC_DEFINE_TRACE_LITERAL([HAVE_INTXX_T]) -m4trace:configure.ac:1184: -1- AC_DEFINE_TRACE_LITERAL([HAVE_U_CHAR]) -m4trace:configure.ac:1187: -1- AC_DEFINE_TRACE_LITERAL([socklen_t]) -m4trace:configure.ac:1187: -1- AH_OUTPUT([socklen_t], [/* type to use in place of socklen_t if not defined */ +m4trace:configure.ac:1080: -1- AC_DEFINE_TRACE_LITERAL([HAVE_INT64_T]) +m4trace:configure.ac:1093: -1- AC_DEFINE_TRACE_LITERAL([HAVE_INT64_T]) +m4trace:configure.ac:1105: -1- AC_DEFINE_TRACE_LITERAL([HAVE_U_INTXX_T]) +m4trace:configure.ac:1119: -1- AC_DEFINE_TRACE_LITERAL([HAVE_U_INTXX_T]) +m4trace:configure.ac:1131: -1- AC_DEFINE_TRACE_LITERAL([HAVE_U_INT64_T]) +m4trace:configure.ac:1145: -1- AC_DEFINE_TRACE_LITERAL([HAVE_U_INT64_T]) +m4trace:configure.ac:1160: -1- AC_DEFINE_TRACE_LITERAL([HAVE_UINTXX_T]) +m4trace:configure.ac:1174: -1- AC_DEFINE_TRACE_LITERAL([HAVE_UINTXX_T]) +m4trace:configure.ac:1196: -1- AC_DEFINE_TRACE_LITERAL([HAVE_U_INTXX_T]) +m4trace:configure.ac:1196: -1- AC_DEFINE_TRACE_LITERAL([HAVE_INTXX_T]) +m4trace:configure.ac:1211: -1- AC_DEFINE_TRACE_LITERAL([HAVE_U_CHAR]) +m4trace:configure.ac:1214: -1- AC_DEFINE_TRACE_LITERAL([socklen_t]) +m4trace:configure.ac:1214: -1- AH_OUTPUT([socklen_t], [/* type to use in place of socklen_t if not defined */ #undef socklen_t]) -m4trace:configure.ac:1189: -1- AC_CHECK_TYPES([sig_atomic_t], [], [], [#include ]) -m4trace:configure.ac:1189: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SIG_ATOMIC_T]) -m4trace:configure.ac:1189: -1- AH_OUTPUT([HAVE_SIG_ATOMIC_T], [/* Define to 1 if the system has the type \`sig_atomic_t'. */ +m4trace:configure.ac:1216: -1- AC_CHECK_TYPES([sig_atomic_t], [], [], [#include ]) +m4trace:configure.ac:1216: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SIG_ATOMIC_T]) +m4trace:configure.ac:1216: -1- AH_OUTPUT([HAVE_SIG_ATOMIC_T], [/* Define to 1 if the system has the type \`sig_atomic_t'. */ #undef HAVE_SIG_ATOMIC_T]) -m4trace:configure.ac:1202: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SIZE_T]) -m4trace:configure.ac:1216: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SSIZE_T]) -m4trace:configure.ac:1230: -1- AC_DEFINE_TRACE_LITERAL([HAVE_CLOCK_T]) -m4trace:configure.ac:1255: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SA_FAMILY_T]) -m4trace:configure.ac:1269: -1- AC_DEFINE_TRACE_LITERAL([HAVE_PID_T]) -m4trace:configure.ac:1283: -1- AC_DEFINE_TRACE_LITERAL([HAVE_MODE_T]) -m4trace:configure.ac:1299: -1- AC_DEFINE_TRACE_LITERAL([HAVE_STRUCT_SOCKADDR_STORAGE]) -m4trace:configure.ac:1314: -1- AC_DEFINE_TRACE_LITERAL([HAVE_STRUCT_SOCKADDR_IN6]) -m4trace:configure.ac:1329: -1- AC_DEFINE_TRACE_LITERAL([HAVE_STRUCT_IN6_ADDR]) -m4trace:configure.ac:1345: -1- AC_DEFINE_TRACE_LITERAL([HAVE_STRUCT_ADDRINFO]) -m4trace:configure.ac:1357: -1- AC_DEFINE_TRACE_LITERAL([HAVE_STRUCT_TIMEVAL]) -m4trace:configure.ac:1394: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_SNPRINTF]) -m4trace:configure.ac:1396: -1- AC_SUBST([NO_SFTP]) -m4trace:configure.ac:1399: -1- AC_DEFINE_TRACE_LITERAL([HAVE_HOST_IN_UTMP]) -m4trace:configure.ac:1400: -1- AC_DEFINE_TRACE_LITERAL([HAVE_HOST_IN_UTMPX]) -m4trace:configure.ac:1401: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SYSLEN_IN_UTMPX]) -m4trace:configure.ac:1402: -1- AC_DEFINE_TRACE_LITERAL([HAVE_PID_IN_UTMP]) -m4trace:configure.ac:1403: -1- AC_DEFINE_TRACE_LITERAL([HAVE_TYPE_IN_UTMP]) -m4trace:configure.ac:1404: -1- AC_DEFINE_TRACE_LITERAL([HAVE_TYPE_IN_UTMPX]) -m4trace:configure.ac:1405: -1- AC_DEFINE_TRACE_LITERAL([HAVE_TV_IN_UTMP]) -m4trace:configure.ac:1406: -1- AC_DEFINE_TRACE_LITERAL([HAVE_ID_IN_UTMP]) -m4trace:configure.ac:1407: -1- AC_DEFINE_TRACE_LITERAL([HAVE_ID_IN_UTMPX]) -m4trace:configure.ac:1408: -1- AC_DEFINE_TRACE_LITERAL([HAVE_ADDR_IN_UTMP]) -m4trace:configure.ac:1409: -1- AC_DEFINE_TRACE_LITERAL([HAVE_ADDR_IN_UTMPX]) -m4trace:configure.ac:1410: -1- AC_DEFINE_TRACE_LITERAL([HAVE_ADDR_V6_IN_UTMP]) -m4trace:configure.ac:1411: -1- AC_DEFINE_TRACE_LITERAL([HAVE_ADDR_V6_IN_UTMPX]) -m4trace:configure.ac:1412: -1- AC_DEFINE_TRACE_LITERAL([HAVE_EXIT_IN_UTMP]) -m4trace:configure.ac:1413: -1- AC_DEFINE_TRACE_LITERAL([HAVE_TIME_IN_UTMP]) -m4trace:configure.ac:1414: -1- AC_DEFINE_TRACE_LITERAL([HAVE_TIME_IN_UTMPX]) -m4trace:configure.ac:1415: -1- AC_DEFINE_TRACE_LITERAL([HAVE_TV_IN_UTMPX]) -m4trace:configure.ac:1417: -1- AC_DEFINE_TRACE_LITERAL([HAVE_STRUCT_STAT_ST_BLKSIZE]) -m4trace:configure.ac:1417: -1- AH_OUTPUT([HAVE_STRUCT_STAT_ST_BLKSIZE], [/* Define to 1 if \`st_blksize' is member of \`struct stat'. */ +m4trace:configure.ac:1229: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SIZE_T]) +m4trace:configure.ac:1243: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SSIZE_T]) +m4trace:configure.ac:1257: -1- AC_DEFINE_TRACE_LITERAL([HAVE_CLOCK_T]) +m4trace:configure.ac:1282: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SA_FAMILY_T]) +m4trace:configure.ac:1296: -1- AC_DEFINE_TRACE_LITERAL([HAVE_PID_T]) +m4trace:configure.ac:1310: -1- AC_DEFINE_TRACE_LITERAL([HAVE_MODE_T]) +m4trace:configure.ac:1326: -1- AC_DEFINE_TRACE_LITERAL([HAVE_STRUCT_SOCKADDR_STORAGE]) +m4trace:configure.ac:1341: -1- AC_DEFINE_TRACE_LITERAL([HAVE_STRUCT_SOCKADDR_IN6]) +m4trace:configure.ac:1356: -1- AC_DEFINE_TRACE_LITERAL([HAVE_STRUCT_IN6_ADDR]) +m4trace:configure.ac:1372: -1- AC_DEFINE_TRACE_LITERAL([HAVE_STRUCT_ADDRINFO]) +m4trace:configure.ac:1384: -1- AC_DEFINE_TRACE_LITERAL([HAVE_STRUCT_TIMEVAL]) +m4trace:configure.ac:1421: -1- AC_DEFINE_TRACE_LITERAL([BROKEN_SNPRINTF]) +m4trace:configure.ac:1423: -1- AC_SUBST([NO_SFTP]) +m4trace:configure.ac:1426: -1- AC_DEFINE_TRACE_LITERAL([HAVE_HOST_IN_UTMP]) +m4trace:configure.ac:1427: -1- AC_DEFINE_TRACE_LITERAL([HAVE_HOST_IN_UTMPX]) +m4trace:configure.ac:1428: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SYSLEN_IN_UTMPX]) +m4trace:configure.ac:1429: -1- AC_DEFINE_TRACE_LITERAL([HAVE_PID_IN_UTMP]) +m4trace:configure.ac:1430: -1- AC_DEFINE_TRACE_LITERAL([HAVE_TYPE_IN_UTMP]) +m4trace:configure.ac:1431: -1- AC_DEFINE_TRACE_LITERAL([HAVE_TYPE_IN_UTMPX]) +m4trace:configure.ac:1432: -1- AC_DEFINE_TRACE_LITERAL([HAVE_TV_IN_UTMP]) +m4trace:configure.ac:1433: -1- AC_DEFINE_TRACE_LITERAL([HAVE_ID_IN_UTMP]) +m4trace:configure.ac:1434: -1- AC_DEFINE_TRACE_LITERAL([HAVE_ID_IN_UTMPX]) +m4trace:configure.ac:1435: -1- AC_DEFINE_TRACE_LITERAL([HAVE_ADDR_IN_UTMP]) +m4trace:configure.ac:1436: -1- AC_DEFINE_TRACE_LITERAL([HAVE_ADDR_IN_UTMPX]) +m4trace:configure.ac:1437: -1- AC_DEFINE_TRACE_LITERAL([HAVE_ADDR_V6_IN_UTMP]) +m4trace:configure.ac:1438: -1- AC_DEFINE_TRACE_LITERAL([HAVE_ADDR_V6_IN_UTMPX]) +m4trace:configure.ac:1439: -1- AC_DEFINE_TRACE_LITERAL([HAVE_EXIT_IN_UTMP]) +m4trace:configure.ac:1440: -1- AC_DEFINE_TRACE_LITERAL([HAVE_TIME_IN_UTMP]) +m4trace:configure.ac:1441: -1- AC_DEFINE_TRACE_LITERAL([HAVE_TIME_IN_UTMPX]) +m4trace:configure.ac:1442: -1- AC_DEFINE_TRACE_LITERAL([HAVE_TV_IN_UTMPX]) +m4trace:configure.ac:1444: -1- AC_DEFINE_TRACE_LITERAL([HAVE_STRUCT_STAT_ST_BLKSIZE]) +m4trace:configure.ac:1444: -1- AH_OUTPUT([HAVE_STRUCT_STAT_ST_BLKSIZE], [/* Define to 1 if \`st_blksize' is member of \`struct stat'. */ #undef HAVE_STRUCT_STAT_ST_BLKSIZE]) -m4trace:configure.ac:1432: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SS_FAMILY_IN_SS]) -m4trace:configure.ac:1448: -1- AC_DEFINE_TRACE_LITERAL([HAVE___SS_FAMILY_IN_SS]) -m4trace:configure.ac:1463: -1- AC_DEFINE_TRACE_LITERAL([HAVE_PW_CLASS_IN_PASSWD]) -m4trace:configure.ac:1478: -1- AC_DEFINE_TRACE_LITERAL([HAVE_PW_EXPIRE_IN_PASSWD]) -m4trace:configure.ac:1493: -1- AC_DEFINE_TRACE_LITERAL([HAVE_PW_CHANGE_IN_PASSWD]) -m4trace:configure.ac:1518: -1- AC_DEFINE_TRACE_LITERAL([HAVE_ACCRIGHTS_IN_MSGHDR]) -m4trace:configure.ac:1542: -1- AC_DEFINE_TRACE_LITERAL([HAVE_CONTROL_IN_MSGHDR]) -m4trace:configure.ac:1553: -1- AC_DEFINE_TRACE_LITERAL([HAVE___PROGNAME]) -m4trace:configure.ac:1566: -1- AC_DEFINE_TRACE_LITERAL([HAVE___FUNCTION__]) -m4trace:configure.ac:1579: -1- AC_DEFINE_TRACE_LITERAL([HAVE___func__]) -m4trace:configure.ac:1594: -1- AC_DEFINE_TRACE_LITERAL([HAVE_GETOPT_OPTRESET]) -m4trace:configure.ac:1605: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SYS_ERRLIST]) -m4trace:configure.ac:1617: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SYS_NERR]) -m4trace:configure.ac:1650: -1- AC_CHECK_HEADERS([sectok.h]) -m4trace:configure.ac:1650: -1- AH_OUTPUT([HAVE_SECTOK_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:1459: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SS_FAMILY_IN_SS]) +m4trace:configure.ac:1475: -1- AC_DEFINE_TRACE_LITERAL([HAVE___SS_FAMILY_IN_SS]) +m4trace:configure.ac:1490: -1- AC_DEFINE_TRACE_LITERAL([HAVE_PW_CLASS_IN_PASSWD]) +m4trace:configure.ac:1505: -1- AC_DEFINE_TRACE_LITERAL([HAVE_PW_EXPIRE_IN_PASSWD]) +m4trace:configure.ac:1520: -1- AC_DEFINE_TRACE_LITERAL([HAVE_PW_CHANGE_IN_PASSWD]) +m4trace:configure.ac:1545: -1- AC_DEFINE_TRACE_LITERAL([HAVE_ACCRIGHTS_IN_MSGHDR]) +m4trace:configure.ac:1569: -1- AC_DEFINE_TRACE_LITERAL([HAVE_CONTROL_IN_MSGHDR]) +m4trace:configure.ac:1580: -1- AC_DEFINE_TRACE_LITERAL([HAVE___PROGNAME]) +m4trace:configure.ac:1593: -1- AC_DEFINE_TRACE_LITERAL([HAVE___FUNCTION__]) +m4trace:configure.ac:1606: -1- AC_DEFINE_TRACE_LITERAL([HAVE___func__]) +m4trace:configure.ac:1621: -1- AC_DEFINE_TRACE_LITERAL([HAVE_GETOPT_OPTRESET]) +m4trace:configure.ac:1632: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SYS_ERRLIST]) +m4trace:configure.ac:1644: -1- AC_DEFINE_TRACE_LITERAL([HAVE_SYS_NERR]) +m4trace:configure.ac:1677: -1- AC_CHECK_HEADERS([sectok.h]) +m4trace:configure.ac:1677: -1- AH_OUTPUT([HAVE_SECTOK_H], [/* Define to 1 if you have the header file. */ #undef HAVE_SECTOK_H]) -m4trace:configure.ac:1650: -1- AC_CHECK_LIB([sectok], [sectok_open]) -m4trace:configure.ac:1650: -1- AH_OUTPUT([HAVE_LIBSECTOK], [/* Define to 1 if you have the \`sectok' library (-lsectok). */ +m4trace:configure.ac:1677: -1- AC_CHECK_LIB([sectok], [sectok_open]) +m4trace:configure.ac:1677: -1- AH_OUTPUT([HAVE_LIBSECTOK], [/* Define to 1 if you have the \`sectok' library (-lsectok). */ #undef HAVE_LIBSECTOK]) -m4trace:configure.ac:1650: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBSECTOK]) -m4trace:configure.ac:1650: -1- AC_DEFINE_TRACE_LITERAL([SMARTCARD]) -m4trace:configure.ac:1650: -1- AC_DEFINE_TRACE_LITERAL([USE_SECTOK]) -m4trace:configure.ac:1659: -1- AC_SUBST([OPENSC_CONFIG], [$ac_cv_path_OPENSC_CONFIG]) -m4trace:configure.ac:1665: -1- AC_DEFINE_TRACE_LITERAL([SMARTCARD]) -m4trace:configure.ac:1666: -1- AC_DEFINE_TRACE_LITERAL([USE_OPENSC]) -m4trace:configure.ac:1708: -1- AC_DEFINE_TRACE_LITERAL([KRB5]) -m4trace:configure.ac:1708: -1- AC_DEFINE_TRACE_LITERAL([HEIMDAL]) -m4trace:configure.ac:1708: -1- AC_CHECK_LIB([resolv], [dn_expand], [], []) -m4trace:configure.ac:1708: -1- AH_OUTPUT([HAVE_LIBRESOLV], [/* Define to 1 if you have the \`resolv' library (-lresolv). */ +m4trace:configure.ac:1677: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBSECTOK]) +m4trace:configure.ac:1677: -1- AC_DEFINE_TRACE_LITERAL([SMARTCARD]) +m4trace:configure.ac:1677: -1- AC_DEFINE_TRACE_LITERAL([USE_SECTOK]) +m4trace:configure.ac:1686: -1- AC_SUBST([OPENSC_CONFIG], [$ac_cv_path_OPENSC_CONFIG]) +m4trace:configure.ac:1692: -1- AC_DEFINE_TRACE_LITERAL([SMARTCARD]) +m4trace:configure.ac:1693: -1- AC_DEFINE_TRACE_LITERAL([USE_OPENSC]) +m4trace:configure.ac:1735: -1- AC_DEFINE_TRACE_LITERAL([KRB5]) +m4trace:configure.ac:1735: -1- AC_DEFINE_TRACE_LITERAL([HEIMDAL]) +m4trace:configure.ac:1735: -1- AC_CHECK_LIB([resolv], [dn_expand], [], []) +m4trace:configure.ac:1735: -1- AH_OUTPUT([HAVE_LIBRESOLV], [/* Define to 1 if you have the \`resolv' library (-lresolv). */ #undef HAVE_LIBRESOLV]) -m4trace:configure.ac:1708: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBRESOLV]) -m4trace:configure.ac:1762: -1- AC_CHECK_HEADERS([krb.h]) -m4trace:configure.ac:1762: -1- AH_OUTPUT([HAVE_KRB_H], [/* Define to 1 if you have the header file. */ +m4trace:configure.ac:1735: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBRESOLV]) +m4trace:configure.ac:1789: -1- AC_CHECK_HEADERS([krb.h]) +m4trace:configure.ac:1789: -1- AH_OUTPUT([HAVE_KRB_H], [/* Define to 1 if you have the header file. */ #undef HAVE_KRB_H]) -m4trace:configure.ac:1762: -1- AC_CHECK_LIB([krb], [main]) -m4trace:configure.ac:1762: -1- AH_OUTPUT([HAVE_LIBKRB], [/* Define to 1 if you have the \`krb' library (-lkrb). */ +m4trace:configure.ac:1789: -1- AC_CHECK_LIB([krb], [main]) +m4trace:configure.ac:1789: -1- AH_OUTPUT([HAVE_LIBKRB], [/* Define to 1 if you have the \`krb' library (-lkrb). */ #undef HAVE_LIBKRB]) -m4trace:configure.ac:1762: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBKRB]) -m4trace:configure.ac:1762: -1- AC_CHECK_LIB([krb4], [main]) -m4trace:configure.ac:1762: -1- AH_OUTPUT([HAVE_LIBKRB4], [/* Define to 1 if you have the \`krb4' library (-lkrb4). */ +m4trace:configure.ac:1789: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBKRB]) +m4trace:configure.ac:1789: -1- AC_CHECK_LIB([krb4], [main]) +m4trace:configure.ac:1789: -1- AH_OUTPUT([HAVE_LIBKRB4], [/* Define to 1 if you have the \`krb4' library (-lkrb4). */ #undef HAVE_LIBKRB4]) -m4trace:configure.ac:1762: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBKRB4]) -m4trace:configure.ac:1762: -1- AC_CHECK_LIB([des], [des_cbc_encrypt]) -m4trace:configure.ac:1762: -1- AH_OUTPUT([HAVE_LIBDES], [/* Define to 1 if you have the \`des' library (-ldes). */ +m4trace:configure.ac:1789: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBKRB4]) +m4trace:configure.ac:1789: -1- AC_CHECK_LIB([des], [des_cbc_encrypt]) +m4trace:configure.ac:1789: -1- AH_OUTPUT([HAVE_LIBDES], [/* Define to 1 if you have the \`des' library (-ldes). */ #undef HAVE_LIBDES]) -m4trace:configure.ac:1762: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBDES]) -m4trace:configure.ac:1762: -1- AC_CHECK_LIB([des425], [des_cbc_encrypt]) -m4trace:configure.ac:1762: -1- AH_OUTPUT([HAVE_LIBDES425], [/* Define to 1 if you have the \`des425' library (-ldes425). */ +m4trace:configure.ac:1789: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBDES]) +m4trace:configure.ac:1789: -1- AC_CHECK_LIB([des425], [des_cbc_encrypt]) +m4trace:configure.ac:1789: -1- AH_OUTPUT([HAVE_LIBDES425], [/* Define to 1 if you have the \`des425' library (-ldes425). */ #undef HAVE_LIBDES425]) -m4trace:configure.ac:1762: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBDES425]) -m4trace:configure.ac:1762: -1- AC_CHECK_LIB([resolv], [dn_expand], [], []) -m4trace:configure.ac:1762: -1- AH_OUTPUT([HAVE_LIBRESOLV], [/* Define to 1 if you have the \`resolv' library (-lresolv). */ +m4trace:configure.ac:1789: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBDES425]) +m4trace:configure.ac:1789: -1- AC_CHECK_LIB([resolv], [dn_expand], [], []) +m4trace:configure.ac:1789: -1- AH_OUTPUT([HAVE_LIBRESOLV], [/* Define to 1 if you have the \`resolv' library (-lresolv). */ #undef HAVE_LIBRESOLV]) -m4trace:configure.ac:1762: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBRESOLV]) -m4trace:configure.ac:1762: -1- AC_DEFINE_TRACE_LITERAL([KRB4]) -m4trace:configure.ac:1788: -1- AC_DEFINE_TRACE_LITERAL([AFS]) -m4trace:configure.ac:1802: -1- AC_SUBST([rsh_path], [$ac_cv_path_rsh_path]) -m4trace:configure.ac:1813: -1- AC_SUBST([PRIVSEP_PATH]) -m4trace:configure.ac:1828: -1- AC_SUBST([xauth_path], [$ac_cv_path_xauth_path]) -m4trace:configure.ac:1832: -1- AC_SUBST([XAUTH_PATH]) -m4trace:configure.ac:1834: -1- AC_DEFINE_TRACE_LITERAL([XAUTH_PATH]) -m4trace:configure.ac:1836: -1- AC_SUBST([XAUTH_PATH]) -m4trace:configure.ac:1839: -1- AC_DEFINE_TRACE_LITERAL([RSH_PATH]) -m4trace:configure.ac:1845: -1- AC_DEFINE_TRACE_LITERAL([MAIL_DIRECTORY]) -m4trace:configure.ac:1855: -1- AC_DEFINE_TRACE_LITERAL([HAVE_DEV_PTMX]) -m4trace:configure.ac:1863: -1- AC_DEFINE_TRACE_LITERAL([HAVE_DEV_PTS_AND_PTC]) -m4trace:configure.ac:1880: -1- AC_SUBST([NROFF], [$ac_cv_path_NROFF]) -m4trace:configure.ac:1889: -1- AC_SUBST([MANTYPE]) -m4trace:configure.ac:1895: -1- AC_SUBST([mansubdir]) -m4trace:configure.ac:1907: -1- AC_DEFINE_TRACE_LITERAL([HAVE_MD5_PASSWORDS]) -m4trace:configure.ac:1918: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_SHADOW]) -m4trace:configure.ac:1933: -1- AC_DEFINE_TRACE_LITERAL([HAS_SHADOW_EXPIRE]) -m4trace:configure.ac:1942: -1- AC_DEFINE_TRACE_LITERAL([IPADDR_IN_DISPLAY]) -m4trace:configure.ac:1953: -1- AC_DEFINE_TRACE_LITERAL([IPADDR_IN_DISPLAY]) -m4trace:configure.ac:2030: -1- AC_DEFINE_TRACE_LITERAL([USER_PATH]) -m4trace:configure.ac:2031: -1- AC_SUBST([user_path]) -m4trace:configure.ac:2043: -1- AC_DEFINE_TRACE_LITERAL([SUPERUSER_PATH]) -m4trace:configure.ac:2056: -1- AC_DEFINE_TRACE_LITERAL([IPV4_DEFAULT]) -m4trace:configure.ac:2079: -1- AC_DEFINE_TRACE_LITERAL([IPV4_IN_IPV6]) -m4trace:configure.ac:2079: -1- AC_DEFINE_TRACE_LITERAL([IPV4_IN_IPV6]) -m4trace:configure.ac:2091: -1- AC_DEFINE_TRACE_LITERAL([BSD_AUTH]) -m4trace:configure.ac:2115: -1- AC_DEFINE_TRACE_LITERAL([_PATH_SSH_PIDDIR]) -m4trace:configure.ac:2116: -1- AC_SUBST([piddir]) -m4trace:configure.ac:2122: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_LASTLOG]) -m4trace:configure.ac:2126: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_UTMP]) -m4trace:configure.ac:2130: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_UTMPX]) -m4trace:configure.ac:2134: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_WTMP]) -m4trace:configure.ac:2138: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_WTMPX]) -m4trace:configure.ac:2142: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_LOGIN]) -m4trace:configure.ac:2146: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_PUTUTLINE]) -m4trace:configure.ac:2150: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_PUTUTXLINE]) -m4trace:configure.ac:2160: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_LASTLOG]) -m4trace:configure.ac:2222: -1- AC_DEFINE_TRACE_LITERAL([CONF_LASTLOG_FILE]) -m4trace:configure.ac:2247: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_UTMP]) -m4trace:configure.ac:2252: -1- AC_DEFINE_TRACE_LITERAL([CONF_UTMP_FILE]) -m4trace:configure.ac:2277: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_WTMP]) -m4trace:configure.ac:2282: -1- AC_DEFINE_TRACE_LITERAL([CONF_WTMP_FILE]) -m4trace:configure.ac:2307: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_UTMPX]) -m4trace:configure.ac:2310: -1- AC_DEFINE_TRACE_LITERAL([CONF_UTMPX_FILE]) -m4trace:configure.ac:2332: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_WTMPX]) -m4trace:configure.ac:2335: -1- AC_DEFINE_TRACE_LITERAL([CONF_WTMPX_FILE]) -m4trace:configure.ac:2353: -1- AC_CONFIG_FILES([Makefile openbsd-compat/Makefile scard/Makefile ssh_prng_cmds]) +m4trace:configure.ac:1789: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBRESOLV]) +m4trace:configure.ac:1789: -1- AC_DEFINE_TRACE_LITERAL([KRB4]) +m4trace:configure.ac:1815: -1- AC_DEFINE_TRACE_LITERAL([AFS]) +m4trace:configure.ac:1829: -1- AC_SUBST([PRIVSEP_PATH]) +m4trace:configure.ac:1844: -1- AC_SUBST([xauth_path], [$ac_cv_path_xauth_path]) +m4trace:configure.ac:1848: -1- AC_SUBST([XAUTH_PATH]) +m4trace:configure.ac:1850: -1- AC_DEFINE_TRACE_LITERAL([XAUTH_PATH]) +m4trace:configure.ac:1852: -1- AC_SUBST([XAUTH_PATH]) +m4trace:configure.ac:1858: -1- AC_DEFINE_TRACE_LITERAL([MAIL_DIRECTORY]) +m4trace:configure.ac:1868: -1- AC_DEFINE_TRACE_LITERAL([HAVE_DEV_PTMX]) +m4trace:configure.ac:1876: -1- AC_DEFINE_TRACE_LITERAL([HAVE_DEV_PTS_AND_PTC]) +m4trace:configure.ac:1893: -1- AC_SUBST([NROFF], [$ac_cv_path_NROFF]) +m4trace:configure.ac:1902: -1- AC_SUBST([MANTYPE]) +m4trace:configure.ac:1908: -1- AC_SUBST([mansubdir]) +m4trace:configure.ac:1920: -1- AC_DEFINE_TRACE_LITERAL([HAVE_MD5_PASSWORDS]) +m4trace:configure.ac:1931: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_SHADOW]) +m4trace:configure.ac:1946: -1- AC_DEFINE_TRACE_LITERAL([HAS_SHADOW_EXPIRE]) +m4trace:configure.ac:1955: -1- AC_DEFINE_TRACE_LITERAL([IPADDR_IN_DISPLAY]) +m4trace:configure.ac:1966: -1- AC_DEFINE_TRACE_LITERAL([IPADDR_IN_DISPLAY]) +m4trace:configure.ac:2043: -1- AC_DEFINE_TRACE_LITERAL([USER_PATH]) +m4trace:configure.ac:2044: -1- AC_SUBST([user_path]) +m4trace:configure.ac:2056: -1- AC_DEFINE_TRACE_LITERAL([SUPERUSER_PATH]) +m4trace:configure.ac:2069: -1- AC_DEFINE_TRACE_LITERAL([IPV4_DEFAULT]) +m4trace:configure.ac:2092: -1- AC_DEFINE_TRACE_LITERAL([IPV4_IN_IPV6]) +m4trace:configure.ac:2092: -1- AC_DEFINE_TRACE_LITERAL([IPV4_IN_IPV6]) +m4trace:configure.ac:2104: -1- AC_DEFINE_TRACE_LITERAL([BSD_AUTH]) +m4trace:configure.ac:2128: -1- AC_DEFINE_TRACE_LITERAL([_PATH_SSH_PIDDIR]) +m4trace:configure.ac:2129: -1- AC_SUBST([piddir]) +m4trace:configure.ac:2135: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_LASTLOG]) +m4trace:configure.ac:2139: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_UTMP]) +m4trace:configure.ac:2143: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_UTMPX]) +m4trace:configure.ac:2147: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_WTMP]) +m4trace:configure.ac:2151: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_WTMPX]) +m4trace:configure.ac:2155: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_LOGIN]) +m4trace:configure.ac:2159: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_PUTUTLINE]) +m4trace:configure.ac:2163: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_PUTUTXLINE]) +m4trace:configure.ac:2173: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_LASTLOG]) +m4trace:configure.ac:2235: -1- AC_DEFINE_TRACE_LITERAL([CONF_LASTLOG_FILE]) +m4trace:configure.ac:2260: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_UTMP]) +m4trace:configure.ac:2265: -1- AC_DEFINE_TRACE_LITERAL([CONF_UTMP_FILE]) +m4trace:configure.ac:2290: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_WTMP]) +m4trace:configure.ac:2295: -1- AC_DEFINE_TRACE_LITERAL([CONF_WTMP_FILE]) +m4trace:configure.ac:2320: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_UTMPX]) +m4trace:configure.ac:2323: -1- AC_DEFINE_TRACE_LITERAL([CONF_UTMPX_FILE]) +m4trace:configure.ac:2345: -1- AC_DEFINE_TRACE_LITERAL([DISABLE_WTMPX]) +m4trace:configure.ac:2348: -1- AC_DEFINE_TRACE_LITERAL([CONF_WTMPX_FILE]) +m4trace:configure.ac:2366: -1- AC_CONFIG_FILES([Makefile openbsd-compat/Makefile scard/Makefile ssh_prng_cmds]) diff --git a/openssh/bufaux.c b/openssh/bufaux.c index 79f8bbd..d3dc674 100644 --- a/openssh/bufaux.c +++ b/openssh/bufaux.c @@ -37,7 +37,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: bufaux.c,v 1.25 2002/04/20 09:14:58 markus Exp $"); +RCSID("$OpenBSD: bufaux.c,v 1.27 2002/06/26 08:53:12 markus Exp $"); #include #include "bufaux.h" @@ -88,6 +88,8 @@ buffer_get_bignum(Buffer *buffer, BIGNUM *value) bits = GET_16BIT(buf); /* Compute the number of binary bytes that follow. */ bytes = (bits + 7) / 8; + if (bytes > 8 * 1024) + fatal("buffer_get_bignum: cannot handle BN of size %d", bytes); if (buffer_len(buffer) < bytes) fatal("buffer_get_bignum: input buffer too small"); bin = buffer_ptr(buffer); @@ -105,6 +107,7 @@ buffer_put_bignum2(Buffer *buffer, BIGNUM *value) u_char *buf = xmalloc(bytes); int oi; int hasnohigh = 0; + buf[0] = '\0'; /* Get the value of in binary */ oi = BN_bn2bin(value, buf+1); @@ -128,12 +131,15 @@ buffer_put_bignum2(Buffer *buffer, BIGNUM *value) xfree(buf); } +/* XXX does not handle negative BNs */ void buffer_get_bignum2(Buffer *buffer, BIGNUM *value) { - /**XXX should be two's-complement */ - int len; - u_char *bin = buffer_get_string(buffer, (u_int *)&len); + u_int len; + u_char *bin = buffer_get_string(buffer, &len); + + if (len > 8 * 1024) + fatal("buffer_get_bignum2: cannot handle BN of size %d", len); BN_bin2bn(bin, len, value); xfree(bin); } @@ -145,6 +151,7 @@ u_short buffer_get_short(Buffer *buffer) { u_char buf[2]; + buffer_get(buffer, (char *) buf, 2); return GET_16BIT(buf); } @@ -153,6 +160,7 @@ u_int buffer_get_int(Buffer *buffer) { u_char buf[4]; + buffer_get(buffer, (char *) buf, 4); return GET_32BIT(buf); } @@ -162,6 +170,7 @@ u_int64_t buffer_get_int64(Buffer *buffer) { u_char buf[8]; + buffer_get(buffer, (char *) buf, 8); return GET_64BIT(buf); } @@ -174,6 +183,7 @@ void buffer_put_short(Buffer *buffer, u_short value) { char buf[2]; + PUT_16BIT(buf, value); buffer_append(buffer, buf, 2); } @@ -182,6 +192,7 @@ void buffer_put_int(Buffer *buffer, u_int value) { char buf[4]; + PUT_32BIT(buf, value); buffer_append(buffer, buf, 4); } @@ -191,6 +202,7 @@ void buffer_put_int64(Buffer *buffer, u_int64_t value) { char buf[8]; + PUT_64BIT(buf, value); buffer_append(buffer, buf, 8); } @@ -207,8 +219,9 @@ buffer_put_int64(Buffer *buffer, u_int64_t value) void * buffer_get_string(Buffer *buffer, u_int *length_ptr) { - u_int len; u_char *value; + u_int len; + /* Get the length. */ len = buffer_get_int(buffer); if (len > 256 * 1024) @@ -249,6 +262,7 @@ int buffer_get_char(Buffer *buffer) { char ch; + buffer_get(buffer, &ch, 1); return (u_char) ch; } @@ -260,5 +274,6 @@ void buffer_put_char(Buffer *buffer, int value) { char ch = value; + buffer_append(buffer, &ch, 1); } diff --git a/openssh/buffer.c b/openssh/buffer.c index 40572e5..ad04b26 100644 --- a/openssh/buffer.c +++ b/openssh/buffer.c @@ -12,7 +12,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: buffer.c,v 1.15 2002/01/18 18:14:17 stevesk Exp $"); +RCSID("$OpenBSD: buffer.c,v 1.16 2002/06/26 08:54:18 markus Exp $"); #include "xmalloc.h" #include "buffer.h" @@ -71,6 +71,9 @@ buffer_append_space(Buffer *buffer, u_int len) { void *p; + if (len > 0x100000) + fatal("buffer_append_space: len %u not supported", len); + /* If the buffer is empty, start using it from the beginning. */ if (buffer->offset == buffer->end) { buffer->offset = 0; @@ -96,6 +99,9 @@ restart: } /* Increase the size of the buffer and retry. */ buffer->alloc += len + 32768; + if (buffer->alloc > 0xa00000) + fatal("buffer_append_space: alloc %u not supported", + buffer->alloc); buffer->buf = xrealloc(buffer->buf, buffer->alloc); goto restart; /* NOTREACHED */ diff --git a/openssh/channels.c b/openssh/channels.c index d34411e..29eaee7 100644 --- a/openssh/channels.c +++ b/openssh/channels.c @@ -39,7 +39,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: channels.c,v 1.175 2002/06/10 22:28:41 markus Exp $"); +RCSID("$OpenBSD: channels.c,v 1.179 2002/06/26 08:55:02 markus Exp $"); #include "ssh.h" #include "ssh1.h" @@ -205,7 +205,7 @@ channel_register_fds(Channel *c, int rfd, int wfd, int efd, Channel * channel_new(char *ctype, int type, int rfd, int wfd, int efd, - int window, int maxpack, int extusage, char *remote_name, int nonblock) + u_int window, u_int maxpack, int extusage, char *remote_name, int nonblock) { int i, found; Channel *c; @@ -229,6 +229,9 @@ channel_new(char *ctype, int type, int rfd, int wfd, int efd, /* There are no free slots. Take last+1 slot and expand the array. */ found = channels_alloc; channels_alloc += 10; + if (channels_alloc > 10000) + fatal("channel_new: internal error: channels_alloc %d " + "too big.", channels_alloc); debug2("channel: expanding %d", channels_alloc); channels = xrealloc(channels, channels_alloc * sizeof(Channel *)); for (i = found; i < channels_alloc; i++) @@ -1568,8 +1571,9 @@ channel_after_select(fd_set * readset, fd_set * writeset) void channel_output_poll(void) { - int len, i; Channel *c; + int i; + u_int len; for (i = 0; i < channels_alloc; i++) { c = channels[i]; @@ -1647,7 +1651,7 @@ channel_output_poll(void) c->remote_window > 0 && (len = buffer_len(&c->extended)) > 0 && c->extended_usage == CHAN_EXTENDED_READ) { - debug2("channel %d: rwin %d elen %d euse %d", + debug2("channel %d: rwin %u elen %u euse %d", c->self, c->remote_window, buffer_len(&c->extended), c->extended_usage); if (len > c->remote_window) @@ -1717,9 +1721,8 @@ void channel_input_extended_data(int type, u_int32_t seq, void *ctxt) { int id; - int tcode; char *data; - u_int data_len; + u_int data_len, tcode; Channel *c; /* Get the channel number and verify it. */ @@ -1874,7 +1877,7 @@ channel_input_open_confirmation(int type, u_int32_t seq, void *ctxt) c->confirm(c->self, NULL); debug2("callback done"); } - debug("channel %d: open confirm rwindow %d rmax %d", c->self, + debug("channel %d: open confirm rwindow %u rmax %u", c->self, c->remote_window, c->remote_maxpacket); } packet_check_eom(); @@ -1931,7 +1934,8 @@ void channel_input_window_adjust(int type, u_int32_t seq, void *ctxt) { Channel *c; - int id, adjust; + int id; + u_int adjust; if (!compat20) return; @@ -1947,7 +1951,7 @@ channel_input_window_adjust(int type, u_int32_t seq, void *ctxt) } adjust = packet_get_int(); packet_check_eom(); - debug2("channel %d: rcvd adjust %d", id, adjust); + debug2("channel %d: rcvd adjust %u", id, adjust); c->remote_window += adjust; } @@ -2328,12 +2332,12 @@ channel_connect_to(const char *host, u_short port) /* * Creates an internet domain socket for listening for X11 connections. - * Returns a suitable display number for the DISPLAY variable, or -1 if - * an error occurs. + * Returns 0 and a suitable display number for the DISPLAY variable + * stored in display_numberp , or -1 if an error occurs. */ int x11_create_display_inet(int x11_display_offset, int x11_use_localhost, - int single_connection) + int single_connection, u_int *display_numberp) { Channel *nc = NULL; int display_number, sock; @@ -2431,7 +2435,8 @@ x11_create_display_inet(int x11_display_offset, int x11_use_localhost, } /* Return the display number for the DISPLAY environment variable. */ - return display_number; + *display_numberp = display_number; + return (0); } static int diff --git a/openssh/channels.h b/openssh/channels.h index 9ceff3e..dd54114 100644 --- a/openssh/channels.h +++ b/openssh/channels.h @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.h,v 1.68 2002/06/10 22:28:41 markus Exp $ */ +/* $OpenBSD: channels.h,v 1.70 2002/06/24 14:33:27 markus Exp $ */ /* * Author: Tatu Ylonen @@ -90,12 +90,12 @@ struct Channel { int host_port; /* remote port to connect for forwards */ char *remote_name; /* remote hostname */ - int remote_window; - int remote_maxpacket; - int local_window; - int local_window_max; - int local_consumed; - int local_maxpacket; + u_int remote_window; + u_int remote_maxpacket; + u_int local_window; + u_int local_window_max; + u_int local_consumed; + u_int local_maxpacket; int extended_usage; int single_connection; @@ -151,7 +151,7 @@ struct Channel { /* channel management */ Channel *channel_lookup(int); -Channel *channel_new(char *, int, int, int, int, int, int, int, char *, int); +Channel *channel_new(char *, int, int, int, int, u_int, u_int, int, char *, int); void channel_set_fds(int, int, int, int, int, int, u_int); void channel_free(Channel *); void channel_free_all(void); @@ -205,7 +205,7 @@ int channel_setup_remote_fwd_listener(const char *, u_short, int); /* x11 forwarding */ int x11_connect_display(void); -int x11_create_display_inet(int, int, int); +int x11_create_display_inet(int, int, int, u_int *); void x11_input_open(int, u_int32_t, void *); void x11_request_forwarding_with_spoofing(int, const char *, const char *); void deny_input_open(int, u_int32_t, void *); diff --git a/openssh/cipher.c b/openssh/cipher.c index b18c701..6db340d 100644 --- a/openssh/cipher.c +++ b/openssh/cipher.c @@ -35,7 +35,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: cipher.c,v 1.59 2002/06/19 18:01:00 markus Exp $"); +RCSID("$OpenBSD: cipher.c,v 1.60 2002/06/23 03:26:52 deraadt Exp $"); #include "xmalloc.h" #include "log.h" @@ -95,11 +95,13 @@ cipher_blocksize(Cipher *c) { return (c->block_size); } + u_int cipher_keylen(Cipher *c) { return (c->key_len); } + u_int cipher_get_number(Cipher *c) { @@ -314,6 +316,7 @@ struct ssh1_3des_ctx { EVP_CIPHER_CTX k1, k2, k3; }; + static int ssh1_3des_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv, int enc) @@ -356,6 +359,7 @@ ssh1_3des_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv, #endif return (1); } + static int ssh1_3des_cbc(EVP_CIPHER_CTX *ctx, u_char *dest, const u_char *src, u_int len) { @@ -377,6 +381,7 @@ ssh1_3des_cbc(EVP_CIPHER_CTX *ctx, u_char *dest, const u_char *src, u_int len) #endif return (1); } + static int ssh1_3des_cleanup(EVP_CIPHER_CTX *ctx) { @@ -389,6 +394,7 @@ ssh1_3des_cleanup(EVP_CIPHER_CTX *ctx) } return (1); } + static const EVP_CIPHER * evp_ssh1_3des(void) { @@ -430,7 +436,9 @@ swap_bytes(const u_char *src, u_char *dst, int n) *dst++ = c[3]; } } + static int (*orig_bf)(EVP_CIPHER_CTX *, u_char *, const u_char *, u_int) = NULL; + static int bf_ssh1_cipher(EVP_CIPHER_CTX *ctx, u_char *out, const u_char *in, u_int len) { @@ -441,6 +449,7 @@ bf_ssh1_cipher(EVP_CIPHER_CTX *ctx, u_char *out, const u_char *in, u_int len) swap_bytes(out, out, len); return (ret); } + static const EVP_CIPHER * evp_ssh1_bf(void) { @@ -483,6 +492,7 @@ ssh_rijndael_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv, memcpy(c->r_iv, iv, RIJNDAEL_BLOCKSIZE); return (1); } + static int ssh_rijndael_cbc(EVP_CIPHER_CTX *ctx, u_char *dest, const u_char *src, u_int len) @@ -528,6 +538,7 @@ ssh_rijndael_cbc(EVP_CIPHER_CTX *ctx, u_char *dest, const u_char *src, } return (1); } + static int ssh_rijndael_cleanup(EVP_CIPHER_CTX *ctx) { @@ -540,6 +551,7 @@ ssh_rijndael_cleanup(EVP_CIPHER_CTX *ctx) } return (1); } + static const EVP_CIPHER * evp_rijndael(void) { diff --git a/openssh/clientloop.c b/openssh/clientloop.c index 75d24ac..cd2eab7 100644 --- a/openssh/clientloop.c +++ b/openssh/clientloop.c @@ -59,7 +59,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: clientloop.c,v 1.101 2002/06/09 13:32:01 markus Exp $"); +RCSID("$OpenBSD: clientloop.c,v 1.102 2002/06/24 14:33:27 markus Exp $"); #include "ssh.h" #include "ssh1.h" @@ -1208,10 +1208,8 @@ client_input_channel_open(int type, u_int32_t seq, void *ctxt) { Channel *c = NULL; char *ctype; - u_int len; int rchan; - int rmaxpack; - int rwindow; + u_int rmaxpack, rwindow, len; ctype = packet_get_string(&len); rchan = packet_get_int(); diff --git a/openssh/configure.ac b/openssh/configure.ac index 38ac844..18f0e8a 100644 --- a/openssh/configure.ac +++ b/openssh/configure.ac @@ -76,6 +76,7 @@ case "$host" in AC_DEFINE(BROKEN_REALPATH) dnl AIX handles lastlog as part of its login message AC_DEFINE(DISABLE_LASTLOG) + AC_DEFINE(LOGIN_NEEDS_UTMPX) ;; *-*-cygwin*) LIBS="$LIBS /usr/lib/textmode.o" @@ -85,6 +86,7 @@ case "$host" in AC_DEFINE(IPV4_DEFAULT) AC_DEFINE(IP_TOS_IS_BROKEN) AC_DEFINE(NO_X11_UNIX_SOCKETS) + AC_DEFINE(BROKEN_FD_PASSING) AC_DEFINE(SETGROUPS_NOOP) ;; *-*-dgux*) @@ -246,7 +248,6 @@ mips-sony-bsd|mips-sony-newsos4) CPPFLAGS="$CPPFLAGS -Dftruncate=chsize -I/usr/local/include" LDFLAGS="$LDFLAGS -L/usr/local/lib" LIBS="$LIBS -los -lprot -lx -ltinfo -lm" - rsh_path="/usr/bin/rcmd" RANLIB=true no_dev_ptmx=1 AC_DEFINE(BROKEN_SYS_TERMIO_H) @@ -263,10 +264,10 @@ mips-sony-bsd|mips-sony-newsos4) LDFLAGS="$LDFLAGS -L/usr/local/lib" LIBS="$LIBS -lprot -lx -ltinfo -lm" no_dev_ptmx=1 - rsh_path="/usr/bin/rcmd" AC_DEFINE(USE_PIPES) AC_DEFINE(HAVE_SECUREWARE) AC_DEFINE(DISABLE_SHADOW) + AC_DEFINE(BROKEN_FD_PASSING) AC_CHECK_FUNCS(getluid setluid) MANTYPE=man ;; @@ -274,6 +275,7 @@ mips-sony-bsd|mips-sony-newsos4) no_libsocket=1 no_libnsl=1 AC_DEFINE(USE_PIPES) + AC_DEFINE(BROKEN_FD_PASSING) LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal,-L/usr/local/lib" LIBS="$LIBS -lgen -lrsc" ;; @@ -575,6 +577,30 @@ AC_CHECK_FUNCS(arc4random b64_ntop bcopy bindresvport_sa \ socketpair strerror strlcat strlcpy strmode strsep sysconf tcgetpgrp \ truncate utimes vhangup vsnprintf waitpid __b64_ntop _getpty) +if test $ac_cv_func_mmap = yes ; then +AC_MSG_CHECKING([for mmap anon shared]) +AC_TRY_RUN( + [ +#include +#include +#if !defined(MAP_ANON) && defined(MAP_ANONYMOUS) +#define MAP_ANON MAP_ANONYMOUS +#endif +main() { char *p; +p = (char *) mmap(NULL, 10, PROT_WRITE|PROT_READ, MAP_ANON|MAP_SHARED, -1, 0); +if (p == (char *)-1) + exit(1); +exit(0); +} + ], + [ + AC_MSG_RESULT(yes) + AC_DEFINE(HAVE_MMAP_ANON_SHARED) + ], + [ AC_MSG_RESULT(no) ] +) +fi + dnl IRIX and Solaris 2.5.1 have dirname() in libgen AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[ AC_CHECK_LIB(gen, dirname,[ @@ -907,16 +933,17 @@ AC_ARG_WITH(entropy-timeout, ) AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout) -ssh_privsep_user=sshd +SSH_PRIVSEP_USER=sshd AC_ARG_WITH(privsep-user, [ --with-privsep-user=user Specify non-privileged user for privilege separation], [ if test -n "$withval"; then - ssh_privsep_user=$withval + SSH_PRIVSEP_USER=$withval fi ] ) -AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$ssh_privsep_user") +AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER") +AC_SUBST(SSH_PRIVSEP_USER) # We do this little dance with the search path to insure # that programs that we select for use by installed programs @@ -1789,17 +1816,6 @@ AC_ARG_WITH(afs, LIBS="$LIBS $KLIBS $K5LIBS" # Looking for programs, paths and files -AC_ARG_WITH(rsh, - [ --with-rsh=PATH Specify path to remote shell program ], - [ - if test "x$withval" != "$no" ; then - rsh_path=$withval - fi - ], - [ - AC_PATH_PROG(rsh_path, rsh) - ] -) PRIVSEP_PATH=/var/empty AC_ARG_WITH(privsep-path, @@ -1835,9 +1851,6 @@ else XAUTH_PATH=$xauth_path AC_SUBST(XAUTH_PATH) fi -if test ! -z "$rsh_path" ; then - AC_DEFINE_UNQUOTED(RSH_PATH, "$rsh_path") -fi # Check for mail directory (last resort if we cannot get it from headers) if test ! -z "$MAIL" ; then diff --git a/openssh/contrib/aix/README b/openssh/contrib/aix/README index a08c084..033fd0a 100644 --- a/openssh/contrib/aix/README +++ b/openssh/contrib/aix/README @@ -25,6 +25,10 @@ Other notes: The script treats all packages as USR packages (not ROOT+USR when appropriate). It seems to work, though...... +If there are any patches to this that have not yet been integrated they +may be found at http://www.zip.com.au/~dtucker/openssh/ or +http://home.usf.advantra.com.au/~dtucker/openssh/. + Disclaimer: diff --git a/openssh/contrib/aix/buildbff.sh b/openssh/contrib/aix/buildbff.sh index 4095884..d531e53 100755 --- a/openssh/contrib/aix/buildbff.sh +++ b/openssh/contrib/aix/buildbff.sh @@ -9,28 +9,96 @@ # Based originally on Ben Lindstrom's buildpkg.sh for Solaris # +# +# Tunable configuration settings +# create a "config.local" in your build directory to override these. +# +PERMIT_ROOT_LOGIN=no +X11_FORWARDING=no + umask 022 + +# +# We still support running from contrib/aix, but this is depreciated +# +if pwd | egrep 'contrib/aix$' +then + echo "Changing directory to `pwd`/../.." + echo "Please run buildbff.sh from your build directory in future." + cd ../.. + contribaix=1 +fi + +if [ ! -f Makefile ] +then + echo "Makefile not found (did you run configure?)" + exit 1 +fi + +# +# Directories used during build: +# current dir = $objdir directory you ran ./configure in. +# $objdir/$PKGDIR/ directory package files are constructed in +# $objdir/$PKGDIR/root/ package root ($FAKE_ROOT) +# +objdir=`pwd` PKGNAME=openssh PKGDIR=package -PATH=`pwd`:$PATH # set path for external tools -export PATH +# Path to inventory.sh: same place as buildbff.sh +if echo $0 | egrep '^/' +then + inventory=`dirname $0`/inventory.sh # absolute path +else + inventory=`pwd`/`dirname $0`/inventory.sh # relative path +fi -# Clean build directory -rm -rf $PKGDIR -mkdir $PKGDIR +# +# Collect local configuration settings to override defaults +# +if [ -s ./config.local ] +then + echo Reading local settings from config.local + . ./config.local +fi + +# +# Fill in some details from Makefile, like prefix and sysconfdir +# the eval also expands variables like sysconfdir=${prefix}/etc +# provided they are eval'ed in the correct order +# +for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir mansubdir sysconfdir piddir srcdir +do + eval $confvar=`grep "^$confvar=" $objdir/Makefile | cut -d = -f 2` +done + +# +# Collect values of privsep user and privsep path +# currently only found in config.h +# +for confvar in SSH_PRIVSEP_USER PRIVSEP_PATH +do + eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' $objdir/config.h` +done -if [ ! -f ../../Makefile ] +# Set privsep defaults if not defined +if [ -z "$SSH_PRIVSEP_USER" ] then - echo "Top-level Makefile not found (did you run ./configure?)" - exit 1 + SSH_PRIVSEP_USER=sshd +fi +if [ -z "$PRIVSEP_PATH" ] +then + PRIVSEP_PATH=/var/empty fi -## Start by faking root install +# Clean package build directory +rm -rf $objdir/$PKGDIR +FAKE_ROOT=$objdir/$PKGDIR/root +mkdir -p $FAKE_ROOT + +# Start by faking root install echo "Faking root install..." -START=`pwd` -FAKE_ROOT=$START/$PKGDIR -cd ../.. +cd $objdir make install-nokeys DESTDIR=$FAKE_ROOT if [ $? -gt 0 ] @@ -39,6 +107,12 @@ then exit 1 fi +# +# Copy informational files to include in package +# +cp $srcdir/LICENCE $objdir/$PKGDIR/ +cp $srcdir/README* $objdir/$PKGDIR/ + # # Extract common info requires for the 'info' part of the package. # AIX requires 4-part version numbers @@ -47,24 +121,27 @@ VERSION=`./ssh -V 2>&1 | sed -e 's/,.*//' | cut -f 2 -d _` MAJOR=`echo $VERSION | cut -f 1 -d p | cut -f 1 -d .` MINOR=`echo $VERSION | cut -f 1 -d p | cut -f 2 -d .` PATCH=`echo $VERSION | cut -f 1 -d p | cut -f 3 -d .` -PORTABLE=`echo $VERSION | cut -f 2 -d p` -if [ "$PATCH" = "" ] -then - PATCH=0 -fi +PORTABLE=`echo $VERSION | awk 'BEGIN{FS="p"}{print $2}'` +[ "$PATCH" = "" ] && PATCH=0 +[ "$PORTABLE" = "" ] && PORTABLE=0 BFFVERSION=`printf "%d.%d.%d.%d" $MAJOR $MINOR $PATCH $PORTABLE` echo "Building BFF for $PKGNAME $VERSION (package version $BFFVERSION)" # -# Fill in some details, like prefix and sysconfdir -# the eval also expands variables like sysconfdir=${prefix}/etc -# provided they are eval'ed in the correct order +# Set ssh and sshd parameters as per config.local # -for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir mansubdir sysconfdir piddir -do - eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2` -done +if [ "${PERMIT_ROOT_LOGIN}" = no ] +then + perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \ + $FAKE_ROOT/${sysconfdir}/sshd_config +fi +if [ "${X11_FORWARDING}" = yes ] +then + perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \ + $FAKE_ROOT/${sysconfdir}/sshd_config +fi + # Rename config files; postinstall script will copy them if necessary for cfgfile in ssh_config sshd_config ssh_prng_cmds @@ -74,14 +151,18 @@ done # # Generate lpp control files. -# working dir is $FAKE_ROOT but files are generated in contrib/aix +# working dir is $FAKE_ROOT but files are generated in dir above # and moved into place just before creation of .bff # cd $FAKE_ROOT echo Generating LPP control files find . ! -name . -print >../openssh.al -inventory.sh >../openssh.inventory -cp ../../../LICENCE ../openssh.copyright +$inventory >../openssh.inventory + +cat <../openssh.copyright +This software is distributed under a BSD-style license. +For the full text of the license, see /usr/lpp/openssh/LICENCE +EOD # # Create postinstall script @@ -89,7 +170,7 @@ cp ../../../LICENCE ../openssh.copyright cat <>../openssh.post_i #!/bin/sh -# Create configs from defaults if necessary +echo Creating configs from defaults if necessary. for cfgfile in ssh_config sshd_config ssh_prng_cmds do if [ ! -f $sysconfdir/\$cfgfile ] @@ -100,8 +181,51 @@ do echo "\$cfgfile already exists." fi done +echo + +# Create PrivSep user if PrivSep not disabled in config +echo Creating PrivSep prereqs if required. +if egrep '^[ \t]*UsePrivilegeSeparation[ \t]+no' $sysconfdir/sshd_config >/dev/null +then + echo "UsePrivilegeSeparation disabled in config, not creating PrivSep user," + echo "group or chroot directory." +else + echo "UsePrivilegeSeparation enabled in config (or defaulting to on)." + + # create group if required + if cut -f1 -d: /etc/group | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null + then + echo "PrivSep group $SSH_PRIVSEP_USER already exists." + else + echo "Creating PrivSep group $SSH_PRIVSEP_USER." + mkgroup -A $SSH_PRIVSEP_USER + fi + + # Create user if required + if cut -f1 -d: /etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null + then + echo "PrivSep user $SSH_PRIVSEP_USER already exists." + else + echo "Creating PrivSep user $SSH_PRIVSEP_USER." + mkuser gecos='SSHD PrivSep User' login=false rlogin=false account_locked=true pgrp=$SSH_PRIVSEP_USER $SSH_PRIVSEP_USER + fi + + # create chroot directory if required + if [ -d $PRIVSEP_PATH ] + then + echo "PrivSep chroot directory $PRIVSEP_PATH already exists." + else + echo "Creating PrivSep chroot directory $PRIVSEP_PATH." + mkdir $PRIVSEP_PATH + chown 0 $PRIVSEP_PATH + chgrp 0 $PRIVSEP_PATH + chmod 755 $PRIVSEP_PATH + fi +fi +echo # Generate keys unless they already exist +echo Creating host keys if required. if [ -f "$sysconfdir/ssh_host_key" ] ; then echo "$sysconfdir/ssh_host_key already exists, skipping." else @@ -117,6 +241,7 @@ if [ -f $sysconfdir/ssh_host_rsa_key ] ; then else $bindir/ssh-keygen -t rsa -f $sysconfdir/ssh_host_rsa_key -N "" fi +echo # Add to system startup if required if grep $sbindir/sshd /etc/rc.tcpip >/dev/null @@ -135,10 +260,10 @@ EOF echo Creating liblpp.a ( cd .. - for i in al copyright inventory post_i + for i in openssh.al openssh.copyright openssh.inventory openssh.post_i LICENCE README* do - ar -r liblpp.a openssh.$i - rm openssh.$i + ar -r liblpp.a $i + rm $i done ) @@ -159,6 +284,8 @@ echo Creating liblpp.a # /usr/local/share 3 # % # ] +# } + echo Creating lpp_name cat <../lpp_name 4 R I $PKGNAME { @@ -167,11 +294,14 @@ $PKGNAME $BFFVERSION 1 N U en_US OpenSSH $VERSION Portable for AIX % EOF -for i in $bindir $sysconfdir $libexecdir $mandir/man1 $mandir/man8 $sbindir $datadir +for i in $bindir $sysconfdir $libexecdir $mandir/${mansubdir}1 $mandir/${mansubdir}8 $sbindir $datadir /usr/lpp/openssh do # get size in 512 byte blocks - size=`du $FAKE_ROOT/$i | awk '{print $1}'` - echo "$i $size" >>../lpp_name + if [ -d $FAKE_ROOT/$i ] + then + size=`du $FAKE_ROOT/$i | awk '{print $1}'` + echo "$i $size" >>../lpp_name + fi done echo '%' >>../lpp_name @@ -187,7 +317,7 @@ mv ../lpp_name . # # Now invoke backup to create .bff file -# note: lpp_name needs to be the first file do we generate the +# note: lpp_name needs to be the first file so we generate the # file list on the fly and feed it to backup using -i # echo Creating $PKGNAME-$VERSION.bff with backup... @@ -197,8 +327,17 @@ rm -f $PKGNAME-$VERSION.bff find . ! -name lpp_name -a ! -name . -print ) | backup -i -q -f ../$PKGNAME-$VERSION.bff $filelist -cd .. +# +# Move package into final location +# +if [ "$contribaix" = "1" ] +then + mv ../$PKGNAME-$VERSION.bff $objdir/contrib/aix +else + mv ../$PKGNAME-$VERSION.bff $objdir +fi + +rm -rf $objdir/$PKGDIR -rm -rf $PKGDIR echo $0: done. diff --git a/openssh/contrib/caldera/openssh.spec b/openssh/contrib/caldera/openssh.spec index 57dd8c7..ca6eb25 100644 --- a/openssh/contrib/caldera/openssh.spec +++ b/openssh/contrib/caldera/openssh.spec @@ -1,22 +1,49 @@ -%define use-stable 1 -%if %{use-stable} - %define version 3.3p1 + +# Some of this will need re-evaluation post-LSB. The SVIdir is there +# because the link appeared broken. The rest is for easy compilation, +# the tradeoff open to discussion. (LC957) + +%define SVIdir /etc/rc.d/init.d +%{!?_defaultdocdir:%define _defaultdocdir %{_prefix}/share/doc/packages} +%{!?SVIcdir:%define SVIcdir /etc/sysconfig/daemons} + +%define _mandir %{_prefix}/share/man/en +%define _sysconfdir /etc/ssh +%define _libexecdir %{_libdir}/ssh + +# Do we want to disable root_login? (1=yes 0=no) +%define no_root_login 0 + +#old cvs stuff. please update before use. may be deprecated. +%define use_stable 1 +%if %{use_stable} + %define version 3.4p1 %define cvs %{nil} - %define release 1 + %define release 2 %else - %define version 3.3 - %define cvs cvs20020515 + %define version 2.9.9p2 + %define cvs cvs20011009 %define release 0r1 %endif %define xsa x11-ssh-askpass %define askpass %{xsa}-1.2.4.1 +# OpenSSH privilege separation requires a user & group ID +%define sshd_uid 67 +%define sshd_gid 67 + Name : openssh Version : %{version}%{cvs} Release : %{release} Group : System/Network Summary : OpenSSH free Secure Shell (SSH) implementation. +Summary(de) : OpenSSH - freie Implementation der Secure Shell (SSH). +Summary(es) : OpenSSH implementación libre de Secure Shell (SSH). +Summary(fr) : Implémentation libre du shell sécurisé OpenSSH (SSH). +Summary(it) : Implementazione gratuita OpenSSH della Secure Shell. +Summary(pt) : Implementação livre OpenSSH do protocolo 'Secure Shell' (SSH). +Summary(pt_BR) : Implementação livre OpenSSH do protocolo Secure Shell (SSH). Copyright : BSD Packager : Raymund Will @@ -24,140 +51,228 @@ URL : http://www.openssh.com/ Obsoletes : ssh, ssh-clients, openssh-clients -BuildRoot : /tmp/%{Name}-%{Version} +BuildRoot : /tmp/%{name}-%{version} +BuildRequires : XFree86-imake -# %{use-stable}==1: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable -# %{use-stable}==0: :pserver:cvs@bass.directhit.com:/cvs/openssh_cvs -Source0: see-above:/.../openssh-%{Version}.tar.gz -%if %{use-stable} -Source1: see-above:/.../openssh-%{Version}.tar.gz.sig +# %{use_stable}==1: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable +# %{use_stable}==0: :pserver:cvs@bass.directhit.com:/cvs/openssh_cvs +Source0: see-above:/.../openssh-%{version}.tar.gz +%if %{use_stable} +Source1: see-above:/.../openssh-%{version}.tar.gz.sig %endif Source2: http://www.ntrnet.net/~jmknoble/software/%{xsa}/%{askpass}.tar.gz Source3: http://www.openssh.com/faq.html - %Package server Group : System/Network -Requires : openssh = %{Version} +Requires : openssh = %{version} Obsoletes : ssh-server Summary : OpenSSH Secure Shell protocol server (sshd). +Summary(de) : OpenSSH Secure Shell Protocol-Server (sshd). +Summary(es) : Servidor del protocolo OpenSSH Secure Shell (sshd). +Summary(fr) : Serveur de protocole du shell sécurisé OpenSSH (sshd). +Summary(it) : Server OpenSSH per il protocollo Secure Shell (sshd). +Summary(pt) : Servidor do protocolo 'Secure Shell' OpenSSH (sshd). +Summary(pt_BR) : Servidor do protocolo Secure Shell OpenSSH (sshd). %Package askpass Group : System/Network -Requires : openssh = %{Version} +Requires : openssh = %{version} URL : http://www.ntrnet.net/~jmknoble/software/x11-ssh-askpass/ Obsoletes : ssh-extras Summary : OpenSSH X11 pass-phrase dialog. +Summary(de) : OpenSSH X11 Passwort-Dialog. +Summary(es) : Aplicación de petición de frase clave OpenSSH X11. +Summary(fr) : Dialogue pass-phrase X11 d'OpenSSH. +Summary(it) : Finestra di dialogo X11 per la frase segreta di OpenSSH. +Summary(pt) : Diálogo de pedido de senha para X11 do OpenSSH. +Summary(pt_BR) : Diálogo de pedido de senha para X11 do OpenSSH. -%Prep -%setup %([ -z "%{cvs}" ] || echo "-n %{Name}_cvs") -a2 +%Description +OpenSSH (Secure Shell) provides access to a remote system. It replaces +telnet, rlogin, rexec, and rsh, and provides secure encrypted +communications between two untrusted hosts over an insecure network. +X11 connections and arbitrary TCP/IP ports can also be forwarded over +the secure channel. -%if ! %{use-stable} +%Description -l de +OpenSSH (Secure Shell) stellt den Zugang zu anderen Rechnern her. Es ersetzt +telnet, rlogin, rexec und rsh und stellt eine sichere, verschlüsselte +Verbindung zwischen zwei nicht vertrauenswürdigen Hosts über eine unsicheres +Netzwerk her. X11 Verbindungen und beliebige andere TCP/IP Ports können ebenso +über den sicheren Channel weitergeleitet werden. + +%Description -l es +OpenSSH (Secure Shell) proporciona acceso a sistemas remotos. Reemplaza a +telnet, rlogin, rexec, y rsh, y proporciona comunicaciones seguras encriptadas +entre dos equipos entre los que no se ha establecido confianza a través de una +red insegura. Las conexiones X11 y puertos TCP/IP arbitrarios también pueden +ser canalizadas sobre el canal seguro. + +%Description -l fr +OpenSSH (Secure Shell) fournit un accès à un système distant. Il remplace +telnet, rlogin, rexec et rsh, tout en assurant des communications cryptées +securisées entre deux hôtes non fiabilisés sur un réseau non sécurisé. Des +connexions X11 et des ports TCP/IP arbitraires peuvent également être +transmis sur le canal sécurisé. + +%Description -l it +OpenSSH (Secure Shell) fornisce l'accesso ad un sistema remoto. +Sostituisce telnet, rlogin, rexec, e rsh, e fornisce comunicazioni sicure +e crittate tra due host non fidati su una rete non sicura. Le connessioni +X11 ad una porta TCP/IP arbitraria possono essere inoltrate attraverso +un canale sicuro. + +%Description -l pt +OpenSSH (Secure Shell) fornece acesso a um sistema remoto. Substitui o +telnet, rlogin, rexec, e o rsh e fornece comunicações seguras e cifradas +entre duas máquinas sem confiança mútua sobre uma rede insegura. +Ligações X11 e portos TCP/IP arbitrários também poder ser reenviados +pelo canal seguro. + +%Description -l pt_BR +O OpenSSH (Secure Shell) fornece acesso a um sistema remoto. Substitui o +telnet, rlogin, rexec, e o rsh e fornece comunicações seguras e criptografadas +entre duas máquinas sem confiança mútua sobre uma rede insegura. +Ligações X11 e portas TCP/IP arbitrárias também podem ser reenviadas +pelo canal seguro. + +%Description server +This package installs the sshd, the server portion of OpenSSH. + +%Description -l de server +Dieses Paket installiert den sshd, den Server-Teil der OpenSSH. + +%Description -l es server +Este paquete instala sshd, la parte servidor de OpenSSH. + +%Description -l fr server +Ce paquetage installe le 'sshd', partie serveur de OpenSSH. + +%Description -l it server +Questo pacchetto installa sshd, il server di OpenSSH. + +%Description -l pt server +Este pacote intala o sshd, o servidor do OpenSSH. + +%Description -l pt_BR server +Este pacote intala o sshd, o servidor do OpenSSH. + +%Description askpass +This package contains an X11-based pass-phrase dialog used per +default by ssh-add(1). It is based on %{askpass} +by Jim Knoble . + + +%Prep +%setup %([ -z "%{cvs}" ] || echo "-n %{name}_cvs") -a2 +%if ! %{use_stable} autoreconf %endif %Build CFLAGS="$RPM_OPT_FLAGS" \ -./configure \ - --prefix=/usr \ - --sysconfdir=/etc/ssh \ - --libexecdir=/usr/lib/ssh \ +%configure \ --with-pam \ --with-tcp-wrappers \ --with-ipv4-default \ + --sysconfdir=%{_sysconfdir}/ssh \ + --libexecdir=%{_libexecdir}/openssh \ + --with-privsep-path=%{_var}/empty/sshd \ + #leave this line for easy edits. -make +%__make CFLAGS="$RPM_OPT_FLAGS" cd %{askpass} -./configure +%configure \ + #leave this line for easy edits. + xmkmf -make includes -make +%__make includes +%__make %Install -%{mkDESTDIR} - -make DESTDIR="$DESTDIR" install +[ %{buildroot} != "/" ] && rm -rf %{buildroot} -make -C %{askpass} BINDIR="/usr/lib/ssh" install +%makeinstall +%makeinstall -C %{askpass} \ + BINDIR=%{_libexecdir} \ + MANPATH=%{_mandir} \ + DESTDIR=%{buildroot} # OpenLinux specific configuration -mkdir -p $DESTDIR/{etc/pam.d,%{SVIcdir},%{SVIdir}} +mkdir -p %{buildroot}{/etc/pam.d,%{SVIcdir},%{SVIdir}} +mkdir -p %{buildroot}%{_var}/empty/sshd # enabling X11 forwarding on the server is convenient and okay, -# on the client side we consider it a potential security risk! -%{fixUP} -vT $DESTDIR/etc/ssh/sshd_config -e ' - s/#X11Forwarding no/X11Forwarding yes/i' +# on the client side it's a potential security risk! +%__perl -pi -e 's:#X11Forwarding no:X11Forwarding yes:g' \ + %{buildroot}%{_sysconfdir}/sshd_config + +%if %{no_root_login} +%__perl -pi -e 's:#PermitRootLogin yes:PermitRootLogin no:g' \ + %{buildroot}%{_sysconfdir}/sshd_config +%endif -install -m644 contrib/caldera/sshd.pam $DESTDIR/etc/pam.d/sshd -# FIXME: disabled, find out why this doesn't work with NIS -%{fixUP} -vT $DESTDIR/etc/pam.d/sshd -e 's/^(.*pam_limits.*)$/#$1/' +install -m644 contrib/caldera/sshd.pam %{buildroot}/etc/pam.d/sshd +# FIXME: disabled, find out why this doesn't work with nis +%__perl -pi -e 's:(.*pam_limits.*):#$1:' \ + %{buildroot}/etc/pam.d/sshd -install -m 0755 contrib/caldera/sshd.init $DESTDIR%{SVIdir}/sshd -%{fixUP} -vT $DESTDIR/%{SVIdir} -e 's:\@SVIdir\@:%{SVIdir}: + - s:\@sysconfdir\@:/etc/ssh:' +install -m 0755 contrib/caldera/sshd.init %{buildroot}%{SVIdir}/sshd -cat <<-EoD > $DESTDIR%{SVIcdir}/sshd +# the last one is needless, but more future-proof +find %{buildroot}%{SVIdir} -type f -exec \ + %__perl -pi -e 's:\@SVIdir\@:%{SVIdir}:g;\ + s:\@sysconfdir\@:%{_sysconfdir}:g; \ + s:/usr/sbin:%{_sbindir}:g'\ + \{\} \; + +cat <<-EoD > %{buildroot}%{SVIcdir}/sshd IDENT=sshd DESCRIPTIVE="OpenSSH secure shell daemon" # This service will be marked as 'skipped' on boot if there - # is no host key. Use ssh-host-keygen to generate one. + # is no host key. Use ssh-host-keygen to generate one ONBOOT="yes" OPTIONS="" EoD -SKG=$DESTDIR/usr/sbin/ssh-host-keygen +SKG=%{buildroot}%{_sbindir}/ssh-host-keygen install -m 0755 contrib/caldera/ssh-host-keygen $SKG -%{fixUP} -T $SKG -e 's:\@sysconfdir\@:/etc/ssh: + - s:\@sshkeygen\@:/usr/bin/ssh-keygen:' - +# Fix up some path names in the keygen toy^Hol + %__perl -pi -e 's:\@sysconfdir\@:%{_sysconfdir}:g; \ + s:\@sshkeygen\@:%{_bindir}/ssh-keygen:g' \ + %{buildroot}%{_sbindir}/ssh-host-keygen +# This looks terrible. Expect it to change. # install remaining docs -DocD="$DESTDIR%{_defaultdocdir}/%{Name}-%{Version}"; mkdir -p $DocD/00-LEGAL -cp -a LICENCE $DocD/00-LEGAL -cp -a CREDITS ChangeLog OVERVIEW README* TODO $DocD -install -p -m 0444 -o 0 -g 0 %{SOURCE3} $DocD/faq.html +DocD="%{buildroot}%{_defaultdocdir}/%{name}-%{version}" mkdir -p $DocD/%{askpass} +cp -a CREDITS ChangeLog LICENCE OVERVIEW README* TODO $DocD +install -p -m 0444 %{SOURCE3} $DocD/faq.html cp -a %{askpass}/{README,ChangeLog,TODO,SshAskpass*.ad} $DocD/%{askpass} +%if %{use_stable} + cp -p %{askpass}/%{xsa}.man $DocD/%{askpass}/%{xsa}.1 +%else + cp -p %{askpass}/%{xsa}.man %{buildroot}%{_mandir}man1/%{xsa}.1 + ln -s %{xsa}.1 %{buildroot}%{_mandir}man1/ssh-askpass.1 +%endif -cp -p %{askpass}/%{xsa}.man $DESTDIR/usr/man/man1/%{xsa}.1 -ln -s %{xsa}.1 $DESTDIR/usr/man/man1/ssh-askpass.1 - -%{fixManPages} - - -# generate file lists -%{mkLists} -c %{Name} -%{mkLists} -d %{Name} << 'EOF' -/etc/ssh base -^/etc/ IGNORED -%{_defaultdocdir}/$ IGNORED -askpass askpass -* default -EOF -%{mkLists} -a -f %{Name} << 'EOF' -^/etc * prefix(%%config) -/usr/X11R6/lib/X11/app-defaults IGNORED -Ssh.bin IGNORED # for now -[Aa]skpass askpass -%{_defaultdocdir}/%{Name}-%{Version}/ base -ssh-keygen base -moduli server -sshd server -sftp-server server -.* base -EOF +find %{buildroot}%{_mandir} -type f -not -name '*.gz' -print0 | xargs -0r %__gzip -9nf +rm %{buildroot}%{_mandir}/man1/slogin.1 && \ + ln -s %{_mandir}/man1/ssh.1.gz \ + %{buildroot}%{_mandir}/man1/slogin.1.gz %Clean -%{rmDESTDIR} - +#%{rmDESTDIR} +[ %{buildroot} != "/" ] && rm -rf %{buildroot} %Post # Generate host key when none is present to get up and running, @@ -166,6 +281,11 @@ EOF /usr/sbin/ssh-host-keygen : # to protect the rpm database +%pre server +%{_sbindir}/groupadd -g %{sshd_gid} sshd 2>/dev/null || : +%{_sbindir}/useradd -d /var/empty/sshd -s /bin/false -u %{sshd_uid} \ + -c "SSH Daemon virtual user" -g sshd sshd 2>/dev/null || : +: # to protect the rpm database %Post server if [ -x %{LSBinit}-install ]; then @@ -194,34 +314,45 @@ fi : # to protect the rpm database -%Files -f files-%{Name}-base +%Files %defattr(-,root,root) - - -%Files server -f files-%{Name}-server +%dir %{_sysconfdir} +%config %{_sysconfdir}/ssh_config +%{_bindir}/* +%dir %{_libexecdir} +%{_sbindir}/ssh-host-keygen +%dir %{_defaultdocdir}/%{name}-%{version} +%{_defaultdocdir}/%{name}-%{version}/CREDITS +%{_defaultdocdir}/%{name}-%{version}/ChangeLog +%{_defaultdocdir}/%{name}-%{version}/LICENCE +%{_defaultdocdir}/%{name}-%{version}/OVERVIEW +%{_defaultdocdir}/%{name}-%{version}/README* +%{_defaultdocdir}/%{name}-%{version}/TODO +%{_defaultdocdir}/%{name}-%{version}/faq.html +%{_mandir}/man1/* + +%Files server %defattr(-,root,root) - - -%Files askpass -f files-%{Name}-askpass +%dir %attr(0700,root,root) %{_var}/empty/sshd +%config %{SVIdir}/sshd +%config /etc/pam.d/sshd +%config %{_sysconfdir}/moduli +%config %{_sysconfdir}/sshd_config +%config %{SVIcdir}/sshd +%{_libexecdir}/sftp-server +%{_sbindir}/sshd +%{_mandir}/man8/sftp-server.8.gz +%{_mandir}/man8/sshd.8.gz + +%Files askpass %defattr(-,root,root) - - -%Description -OpenSSH (Secure Shell) provides access to a remote system. It replaces -telnet, rlogin, rexec, and rsh, and provides secure encrypted -communications between two untrusted hosts over an insecure network. -X11 connections and arbitrary TCP/IP ports can also be forwarded over -the secure channel. - -%Description server -This package installs the sshd, the server portion of OpenSSH. - -%Description askpass -This package contains an X11-based pass-phrase dialog used per -default by ssh-add(1). It is based on %{askpass} -by Jim Knoble . +%{_libexecdir}/ssh-askpass +%{_libexecdir}/x11-ssh-askpass +%{_defaultdocdir}/%{name}-%{version}/%{askpass} + %ChangeLog * Mon Jan 01 1998 ... +Template Version: 1.31 $Id$ diff --git a/openssh/contrib/redhat/openssh.spec b/openssh/contrib/redhat/openssh.spec index 6166f66..b73fb92 100644 --- a/openssh/contrib/redhat/openssh.spec +++ b/openssh/contrib/redhat/openssh.spec @@ -1,4 +1,4 @@ -%define ver 3.3p1 +%define ver 3.4p1 %define rel 1 # OpenSSH privilege separation requires a user & group ID @@ -97,6 +97,10 @@ BuildPreReq: XFree86-devel %if ! %{no_gnome_askpass} BuildPreReq: gnome-libs-devel %endif +%if %{kerberos5} +BuildPreReq: krb5-devel +BuildPreReq: krb5-libs +%endif %package clients Summary: OpenSSH clients. diff --git a/openssh/contrib/suse/openssh.spec b/openssh/contrib/suse/openssh.spec index 6bd8810..126dac3 100644 --- a/openssh/contrib/suse/openssh.spec +++ b/openssh/contrib/suse/openssh.spec @@ -1,6 +1,6 @@ Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation Name: openssh -Version: 3.3p1 +Version: 3.4p1 URL: http://www.openssh.com/ Release: 1 Source0: openssh-%{version}.tar.gz diff --git a/openssh/defines.h b/openssh/defines.h index b057730..3f5b28a 100644 --- a/openssh/defines.h +++ b/openssh/defines.h @@ -316,14 +316,6 @@ struct winsize { # define _PATH_MAILDIR MAILDIR #endif /* !defined(_PATH_MAILDIR) && defined(MAILDIR) */ -#ifndef _PATH_RSH -# ifdef RSH_PATH -# define _PATH_RSH RSH_PATH -# else /* RSH_PATH */ -# define _PATH_RSH "/usr/bin/rsh" -# endif /* RSH_PATH */ -#endif /* _PATH_RSH */ - #ifndef _PATH_NOLOGIN # define _PATH_NOLOGIN "/etc/nologin" #endif @@ -417,7 +409,18 @@ struct winsize { #endif #ifndef HAVE_GETOPT_OPTRESET -#define getopt(ac, av, o) BSDgetopt(ac, av, o) +# undef getopt +# undef opterr +# undef optind +# undef optopt +# undef optreset +# undef optarg +# define getopt(ac, av, o) BSDgetopt(ac, av, o) +# define opterr BSDopterr +# define optind BSDoptind +# define optopt BSDoptopt +# define optreset BSDoptreset +# define optarg BSDoptarg #endif /* In older versions of libpam, pam_strerror takes a single argument */ diff --git a/openssh/kex.c b/openssh/kex.c index d079ab0..bdbf388 100644 --- a/openssh/kex.c +++ b/openssh/kex.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: kex.c,v 1.50 2002/05/15 15:47:49 mouring Exp $"); +RCSID("$OpenBSD: kex.c,v 1.51 2002/06/24 14:55:38 markus Exp $"); #include @@ -202,8 +202,8 @@ kex_input_kexinit(int type, u_int32_t seq, void *ctxt) packet_get_char(); for (i = 0; i < PROPOSAL_MAX; i++) xfree(packet_get_string(NULL)); - packet_get_char(); - packet_get_int(); + (void) packet_get_char(); + (void) packet_get_int(); packet_check_eom(); kex_kexinit_finish(kex); diff --git a/openssh/key.c b/openssh/key.c index 2d850c8..fb1f841 100644 --- a/openssh/key.c +++ b/openssh/key.c @@ -32,7 +32,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -RCSID("$OpenBSD: key.c,v 1.44 2002/05/31 13:16:48 markus Exp $"); +RCSID("$OpenBSD: key.c,v 1.45 2002/06/23 03:26:19 deraadt Exp $"); #include @@ -89,6 +89,7 @@ key_new(int type) } return k; } + Key * key_new_private(int type) { @@ -120,6 +121,7 @@ key_new_private(int type) } return k; } + void key_free(Key *k) { @@ -359,6 +361,7 @@ read_bignum(char **cpp, BIGNUM * value) *cpp = cp; return 1; } + static int write_bignum(FILE *f, BIGNUM *num) { @@ -485,6 +488,7 @@ key_read(Key *ret, char **cpp) } return success; } + int key_write(Key *key, FILE *f) { @@ -516,6 +520,7 @@ key_write(Key *key, FILE *f) } return success; } + char * key_type(Key *k) { @@ -532,6 +537,7 @@ key_type(Key *k) } return "unknown"; } + char * key_ssh_name(Key *k) { @@ -545,6 +551,7 @@ key_ssh_name(Key *k) } return "ssh-unknown"; } + u_int key_size(Key *k) { @@ -807,7 +814,6 @@ key_verify( } /* Converts a private to a public key */ - Key * key_demote(Key *k) { diff --git a/openssh/monitor.c b/openssh/monitor.c index 39b6248..89b712f 100644 --- a/openssh/monitor.c +++ b/openssh/monitor.c @@ -25,7 +25,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: monitor.c,v 1.16 2002/06/21 05:50:51 djm Exp $"); +RCSID("$OpenBSD: monitor.c,v 1.18 2002/06/26 13:20:57 deraadt Exp $"); #include @@ -188,9 +188,6 @@ struct mon_table mon_dispatch_proto15[] = { {MONITOR_REQ_KEYALLOWED, MON_ISAUTH, mm_answer_keyallowed}, {MONITOR_REQ_RSACHALLENGE, MON_ONCE, mm_answer_rsa_challenge}, {MONITOR_REQ_RSARESPONSE, MON_ONCE|MON_AUTHDECIDE, mm_answer_rsa_response}, -#ifdef USE_PAM - {MONITOR_REQ_PAM_START, MON_ONCE, mm_answer_pam_start}, -#endif #ifdef BSD_AUTH {MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery}, {MONITOR_REQ_BSDAUTHRESPOND, MON_AUTH,mm_answer_bsdauthrespond}, @@ -982,14 +979,14 @@ mm_answer_keyverify(int socket, Buffer *m) xfree(signature); xfree(data); + auth_method = key_blobtype == MM_USERKEY ? "publickey" : "hostbased"; + monitor_reset_key_state(); buffer_clear(m); buffer_put_int(m, verified); mm_request_send(socket, MONITOR_ANS_KEYVERIFY, m); - auth_method = key_blobtype == MM_USERKEY ? "publickey" : "hostbased"; - return (verified); } @@ -1456,9 +1453,13 @@ mm_get_keystate(struct monitor *pmonitor) void * mm_zalloc(struct mm_master *mm, u_int ncount, u_int size) { + int len = size * ncount; void *address; - address = mm_malloc(mm, size * ncount); + if (len <= 0) + fatal("%s: mm_zalloc(%u, %u)", __func__, ncount, size); + + address = mm_malloc(mm, len); return (address); } diff --git a/openssh/monitor_fdpass.h b/openssh/monitor_fdpass.h index cb12c41..31d080e 100644 --- a/openssh/monitor_fdpass.h +++ b/openssh/monitor_fdpass.h @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_fdpass.h,v 1.2 2002/03/26 03:24:01 stevesk Exp $ */ +/* $OpenBSD: monitor_fdpass.h,v 1.2 2002/03/26 03:24:01 stevesk Exp $ */ /* * Copyright 2002 Niels Provos diff --git a/openssh/monitor_mm.c b/openssh/monitor_mm.c index 0076c42..c363036 100644 --- a/openssh/monitor_mm.c +++ b/openssh/monitor_mm.c @@ -84,13 +84,13 @@ mm_create(struct mm_master *mmalloc, size_t size) */ mm->mmalloc = mmalloc; -#if defined(HAVE_MMAP) && defined(MAP_ANON) +#ifdef HAVE_MMAP_ANON_SHARED address = mmap(NULL, size, PROT_WRITE|PROT_READ, MAP_ANON|MAP_SHARED, -1, 0); if (address == MAP_FAILED) fatal("mmap(%lu): %s", (u_long)size, strerror(errno)); #else - fatal("%s: UsePrivilegeSeparation=yes not supported", + fatal("%s: UsePrivilegeSeparation=yes and Compression=yes not supported", __func__); #endif @@ -130,12 +130,12 @@ mm_destroy(struct mm_master *mm) mm_freelist(mm->mmalloc, &mm->rb_free); mm_freelist(mm->mmalloc, &mm->rb_allocated); -#ifdef HAVE_MMAP +#ifdef HAVE_MMAP_ANON_SHARED if (munmap(mm->address, mm->size) == -1) fatal("munmap(%p, %lu): %s", mm->address, (u_long)mm->size, strerror(errno)); #else - fatal("%s: UsePrivilegeSeparation=yes not supported", + fatal("%s: UsePrivilegeSeparation=yes and Compression=yes not supported", __func__); #endif if (mm->mmalloc == NULL) diff --git a/openssh/monitor_mm.h b/openssh/monitor_mm.h index c0af432..c0a66d5 100644 --- a/openssh/monitor_mm.h +++ b/openssh/monitor_mm.h @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_mm.h,v 1.2 2002/03/26 03:24:01 stevesk Exp $ */ +/* $OpenBSD: monitor_mm.h,v 1.2 2002/03/26 03:24:01 stevesk Exp $ */ /* * Copyright 2002 Niels Provos diff --git a/openssh/msg.c b/openssh/msg.c index 103aed2..7275c84 100644 --- a/openssh/msg.c +++ b/openssh/msg.c @@ -22,7 +22,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -RCSID("$OpenBSD: msg.c,v 1.2 2002/06/19 00:27:55 deraadt Exp $"); +RCSID("$OpenBSD: msg.c,v 1.3 2002/06/24 15:49:22 itojun Exp $"); #include "buffer.h" #include "getput.h" @@ -36,7 +36,7 @@ msg_send(int fd, u_char type, Buffer *m) u_char buf[5]; u_int mlen = buffer_len(m); - debug3("msg_send: type %d", type); + debug3("msg_send: type %u", (unsigned int)type & 0xff); PUT_32BIT(buf, mlen + 1); buf[4] = type; /* 1st byte of payload is mesg-type */ @@ -59,7 +59,7 @@ msg_recv(int fd, Buffer *m) if (res != sizeof(buf)) { if (res == 0) return -1; - fatal("msg_recv: read: header %d", res); + fatal("msg_recv: read: header %ld", (long)res); } msg_len = GET_32BIT(buf); if (msg_len > 256 * 1024) diff --git a/openssh/openbsd-compat/getopt.c b/openssh/openbsd-compat/getopt.c index 9e13504..f4fbc9b 100644 --- a/openssh/openbsd-compat/getopt.c +++ b/openssh/openbsd-compat/getopt.c @@ -42,11 +42,11 @@ static char *rcsid = "$OpenBSD: getopt.c,v 1.2 1996/08/19 08:33:32 tholo Exp $"; #include #include -int opterr = 1, /* if error message should be printed */ - optind = 1, /* index into parent argv vector */ - optopt, /* character checked for validity */ - optreset; /* reset getopt */ -char *optarg; /* argument associated with option */ +int BSDopterr = 1, /* if error message should be printed */ + BSDoptind = 1, /* index into parent argv vector */ + BSDoptopt, /* character checked for validity */ + BSDoptreset; /* reset getopt */ +char *BSDoptarg; /* argument associated with option */ #define BADCH (int)'?' #define BADARG (int)':' @@ -66,57 +66,57 @@ BSDgetopt(nargc, nargv, ostr) static char *place = EMSG; /* option letter processing */ char *oli; /* option letter list index */ - if (optreset || !*place) { /* update scanning pointer */ - optreset = 0; - if (optind >= nargc || *(place = nargv[optind]) != '-') { + if (BSDoptreset || !*place) { /* update scanning pointer */ + BSDoptreset = 0; + if (BSDoptind >= nargc || *(place = nargv[BSDoptind]) != '-') { place = EMSG; return (-1); } if (place[1] && *++place == '-') { /* found "--" */ - ++optind; + ++BSDoptind; place = EMSG; return (-1); } } /* option letter okay? */ - if ((optopt = (int)*place++) == (int)':' || - !(oli = strchr(ostr, optopt))) { + if ((BSDoptopt = (int)*place++) == (int)':' || + !(oli = strchr(ostr, BSDoptopt))) { /* * if the user didn't specify '-' as an option, * assume it means -1. */ - if (optopt == (int)'-') + if (BSDoptopt == (int)'-') return (-1); if (!*place) - ++optind; - if (opterr && *ostr != ':') + ++BSDoptind; + if (BSDopterr && *ostr != ':') (void)fprintf(stderr, - "%s: illegal option -- %c\n", __progname, optopt); + "%s: illegal option -- %c\n", __progname, BSDoptopt); return (BADCH); } if (*++oli != ':') { /* don't need argument */ - optarg = NULL; + BSDoptarg = NULL; if (!*place) - ++optind; + ++BSDoptind; } else { /* need an argument */ if (*place) /* no white space */ - optarg = place; - else if (nargc <= ++optind) { /* no arg */ + BSDoptarg = place; + else if (nargc <= ++BSDoptind) { /* no arg */ place = EMSG; if (*ostr == ':') return (BADARG); - if (opterr) + if (BSDopterr) (void)fprintf(stderr, "%s: option requires an argument -- %c\n", - __progname, optopt); + __progname, BSDoptopt); return (BADCH); } else /* white space */ - optarg = nargv[optind]; + BSDoptarg = nargv[BSDoptind]; place = EMSG; - ++optind; + ++BSDoptind; } - return (optopt); /* dump back option letter */ + return (BSDoptopt); /* dump back option letter */ } #endif /* !defined(HAVE_GETOPT) || !defined(HAVE_OPTRESET) */ diff --git a/openssh/packet.c b/openssh/packet.c index 8651127..a5b2ab6 100644 --- a/openssh/packet.c +++ b/openssh/packet.c @@ -37,7 +37,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: packet.c,v 1.95 2002/06/19 18:01:00 markus Exp $"); +RCSID("$OpenBSD: packet.c,v 1.96 2002/06/23 21:10:02 deraadt Exp $"); #include "xmalloc.h" #include "buffer.h" @@ -1015,7 +1015,7 @@ packet_read_poll2(u_int32_t *seqnr_p) int packet_read_poll_seqnr(u_int32_t *seqnr_p) { - int reason, seqnr; + u_int reason, seqnr; u_char type; char *msg; @@ -1038,14 +1038,15 @@ packet_read_poll_seqnr(u_int32_t *seqnr_p) case SSH2_MSG_DISCONNECT: reason = packet_get_int(); msg = packet_get_string(NULL); - log("Received disconnect from %s: %d: %.400s", get_remote_ipaddr(), - reason, msg); + log("Received disconnect from %s: %u: %.400s", + get_remote_ipaddr(), reason, msg); xfree(msg); fatal_cleanup(); break; case SSH2_MSG_UNIMPLEMENTED: seqnr = packet_get_int(); - debug("Received SSH2_MSG_UNIMPLEMENTED for %d", seqnr); + debug("Received SSH2_MSG_UNIMPLEMENTED for %u", + seqnr); break; default: return type; @@ -1063,8 +1064,8 @@ packet_read_poll_seqnr(u_int32_t *seqnr_p) break; case SSH_MSG_DISCONNECT: msg = packet_get_string(NULL); - log("Received disconnect from %s: %.400s", get_remote_ipaddr(), - msg); + log("Received disconnect from %s: %.400s", + get_remote_ipaddr(), msg); fatal_cleanup(); xfree(msg); break; diff --git a/openssh/scard.c b/openssh/scard.c index db0cc4a..9791938 100644 --- a/openssh/scard.c +++ b/openssh/scard.c @@ -24,7 +24,7 @@ #include "includes.h" #if defined(SMARTCARD) && defined(USE_SECTOK) -RCSID("$OpenBSD: scard.c,v 1.25 2002/03/26 18:46:59 rees Exp $"); +RCSID("$OpenBSD: scard.c,v 1.26 2002/06/23 03:30:17 deraadt Exp $"); #include #include @@ -191,7 +191,7 @@ sc_read_pubkey(Key * k) status = 0; p = key_fingerprint(k, SSH_FP_MD5, SSH_FP_HEX); - debug("fingerprint %d %s", key_size(k), p); + debug("fingerprint %u %s", key_size(k), p); xfree(p); err: diff --git a/openssh/scp.1 b/openssh/scp.1 index c0caff4..396ab64 100644 --- a/openssh/scp.1 +++ b/openssh/scp.1 @@ -9,7 +9,7 @@ .\" .\" Created: Sun May 7 00:14:37 1995 ylo .\" -.\" $OpenBSD: scp.1,v 1.22 2002/06/20 20:00:05 stevesk Exp $ +.\" $OpenBSD: scp.1,v 1.23 2002/06/22 16:41:57 stevesk Exp $ .\" .Dd September 25, 1999 .Dt SCP 1 @@ -152,5 +152,5 @@ California. .Xr ssh-add 1 , .Xr ssh-agent 1 , .Xr ssh-keygen 1 , -.Xr ssh_config 5 +.Xr ssh_config 5 , .Xr sshd 8 diff --git a/openssh/servconf.c b/openssh/servconf.c index fb6332c..f311ae4 100644 --- a/openssh/servconf.c +++ b/openssh/servconf.c @@ -10,7 +10,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: servconf.c,v 1.111 2002/06/20 23:05:55 markus Exp $"); +RCSID("$OpenBSD: servconf.c,v 1.112 2002/06/23 09:46:51 deraadt Exp $"); #if defined(KRB4) #include @@ -257,7 +257,7 @@ fill_default_server_options(ServerOptions *options) if (use_privsep == -1) use_privsep = 1; -#if !defined(HAVE_MMAP) || !defined(MAP_ANON) +#if !defined(HAVE_MMAP_ANON_SHARED) if (use_privsep && options->compression == 1) { error("This platform does not support both privilege " "separation and compression"); @@ -423,7 +423,7 @@ add_one_listen_addr(ServerOptions *options, char *addr, u_short port) hints.ai_family = IPv4or6; hints.ai_socktype = SOCK_STREAM; hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0; - snprintf(strport, sizeof strport, "%d", port); + snprintf(strport, sizeof strport, "%u", port); if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0) fatal("bad addr or host: %s (%s)", addr ? addr : "", @@ -439,9 +439,8 @@ process_server_config_line(ServerOptions *options, char *line, const char *filename, int linenum) { char *cp, **charptr, *arg, *p; - int *intptr, value; + int *intptr, value, i, n; ServerOpCodes opcode; - int i, n; cp = line; arg = strdelim(&cp); @@ -765,7 +764,8 @@ parse_flag: if (options->num_allow_users >= MAX_ALLOW_USERS) fatal("%s line %d: too many allow users.", filename, linenum); - options->allow_users[options->num_allow_users++] = xstrdup(arg); + options->allow_users[options->num_allow_users++] = + xstrdup(arg); } break; @@ -774,7 +774,8 @@ parse_flag: if (options->num_deny_users >= MAX_DENY_USERS) fatal( "%s line %d: too many deny users.", filename, linenum); - options->deny_users[options->num_deny_users++] = xstrdup(arg); + options->deny_users[options->num_deny_users++] = + xstrdup(arg); } break; @@ -783,7 +784,8 @@ parse_flag: if (options->num_allow_groups >= MAX_ALLOW_GROUPS) fatal("%s line %d: too many allow groups.", filename, linenum); - options->allow_groups[options->num_allow_groups++] = xstrdup(arg); + options->allow_groups[options->num_allow_groups++] = + xstrdup(arg); } break; @@ -921,10 +923,9 @@ parse_flag: void read_server_config(ServerOptions *options, const char *filename) { - FILE *f; + int linenum, bad_options = 0; char line[1024]; - int linenum; - int bad_options = 0; + FILE *f; f = fopen(filename, "r"); if (!f) { diff --git a/openssh/serverloop.c b/openssh/serverloop.c index 1a148fc..1349213 100644 --- a/openssh/serverloop.c +++ b/openssh/serverloop.c @@ -35,7 +35,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: serverloop.c,v 1.102 2002/06/11 05:46:20 mpech Exp $"); +RCSID("$OpenBSD: serverloop.c,v 1.103 2002/06/24 14:33:27 markus Exp $"); #include "xmalloc.h" #include "packet.h" @@ -902,10 +902,8 @@ server_input_channel_open(int type, u_int32_t seq, void *ctxt) { Channel *c = NULL; char *ctype; - u_int len; int rchan; - int rmaxpack; - int rwindow; + u_int rmaxpack, rwindow, len; ctype = packet_get_string(&len); rchan = packet_get_int(); diff --git a/openssh/session.c b/openssh/session.c index 6169f33..747a00a 100644 --- a/openssh/session.c +++ b/openssh/session.c @@ -33,7 +33,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: session.c,v 1.138 2002/06/20 23:05:55 markus Exp $"); +RCSID("$OpenBSD: session.c,v 1.142 2002/06/26 13:49:26 deraadt Exp $"); #include "ssh.h" #include "ssh1.h" @@ -252,8 +252,8 @@ do_authenticated1(Authctxt *authctxt) Session *s; char *command; int success, type, screen_flag; - int compression_level = 0, enable_compression_after_reply = 0; - u_int proto_len, data_len, dlen; + int enable_compression_after_reply = 0; + u_int proto_len, data_len, dlen, compression_level = 0; s = session_new(); s->authctxt = authctxt; @@ -849,6 +849,9 @@ child_set_env(char ***envp, u_int *envsizep, const char *name, } else { /* New variable. Expand if necessary. */ if (i >= (*envsizep) - 1) { + if (*envsizep >= 1000) + fatal("child_set_env: too many env vars," + " skipping: %.100s", name); (*envsizep) += 50; env = (*envp) = xrealloc(env, (*envsizep) * sizeof(char *)); } @@ -874,12 +877,15 @@ read_environment_file(char ***env, u_int *envsize, FILE *f; char buf[4096]; char *cp, *value; + u_int lineno = 0; f = fopen(filename, "r"); if (!f) return; while (fgets(buf, sizeof(buf), f)) { + if (++lineno > 1000) + fatal("Too many lines in environment file %s", filename); for (cp = buf; *cp == ' ' || *cp == '\t'; cp++) ; if (!*cp || *cp == '#' || *cp == '\n') @@ -888,7 +894,8 @@ read_environment_file(char ***env, u_int *envsize, *strchr(cp, '\n') = '\0'; value = strchr(cp, '='); if (value == NULL) { - fprintf(stderr, "Bad line in %.100s: %.200s\n", filename, buf); + fprintf(stderr, "Bad line %u in %.100s\n", lineno, + filename); continue; } /* @@ -1152,6 +1159,8 @@ do_nologin(struct passwd *pw) void do_setusercontext(struct passwd *pw) { + char tty='\0'; + #ifdef HAVE_CYGWIN if (is_winnt) { #else /* HAVE_CYGWIN */ @@ -1161,6 +1170,9 @@ do_setusercontext(struct passwd *pw) setpcred(pw->pw_name); #endif /* HAVE_SETPCRED */ #ifdef HAVE_LOGIN_CAP +#ifdef __bsdi__ + setpgid(0, 0); +#endif if (setusercontext(lc, pw, pw->pw_uid, (LOGIN_SETALL & ~LOGIN_SETPATH)) < 0) { perror("unable to set user context"); @@ -1196,6 +1208,10 @@ do_setusercontext(struct passwd *pw) # if defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) irix_setusercontext(pw); # endif /* defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) */ +# ifdef _AIX + /* XXX: Disable tty setting. Enabled if required later */ + aix_usrinfo(pw, &tty, -1); +# endif /* _AIX */ /* Permanently switch to the desired uid. */ permanently_set_uid(pw); #endif @@ -1258,9 +1274,6 @@ do_child(Session *s, const char *command) do_motd(); #else /* HAVE_OSF_SIA */ do_nologin(pw); -# ifdef _AIX - aix_usrinfo(pw, s->tty, s->ttyfd); -# endif /* _AIX */ do_setusercontext(pw); #endif /* HAVE_OSF_SIA */ } @@ -1970,9 +1983,9 @@ session_setup_x11fwd(Session *s) debug("X11 display already set."); return 0; } - s->display_number = x11_create_display_inet(options.x11_display_offset, - options.x11_use_localhost, s->single_connection); - if (s->display_number == -1) { + if (x11_create_display_inet(options.x11_display_offset, + options.x11_use_localhost, s->single_connection, + &s->display_number) == -1) { debug("x11_create_display_inet failed."); return 0; } @@ -1986,9 +1999,9 @@ session_setup_x11fwd(Session *s) * different than the DISPLAY string for localhost displays. */ if (options.x11_use_localhost) { - snprintf(display, sizeof display, "localhost:%d.%d", + snprintf(display, sizeof display, "localhost:%u.%u", s->display_number, s->screen); - snprintf(auth_display, sizeof auth_display, "unix:%d.%d", + snprintf(auth_display, sizeof auth_display, "unix:%u.%u", s->display_number, s->screen); s->display = xstrdup(display); s->auth_display = xstrdup(auth_display); @@ -2004,10 +2017,10 @@ session_setup_x11fwd(Session *s) return 0; } memcpy(&my_addr, he->h_addr_list[0], sizeof(struct in_addr)); - snprintf(display, sizeof display, "%.50s:%d.%d", inet_ntoa(my_addr), + snprintf(display, sizeof display, "%.50s:%u.%u", inet_ntoa(my_addr), s->display_number, s->screen); #else - snprintf(display, sizeof display, "%.400s:%d.%d", hostname, + snprintf(display, sizeof display, "%.400s:%u.%u", hostname, s->display_number, s->screen); #endif s->display = xstrdup(display); diff --git a/openssh/session.h b/openssh/session.h index 2a7e4b2..3bce978 100644 --- a/openssh/session.h +++ b/openssh/session.h @@ -1,4 +1,4 @@ -/* $OpenBSD: session.h,v 1.17 2002/03/29 18:59:32 markus Exp $ */ +/* $OpenBSD: session.h,v 1.18 2002/06/23 21:06:41 deraadt Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -37,15 +37,15 @@ struct Session { /* tty */ char *term; int ptyfd, ttyfd, ptymaster; - int row, col, xpixel, ypixel; + u_int row, col, xpixel, ypixel; char tty[TTYSZ]; /* last login */ char hostname[MAXHOSTNAMELEN]; time_t last_login_time; /* X11 */ - int display_number; + u_int display_number; char *display; - int screen; + u_int screen; char *auth_display; char *auth_proto; char *auth_data; diff --git a/openssh/sftp-client.c b/openssh/sftp-client.c index 779ef2f..10b7992 100644 --- a/openssh/sftp-client.c +++ b/openssh/sftp-client.c @@ -28,7 +28,7 @@ /* XXX: copy between two remote sites */ #include "includes.h" -RCSID("$OpenBSD: sftp-client.c,v 1.32 2002/06/09 13:32:01 markus Exp $"); +RCSID("$OpenBSD: sftp-client.c,v 1.33 2002/06/23 09:30:14 deraadt Exp $"); #include "openbsd-compat/fake-queue.h" @@ -88,7 +88,7 @@ get_msg(int fd, Buffer *m) msg_len = GET_32BIT(buf); if (msg_len > 256 * 1024) - fatal("Received message too long %d", msg_len); + fatal("Received message too long %u", msg_len); while (msg_len) { len = atomicio(read, fd, buf, MIN(msg_len, sizeof(buf))); @@ -113,7 +113,7 @@ send_string_request(int fd, u_int id, u_int code, char *s, buffer_put_int(&msg, id); buffer_put_string(&msg, s, len); send_msg(fd, &msg); - debug3("Sent message fd %d T:%d I:%d", fd, code, id); + debug3("Sent message fd %d T:%u I:%u", fd, code, id); buffer_free(&msg); } @@ -129,12 +129,12 @@ send_string_attrs_request(int fd, u_int id, u_int code, char *s, buffer_put_string(&msg, s, len); encode_attrib(&msg, a); send_msg(fd, &msg); - debug3("Sent message fd %d T:%d I:%d", fd, code, id); + debug3("Sent message fd %d T:%u I:%u", fd, code, id); buffer_free(&msg); } static u_int -get_status(int fd, int expected_id) +get_status(int fd, u_int expected_id) { Buffer msg; u_int type, id, status; @@ -145,15 +145,15 @@ get_status(int fd, int expected_id) id = buffer_get_int(&msg); if (id != expected_id) - fatal("ID mismatch (%d != %d)", id, expected_id); + fatal("ID mismatch (%u != %u)", id, expected_id); if (type != SSH2_FXP_STATUS) - fatal("Expected SSH2_FXP_STATUS(%d) packet, got %d", + fatal("Expected SSH2_FXP_STATUS(%u) packet, got %u", SSH2_FXP_STATUS, type); status = buffer_get_int(&msg); buffer_free(&msg); - debug3("SSH2_FXP_STATUS %d", status); + debug3("SSH2_FXP_STATUS %u", status); return(status); } @@ -171,14 +171,14 @@ get_handle(int fd, u_int expected_id, u_int *len) id = buffer_get_int(&msg); if (id != expected_id) - fatal("ID mismatch (%d != %d)", id, expected_id); + fatal("ID mismatch (%u != %u)", id, expected_id); if (type == SSH2_FXP_STATUS) { int status = buffer_get_int(&msg); error("Couldn't get handle: %s", fx2txt(status)); return(NULL); } else if (type != SSH2_FXP_HANDLE) - fatal("Expected SSH2_FXP_HANDLE(%d) packet, got %d", + fatal("Expected SSH2_FXP_HANDLE(%u) packet, got %u", SSH2_FXP_HANDLE, type); handle = buffer_get_string(&msg, len); @@ -200,9 +200,9 @@ get_decode_stat(int fd, u_int expected_id, int quiet) type = buffer_get_char(&msg); id = buffer_get_int(&msg); - debug3("Received stat reply T:%d I:%d", type, id); + debug3("Received stat reply T:%u I:%u", type, id); if (id != expected_id) - fatal("ID mismatch (%d != %d)", id, expected_id); + fatal("ID mismatch (%u != %u)", id, expected_id); if (type == SSH2_FXP_STATUS) { int status = buffer_get_int(&msg); @@ -212,7 +212,7 @@ get_decode_stat(int fd, u_int expected_id, int quiet) error("Couldn't stat remote file: %s", fx2txt(status)); return(NULL); } else if (type != SSH2_FXP_ATTRS) { - fatal("Expected SSH2_FXP_ATTRS(%d) packet, got %d", + fatal("Expected SSH2_FXP_ATTRS(%u) packet, got %u", SSH2_FXP_ATTRS, type); } a = decode_attrib(&msg); @@ -224,7 +224,8 @@ get_decode_stat(int fd, u_int expected_id, int quiet) struct sftp_conn * do_init(int fd_in, int fd_out, u_int transfer_buflen, u_int num_requests) { - int type, version; + u_int type; + int version; Buffer msg; struct sftp_conn *ret; @@ -239,7 +240,7 @@ do_init(int fd_in, int fd_out, u_int transfer_buflen, u_int num_requests) /* Expecting a VERSION reply */ if ((type = buffer_get_char(&msg)) != SSH2_FXP_VERSION) { - error("Invalid packet back from SSH2_FXP_INIT (type %d)", + error("Invalid packet back from SSH2_FXP_INIT (type %u)", type); buffer_free(&msg); return(NULL); @@ -294,7 +295,7 @@ do_close(struct sftp_conn *conn, char *handle, u_int handle_len) buffer_put_int(&msg, id); buffer_put_string(&msg, handle, handle_len); send_msg(conn->fd_out, &msg); - debug3("Sent message SSH2_FXP_CLOSE I:%d", id); + debug3("Sent message SSH2_FXP_CLOSE I:%u", id); status = get_status(conn->fd_in, id); if (status != SSH2_FX_OK) @@ -339,7 +340,7 @@ do_lsreaddir(struct sftp_conn *conn, char *path, int printflag, id = expected_id = conn->msg_id++; - debug3("Sending SSH2_FXP_READDIR I:%d", id); + debug3("Sending SSH2_FXP_READDIR I:%u", id); buffer_clear(&msg); buffer_put_char(&msg, SSH2_FXP_READDIR); @@ -354,10 +355,10 @@ do_lsreaddir(struct sftp_conn *conn, char *path, int printflag, type = buffer_get_char(&msg); id = buffer_get_int(&msg); - debug3("Received reply T:%d I:%d", type, id); + debug3("Received reply T:%u I:%u", type, id); if (id != expected_id) - fatal("ID mismatch (%d != %d)", id, expected_id); + fatal("ID mismatch (%u != %u)", id, expected_id); if (type == SSH2_FXP_STATUS) { int status = buffer_get_int(&msg); @@ -373,7 +374,7 @@ do_lsreaddir(struct sftp_conn *conn, char *path, int printflag, return(status); } } else if (type != SSH2_FXP_NAME) - fatal("Expected SSH2_FXP_NAME(%d) packet, got %d", + fatal("Expected SSH2_FXP_NAME(%u) packet, got %u", SSH2_FXP_NAME, type); count = buffer_get_int(&msg); @@ -584,7 +585,7 @@ do_realpath(struct sftp_conn *conn, char *path) id = buffer_get_int(&msg); if (id != expected_id) - fatal("ID mismatch (%d != %d)", id, expected_id); + fatal("ID mismatch (%u != %u)", id, expected_id); if (type == SSH2_FXP_STATUS) { u_int status = buffer_get_int(&msg); @@ -592,7 +593,7 @@ do_realpath(struct sftp_conn *conn, char *path) error("Couldn't canonicalise: %s", fx2txt(status)); return(NULL); } else if (type != SSH2_FXP_NAME) - fatal("Expected SSH2_FXP_NAME(%d) packet, got %d", + fatal("Expected SSH2_FXP_NAME(%u) packet, got %u", SSH2_FXP_NAME, type); count = buffer_get_int(&msg); @@ -690,7 +691,7 @@ do_readlink(struct sftp_conn *conn, char *path) id = buffer_get_int(&msg); if (id != expected_id) - fatal("ID mismatch (%d != %d)", id, expected_id); + fatal("ID mismatch (%u != %u)", id, expected_id); if (type == SSH2_FXP_STATUS) { u_int status = buffer_get_int(&msg); @@ -698,7 +699,7 @@ do_readlink(struct sftp_conn *conn, char *path) error("Couldn't readlink: %s", fx2txt(status)); return(NULL); } else if (type != SSH2_FXP_NAME) - fatal("Expected SSH2_FXP_NAME(%d) packet, got %d", + fatal("Expected SSH2_FXP_NAME(%u) packet, got %u", SSH2_FXP_NAME, type); count = buffer_get_int(&msg); @@ -790,7 +791,7 @@ do_download(struct sftp_conn *conn, char *remote_path, char *local_path, attrib_clear(&junk); /* Send empty attributes */ encode_attrib(&msg, &junk); send_msg(conn->fd_out, &msg); - debug3("Sent message SSH2_FXP_OPEN I:%d P:%s", id, remote_path); + debug3("Sent message SSH2_FXP_OPEN I:%u P:%s", id, remote_path); handle = get_handle(conn->fd_in, id, &handle_len); if (handle == NULL) { @@ -835,7 +836,7 @@ do_download(struct sftp_conn *conn, char *remote_path, char *local_path, get_msg(conn->fd_in, &msg); type = buffer_get_char(&msg); id = buffer_get_int(&msg); - debug3("Received reply T:%d I:%d R:%d", type, id, max_req); + debug3("Received reply T:%u I:%u R:%d", type, id, max_req); /* Find the request in our queue */ for(req = TAILQ_FIRST(&requests); @@ -862,7 +863,7 @@ do_download(struct sftp_conn *conn, char *remote_path, char *local_path, (unsigned long long)req->offset + len - 1); if (len > req->len) fatal("Received more data than asked for " - "%d > %d", len, req->len); + "%u > %u", len, req->len); if ((lseek(local_fd, req->offset, SEEK_SET) == -1 || atomicio(write, local_fd, data, len) != len) && !write_error) { @@ -907,7 +908,7 @@ do_download(struct sftp_conn *conn, char *remote_path, char *local_path, } break; default: - fatal("Expected SSH2_FXP_DATA(%d) packet, got %d", + fatal("Expected SSH2_FXP_DATA(%u) packet, got %u", SSH2_FXP_DATA, type); } } @@ -1006,7 +1007,7 @@ do_upload(struct sftp_conn *conn, char *local_path, char *remote_path, buffer_put_int(&msg, SSH2_FXF_WRITE|SSH2_FXF_CREAT|SSH2_FXF_TRUNC); encode_attrib(&msg, &a); send_msg(conn->fd_out, &msg); - debug3("Sent message SSH2_FXP_OPEN I:%d P:%s", id, remote_path); + debug3("Sent message SSH2_FXP_OPEN I:%u P:%s", id, remote_path); buffer_clear(&msg); @@ -1051,7 +1052,7 @@ do_upload(struct sftp_conn *conn, char *local_path, char *remote_path, buffer_put_int64(&msg, offset); buffer_put_string(&msg, data, len); send_msg(conn->fd_out, &msg); - debug3("Sent message SSH2_FXP_WRITE I:%d O:%llu S:%u", + debug3("Sent message SSH2_FXP_WRITE I:%u O:%llu S:%u", id, (unsigned long long)offset, len); } else if (TAILQ_FIRST(&acks) == NULL) break; @@ -1081,7 +1082,7 @@ do_upload(struct sftp_conn *conn, char *local_path, char *remote_path, ack = TAILQ_NEXT(ack, tq)) ; if (ack == NULL) - fatal("Can't find request for ID %d", r_id); + fatal("Can't find request for ID %u", r_id); TAILQ_REMOVE(&acks, ack, tq); if (status != SSH2_FX_OK) { @@ -1091,7 +1092,7 @@ do_upload(struct sftp_conn *conn, char *local_path, char *remote_path, close(local_fd); goto done; } - debug3("In write loop, ack for %u %d bytes at %llu", + debug3("In write loop, ack for %u %u bytes at %llu", ack->id, ack->len, (unsigned long long)ack->offset); ++ackid; free(ack); diff --git a/openssh/sftp-client.h b/openssh/sftp-client.h index ceda879..b061711 100644 --- a/openssh/sftp-client.h +++ b/openssh/sftp-client.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-client.h,v 1.9 2002/02/13 00:59:23 djm Exp $ */ +/* $OpenBSD: sftp-client.h,v 1.10 2002/06/23 09:30:14 deraadt Exp $ */ /* * Copyright (c) 2001,2002 Damien Miller. All rights reserved. @@ -41,11 +41,9 @@ struct SFTP_DIRENT { * Initialiase a SSH filexfer connection. Returns -1 on error or * protocol version on success. */ -struct sftp_conn * -do_init(int, int, u_int, u_int); +struct sftp_conn *do_init(int, int, u_int, u_int); -u_int -sftp_proto_version(struct sftp_conn *); +u_int sftp_proto_version(struct sftp_conn *); /* Close file referred to by 'handle' */ int do_close(struct sftp_conn *, char *, u_int); diff --git a/openssh/sftp-common.c b/openssh/sftp-common.c index 4fb4496..6bed0ab 100644 --- a/openssh/sftp-common.c +++ b/openssh/sftp-common.c @@ -24,7 +24,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sftp-common.c,v 1.5 2001/12/02 02:08:32 deraadt Exp $"); +RCSID("$OpenBSD: sftp-common.c,v 1.6 2002/06/23 09:30:14 deraadt Exp $"); #include "buffer.h" #include "bufaux.h" @@ -70,6 +70,7 @@ Attrib * decode_attrib(Buffer *b) { static Attrib a; + attrib_clear(&a); a.flags = buffer_get_int(b); if (a.flags & SSH2_FILEXFER_ATTR_SIZE) @@ -88,6 +89,7 @@ decode_attrib(Buffer *b) if (a.flags & SSH2_FILEXFER_ATTR_EXTENDED) { char *type, *data; int i, count; + count = buffer_get_int(b); for (i = 0; i < count; i++) { type = buffer_get_string(b, NULL); diff --git a/openssh/sftp-int.c b/openssh/sftp-int.c index 5b1d384..b13e5da 100644 --- a/openssh/sftp-int.c +++ b/openssh/sftp-int.c @@ -26,7 +26,7 @@ /* XXX: recursive operations */ #include "includes.h" -RCSID("$OpenBSD: sftp-int.c,v 1.46 2002/03/30 18:51:15 markus Exp $"); +RCSID("$OpenBSD: sftp-int.c,v 1.47 2002/06/23 09:30:14 deraadt Exp $"); #include "buffer.h" #include "xmalloc.h" @@ -835,7 +835,7 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd) help(); break; case I_VERSION: - printf("SFTP protocol version %d\n", sftp_proto_version(conn)); + printf("SFTP protocol version %u\n", sftp_proto_version(conn)); break; default: fatal("%d is not implemented", cmdnum); diff --git a/openssh/sftp-server.c b/openssh/sftp-server.c index 9db28e7..a5c3255 100644 --- a/openssh/sftp-server.c +++ b/openssh/sftp-server.c @@ -22,7 +22,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -RCSID("$OpenBSD: sftp-server.c,v 1.35 2002/06/06 17:30:11 markus Exp $"); +RCSID("$OpenBSD: sftp-server.c,v 1.37 2002/06/24 17:57:20 deraadt Exp $"); #include "buffer.h" #include "bufaux.h" @@ -282,7 +282,7 @@ send_status(u_int32_t id, u_int32_t error) "Unknown error" /* Others */ }; - TRACE("sent status id %d error %d", id, error); + TRACE("sent status id %u error %u", id, error); buffer_init(&msg); buffer_put_char(&msg, SSH2_FXP_STATUS); buffer_put_int(&msg, id); @@ -311,7 +311,7 @@ send_data_or_handle(char type, u_int32_t id, char *data, int dlen) static void send_data(u_int32_t id, char *data, int dlen) { - TRACE("sent data id %d len %d", id, dlen); + TRACE("sent data id %u len %d", id, dlen); send_data_or_handle(SSH2_FXP_DATA, id, data, dlen); } @@ -322,7 +322,7 @@ send_handle(u_int32_t id, int handle) int hlen; handle_to_string(handle, &string, &hlen); - TRACE("sent handle id %d handle %d", id, handle); + TRACE("sent handle id %u handle %d", id, handle); send_data_or_handle(SSH2_FXP_HANDLE, id, string, hlen); xfree(string); } @@ -337,7 +337,7 @@ send_names(u_int32_t id, int count, Stat *stats) buffer_put_char(&msg, SSH2_FXP_NAME); buffer_put_int(&msg, id); buffer_put_int(&msg, count); - TRACE("sent names id %d count %d", id, count); + TRACE("sent names id %u count %d", id, count); for (i = 0; i < count; i++) { buffer_put_cstring(&msg, stats[i].name); buffer_put_cstring(&msg, stats[i].long_name); @@ -352,7 +352,7 @@ send_attrib(u_int32_t id, Attrib *a) { Buffer msg; - TRACE("sent attrib id %d have 0x%x", id, a->flags); + TRACE("sent attrib id %u have 0x%x", id, a->flags); buffer_init(&msg); buffer_put_char(&msg, SSH2_FXP_ATTRS); buffer_put_int(&msg, id); @@ -391,7 +391,7 @@ process_open(void) a = get_attrib(); flags = flags_from_portable(pflags); mode = (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ? a->perm : 0666; - TRACE("open id %d name %s flags %d mode 0%o", id, name, pflags, mode); + TRACE("open id %u name %s flags %d mode 0%o", id, name, pflags, mode); fd = open(name, flags, mode); if (fd < 0) { status = errno_to_portable(errno); @@ -417,7 +417,7 @@ process_close(void) id = get_int(); handle = get_handle(); - TRACE("close id %d handle %d", id, handle); + TRACE("close id %u handle %d", id, handle); ret = handle_close(handle); status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK; send_status(id, status); @@ -436,7 +436,7 @@ process_read(void) off = get_int64(); len = get_int(); - TRACE("read id %d handle %d off %llu len %d", id, handle, + TRACE("read id %u handle %d off %llu len %d", id, handle, (u_int64_t)off, len); if (len > sizeof buf) { len = sizeof buf; @@ -477,7 +477,7 @@ process_write(void) off = get_int64(); data = get_string(&len); - TRACE("write id %d handle %d off %llu len %d", id, handle, + TRACE("write id %u handle %d off %llu len %d", id, handle, (u_int64_t)off, len); fd = handle_to_fd(handle); if (fd >= 0) { @@ -512,7 +512,7 @@ process_do_stat(int do_lstat) id = get_int(); name = get_string(NULL); - TRACE("%sstat id %d name %s", do_lstat ? "l" : "", id, name); + TRACE("%sstat id %u name %s", do_lstat ? "l" : "", id, name); ret = do_lstat ? lstat(name, &st) : stat(name, &st); if (ret < 0) { status = errno_to_portable(errno); @@ -548,7 +548,7 @@ process_fstat(void) id = get_int(); handle = get_handle(); - TRACE("fstat id %d handle %d", id, handle); + TRACE("fstat id %u handle %d", id, handle); fd = handle_to_fd(handle); if (fd >= 0) { ret = fstat(fd, &st); @@ -582,13 +582,12 @@ process_setstat(void) Attrib *a; u_int32_t id; char *name; - int ret; - int status = SSH2_FX_OK; + int status = SSH2_FX_OK, ret; id = get_int(); name = get_string(NULL); a = get_attrib(); - TRACE("setstat id %d name %s", id, name); + TRACE("setstat id %u name %s", id, name); if (a->flags & SSH2_FILEXFER_ATTR_SIZE) { ret = truncate(name, a->size); if (ret == -1) @@ -625,7 +624,7 @@ process_fsetstat(void) id = get_int(); handle = get_handle(); a = get_attrib(); - TRACE("fsetstat id %d handle %d", id, handle); + TRACE("fsetstat id %u handle %d", id, handle); fd = handle_to_fd(handle); name = handle_to_name(handle); if (fd < 0 || name == NULL) { @@ -677,7 +676,7 @@ process_opendir(void) id = get_int(); path = get_string(NULL); - TRACE("opendir id %d path %s", id, path); + TRACE("opendir id %u path %s", id, path); dirp = opendir(path); if (dirp == NULL) { status = errno_to_portable(errno); @@ -713,13 +712,13 @@ ls_file(char *name, struct stat *st) if ((pw = getpwuid(st->st_uid)) != NULL) { user = pw->pw_name; } else { - snprintf(ubuf, sizeof ubuf, "%d", st->st_uid); + snprintf(ubuf, sizeof ubuf, "%u", (u_int)st->st_uid); user = ubuf; } if ((gr = getgrgid(st->st_gid)) != NULL) { group = gr->gr_name; } else { - snprintf(gbuf, sizeof gbuf, "%d", st->st_gid); + snprintf(gbuf, sizeof gbuf, "%u", (u_int)st->st_gid); group = gbuf; } if (ltime != NULL) { @@ -749,7 +748,7 @@ process_readdir(void) id = get_int(); handle = get_handle(); - TRACE("readdir id %d handle %d", id, handle); + TRACE("readdir id %u handle %d", id, handle); dirp = handle_to_dir(handle); path = handle_to_name(handle); if (dirp == NULL || path == NULL) { @@ -759,6 +758,7 @@ process_readdir(void) char pathname[1024]; Stat *stats; int nstats = 10, count = 0, i; + stats = xmalloc(nstats * sizeof(Stat)); while ((dp = readdir(dirp)) != NULL) { if (count >= nstats) { @@ -802,7 +802,7 @@ process_remove(void) id = get_int(); name = get_string(NULL); - TRACE("remove id %d name %s", id, name); + TRACE("remove id %u name %s", id, name); ret = unlink(name); status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK; send_status(id, status); @@ -822,7 +822,7 @@ process_mkdir(void) a = get_attrib(); mode = (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ? a->perm & 0777 : 0777; - TRACE("mkdir id %d name %s mode 0%o", id, name, mode); + TRACE("mkdir id %u name %s mode 0%o", id, name, mode); ret = mkdir(name, mode); status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK; send_status(id, status); @@ -838,7 +838,7 @@ process_rmdir(void) id = get_int(); name = get_string(NULL); - TRACE("rmdir id %d name %s", id, name); + TRACE("rmdir id %u name %s", id, name); ret = rmdir(name); status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK; send_status(id, status); @@ -858,7 +858,7 @@ process_realpath(void) xfree(path); path = xstrdup("."); } - TRACE("realpath id %d path %s", id, path); + TRACE("realpath id %u path %s", id, path); if (realpath(path, resolvedname) == NULL) { send_status(id, errno_to_portable(errno)); } else { @@ -881,7 +881,7 @@ process_rename(void) id = get_int(); oldpath = get_string(NULL); newpath = get_string(NULL); - TRACE("rename id %d old %s new %s", id, oldpath, newpath); + TRACE("rename id %u old %s new %s", id, oldpath, newpath); /* fail if 'newpath' exists */ if (stat(newpath, &st) == -1) { ret = rename(oldpath, newpath); @@ -902,7 +902,7 @@ process_readlink(void) id = get_int(); path = get_string(NULL); - TRACE("readlink id %d path %s", id, path); + TRACE("readlink id %u path %s", id, path); if ((len = readlink(path, link, sizeof(link) - 1)) == -1) send_status(id, errno_to_portable(errno)); else { @@ -927,7 +927,7 @@ process_symlink(void) id = get_int(); oldpath = get_string(NULL); newpath = get_string(NULL); - TRACE("symlink id %d old %s new %s", id, oldpath, newpath); + TRACE("symlink id %u old %s new %s", id, oldpath, newpath); /* fail if 'newpath' exists */ if (stat(newpath, &st) == -1) { ret = symlink(oldpath, newpath); diff --git a/openssh/sftp.c b/openssh/sftp.c index f941d18..fac2564 100644 --- a/openssh/sftp.c +++ b/openssh/sftp.c @@ -24,7 +24,7 @@ #include "includes.h" -RCSID("$OpenBSD: sftp.c,v 1.29 2002/04/02 17:37:48 markus Exp $"); +RCSID("$OpenBSD: sftp.c,v 1.30 2002/06/23 09:30:14 deraadt Exp $"); /* XXX: short-form remote directory listings (like 'ls -C') */ @@ -53,8 +53,10 @@ static void connect_to_server(char *path, char **args, int *in, int *out, pid_t *sshpid) { int c_in, c_out; + #ifdef USE_PIPES int pin[2], pout[2]; + if ((pipe(pin) == -1) || (pipe(pout) == -1)) fatal("pipe: %s", strerror(errno)); *in = pin[0]; @@ -63,6 +65,7 @@ connect_to_server(char *path, char **args, int *in, int *out, pid_t *sshpid) c_out = pin[1]; #else /* USE_PIPES */ int inout[2]; + if (socketpair(AF_UNIX, SOCK_STREAM, 0, inout) == -1) fatal("socketpair: %s", strerror(errno)); *in = *out = inout[0]; diff --git a/openssh/ssh-agent.1 b/openssh/ssh-agent.1 index e5ea1e3..0227436 100644 --- a/openssh/ssh-agent.1 +++ b/openssh/ssh-agent.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-agent.1,v 1.33 2002/06/19 00:27:55 deraadt Exp $ +.\" $OpenBSD: ssh-agent.1,v 1.35 2002/06/24 13:12:23 markus Exp $ .\" .\" Author: Tatu Ylonen .\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -69,7 +69,7 @@ The options are as follows: Bind the agent to the unix-domain socket .Ar bind_address . The default is -.Pa /tmp/ssh-XXXXXXXX/agent. . +.Pa /tmp/ssh-XXXXXXXX/agent. . .It Fl c Generate C-shell commands on .Dv stdout . @@ -151,7 +151,7 @@ user. .Pp The .Ev SSH_AGENT_PID -environment variable holds the agent's PID. +environment variable holds the agent's process ID. .Pp The agent exits automatically when the command given on the command line terminates. @@ -163,7 +163,7 @@ Contains the protocol version 1 RSA authentication identity of the user. Contains the protocol version 2 DSA authentication identity of the user. .It Pa $HOME/.ssh/id_rsa Contains the protocol version 2 RSA authentication identity of the user. -.It Pa /tmp/ssh-XXXXXXXX/agent. +.It Pa /tmp/ssh-XXXXXXXX/agent. Unix-domain sockets used to contain the connection to the authentication agent. These sockets should only be readable by the owner. diff --git a/openssh/ssh-agent.c b/openssh/ssh-agent.c index c3a9077..ac16bae 100644 --- a/openssh/ssh-agent.c +++ b/openssh/ssh-agent.c @@ -35,7 +35,7 @@ #include "includes.h" #include "openbsd-compat/fake-queue.h" -RCSID("$OpenBSD: ssh-agent.c,v 1.95 2002/06/19 00:27:55 deraadt Exp $"); +RCSID("$OpenBSD: ssh-agent.c,v 1.97 2002/06/24 14:55:38 markus Exp $"); #include #include @@ -110,6 +110,7 @@ static void idtab_init(void) { int i; + for (i = 0; i <=2; i++) { TAILQ_INIT(&idtable[i].idlist); idtable[i].nentries = 0; @@ -152,8 +153,8 @@ static void process_request_identities(SocketEntry *e, int version) { Idtab *tab = idtab_lookup(version); - Buffer msg; Identity *id; + Buffer msg; buffer_init(&msg); buffer_put_char(&msg, (version == 1) ? @@ -182,21 +183,21 @@ process_request_identities(SocketEntry *e, int version) static void process_authentication_challenge1(SocketEntry *e) { - Identity *id; - Key *key; + u_char buf[32], mdbuf[16], session_id[16]; + u_int response_type; BIGNUM *challenge; + Identity *id; int i, len; Buffer msg; MD5_CTX md; - u_char buf[32], mdbuf[16], session_id[16]; - u_int response_type; + Key *key; buffer_init(&msg); key = key_new(KEY_RSA1); if ((challenge = BN_new()) == NULL) fatal("process_authentication_challenge1: BN_new failed"); - buffer_get_int(&e->request); /* ignored */ + (void) buffer_get_int(&e->request); /* ignored */ buffer_get_bignum(&e->request, key->rsa->e); buffer_get_bignum(&e->request, key->rsa->n); buffer_get_bignum(&e->request, challenge); @@ -251,13 +252,12 @@ send: static void process_sign_request2(SocketEntry *e) { - extern int datafellows; - Key *key; u_char *blob, *data, *signature = NULL; u_int blen, dlen, slen = 0; - int flags; + extern int datafellows; + int ok = -1, flags; Buffer msg; - int ok = -1; + Key *key; datafellows = 0; @@ -296,11 +296,10 @@ process_sign_request2(SocketEntry *e) static void process_remove_identity(SocketEntry *e, int version) { + u_int blen, bits; + int success = 0; Key *key = NULL; u_char *blob; - u_int blen; - u_int bits; - int success = 0; switch (version) { case 1: @@ -310,7 +309,7 @@ process_remove_identity(SocketEntry *e, int version) buffer_get_bignum(&e->request, key->rsa->n); if (bits != key_size(key)) - log("Warning: identity keysize mismatch: actual %d, announced %d", + log("Warning: identity keysize mismatch: actual %u, announced %u", key_size(key), bits); break; case 2: @@ -370,10 +369,10 @@ process_remove_all_identities(SocketEntry *e, int version) static void reaper(void) { - Idtab *tab; + u_int now = time(NULL); Identity *id, *nxt; int version; - u_int now = time(NULL); + Idtab *tab; for (version = 1; version < 3; version++) { tab = idtab_lookup(version); @@ -391,16 +390,15 @@ reaper(void) static void process_add_identity(SocketEntry *e, int version) { - Key *k = NULL; - char *type_name; - char *comment; - int type, success = 0, death = 0; Idtab *tab = idtab_lookup(version); + int type, success = 0, death = 0; + char *type_name, *comment; + Key *k = NULL; switch (version) { case 1: k = key_new_private(KEY_RSA1); - buffer_get_int(&e->request); /* ignored */ + (void) buffer_get_int(&e->request); /* ignored */ buffer_get_bignum(&e->request, k->rsa->n); buffer_get_bignum(&e->request, k->rsa->e); buffer_get_bignum(&e->request, k->rsa->d); @@ -481,8 +479,8 @@ send: static void process_lock_agent(SocketEntry *e, int lock) { - char *passwd; int success = 0; + char *passwd; passwd = buffer_get_string(&e->request, NULL); if (locked && !lock && strcmp(passwd, lock_passwd) == 0) { @@ -523,11 +521,11 @@ no_identities(SocketEntry *e, u_int type) static void process_add_smartcard_key (SocketEntry *e) { - Identity *id; - Idtab *tab; - Key **keys, *k; char *sc_reader_id = NULL, *pin; int i, version, success = 0; + Key **keys, *k; + Identity *id; + Idtab *tab; sc_reader_id = buffer_get_string(&e->request, NULL); pin = buffer_get_string(&e->request, NULL); @@ -566,11 +564,11 @@ send: static void process_remove_smartcard_key(SocketEntry *e) { - Identity *id; - Idtab *tab; - Key **keys, *k = NULL; char *sc_reader_id = NULL, *pin; int i, version, success = 0; + Key **keys, *k = NULL; + Identity *id; + Idtab *tab; sc_reader_id = buffer_get_string(&e->request, NULL); pin = buffer_get_string(&e->request, NULL); @@ -608,8 +606,7 @@ send: static void process_message(SocketEntry *e) { - u_int msg_len; - u_int type; + u_int msg_len, type; u_char *cp; /* kill dead keys */ @@ -622,6 +619,7 @@ process_message(SocketEntry *e) if (msg_len > 256 * 1024) { shutdown(e->fd, SHUT_RDWR); close(e->fd); + e->fd = -1; e->type = AUTH_UNUSED; buffer_free(&e->input); buffer_free(&e->output); @@ -717,6 +715,7 @@ static void new_socket(sock_type type, int fd) { u_int i, old_alloc; + if (fcntl(fd, F_SETFL, O_NONBLOCK) < 0) error("fcntl O_NONBLOCK: %s", strerror(errno)); @@ -801,11 +800,11 @@ prepare_select(fd_set **fdrp, fd_set **fdwp, int *fdl, int *nallocp) static void after_select(fd_set *readset, fd_set *writeset) { - u_int i; - int len, sock; + struct sockaddr_un sunaddr; socklen_t slen; char buf[1024]; - struct sockaddr_un sunaddr; + int len, sock; + u_int i; for (i = 0; i < sockets_alloc; i++) switch (sockets[i].type) { @@ -839,6 +838,7 @@ after_select(fd_set *readset, fd_set *writeset) if (len <= 0) { shutdown(sockets[i].fd, SHUT_RDWR); close(sockets[i].fd); + sockets[i].fd = -1; sockets[i].type = AUTH_UNUSED; buffer_free(&sockets[i].input); buffer_free(&sockets[i].output); @@ -858,6 +858,7 @@ after_select(fd_set *readset, fd_set *writeset) if (len <= 0) { shutdown(sockets[i].fd, SHUT_RDWR); close(sockets[i].fd); + sockets[i].fd = -1; sockets[i].type = AUTH_UNUSED; buffer_free(&sockets[i].input); buffer_free(&sockets[i].output); @@ -928,6 +929,8 @@ int main(int ac, char **av) { int sock, c_flag = 0, d_flag = 0, k_flag = 0, s_flag = 0, ch, nalloc; + char *shell, *format, *pidstr, *agentsocket = NULL; + fd_set *readsetp = NULL, *writesetp = NULL; struct sockaddr_un sunaddr; #ifdef HAVE_SETRLIMIT struct rlimit rlim; @@ -935,11 +938,10 @@ main(int ac, char **av) #ifdef HAVE_CYGWIN int prev_mask; #endif - pid_t pid; - char *shell, *format, *pidstr, pidstrbuf[1 + 3 * sizeof pid]; - char *agentsocket = NULL; extern int optind; - fd_set *readsetp = NULL, *writesetp = NULL; + extern char *optarg; + pid_t pid; + char pidstrbuf[1 + 3 * sizeof pid]; SSLeay_add_all_algorithms(); @@ -947,11 +949,7 @@ main(int ac, char **av) init_rng(); seed_rng(); -#ifdef __GNU_LIBRARY__ - while ((ch = getopt(ac, av, "+cdksa:")) != -1) { -#else /* __GNU_LIBRARY__ */ while ((ch = getopt(ac, av, "cdksa:")) != -1) { -#endif /* __GNU_LIBRARY__ */ switch (ch) { case 'c': if (s_flag) diff --git a/openssh/ssh-dss.c b/openssh/ssh-dss.c index 02403f5..dbf8465 100644 --- a/openssh/ssh-dss.c +++ b/openssh/ssh-dss.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh-dss.c,v 1.14 2002/02/28 15:46:33 markus Exp $"); +RCSID("$OpenBSD: ssh-dss.c,v 1.15 2002/06/23 03:30:17 deraadt Exp $"); #include #include @@ -40,9 +40,7 @@ RCSID("$OpenBSD: ssh-dss.c,v 1.14 2002/02/28 15:46:33 markus Exp $"); #define SIGBLOB_LEN (2*INTBLOB_LEN) int -ssh_dss_sign( - Key *key, - u_char **sigp, u_int *lenp, +ssh_dss_sign(Key *key, u_char **sigp, u_int *lenp, u_char *data, u_int datalen) { DSA_SIG *sig; @@ -71,7 +69,7 @@ ssh_dss_sign( rlen = BN_num_bytes(sig->r); slen = BN_num_bytes(sig->s); if (rlen > INTBLOB_LEN || slen > INTBLOB_LEN) { - error("bad sig size %d %d", rlen, slen); + error("bad sig size %u %u", rlen, slen); DSA_SIG_free(sig); return -1; } @@ -104,9 +102,7 @@ ssh_dss_sign( return 0; } int -ssh_dss_verify( - Key *key, - u_char *signature, u_int signaturelen, +ssh_dss_verify(Key *key, u_char *signature, u_int signaturelen, u_char *data, u_int datalen) { DSA_SIG *sig; @@ -151,7 +147,7 @@ ssh_dss_verify( } if (len != SIGBLOB_LEN) { - fatal("bad sigbloblen %d != SIGBLOB_LEN", len); + fatal("bad sigbloblen %u != SIGBLOB_LEN", len); } /* parse signature */ diff --git a/openssh/ssh-keygen.c b/openssh/ssh-keygen.c index df8c90a..4273c11 100644 --- a/openssh/ssh-keygen.c +++ b/openssh/ssh-keygen.c @@ -12,7 +12,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh-keygen.c,v 1.100 2002/06/19 00:27:55 deraadt Exp $"); +RCSID("$OpenBSD: ssh-keygen.c,v 1.101 2002/06/23 09:39:55 deraadt Exp $"); #include #include @@ -170,7 +170,7 @@ do_convert_to_ssh2(struct passwd *pw) } fprintf(stdout, "%s\n", SSH_COM_PUBLIC_BEGIN); fprintf(stdout, - "Comment: \"%d-bit %s, converted from OpenSSH by %s@%s\"\n", + "Comment: \"%u-bit %s, converted from OpenSSH by %s@%s\"\n", key_size(k), key_type(k), pw->pw_name, hostname); dump_base64(stdout, blob, len); @@ -462,7 +462,7 @@ do_fingerprint(struct passwd *pw) public = key_load_public(identity_file, &comment); if (public != NULL) { fp = key_fingerprint(public, fptype, rep); - printf("%d %s %s\n", key_size(public), fp, comment); + printf("%u %s %s\n", key_size(public), fp, comment); key_free(public); xfree(comment); xfree(fp); @@ -496,7 +496,8 @@ do_fingerprint(struct passwd *pw) if (i == 0 || ep == NULL || (*ep != ' ' && *ep != '\t')) { int quoted = 0; comment = cp; - for (; *cp && (quoted || (*cp != ' ' && *cp != '\t')); cp++) { + for (; *cp && (quoted || (*cp != ' ' && + *cp != '\t')); cp++) { if (*cp == '\\' && cp[1] == '"') cp++; /* Skip both */ else if (*cp == '"') @@ -519,7 +520,7 @@ do_fingerprint(struct passwd *pw) } comment = *cp ? cp : comment; fp = key_fingerprint(public, fptype, rep); - printf("%d %s %s\n", key_size(public), fp, + printf("%u %s %s\n", key_size(public), fp, comment ? comment : "no comment"); xfree(fp); key_free(public); diff --git a/openssh/ssh-rsa.c b/openssh/ssh-rsa.c index 3e66294..782279b 100644 --- a/openssh/ssh-rsa.c +++ b/openssh/ssh-rsa.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh-rsa.c,v 1.20 2002/06/10 16:53:06 stevesk Exp $"); +RCSID("$OpenBSD: ssh-rsa.c,v 1.21 2002/06/23 03:30:17 deraadt Exp $"); #include #include @@ -39,9 +39,7 @@ RCSID("$OpenBSD: ssh-rsa.c,v 1.20 2002/06/10 16:53:06 stevesk Exp $"); /* RSASSA-PKCS1-v1_5 (PKCS #1 v2.0 signature) with SHA1 */ int -ssh_rsa_sign( - Key *key, - u_char **sigp, u_int *lenp, +ssh_rsa_sign(Key *key, u_char **sigp, u_int *lenp, u_char *data, u_int datalen) { const EVP_MD *evp_md; @@ -72,17 +70,18 @@ ssh_rsa_sign( if (ok != 1) { int ecode = ERR_get_error(); - error("ssh_rsa_sign: RSA_sign failed: %s", ERR_error_string(ecode, NULL)); + error("ssh_rsa_sign: RSA_sign failed: %s", + ERR_error_string(ecode, NULL)); xfree(sig); return -1; } if (len < slen) { int diff = slen - len; - debug("slen %d > len %d", slen, len); + debug("slen %u > len %u", slen, len); memmove(sig + diff, sig, len); memset(sig, 0, diff); } else if (len > slen) { - error("ssh_rsa_sign: slen %d slen2 %d", slen, len); + error("ssh_rsa_sign: slen %u slen2 %u", slen, len); xfree(sig); return -1; } @@ -105,9 +104,7 @@ ssh_rsa_sign( } int -ssh_rsa_verify( - Key *key, - u_char *signature, u_int signaturelen, +ssh_rsa_verify(Key *key, u_char *signature, u_int signaturelen, u_char *data, u_int datalen) { Buffer b; @@ -148,12 +145,12 @@ ssh_rsa_verify( /* RSA_verify expects a signature of RSA_size */ modlen = RSA_size(key->rsa); if (len > modlen) { - error("ssh_rsa_verify: len %d > modlen %d", len, modlen); + error("ssh_rsa_verify: len %u > modlen %u", len, modlen); xfree(sigblob); return -1; } else if (len < modlen) { int diff = modlen - len; - debug("ssh_rsa_verify: add padding: modlen %d > len %d", + debug("ssh_rsa_verify: add padding: modlen %u > len %u", modlen, len); sigblob = xrealloc(sigblob, modlen); memmove(sigblob + diff, sigblob, len); @@ -176,7 +173,8 @@ ssh_rsa_verify( xfree(sigblob); if (ret == 0) { int ecode = ERR_get_error(); - error("ssh_rsa_verify: RSA_verify failed: %s", ERR_error_string(ecode, NULL)); + error("ssh_rsa_verify: RSA_verify failed: %s", + ERR_error_string(ecode, NULL)); } debug("ssh_rsa_verify: signature %scorrect", (ret==0) ? "in" : ""); return ret; diff --git a/openssh/ssh.1 b/openssh/ssh.1 index 8ada41f..1f3efca 100644 --- a/openssh/ssh.1 +++ b/openssh/ssh.1 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.158 2002/06/20 19:56:07 stevesk Exp $ +.\" $OpenBSD: ssh.1,v 1.160 2002/06/22 11:51:39 naddy Exp $ .Dd September 25, 1999 .Dt SSH 1 .Os @@ -952,8 +952,8 @@ protocol versions 1.5 and 2.0. .Xr ssh-agent 1 , .Xr ssh-keygen 1 , .Xr telnet 1 , -.Xr ssh_config 4 , -.Xr ssh-keysign 8, +.Xr ssh_config 5 , +.Xr ssh-keysign 8 , .Xr sshd 8 .Rs .%A T. Ylonen diff --git a/openssh/ssh.h b/openssh/ssh.h index e23bb1d..07eee78 100644 --- a/openssh/ssh.h +++ b/openssh/ssh.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.h,v 1.70 2002/06/03 12:04:07 deraadt Exp $ */ +/* $OpenBSD: ssh.h,v 1.71 2002/06/22 02:00:29 stevesk Exp $ */ /* * Author: Tatu Ylonen @@ -65,8 +65,8 @@ #endif /* - * Name of the environment variable containing the pathname of the - * authentication socket. + * Name of the environment variable containing the process ID of the + * authentication agent. */ #define SSH_AGENTPID_ENV_NAME "SSH_AGENT_PID" diff --git a/openssh/sshconnect.c b/openssh/sshconnect.c index 9b4c388..b89321f 100644 --- a/openssh/sshconnect.c +++ b/openssh/sshconnect.c @@ -13,7 +13,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect.c,v 1.125 2002/06/19 00:27:55 deraadt Exp $"); +RCSID("$OpenBSD: sshconnect.c,v 1.126 2002/06/23 03:30:17 deraadt Exp $"); #include @@ -266,7 +266,7 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr, memset(&hints, 0, sizeof(hints)); hints.ai_family = family; hints.ai_socktype = SOCK_STREAM; - snprintf(strport, sizeof strport, "%d", port); + snprintf(strport, sizeof strport, "%u", port); if ((gaierr = getaddrinfo(host, strport, &hints, &aitop)) != 0) fatal("%s: %.100s: %s", __progname, host, gai_strerror(gaierr)); @@ -489,7 +489,6 @@ confirm(const char *prompt) * check whether the supplied host key is valid, return -1 if the key * is not valid. the user_hostfile will not be updated if 'readonly' is true. */ - static int check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, int readonly, const char *user_hostfile, const char *system_hostfile) diff --git a/openssh/sshconnect2.c b/openssh/sshconnect2.c index 7f28ab5..215f76c 100644 --- a/openssh/sshconnect2.c +++ b/openssh/sshconnect2.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect2.c,v 1.104 2002/06/19 00:27:55 deraadt Exp $"); +RCSID("$OpenBSD: sshconnect2.c,v 1.105 2002/06/23 03:30:17 deraadt Exp $"); #include "ssh.h" #include "ssh2.h" @@ -299,12 +299,14 @@ userauth(Authctxt *authctxt, char *authlist) } } } + void input_userauth_error(int type, u_int32_t seq, void *ctxt) { fatal("input_userauth_error: bad message during authentication: " "type %d", type); } + void input_userauth_banner(int type, u_int32_t seq, void *ctxt) { @@ -316,6 +318,7 @@ input_userauth_banner(int type, u_int32_t seq, void *ctxt) xfree(msg); xfree(lang); } + void input_userauth_success(int type, u_int32_t seq, void *ctxt) { @@ -327,6 +330,7 @@ input_userauth_success(int type, u_int32_t seq, void *ctxt) clear_auth_state(authctxt); authctxt->success = 1; /* break out */ } + void input_userauth_failure(int type, u_int32_t seq, void *ctxt) { @@ -375,7 +379,7 @@ input_userauth_pk_ok(int type, u_int32_t seq, void *ctxt) } packet_check_eom(); - debug("input_userauth_pk_ok: pkalg %s blen %d lastkey %p hint %d", + debug("input_userauth_pk_ok: pkalg %s blen %u lastkey %p hint %d", pkalg, blen, authctxt->last_key, authctxt->last_key_hint); do { @@ -894,9 +898,7 @@ input_userauth_info_req(int type, u_int32_t seq, void *ctxt) } static int -ssh_keysign( - Key *key, - u_char **sigp, u_int *lenp, +ssh_keysign(Key *key, u_char **sigp, u_int *lenp, u_char *data, u_int datalen) { Buffer b; @@ -1098,6 +1100,7 @@ authmethod_lookup(const char *name) static Authmethod *current = NULL; static char *supported = NULL; static char *preferred = NULL; + /* * Given the authentication method list sent by the server, return the * next method we should try. If the server initially sends a nil list, diff --git a/openssh/sshd.8 b/openssh/sshd.8 index 22f8143..37a7b58 100644 --- a/openssh/sshd.8 +++ b/openssh/sshd.8 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd.8,v 1.184 2002/06/20 19:56:07 stevesk Exp $ +.\" $OpenBSD: sshd.8,v 1.186 2002/06/22 16:45:29 stevesk Exp $ .Dd September 25, 1999 .Dt SSHD 8 .Os @@ -578,11 +578,18 @@ These files are created using .Xr ssh-keygen 1 . .It Pa /etc/moduli Contains Diffie-Hellman groups used for the "Diffie-Hellman Group Exchange". +.It Pa /var/empty +.Xr chroot 2 +directory used by +.Nm +during privilege separation in the pre-authentication phase. +The directory should not contain any files and must be owned by root +and not group or world-writable. .It Pa /var/run/sshd.pid Contains the process ID of the .Nm listening for connections (if there are several daemons running -concurrently for different ports, this contains the pid of the one +concurrently for different ports, this contains the process ID of the one started last). The content of this file is not sensitive; it can be world-readable. .It Pa $HOME/.ssh/authorized_keys diff --git a/openssh/sshd.c b/openssh/sshd.c index feea3ce..851fad4 100644 --- a/openssh/sshd.c +++ b/openssh/sshd.c @@ -42,7 +42,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshd.c,v 1.246 2002/06/20 23:05:56 markus Exp $"); +RCSID("$OpenBSD: sshd.c,v 1.251 2002/06/25 18:51:04 markus Exp $"); #include #include @@ -219,6 +219,7 @@ static void close_listen_socks(void) { int i; + for (i = 0; i < num_listen_socks; i++) close(listen_socks[i]); num_listen_socks = -1; @@ -228,6 +229,7 @@ static void close_startup_pipes(void) { int i; + if (startup_pipes) for (i = 0; i < options.max_startups; i++) if (startup_pipes[i] != -1) @@ -260,7 +262,8 @@ sighup_restart(void) close_listen_socks(); close_startup_pipes(); execv(saved_argv[0], saved_argv); - log("RESTART FAILED: av[0]='%.100s', error: %.100s.", saved_argv[0], strerror(errno)); + log("RESTART FAILED: av[0]='%.100s', error: %.100s.", saved_argv[0], + strerror(errno)); exit(1); } @@ -280,8 +283,8 @@ sigterm_handler(int sig) static void main_sigchld_handler(int sig) { - pid_t pid; int save_errno = errno; + pid_t pid; int status; while ((pid = waitpid(-1, &status, WNOHANG)) > 0 || @@ -341,6 +344,7 @@ static void key_regeneration_alarm(int sig) { int save_errno = errno; + signal(SIGALRM, SIG_DFL); errno = save_errno; key_do_regen = 1; @@ -372,7 +376,8 @@ sshd_exchange_identification(int sock_in, int sock_out) if (client_version_string == NULL) { /* Send our protocol version identification. */ - if (atomicio(write, sock_out, server_version_string, strlen(server_version_string)) + if (atomicio(write, sock_out, server_version_string, + strlen(server_version_string)) != strlen(server_version_string)) { log("Could not write ident string to %s", get_remote_ipaddr()); fatal_cleanup(); @@ -475,7 +480,6 @@ sshd_exchange_identification(int sock_in, int sock_out) } } - /* Destroy the host and server keys. They will no longer be needed. */ void destroy_sensitive_data(void) @@ -526,8 +530,9 @@ static void privsep_preauth_child(void) { u_int32_t rand[256]; - int i; + gid_t gidset[2]; struct passwd *pw; + int i; /* Enable challenge-response authentication for privilege separation */ privsep_challenge_enable(); @@ -555,7 +560,17 @@ privsep_preauth_child(void) /* Drop our privileges */ debug3("privsep user:group %u:%u", (u_int)pw->pw_uid, (u_int)pw->pw_gid); +#if 0 + /* XXX not ready, to heavy after chroot */ do_setusercontext(pw); +#else + gidset[0] = pw->pw_gid; + if (setgid(pw->pw_gid) < 0) + fatal("setgid failed for %u", pw->pw_gid ); + if (setgroups(1, gidset) < 0) + fatal("setgroups: %.100s", strerror(errno)); + permanently_set_uid(pw); +#endif } static Authctxt* @@ -609,7 +624,11 @@ privsep_postauth(Authctxt *authctxt) /* XXX - Remote port forwarding */ x_authctxt = authctxt; +#ifdef BROKEN_FD_PASSING + if (1) { +#else if (authctxt->pw->pw_uid == 0 || options.use_login) { +#endif /* File descriptor passing is broken or root login */ monitor_apply_keystate(pmonitor); use_privsep = 0; @@ -683,6 +702,7 @@ Key * get_hostkey_by_type(int type) { int i; + for (i = 0; i < options.num_host_key_files; i++) { Key *key = sensitive_data.host_keys[i]; if (key != NULL && key->type == type) @@ -703,6 +723,7 @@ int get_hostkey_index(Key *key) { int i; + for (i = 0; i < options.num_host_key_files; i++) { if (key == sensitive_data.host_keys[i]) return (i); @@ -991,11 +1012,13 @@ main(int ac, char **av) * hate software patents. I dont know if this can go? Niels */ if (options.server_key_bits > - BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) - SSH_KEY_BITS_RESERVED && - options.server_key_bits < - BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) + SSH_KEY_BITS_RESERVED) { + BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) - + SSH_KEY_BITS_RESERVED && options.server_key_bits < + BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) + + SSH_KEY_BITS_RESERVED) { options.server_key_bits = - BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) + SSH_KEY_BITS_RESERVED; + BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) + + SSH_KEY_BITS_RESERVED; debug("Forcing server key to %d bits to make it differ from host key.", options.server_key_bits); } @@ -1012,6 +1035,9 @@ main(int ac, char **av) (S_ISDIR(st.st_mode) == 0)) fatal("Missing privilege separation directory: %s", _PATH_PRIVSEP_CHROOT_DIR); + if (st.st_uid != 0 || (st.st_mode & (S_IWGRP|S_IWOTH)) != 0) + fatal("Bad owner or mode for %s", + _PATH_PRIVSEP_CHROOT_DIR); } /* Configuration looks good, so exit if in test mode. */ @@ -1351,7 +1377,7 @@ main(int ac, char **av) */ #if 0 /* XXX: this breaks Solaris */ - if (setsid() < 0) + if (!debug_flag && !inetd_flag && setsid() < 0) error("setsid: %.100s", strerror(errno)); #endif diff --git a/openssh/sshd_config.5 b/openssh/sshd_config.5 index 1aecd48..aa7b7c7 100644 --- a/openssh/sshd_config.5 +++ b/openssh/sshd_config.5 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.3 2002/06/20 23:37:12 markus Exp $ +.\" $OpenBSD: sshd_config.5,v 1.4 2002/06/22 16:45:29 stevesk Exp $ .Dd September 25, 1999 .Dt SSHD_CONFIG 5 .Os @@ -305,10 +305,6 @@ To disable keepalives, the value should be set to .It Cm KerberosAuthentication Specifies whether Kerberos authentication is allowed. This can be in the form of a Kerberos ticket, or if -.It Cm PAMAuthenticationViaKbdInt -Specifies whether PAM challenge response authentication is allowed. This -allows the use of most PAM challenge response authentication modules, but -it will allow password authentication regardless of whether .Cm PasswordAuthentication is yes, the password provided by the user will be validated through the Kerberos KDC. @@ -425,6 +421,12 @@ The probability increases linearly and all connection attempts are refused if the number of unauthenticated connections reaches .Dq full (60). +.It Cm PAMAuthenticationViaKbdInt +Specifies whether PAM challenge response authentication is allowed. This +allows the use of most PAM challenge response authentication modules, but +it will allow password authentication regardless of whether +.Cm PasswordAuthentication +is enabled. .It Cm PasswordAuthentication Specifies whether password authentication is allowed. The default is @@ -464,7 +466,7 @@ If this option is set to .Dq no root is not allowed to login. .It Cm PidFile -Specifies the file that contains the process identifier of the +Specifies the file that contains the process ID of the .Nm sshd daemon. The default is diff --git a/openssh/sshlogin.c b/openssh/sshlogin.c index 78c51ab..e76f945 100644 --- a/openssh/sshlogin.c +++ b/openssh/sshlogin.c @@ -39,7 +39,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshlogin.c,v 1.3 2001/12/19 07:18:56 deraadt Exp $"); +RCSID("$OpenBSD: sshlogin.c,v 1.4 2002/06/23 03:30:17 deraadt Exp $"); #include "loginrec.h" @@ -48,10 +48,9 @@ RCSID("$OpenBSD: sshlogin.c,v 1.3 2001/12/19 07:18:56 deraadt Exp $"); * information is not available. This must be called before record_login. * The host the user logged in from will be returned in buf. */ - u_long get_last_login_time(uid_t uid, const char *logname, - char *buf, u_int bufsize) + char *buf, u_int bufsize) { struct logininfo li; @@ -64,10 +63,9 @@ get_last_login_time(uid_t uid, const char *logname, * Records that the user has logged in. I these parts of operating systems * were more standardized. */ - void record_login(pid_t pid, const char *ttyname, const char *user, uid_t uid, - const char *host, struct sockaddr * addr) + const char *host, struct sockaddr * addr) { struct logininfo *li; @@ -92,7 +90,6 @@ record_utmp_only(pid_t pid, const char *ttyname, const char *user, #endif /* Records that the user has logged out. */ - void record_logout(pid_t pid, const char *ttyname, const char *user) { diff --git a/openssh/sshpty.c b/openssh/sshpty.c index a7e7e27..64ac4e5 100644 --- a/openssh/sshpty.c +++ b/openssh/sshpty.c @@ -12,7 +12,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshpty.c,v 1.4 2001/12/19 07:18:56 deraadt Exp $"); +RCSID("$OpenBSD: sshpty.c,v 1.7 2002/06/24 17:57:20 deraadt Exp $"); #ifdef HAVE_UTIL_H # include @@ -343,9 +343,8 @@ pty_make_controlling_tty(int *ttyfd, const char *ttyname) if (fd < 0) error("open /dev/tty failed - could not set controlling tty: %.100s", strerror(errno)); - else { + else close(fd); - } #endif /* _CRAY */ } @@ -356,6 +355,7 @@ pty_change_window_size(int ptyfd, int row, int col, int xpixel, int ypixel) { struct winsize w; + w.ws_row = row; w.ws_col = col; w.ws_xpixel = xpixel; @@ -393,13 +393,13 @@ pty_setowner(struct passwd *pw, const char *ttyname) if (st.st_uid != pw->pw_uid || st.st_gid != gid) { if (chown(ttyname, pw->pw_uid, gid) < 0) { if (errno == EROFS && - (st.st_uid == pw->pw_uid || st.st_uid == 0)) - error("chown(%.100s, %d, %d) failed: %.100s", - ttyname, pw->pw_uid, gid, + (st.st_uid == pw->pw_uid || st.st_uid == 0)) + error("chown(%.100s, %u, %u) failed: %.100s", + ttyname, (u_int)pw->pw_uid, (u_int)gid, strerror(errno)); else - fatal("chown(%.100s, %d, %d) failed: %.100s", - ttyname, pw->pw_uid, gid, + fatal("chown(%.100s, %u, %u) failed: %.100s", + ttyname, (u_int)pw->pw_uid, (u_int)gid, strerror(errno)); } } diff --git a/openssh/tildexpand.c b/openssh/tildexpand.c index e89a7ad..cbe9811 100644 --- a/openssh/tildexpand.c +++ b/openssh/tildexpand.c @@ -11,7 +11,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: tildexpand.c,v 1.12 2001/08/11 22:51:27 jakob Exp $"); +RCSID("$OpenBSD: tildexpand.c,v 1.13 2002/06/23 03:25:50 deraadt Exp $"); #include "xmalloc.h" #include "log.h" @@ -67,6 +67,7 @@ tilde_expand_filename(const char *filename, uid_t my_uid) if (len > MAXPATHLEN) fatal("Home directory too long (%d > %d", len-1, MAXPATHLEN-1); expanded = xmalloc(len); - snprintf(expanded, len, "%s%s%s", pw->pw_dir, strcmp(pw->pw_dir, "/") ? "/" : "", cp + 1); + snprintf(expanded, len, "%s%s%s", pw->pw_dir, + strcmp(pw->pw_dir, "/") ? "/" : "", cp + 1); return expanded; } diff --git a/openssh/version.h b/openssh/version.h index fcd853d..1e9b431 100644 --- a/openssh/version.h +++ b/openssh/version.h @@ -1,4 +1,4 @@ -/* $OpenBSD: version.h,v 1.33 2002/06/21 15:41:20 markus Exp $ */ +/* $OpenBSD: version.h,v 1.34 2002/06/26 13:56:27 markus Exp $ */ -#define SSH_VERSION "OpenSSH_3.3" +#define SSH_VERSION "OpenSSH_3.4p1" -- 2.45.2