-dnl Process this file with autoconf to produce a configure script.
-
-AC_INIT(auth-krb4.c)
+AC_INIT(ssh.c)
AC_CONFIG_HEADER(config.h)
dnl Checks for programs.
AC_PROG_CC
+AC_PROG_CPP
AC_PROG_RANLIB
AC_CHECK_PROG(AR, ar, ar)
if test "$GCC" = "yes"; then CFLAGS="$CFLAGS -Wall"; fi
-dnl Checks for libraries.
-dnl Replace `main' with a function in -lcrypto:
-AC_CHECK_LIB(crypto, CRYPTO_lock, ,AC_MSG_ERROR([*** libcrypto missing - please install first ***]))
-dnl Replace `main' with a function in -lutil:
-AC_CHECK_LIB(util, logout, ,AC_MSG_ERROR([*** -lutil missing - this is part of libc. ***]))
-dnl Replace `main' with a function in -lz:
-AC_CHECK_LIB(z, deflate, ,AC_MSG_ERROR([*** zlib missing - please install first ***]))
-dnl check for nsl
-AC_CHECK_LIB(nsl, yp_match, , )
-dnl check for dl
-AC_CHECK_LIB(dl, dlopen, , )
-dnl check for pam
-AC_CHECK_LIB(pam, pam_authenticate, , )
-
dnl Check for OpenSSL/SSLeay directories.
AC_MSG_CHECKING([for OpenSSL/SSLeay directory])
-for dir in /usr /usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/pkg ; do
- ssldir="$dir"
- if test -f "$dir/include/openssl/crypto.h"; then
+for ssldir in /usr /usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local $prefix /usr/pkg ; do
+ if test -f "$ssldir/include/openssl/crypto.h"; then
AC_DEFINE(HAVE_OPENSSL)
break
fi
- if test -f "$dir/include/ssl/crypto.h"; then
+ if test -f "$ssldir/include/ssl/crypto.h"; then
AC_DEFINE(HAVE_SSL)
break
fi
- if test -f "$dir/include/crypto.h"; then
- break
- fi
done
AC_MSG_RESULT($ssldir)
AC_SUBST(ssldir)
[AC_MSG_RESULT(yes); ],
[AC_MSG_RESULT(no)]; LIBS="$saved_LIBS")
+dnl Checks for libraries.
+AC_CHECK_LIB(crypto, CRYPTO_lock, ,AC_MSG_ERROR([*** libcrypto missing - please install first ***]))
+AC_CHECK_LIB(z, deflate, ,AC_MSG_ERROR([*** zlib missing - please install first ***]))
+AC_CHECK_LIB(util, login, AC_DEFINE(HAVE_LIBUTIL_LOGIN) LIBS="$LIBS -lutil")
+AC_CHECK_LIB(nsl, yp_match, , )
+AC_CHECK_LIB(socket, main, , )
+
+dnl libdl is needed by PAM on Redhat systems
+AC_CHECK_LIB(dl, dlopen, , )
+AC_CHECK_LIB(pam, pam_authenticate, , )
+
dnl Checks for header files.
-AC_CHECK_HEADERS(pty.h)
+AC_CHECK_HEADERS(pty.h endian.h paths.h lastlog.h)
dnl Checks for library functions.
AC_PROG_GCC_TRADITIONAL
AC_CHECK_FUNCS(openpty strlcpy mkdtemp arc4random setproctitle)
+dnl Check for ut_host field in utmp
+AC_MSG_CHECKING([whether utmp.h has ut_host field])
+AC_EGREP_HEADER(ut_host, utmp.h,
+ [AC_DEFINE(HAVE_HOST_IN_UTMP) AC_MSG_RESULT(yes); ],
+ [AC_MSG_RESULT(no)]
+)
+
dnl Check whether user wants GNOME ssh-askpass
AC_ARG_WITH(gnome-askpass,
[ --with-gnome-askpass Build and use the GNOME passphrase requester],
[GNOME_ASKPASS="gnome-ssh-askpass"])
AC_SUBST(GNOME_ASKPASS)
+dnl Check for user-specified random device
+AC_ARG_WITH(random,
+ [ --with-random=FILE read randomness from FILE (default /dev/urandom)],
+ [
+ RANDOM_POOL="$withval";
+ AC_DEFINE(RANDOM_POOL, "$RANDOM_POOL")
+ ],
+ [
+ dnl Check for random device
+ AC_CHECK_FILE("/dev/urandom",
+ [
+ RANDOM_POOL="/dev/urandom";
+ AC_DEFINE(RANDOM_POOL, "$RANDOM_POOL")
+ ]
+ )
+ ]
+)
+
+dnl Check for EGD pool file
+AC_ARG_WITH(egd-pool,
+ [ --with-egd-pool=FILE read randomness from EGD pool FILE],
+ [
+ RANDOM_POOL="$withval";
+ AC_DEFINE(HAVE_EGD)
+ AC_DEFINE(RANDOM_POOL, "$RANDOM_POOL")
+ ]
+)
+
+if test -z "$RANDOM_POOL" -a -z "$EGD_POOL"; then
+ AC_MSG_ERROR([No random device found, and no EGD random pool specified])
+fi
+
AC_OUTPUT(Makefile)
#include "rc4.h"
#include "xmalloc.h"
+#include "ssh.h"
#include "config.h"
#include "helper.h"
void get_random_bytes(unsigned char *buf, int len)
{
- int urandom;
+ int random_pool;
int c;
+#ifdef HAVE_EGD
+ char egd_message[2] = { 0x02, 0x00 };
+#endif /* HAVE_EGD */
- urandom = open("/dev/urandom", O_RDONLY);
- if (urandom == -1)
- {
- fprintf(stderr, "Couldn't open /dev/urandom: %s", strerror(errno));
- exit(1);
- }
+ random_pool = open(RANDOM_POOL, O_RDONLY);
+ if (random_pool == -1)
+ fatal("Couldn't open random pool \"%s\": %s", RANDOM_POOL, strerror(errno));
- c = read(urandom, buf, len);
+#ifdef HAVE_EGD
+ if (len > 255)
+ fatal("Too many bytes to read from EGD");
+
+ /* Send blocking read request to EGD */
+ egd_message[1] = len;
+ c = write(random_pool, egd_message, sizeof(egd_message));
+ if (c == -1)
+ fatal("Couldn't write to EGD socket \"%s\": %s", RANDOM_POOL, strerror(errno));
+#endif /* HAVE_EGD */
+
+ c = read(random_pool, buf, len);
if (c == -1)
- {
- fprintf(stderr, "Couldn't read from /dev/urandom: %s", strerror(errno));
- exit(1);
- }
+ fatal("Couldn't read from random pool \"%s\": %s", RANDOM_POOL, strerror(errno));
if (c != len)
- {
- fprintf(stderr, "Short read from /dev/urandom");
- exit(1);
- }
+ fatal("Short read from random pool \"%s\"", RANDOM_POOL);
+
+ close(random_pool);
}
#endif /* !HAVE_ARC4RANDOM */
RCSID("$Id$");
#include <utmp.h>
+
+#ifdef HAVE_LASTLOG_H
+# include <lastlog.h>
+#endif
+
#include "ssh.h"
/* Returns the time when the user last logged in. Returns 0 if the
strncpy(u.ut_line, ttyname + 5, sizeof(u.ut_line));
u.ut_time = time(NULL);
strncpy(u.ut_name, user, sizeof(u.ut_name));
+#ifdef HAVE_HOST_IN_UTMP
strncpy(u.ut_host, host, sizeof(u.ut_host));
+#endif
/* Figure out the file names. */
utmp = _PATH_UTMP;
}
}
-/* Records that the user has logged out. */
-
void record_logout(int pid, const char *ttyname)
{
+#ifdef HAVE_LIBUTIL_LOGIN
const char *line = ttyname + 5; /* /dev/ttyq8 -> ttyq8 */
if (logout(line))
logwtmp(line, "", "");
+#else /* HAVE_LIBUTIL_LOGIN */
+ record_login(pid, ttyname, "", -1, "", NULL);
+#endif /* HAVE_LIBUTIL_LOGIN */
}
+
andersk / openssh.git / commitdiff
