- Integrated patch from Dan Brosemer <odin@linuxfreak.com>

   - Build fixes
   - Autoconf
   - Change binary names to open*

 - Fixed autoconf script to detect PAM on RH6.1
 - Added tests for libpwdb, and OpenBSD functions to autoconf (not used yet)

diff --git a/ChangeLog b/ChangeLog
index 08d90f78d316527346f6fe97161564eea10f7fe4..f763d72e24537a799ef691ecfeca890dc7ab490e 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,578 +1,30 @@
-Fri Nov 17 16:19:20 1995  Tatu Ylonen  <ylo@trance.olari.clinet.fi>
-
-       * Released 1.2.12.
-
-       * channels.c: Commented out debugging messages about output draining.
-
-       * Added file OVERVIEW to give some idea about the structure of the
-         ssh software.
-
-Thu Nov 16 16:40:17 1995  Tatu Ylonen  <ylo@trance.olari.clinet.fi>
-
-       * canohost.c (get_remote_hostname): Don't ever return NULL (causes
-         segmentation violation).
-
-        * sshconnect.c: Host ip address printed incorrectly with -v.
-       
-       * Implemented SSH_TTY environment variable.
-
-Wed Nov 15 01:47:40 1995  Tatu Ylonen  <ylo@trance.olari.clinet.fi>
-
-       * Implemented server and client option KeepAlive to specify
-         whether to set SO_KEEPALIVE.  Both default to "yes"; to disable
-         keepalives, set the value to "no" in both the server and the
-         client configuration files.  Updated manual pages.
-       
-       * sshd.c: Fixed Solaris utmp problem: wrong pid stored in utmp
-         (patch from Petri Virkkula <argon@bat.cs.hut.fi>).
-
-       * login.c (record_logout): Fixed removing user from utmp on BSD
-         (with HAVE_LIBUTIL_LOGIN).
-
-       * Added cleanup functions to be called from fatal().  Arranged for
-         utmp to be cleaned if sshd terminates by calling fatal (e.g.,
-         after dropping connection).  Eliminated separate client-side
-         fatal() functions and moved fatal() to log-client.c.  Made all
-         cleanups, including channel_stop_listening() and packet_close()
-         be called using this mechanism.
-
-Thu Nov  9 09:58:05 1995  Tatu Ylonen  <ylo@soikko.cs.hut.fi>
-
-       * sshd.c: Permit immediate login with empty password only if
-         password authentication is allowed.
-
-Wed Nov  8 00:43:55 1995  Tatu Ylonen  <ylo@soikko.cs.hut.fi>
-
-       * Eliminated unix-domain X11 forwarding.  Inet-domain forwarding is
-         now the only supported form.  Renamed server option
-         X11InetForwarding to X11Forwarding, and eliminated
-         X11UnixForwarding.  Updated documentation.  Updated RFC (marked
-         the SSH_CMSG_X11_REQUEST_FORWARDING message (code 26) as
-         obsolete, and removed all references to it).  Increased protocol
-         version number to 1.3.
-
-       * scp.c (main): Added -B (BatchMode).  Updated manual page.
-
-       * Cleaned up and updated all manual pages.
-
-       * clientloop.c: Added new escape sequences ~# (lists forwarded
-         connections), ~& (background ssh when waiting for forwarded
-         connections to terminate), ~? (list available escapes).
-         Polished the output of the connection listing.  Updated
-         documentation.
-
-       * uidswap.c: If _POSIX_SAVED_IDS is defined, don't change the real
-         uid.  Assume that _POSIX_SAVED_IDS also applies to seteuid.
-         This may solve problems with tcp_wrappers (libwrap) showing
-         connections as coming from root.
-       
-Tue Nov  7 20:28:57 1995  Tatu Ylonen  <ylo@soikko.cs.hut.fi>
-
-       * Added RandomSeed server configuration option.  The argument
-         specifies the location of the random seed file.  Updated
-         documentation.
-       
-       * Locate perl5 in configure.  Generate make-ssh-known-hosts (with
-         the correct path for perl5) in Makefile.in, and install it with
-         the other programs.  Updated manual page.
-
-       * sshd.c (main): Added a call to umask to set the umask to a
-         reasonable value.
-
-       * compress.c (buffer_compress): Fixed to follow the zlib
-         documentation (which is slightly confusing).
-
-       * INSTALL: Added information about Linux libc.so.4 problem.
-
-Mon Nov  6 15:42:36 1995  Tatu Ylonen  <ylo@soikko.cs.hut.fi>
-
-       * (Actually autoconf fix) Installed patch to AC_ARG_PROGRAM.
-       
-       * sshd.c, sshd.8.in: Renamed $HOME/.environment ->
-         $HOME/.ssh/environment.
-
-       * configure.in: Disable shadow password checking on convex.
-         Convex has /etc/shadow, but sets pw_passwd automatically if
-         running as root.
-
-       * Eliminated HAVE_ETC_MASTER_PASSWD (NetBSD, FreeBSD); the
-         pw_passwd field is automatically filled if running as root.
-         Put explicit code in configure.in to prevent shadow password
-         checking on FreeBSD and NetBSD.
-       
-       * serverloop.c (signchld_handler): Don't print error if wait
-         returns -1.
-
-       * Makefile.in (install): Fixed modes of data files.
-
-       * Makefile.in (install): Make links for slogin.1.
-
-       * make-ssh-known-hosts: Merged a patch from melo@ci.uminho.pt to
-         fix the ping command.
-
-Fri Nov  3 16:25:28 1995  Tatu Ylonen  <ylo@soikko.cs.hut.fi>
-
-       * ssh.1.in: Added more information about X11 forwarding.
-
-Thu Nov  2 18:42:13 1995  Tatu Ylonen  <ylo@soikko.cs.hut.fi>
-
-       * Changes to use O_NONBLOCK_BROKEN consistently.
-
-       * pty.c (pty_make_controlling_tty): Use setpgid instead of
-         setsid() on Ultrix.
-
-       * includes.h: Removed redundant #undefs for Ultrix and Sony News;
-         these are already handled in configure.in.
-
-Tue Oct 31 13:31:28 1995  Tatu Ylonen  <ylo@soikko.cs.hut.fi>
-
-       * configure.in: Define SSH_WTMP to /var/adm/wtmp is wtmp not found.
-
-       * configure.in: Disable vhangup on Ultrix.  I am told this fixes
-         the server problems.
-
-Sat Oct 28 14:22:05 1995  Tatu Ylonen  <ylo@soikko.cs.hut.fi>
-
-       * sshconnect.c: Fixed a bug in connecting to a multi-homed host.
-         Restructured the connecting code to never try to use the same
-         socket a second time after a failed connection.
-
-       * Makefile.in: Added explicit -m option to install, and umask 022
-         when creating directories and the host key.
-
-Fri Oct 27 01:05:10 1995  Tatu Ylonen  <ylo@soikko.cs.hut.fi>
-
-       * Makefile.in: Added cleaning of $(ZLIBDIR) to clean and distclean.
-
-       * login.c (get_last_login_time): Fixed a typo (define -> defined).
-
-Thu Oct 26 01:28:07 1995  Tatu Ylonen  <ylo@soikko.cs.hut.fi>
-
-       * configure.in: Moved testing for ANSI C compiler after the host
-         specific code (problems on HPUX).
-
-       * Minor fixes to /etc/default/login stuff from Bryan O'Sullivan.
-
-       * Fixed .SH NAME sections in manual pages.
-
-       * compress.c: Trying to fix a mysterious bug in the compression
-         glue.
-
-       * ssh-1.2.11.
-
-       * scp.c: disable agent forwarding when running ssh from scp.
-
-       * Added compression of plaintext packets using the gzip library
-         (zlib).  Client configuration options Compression and
-         CompressionLevel (1-9 as in gzip).  New ssh and scp option -C
-         (to enable compression).  Updated RFC.
-
-Wed Oct 25 05:11:55 1995  Tatu Ylonen  <ylo@soikko.cs.hut.fi>
-
-       * Implemented ProxyCommand stuff based on patches from Bryan
-         O'Sullivan <bos@serpentine.com>.
-
-       * Merged BSD login/logout/lastlog patches from Mark Treacy
-         <mark@labtam.oz.au>.
-       
-       * sshd.c: Added chdir("/").
-
-Tue Oct 24 00:29:01 1995  Tatu Ylonen  <ylo@soikko.cs.hut.fi>
-
-       * Merged RSA environment= patches from Felix Leitner
-         <leitner@prz.tu-berlin.de> with some changes.
-       
-       * sshd.c: Made the packet code use two separate descriptors for
-         the connection (one for input, the other for output).  This will
-         make future extensions easier (e.g., non-socket transports, etc.).
-         sshd -i now uses both stdin and stdout separately.
-       
-Mon Oct 23 21:29:28 1995  Tatu Ylonen  <ylo@soikko.cs.hut.fi>
-
-       * sshd.c: Merged execle -> execve patches from Mark Martinec
-         <Mark.Martinec@nsc.ijs.si>.  This may help with execle bugs on
-         Convex (environment not getting passed properly).  This might
-         also solve similar problems on Sonys; please test!
-
-       * Removed all compatibility code for protocol version 1.0.
-         THIS MEANS THAT WE ARE NO LONGER COMPATIBLE WITH SSH VERSIONS
-         PRIOR TO 1.1.0.
-
-       * randoms.c (random_acquire_light_environmental_noise): If
-         /dev/random is available, read up to 32 bytes (256 bits) from
-         there in non-blocking mode, and mix the new random bytes into
-         the pool.
-
-       * Added client configuration option StrictHostKeyChecking
-         (disabled by default).  If this is enabled, the client will not
-         automatically add new host keys to $HOME/.ssh/known_hosts;
-         instead the connection will be refused if the host key is not
-         known.  Similarly, if the host key has changed, the connection
-         will be refused instead if just issuing a warning.  This
-         provides additional security against man-in-the-middle/trojan
-         horse attacks (especially in scripts where there is no-one to
-         see the warnings), but may be quite inconvenient in everyday
-         interactive use unless /etc/ssh_known_hosts is very complete,
-         because new host keys must now be added manually.
-       
-       * sshconnect.c (ssh_connect): Use the user's uid when creating the
-         socket and connecting it.  I am hoping that this might help with
-         tcp_wrappers showing the remote user as root.
-
-       * ssh.c: Try inet-domain X11 forwarding regardless of whether we
-         can get local authorization information.  If we don't, we just
-         come up with fake information; the forwarding code will anyway
-         generate its own fake information and validate that the client
-         knows that information.  It will then substitute our fake
-         information for that, but that info should get ignored by the
-         server if it doesn't support it.
-
-       * Added option BatchMode to disable password/passphrase querying
-         in scripts.
-
-       * auth-rh-rsa.c: Changed to use uid-swapping when reading
-         .ssh/known_hosts.
-
-       * sshd.8.in (command): Improved documentation of file permissions
-         on the manual pages.
-
-Thu Oct 19 21:05:51 1995  Tatu Ylonen  <ylo@soikko.cs.hut.fi>
-
-       * ssh-add.c (add_file): Fixed a bug causing ssh to sometimes refer
-         to freed memory (comment -> saved_comment).
-
-       * log-server.c: Added a prefix to debug/warning/error/fatal
-         messages describing message types.  Syslog does not include that
-         information automatically.
-
-Sun Oct  8 01:56:01 1995  Tatu Ylonen  <ylo@shadows.cs.hut.fi>
-
-       * Merged /etc/default/login and MAIL environment variable changes
-         from Bryan O'Sullivan <bos@serpentine.com>.
-           - mail spool file location
-           - process /etc/default/login
-           - add HAVE_ETC_DEFAULT_LOGIN
-           - new function child_get_env and read_etc_default_login (sshd.c)
-       
-       * ssh-add.c (add_file): Fixed asking for passphrase.
-
-       * Makefile.in: Fixed installing configure-generated man pages when
-         compiling in a separate object directory.
-
-       * sshd.c (main): Moved RSA key generation until after allocating
-         the port number.  (Actually, the code got duplicated because we
-         never listen when run from inetd.)
-
-       * ssh.c: Fixed a problem that caused scp to hang when called with
-         stdin closed.
-
-Sat Oct  7 03:08:06 1995  Tatu Ylonen  <ylo@shadows.cs.hut.fi>
-
-       * Added server config option StrictModes.  It specifies whether to
-         check ownership and modes of home directory and .rhosts files.
-
-       * ssh.c: If ssh is renamed/linked to a host name, connect to that
-         host.
-
-       * serverloop.c, clientloop.c: Ignore EAGAIN reported on read from
-         connection.  Solaris has a kernel bug which causes select() to
-         sometimes wake up even though there is no data available.
-
-       * Display all open connections when printing the "Waiting for
-         forwarded connections to terminate" message.
-
-       * sshd.c, readconf.c: Added X11InetForwarding and
-         X11UnixForwarding server config options.
-
-Thu Oct  5 17:41:16 1995  Tatu Ylonen  <ylo@shadows.cs.hut.fi>
-
-       * Some more SCO fixes.
-
-Tue Oct  3 01:04:34 1995  Tatu Ylonen  <ylo@shadows.cs.hut.fi>
-
-       * Fixes and cleanups in README, INSTALL, COPYING.
-
-Mon Oct  2 03:36:08 1995  Tatu Ylonen  <ylo@shadows.cs.hut.fi>
-
-       * ssh-add.c (add_file): Fixed a bug in ssh-add (xfree: NULL ...).
-
-       * Removed .BR from ".SH NAME" in man pages.
-
-Sun Oct  1 04:16:07 1995  Tatu Ylonen  <ylo@shadows.cs.hut.fi>
-
-       * ssh-1.2.10.
-       
-       * configure.in: When checking that the compiler works, check that
-         it understands ANSI C prototypes.
-
-       * Made uidswap error message a debug() to avoid confusing errors
-         on AIX (AIX geteuid is brain-damaged and fails even for root).
-
-       * Fixed an error in sshd.8 (FacistLogging -> FascistLogging).
-
-       * Fixed distribution in Makefile.in (missing manual page .in files).
-
-Sat Sep 30 17:38:46 1995  Tatu Ylonen  <ylo@shadows.cs.hut.fi>
-
-       * auth-rhosts.c: Fixed serious security problem in
-         /etc/hosts.equiv authentication.
-
-Fri Sep 29 00:41:02 1995  Tatu Ylonen  <ylo@shadows.cs.hut.fi>
-
-       * Include machine/endian.h on Paragon.
-
-       * ssh-add.c (add_file): Made ssh-add keep asking for the
-         passphrase until the user just types return or cancels.
-         Make the dialog display the comment of the key.
-
-       * Read use shosts.equiv in addition to /etc/hosts.equiv.
-
-       * sshd.8 is now sshd.8.in and is processed by configure to
-         substitute the proper paths for various files.  Ditto for ssh.1.
-         Ditto for make-ssh-known-hosts.1.
-       
-       * configure.in: Moved /etc/sshd_pid to PIDDIR/sshd.pid.  PIDDIR
-         will be /var/run if it exists, and ETCDIR otherwise.
-
-Thu Sep 28 21:52:42 1995  Tatu Ylonen  <ylo@shadows.cs.hut.fi>
-
-       * On Ultrix, check if sys/syslog.h needs to be included in
-         addition to syslog.h.
-
-       * make-ssh-known-hosts.pl: Merged Kivinen's fixes for HPUX.
-
-       * configure.in: Put -lwrap, -lsocks, etc. at the head of LIBS.
-
-       * Fixed case-insensitivity in auth-rhosts.c.
-
-       * Added missing socketpair.c to EXTRA_SRCS (needed on SCO), plus
-         other SCO fixes.
-
-       * Makefile.in: Fixed missing install_prefixes.
-
-Wed Sep 27 03:57:00 1995  Tatu Ylonen  <ylo@shadows.cs.hut.fi>
-
-       * ssh-1.2.9.
-
-       * Added SOCKS support.
-
-       * Fixed default setting of IgnoreRhosts option.
-
-       * Pass the magic cookie to xauth in stdin instead of command line;
-         the command line is visible in ps.
-
-       * Added processing $HOME/.ssh/rc and /etc/sshrc.
-
-       * Added a section to sshd.8 on what happens at login time.
-
-Tue Sep 26 01:27:40 1995  Tatu Ylonen  <ylo@shadows.cs.hut.fi>
-
-       * Don't define speed_t on SunOS 4.1.1; it conflicts with system 
-         headers.
-
-       * Added support for .hushlogin.
-
-       * Added --with-etcdir.
-
-       * Read $HOME/.environment after /etc/environment.
-
-Mon Sep 25 03:26:06 1995  Tatu Ylonen  <ylo@shadows.cs.hut.fi>
-
-       * Merged patches for SCO Unix (from Michael Henits).
-
-Sun Sep 24 22:28:02 1995  Tatu Ylonen  <ylo@shadows.cs.hut.fi>
-
-       * Added ssh option ConnectionAttempts.
-
-Sat Sep 23 12:30:15 1995  Tatu Ylonen  <ylo@shadows.cs.hut.fi>
-
-       * sshd.c: Don't print last login time and /etc/motd if a command
-         has been specified (with ssh -t host command).
-
-       * Added support for passing the screen number in X11 forwarding.
-         It is implemented as a compatible protocol extension, signalled
-         by SSH_PROTOFLAG_SCREEN_NUMBER by the child.
-
-       * clientloop.c: Fixed bugs in the order in which things were
-         processed.  This may solve problems with some data not getting
-         sent to the server as soon as possible (probably solves the TCP
-         forwarding delayed close problem).  Also, it looked like window
-         changes might not get transmitted as early as possible in some
-         cases.
-       
-       * clientloop.c: Changed to detect window size change that
-         happened while ssh was suspended.
-
-       * ssh.c: Moved the do_session function (client main loop) to
-         clientloop.c.  Divided it into smaller functions.  General cleanup.
-
-       * ssh-1.2.8
-
-Fri Sep 22 22:07:46 1995  Tatu Ylonen  <ylo@shadows.cs.hut.fi>
-
-       * sshconnect.c (ssh_login): Made ssh_login take the options
-         structure as argument, instead of the individual arguments.
-
-       * auth-rhosts.c (check_rhosts_file): Added support for netgroups.
-       
-       * auth-rhosts.c (check_rhosts_file): Added support for negated 
-         entries.
-
-Thu Sep 21 00:07:56 1995  Tatu Ylonen  <ylo@shadows.cs.hut.fi>
-
-       * auth-rhosts.c: Restructured rhosts authentication code.
-         Hosts.equiv now has same format as .rhosts: user names are allowed.
-
-       * Added support for the Intel Paragon.
-
-       * sshd.c: Don't use X11 forwarding with spoofing if no xauth
-         program.  Changed configure.in to not define XAUTH_PATH if
-         there is no xauth program.
-
-       * ssh-1.2.7
-
-       * sshd.c: Rewrote the code to build the environment.  Now also reads
-         /etc/environment.
-
-       * sshd.c: Fixed problems in libwrap code.  --with-libwrap now
-         takes optional library name/path.
-
-       * ssh-1.2.6
-
-       * Define USE_PIPES by default.
-
-       * Added support for Univel Unixware and MachTen.
-       
-       * Added IgnoreRhosts server option.
-
-       * Added USE_STRLEN_FOR_AF_UNIX; it is needed at least on MachTen.
-
-Wed Sep 20 02:41:02 1995  Tatu Ylonen  <ylo@shadows.cs.hut.fi>
-
-       * sshd.c (do_child): don't call packet_close when /etc/nologin,
-         because packet_close does shutdown, and the message does not get
-         sent.
-
-       * pty.c (pty_allocate): Push ttcompat streams module.
-
-       * randoms.c (random_acquire_light_environmental_noise): Don't use
-         the second argument to gettimeofday as it is not supported on
-         all systems.
-
-       * login.c (record_login): Added NULL second argument to gettimeofday.
-
-Tue Sep 19 13:25:48 1995  Tatu Ylonen  <ylo@shadows.cs.hut.fi>
-
-       * fixed pclose wait() in sshd key regeneration (now only collects
-         easily available noise).
-
-       * configure.in: test for bsdi before bsd*.
-
-       * ssh.c: Don't print "Connection closed" if -q.
-
-Wed Sep 13 04:19:52 1995  Tatu Ylonen  <ylo@shadows.cs.hut.fi>
-
-       * Released ssh-1.2.5.
-
-       * Hopefully fixed "Waiting for forwarded connections to terminate"
-         message.
-
-       * randoms.c, md5.c: Large modifications to make these work on Cray
-         (which has no 32 bit integer type).
-
-       * Fixed a problem with forwarded connection closes not being
-         reported immediately.
-
-       * ssh.c: fixed rhosts authentication (broken by uid-swapping).
-
-       * scp.c: Don't use -l if server user not specified (it made
-         setting User in the configuration file not work).
-
-       * configure.in: don't use -pipe on BSDI.
-
-       * randoms.c: Major modifications to make it work without 32 bit
-         integers (e.g. Cray).
-
-       * md5.c: Major modifications to make it work without 32 bit
-         integers (e.g. Cray).
-
-       * Eliminated HPSUX_BROKEN_PTYS.  The code is now enabled by 
-         default on all systems.
-
-Mon Sep 11 00:53:12 1995  Tatu Ylonen  <ylo@shadows.cs.hut.fi>
-
-       * sshd.c: don't include sshd pathname in log messages.
-
-       * Added libwrap stuff (includes support for identd).
-
-       * Added OSF/1 C2 extended security stuff.
-
-       * Fixed interactions between getuid() and uid-swap stuff.
-
-Sun Sep 10 00:29:27 1995  Tatu Ylonen  <ylo@shadows.cs.hut.fi>
-
-       * serverloop.c: Don't send stdout data to client until after a few
-         milliseconds if there is very little data.  This is because some
-         systems give data from pty one character at a time, which would
-         multiply data size by about 16.
-
-       * serverloop.c: Moved server do_session to a separate file and
-         renamed it server_loop.  Split it into several functions and
-         partially rewrote it.  Fixed "cat /etc/termcap | ssh foo cat" hangup.
-
-       * Screwed up something while checking stuff in under cvs.  No harm,
-         but bogus log entries...
-
-Sat Sep  9 02:24:51 1995  Tatu Ylonen  <ylo@shadows.cs.hut.fi>
-
-       * minfd.c (_get_permanent_fd): Use SHELL environment variable.
-
-       * channels.c (x11_create_display_inet): Created
-         HPSUX_NONSTANDARD_X11_KLUDGE; it causes DISPLAY to contain the
-         IP address of the host instead of the name, because HPSUX uses
-         some magic shared memory communication for local connections.
-
-       * Changed SIGHUP processing in server; it should now work multiple
-         times.
-
-       * Added length limits in many debug/log/error/fatal calls just in
-         case.
-
-       * login.c (get_last_login_time): Fixed location of lastlog.
-
-       * Rewrote all uid-swapping code.  New files uidswap.h, uidswap.c.
-
-       * Fixed several security problems involving chmod and chgrp (race
-         conditions).  Added warnings about dubious modes for /tmp/.X11-unix.
-
-Fri Sep  8 20:03:36 1995  Tatu Ylonen  <ylo@shadows.cs.hut.fi>
-
-       * Changed readconf.c to never display anything from the config
-         file.  This should now be prevented otherwise, but let's play safe.
-
-       * log-server.c: Use %.500s in syslog() just to be sure (they
-         should already be shorter than 1024 though).
-
-       * sshd.c: Moved setuid in child a little earlier (just to be
-         conservative, there was no security problem that I could detect).
-
-       * README, INSTALL: Added info about mailing list and WWW page.
-
-       * sshd.c: Added code to use SIGCHLD and wait zombies immediately.
-
-       * Merged patch to set ut_addr in utmp.
-
-       * Created ChangeLog and added it to Makefile.in.
-
-       * Use read_passphrase instead of getpass().
-
-       * Added SSH_FALLBACK_CIPHER.  Fixed a bug in default cipher
-         selection (IDEA used to be selected even if not supported by the
-         server).
-
-       * Use no encryption for key files if empty passphrase.
-
-       * Added section about --without-idea in INSTALL.
-
-       * Version 1.2.0 was released a couple of days ago.
-
+19991028
+ - Further PAM enhancements.
+   - Much cleaner
+   - Now uses account and session modules for all logins.
+ - Integrated patch from Dan Brosemer <odin@linuxfreak.com>
+   - Build fixes
+   - Autoconf
+   - Change binary names to open*
+ - Fixed autoconf script to detect PAM on RH6.1
+ - Added tests for libpwdb, and OpenBSD functions to autoconf
+19991027
+ - Adapted PAM patch.
+ - Released 1.0pre2
+
+ - Excised my buggy replacements for strlcpy and mkdtemp
+ - Imported correct OpenBSD strlcpy and mkdtemp routines.
+ - Reduced arc4random_stir entropy read to 32 bytes (256 bits)
+ - Picked up correct version number from OpenBSD
+ - Added sshd.pam PAM configuration file
+ - Added sshd.init Redhat init script
+ - Added openssh.spec RPM spec file
+ - Released 1.2pre3
+
+19991026
+ - Fixed include paths of OpenSSL functions
+ - Use OpenSSL MD5 routines
+ - Imported RC4 code from nanocrypt
+ - Wrote replacements for OpenBSD arc4random* functions
+ - Wrote replacements for strlcpy and mkdtemp
+ - Released 1.0pre1

diff --git a/ChangeLog.linux b/ChangeLog.linux
deleted file mode 100644 (file)
index a28e577..0000000
--- a/ChangeLog.linux
+++ /dev/null
@@ -1,20 +0,0 @@
-19991027
- - Adapted PAM patch.
- - Released 1.0pre2
-
- - Excised my buggy replacements for strlcpy and mkdtemp
- - Imported correct OpenBSD strlcpy and mkdtemp routines.
- - Reduced arc4random_stir entropy read to 32 bytes (256 bits)
- - Picked up correct version number from OpenBSD
- - Added sshd.pam PAM configuration file
- - Added sshd.init Redhat init script
- - Added openssh.spec RPM spec file
- - Released 1.2pre3
-
-19991026
- - Fixed include paths of OpenSSL functions
- - Use OpenSSL MD5 routines
- - Imported RC4 code from nanocrypt
- - Wrote replacements for OpenBSD arc4random* functions
- - Wrote replacements for strlcpy and mkdtemp
- - Released 1.0pre1

diff --git a/Makefile.GNU b/Makefile.GNU
deleted file mode 100644 (file)
index 0971995..0000000
--- a/Makefile.GNU
+++ /dev/null
@@ -1,50 +0,0 @@
-OPT_FLAGS=-g
-CFLAGS=$(OPT_FLAGS) -Wall -DETCDIR=\"/etc/ssh\" -DHAVE_PAM -DHAVE_PWDB
-TARGETS=bin/libssh.a bin/ssh bin/sshd bin/ssh-add bin/ssh-keygen bin/ssh-agent bin/scp
-LFLAGS=-L./bin
-LIBS=-lssh -lcrypto -lz -lutil  -lpwdb -lpam -ldl
-AR=ar
-RANLIB=ranlib
-
-OBJS=  authfd.o authfile.o auth-passwd.o auth-rhosts.o auth-rh-rsa.o \
-               auth-rsa.o bufaux.o buffer.o canohost.o channels.o cipher.o \
-               clientloop.o compress.o crc32.o deattack.o hostfile.o \
-               log-client.o login.o log-server.o match.o mpaux.o packet.o pty.o \
-               readconf.o readpass.o rsa.o servconf.o serverloop.o \
-               sshconnect.o tildexpand.o ttymodes.o uidswap.o xmalloc.o \
-               helper.o mktemp.o strlcpy.o rc4.o
-
-all: $(OBJS) $(TARGETS)
-
-bin/libssh.a: authfd.o authfile.o bufaux.o buffer.o canohost.o channels.o cipher.o compat.o compress.o crc32.o deattack.o hostfile.o match.o mpaux.o nchan.o packet.o readpass.o rsa.o tildexpand.o ttymodes.o uidswap.o xmalloc.o helper.o rc4.o mktemp.o strlcpy.o
-       [ -d bin ] || mkdir bin
-       $(AR) rv $@ $^
-       $(RANLIB) $@
-
-bin/ssh: ssh.o sshconnect.o log-client.o readconf.o clientloop.o
-       [ -d bin ] || mkdir bin
-       $(CC) -o $@ $^ $(LFLAGS) $(LIBS)
-
-bin/sshd:      sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o pty.o log-server.o login.o servconf.o serverloop.o
-       [ -d bin ] || mkdir bin
-       $(CC) -o $@ $^ $(LFLAGS) $(LIBS)
-
-bin/scp:       scp.o
-       [ -d bin ] || mkdir bin
-       $(CC) -o $@ $^ $(LFLAGS) $(LIBS)
-
-bin/ssh-add: ssh-add.o log-client.o
-       [ -d bin ] || mkdir bin
-       $(CC) -o $@ $^ $(LFLAGS) $(LIBS)
-
-bin/ssh-agent: ssh-agent.o log-client.o
-       [ -d bin ] || mkdir bin
-       $(CC) -o $@ $^ $(LFLAGS) $(LIBS)
-
-bin/ssh-keygen: ssh-keygen.o log-client.o
-       [ -d bin ] || mkdir bin
-       $(CC) -o $@ $^ $(LFLAGS) $(LIBS)
-
-clean:
-       rm -f *.o core bin/*
-       

diff --git a/Makefile.in b/Makefile.in
new file mode 100644 (file)
index 0000000..8e1d2f1
--- /dev/null
+++ b/Makefile.in
@@ -0,0 +1,73 @@
+prefix=@prefix@
+exec_prefix=@exec_prefix@
+bindir=@bindir@
+sbindir=@sbindir@
+libdir=@libdir@
+
+CC=@CC@
+CFLAGS=-g -Wall -DETCDIR=\"/etc/ssh\" @DEFS@
+TARGETS=bin/libopenssh.a bin/openssh bin/opensshd bin/openssh-add bin/openssh-keygen bin/openssh-agent bin/openscp
+LFLAGS=-L./bin
+LIBS=-lopenssh @LIBS@
+AR=@AR@
+RANLIB=@RANLIB@
+
+OBJS=  authfd.o authfile.o auth-passwd.o auth-rhosts.o auth-rh-rsa.o \
+               auth-rsa.o bufaux.o buffer.o canohost.o channels.o cipher.o \
+               clientloop.o compress.o crc32.o deattack.o helper.o hostfile.o \
+               log-client.o login.o log-server.o match.o mpaux.o packet.o pty.o \
+               readconf.o readpass.o rsa.o servconf.o serverloop.o \
+               sshconnect.o tildexpand.o ttymodes.o uidswap.o xmalloc.o \
+               helper.o mktemp.o strlcpy.o rc4.o
+
+all: $(OBJS) $(TARGETS)
+
+bin/libopenssh.a: authfd.o authfile.o bufaux.o buffer.o canohost.o channels.o cipher.o compat.o compress.o crc32.o deattack.o hostfile.o match.o mpaux.o nchan.o packet.o readpass.o rsa.o tildexpand.o ttymodes.o uidswap.o xmalloc.o helper.o rc4.o mktemp.o strlcpy.o
+       [ -d bin ] || mkdir bin
+       $(AR) rv $@ $^
+       $(RANLIB) $@
+
+bin/openssh: ssh.o sshconnect.o log-client.o readconf.o clientloop.o
+       [ -d bin ] || mkdir bin
+       $(CC) -o $@ $^ $(LFLAGS) $(LIBS) 
+
+bin/opensshd:  sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o pty.o log-server.o login.o servconf.o serverloop.o
+       [ -d bin ] || mkdir bin
+       $(CC) -o $@ $^ $(LFLAGS) $(LIBS) 
+
+bin/openscp:   scp.o
+       [ -d bin ] || mkdir bin
+       $(CC) -o $@ $^ $(LFLAGS) $(LIBS) 
+
+bin/openssh-add: ssh-add.o log-client.o
+       [ -d bin ] || mkdir bin
+       $(CC) -o $@ $^ $(LFLAGS) $(LIBS) 
+
+bin/openssh-agent: ssh-agent.o log-client.o
+       [ -d bin ] || mkdir bin
+       $(CC) -o $@ $^ $(LFLAGS) $(LIBS) 
+
+bin/openssh-keygen: ssh-keygen.o log-client.o
+       [ -d bin ] || mkdir bin
+       $(CC) -o $@ $^ $(LFLAGS) $(LIBS) 
+
+clean:
+       rm -f *.o core bin/* config.status config.cache config.log
+       
+install:
+       install -d $(bindir)
+       install -d $(sbindir)
+       install -d $(libdir)
+       install -c bin/openssh $(bindir)/openssh
+       install -c bin/openscp $(bindir)/openscp
+       install -c bin/openssh-add $(bindir)/openssh-add
+       install -c bin/openssh-agent $(bindir)/openssh-agent
+       install -c bin/openssh-keygen $(bindir)/openssh-keygen
+       install -c bin/opensshd $(sbindir)/opensshd
+       install -c bin/libopenssh.a $(libdir)/libopenssh.a
+
+distclean: clean
+       rm -f Makefile config.h *~
+       rm -rf bin
+
+mrproper: distclean

diff --git a/Makefile.inc b/Makefile.inc
deleted file mode 100644 (file)
index fddf3da..0000000
--- a/Makefile.inc
+++ /dev/null
@@ -1,11 +0,0 @@
-CFLAGS+=       -I${.CURDIR}/..
-
-.include <bsd.obj.mk>
-
-.if exists(${.CURDIR}/../lib/${__objdir})
-LDADD+=         -L${.CURDIR}/../lib/${__objdir} -lssh
-DPADD+=         ${.CURDIR}/../lib/${__objdir}/libssh.a
-.else
-LDADD+=         -L${.CURDIR}/../lib -lssh
-DPADD+=         ${.CURDIR}/../lib/libssh.a
-.endif

diff --git a/README.openssh b/README.openssh
index 02cb3c6037b8b5169ab26b65c049d4c96449d754..b5c9b5d99212c17a3089d7743225d7df92947e12 100644 (file)
--- a/README.openssh
+++ b/README.openssh
@@ -33,8 +33,8 @@ The OpenBSD team
 Miscellania - 
 
 This version of SSH is based upon code retrieved from the OpenBSD CVS
-repository on 1999-10-26, which in turn was based on the last free 
-version of SSH released by Tatu Ylonen.
+repository on 1999-10-26 patched by Damien Miller <djm@ibs.com.au>, which 
+in turn was based on the last free version of SSH released by Tatu Ylonen.
 
 Code in helper.[ch] is Copyright 1999 Internet Business Solutions and
 is released under a X11-style license (see source file for details).

diff --git a/acconfig.h b/acconfig.h
new file mode 100644 (file)
index 0000000..7119b94
--- /dev/null
+++ b/acconfig.h
@@ -0,0 +1,7 @@
+/* config.h.in.  Generated by hand, don't use autoheader.  */
+
+/* Define if your ssl headers are included with #include <ssl/header.h>  */
+#undef HAVE_SSL
+
+/* Define if your ssl headers are included with #include <openssl/header.h>  */
+#undef HAVE_OPENSSL

diff --git a/auth-rsa.c b/auth-rsa.c
index 1c2196867f459c8f008584439e83831312e14fac..0311f42f8ce2f3cca245302765060dafcd66d182 100644 (file)
--- a/auth-rsa.c
+++ b/auth-rsa.c
@@ -15,6 +15,7 @@ validity of the host key.
 
 */
 
+#include "config.h"
 #include "includes.h"
 RCSID("$Id$");
 
@@ -25,8 +26,14 @@ RCSID("$Id$");
 #include "mpaux.h"
 #include "uidswap.h"
 
+#ifdef HAVE_OPENSSL
 #include <openssl/rsa.h>
 #include <openssl/md5.h>
+#endif
+#ifdef HAVE_SSL
+#include <ssl/rsa.h>
+#include <ssl/md5.h>
+#endif
 
 /* Flags that may be set in authorized_keys options. */
 extern int no_port_forwarding_flag;

diff --git a/authfd.c b/authfd.c
index fb03faccc715650968489694d6faccb401a94b36..ab82b337077655a1c7cd6bdf8d802446ab0437b5 100644 (file)
--- a/authfd.c
+++ b/authfd.c
@@ -13,6 +13,7 @@ Functions for connecting the local authentication agent.
 
 */
 
+#include "config.h"
 #include "includes.h"
 RCSID("$Id$");
 
@@ -24,7 +25,12 @@ RCSID("$Id$");
 #include "xmalloc.h"
 #include "getput.h"
 
+#ifdef HAVE_OPENSSL
 #include <openssl/rsa.h>
+#endif
+#ifdef HAVE_SSL
+#include <ssl/rsa.h>
+#endif
 
 /* Returns the number of the authentication fd, or -1 if there is none. */
 

diff --git a/authfile.c b/authfile.c
index 90c470d5eefb7ed66127bdb8df4f7dc7adf76679..5008f1f1905a7088f11cafd082a6422a1445d0a3 100644 (file)
--- a/authfile.c
+++ b/authfile.c
@@ -14,10 +14,17 @@ for reading the passphrase from the user.
 
 */
 
+#include "config.h"
 #include "includes.h"
 RCSID("$Id$");
 
+#ifdef HAVE_OPENSSL
 #include <openssl/bn.h>
+#endif
+#ifdef HAVE_SSL
+#include <ssl/bn.h>
+#endif
+
 #include "xmalloc.h"
 #include "buffer.h"
 #include "bufaux.h"

diff --git a/bufaux.c b/bufaux.c
index 56e0346487cea6bb69aeadc6050b958e58cfdee6..59c8d7328fbb9baf26045968e4032105893660ea 100644 (file)
--- a/bufaux.c
+++ b/bufaux.c
@@ -14,11 +14,19 @@ Buffers.
 
 */
 
+#include "config.h"
 #include "includes.h"
 RCSID("$Id$");
 
 #include "ssh.h"
+
+#ifdef HAVE_OPENSSL
 #include <openssl/bn.h>
+#endif
+#ifdef HAVE_SSL
+#include <ssl/bn.h>
+#endif
+
 #include "bufaux.h"
 #include "xmalloc.h"
 #include "getput.h"

diff --git a/cipher.c b/cipher.c
index ac64a30dd71de02c9a92bd7a598e51132c499b8e..ade17dbc8b785549e4a8ca3c118742a5ce237d79 100644 (file)
--- a/cipher.c
+++ b/cipher.c
@@ -11,13 +11,19 @@ Created: Wed Apr 19 17:41:39 1995 ylo
 
 */
 
+#include "config.h"
 #include "includes.h"
 RCSID("$Id$");
 
 #include "ssh.h"
 #include "cipher.h"
 
+#ifdef HAVE_OPENSSL
 #include <openssl/md5.h>
+#endif
+#ifdef HAVE_SSL
+#include <ssl/md5.h>
+#endif
 
 /*
  * What kind of tripple DES are these 2 routines?

diff --git a/cipher.h b/cipher.h
index bded62430ed70bbf717e0e18e3891fea4ff061d7..d04855a44295bef98de88883733d3b078a71ddc4 100644 (file)
--- a/cipher.h
+++ b/cipher.h
@@ -13,11 +13,19 @@ Created: Wed Apr 19 16:50:42 1995 ylo
 
 /* RCSID("$Id$"); */
 
+#include "config.h"
+
 #ifndef CIPHER_H
 #define CIPHER_H
 
+#ifdef HAVE_OPENSSL
 #include <openssl/des.h>
 #include <openssl/blowfish.h>
+#endif
+#ifdef HAVE_SSL
+#include <ssl/des.h>
+#include <ssl/blowfish.h>
+#endif
 
 /* Cipher types.  New types can be added, but old types should not be removed
    for compatibility.  The maximum allowed value is 31. */

diff --git a/config.h.in b/config.h.in
new file mode 100644 (file)
index 0000000..44a5686
--- /dev/null
+++ b/config.h.in
@@ -0,0 +1,139 @@
+/* config.h.in.  Generated automatically from configure.in by autoheader.  */
+
+/* Define to empty if the keyword does not work.  */
+#undef const
+
+/* Define to `int' if <sys/types.h> doesn't define.  */
+#undef gid_t
+
+/* Define if you don't have vprintf but do have _doprnt.  */
+#undef HAVE_DOPRNT
+
+/* Define if your struct stat has st_blksize.  */
+#undef HAVE_ST_BLKSIZE
+
+/* Define if you have <sys/wait.h> that is POSIX.1 compatible.  */
+#undef HAVE_SYS_WAIT_H
+
+/* Define if utime(file, NULL) sets file's timestamp to the present.  */
+#undef HAVE_UTIME_NULL
+
+/* Define if you have the vprintf function.  */
+#undef HAVE_VPRINTF
+
+/* Define as __inline if that's what the C compiler calls it.  */
+#undef inline
+
+/* Define to `int' if <sys/types.h> doesn't define.  */
+#undef mode_t
+
+/* Define to `long' if <sys/types.h> doesn't define.  */
+#undef off_t
+
+/* Define as the return type of signal handlers (int or void).  */
+#undef RETSIGTYPE
+
+/* Define to `unsigned' if <sys/types.h> doesn't define.  */
+#undef size_t
+
+/* Define if you have the ANSI C header files.  */
+#undef STDC_HEADERS
+
+/* Define if you can safely include both <sys/time.h> and <time.h>.  */
+#undef TIME_WITH_SYS_TIME
+
+/* Define to `int' if <sys/types.h> doesn't define.  */
+#undef uid_t
+
+/* Define if your ssl headers are included with #include <ssl/header.h>  */
+#undef HAVE_SSL
+
+/* Define if your ssl headers are included with #include <openssl/header.h>  */
+#undef HAVE_OPENSSL
+
+/* Define if you have the arc4random function.  */
+#undef HAVE_ARC4RANDOM
+
+/* Define if you have the gethostname function.  */
+#undef HAVE_GETHOSTNAME
+
+/* Define if you have the gettimeofday function.  */
+#undef HAVE_GETTIMEOFDAY
+
+/* Define if you have the mkdir function.  */
+#undef HAVE_MKDIR
+
+/* Define if you have the mkdtemp function.  */
+#undef HAVE_MKDTEMP
+
+/* Define if you have the rmdir function.  */
+#undef HAVE_RMDIR
+
+/* Define if you have the select function.  */
+#undef HAVE_SELECT
+
+/* Define if you have the setproctitle function.  */
+#undef HAVE_SETPROCTITLE
+
+/* Define if you have the socket function.  */
+#undef HAVE_SOCKET
+
+/* Define if you have the strerror function.  */
+#undef HAVE_STRERROR
+
+/* Define if you have the strlcpy function.  */
+#undef HAVE_STRLCPY
+
+/* Define if you have the strspn function.  */
+#undef HAVE_STRSPN
+
+/* Define if you have the strtol function.  */
+#undef HAVE_STRTOL
+
+/* Define if you have the <dirent.h> header file.  */
+#undef HAVE_DIRENT_H
+
+/* Define if you have the <fcntl.h> header file.  */
+#undef HAVE_FCNTL_H
+
+/* Define if you have the <ndir.h> header file.  */
+#undef HAVE_NDIR_H
+
+/* Define if you have the <paths.h> header file.  */
+#undef HAVE_PATHS_H
+
+/* Define if you have the <sys/dir.h> header file.  */
+#undef HAVE_SYS_DIR_H
+
+/* Define if you have the <sys/ioctl.h> header file.  */
+#undef HAVE_SYS_IOCTL_H
+
+/* Define if you have the <sys/ndir.h> header file.  */
+#undef HAVE_SYS_NDIR_H
+
+/* Define if you have the <sys/time.h> header file.  */
+#undef HAVE_SYS_TIME_H
+
+/* Define if you have the <syslog.h> header file.  */
+#undef HAVE_SYSLOG_H
+
+/* Define if you have the <unistd.h> header file.  */
+#undef HAVE_UNISTD_H
+
+/* Define if you have the crypto library (-lcrypto).  */
+#undef HAVE_LIBCRYPTO
+
+/* Define if you have the dl library (-ldl).  */
+#undef HAVE_LIBDL
+
+/* Define if you have the pam library (-lpam).  */
+#undef HAVE_LIBPAM
+
+/* Define if you have the pwdb library (-lpwdb).  */
+#undef HAVE_LIBPWDB
+
+/* Define if you have the util library (-lutil).  */
+#undef HAVE_LIBUTIL
+
+/* Define if you have the z library (-lz).  */
+#undef HAVE_LIBZ

diff --git a/configure.in b/configure.in
new file mode 100644 (file)
index 0000000..0fac461
--- /dev/null
+++ b/configure.in
@@ -0,0 +1,54 @@
+dnl Process this file with autoconf to produce a configure script.
+AC_INIT(auth-krb4.c)
+
+AC_CONFIG_HEADER(config.h)
+
+dnl Checks for programs.
+AC_PROG_CC
+AC_PROG_RANLIB
+
+dnl Checks for libraries.
+dnl Replace `main' with a function in -lcrypto:
+AC_CHECK_LIB(crypto, CRYPTO_lock, ,AC_MSG_ERROR([*** libcrypto missing - please install first ***]))
+dnl Replace `main' with a function in -lutil:
+AC_CHECK_LIB(util, logout, ,AC_MSG_ERROR([*** -lutil missing - this is part of libc. ***]))
+dnl Replace `main' with a function in -lz:
+AC_CHECK_LIB(z, deflate, ,AC_MSG_ERROR([*** zlib missing - please install first ***]))
+dnl check for pwdb
+AC_CHECK_LIB(pwdb, pwdb_new, ,AC_MSG_ERROR([*** libpwdb missing - please install first ***]))
+dnl check for dl
+AC_CHECK_LIB(dl, dlopen, ,AC_MSG_ERROR([*** libdl missing - please install first ***]))
+dnl check for pam
+AC_CHECK_LIB(pam, pam_authenticate, ,AC_MSG_ERROR([*** PAM missing - please install first ***]))
+
+dnl Check for stuff in path.
+AC_CHECK_PROG(AR, ar, ar)
+
+dnl Check for ssl headers
+AC_CHECK_HEADER(openssl/bn.h, [AC_DEFINE(HAVE_OPENSSL)], [AC_CHECK_HEADER(ssl/bn.h, [AC_DEFINE(HAVE_SSL)], [AC_MSG_ERROR([*** ssl library missing - please install first ***])])])
+
+dnl Checks for header files.
+AC_HEADER_DIRENT
+AC_HEADER_STDC
+AC_HEADER_SYS_WAIT
+AC_CHECK_HEADERS(fcntl.h paths.h sys/ioctl.h sys/time.h syslog.h unistd.h)
+
+dnl Checks for typedefs, structures, and compiler characteristics.
+AC_C_CONST
+AC_TYPE_UID_T
+AC_C_INLINE
+AC_TYPE_MODE_T
+AC_TYPE_OFF_T
+AC_TYPE_SIZE_T
+AC_STRUCT_ST_BLKSIZE
+AC_HEADER_TIME
+
+dnl Checks for library functions.
+AC_PROG_GCC_TRADITIONAL
+AC_FUNC_MEMCMP
+AC_TYPE_SIGNAL
+AC_FUNC_UTIME_NULL
+AC_FUNC_VPRINTF
+AC_CHECK_FUNCS(gethostname gettimeofday mkdir rmdir select socket strerror strspn strtol strlcpy mkdtemp arc4random setproctitle)
+
+AC_OUTPUT(Makefile)

diff --git a/mpaux.c b/mpaux.c
index 7760b4cf0bde2ebf55a3afe484b6ca9e267c0c33..c17df9e7d26a2f17a65226528ab5abd580623bb6 100644 (file)
--- a/mpaux.c
+++ b/mpaux.c
@@ -14,14 +14,22 @@ precision integers.
 
 */
 
+#include "config.h"
 #include "includes.h"
 RCSID("$Id$");
 
+#ifdef HAVE_OPENSSL
 #include <openssl/bn.h>
+#include <openssl/md5.h>
+#endif
+#ifdef HAVE_SSL
+#include <ssl/bn.h>
+#include <ssl/md5.h>
+#endif
+
 #include "getput.h"
 #include "xmalloc.h"
 
-#include <openssl/md5.h>
 
 void
 compute_session_id(unsigned char session_id[16],

diff --git a/packet.h b/packet.h
index 2ea0ae43687da4e8a015c5959c53db4643dc1d37..90db9c5f2f6f092b2808afd6cd29150e97d8a40f 100644 (file)
--- a/packet.h
+++ b/packet.h
@@ -15,10 +15,16 @@ Interface for the packet protocol functions.
 
 /* RCSID("$Id$"); */
 
+#include "config.h"
 #ifndef PACKET_H
 #define PACKET_H
 
+#ifdef HAVE_OPENSSL
 #include <openssl/bn.h>
+#endif
+#ifdef HAVE_SSL
+#include <ssl/bn.h>
+#endif
 
 /* Sets the socket used for communication.  Disables encryption until
    packet_set_encryption_key is called.  It is permissible that fd_in

diff --git a/rsa.h b/rsa.h
index 16704607d65f237bd86c5966c6c1bc3808a1d0fd..bc3a3f5d842f710d701c14744d7a00e3d99aeb2b 100644 (file)
--- a/rsa.h
+++ b/rsa.h
@@ -14,12 +14,20 @@ RSA key generation, encryption and decryption.
 */
 
 /* RCSID("$Id$"); */
+#include "config.h"
 
 #ifndef RSA_H
 #define RSA_H
 
+#ifdef HAVE_OPENSSL
 #include <openssl/bn.h>
 #include <openssl/rsa.h>
+#endif
+
+#ifdef HAVE_SSL
+#include <ssl/bn.h>
+#include <ssl/rsa.h>
+#endif
 
 /* Calls SSL RSA_generate_key, only copies to prv and pub */
 void rsa_generate_key(RSA *prv, RSA *pub, unsigned int bits);

diff --git a/ssh-agent.c b/ssh-agent.c
index d07e3b8102b70d519ff94356c72b51654890fb4c..6df3de43c3c52f9d16e1ffc88027e0ad9c1c4e83 100644 (file)
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -13,6 +13,7 @@ The authentication agent program.
 
 */
 
+#include "config.h"
 #include "includes.h"
 RCSID("$Id$");
 
@@ -26,7 +27,12 @@ RCSID("$Id$");
 #include "getput.h"
 #include "mpaux.h"
 
+#ifdef HAVE_OPENSSL
 #include <openssl/md5.h>
+#endif
+#ifdef HAVE_SSL
+#include <ssl/md5.h>
+#endif
 
 typedef struct
 {

diff --git a/ssh.c b/ssh.c
index 9ec183365380555d3ea1276a6a8f950a86cd46c2..d0f4817e00e5197f506f0da19edec4ae739dedbd 100644 (file)
--- a/ssh.c
+++ b/ssh.c
@@ -215,6 +215,7 @@ main(int ac, char **av)
   else
     cp = av0;
   if (strcmp(cp, "rsh") != 0 && strcmp(cp, "ssh") != 0 &&
+      strcmp(cp, "openssh") != 0 && strcmp(cp, "openlogin") != 0 &&
       strcmp(cp, "rlogin") != 0 && strcmp(cp, "slogin") != 0)
     host = cp;
   

diff --git a/ssh.h b/ssh.h
index 4284bc914839bb4052b56c72545b9c3587ab38e4..e619b0eb176a94af72d16bff56220cb3219f359a 100644 (file)
--- a/ssh.h
+++ b/ssh.h
@@ -18,6 +18,20 @@ Generic header file for ssh.
 #ifndef SSH_H
 #define SSH_H
 
+/* Added by Dan */
+#ifndef SHUT_RDWR
+enum
+{
+  SHUT_RD = 0,    /* No more receptions.  */
+#define SHUT_RD   SHUT_RD
+  SHUT_WR,    /* No more transmissions.  */
+#define SHUT_WR   SHUT_WR
+  SHUT_RDWR   /* No more receptions or transmissions.  */
+#define SHUT_RDWR SHUT_RDWR
+};
+#endif
+
+
 #include "rsa.h"
 #include "cipher.h"
 

diff --git a/sshconnect.c b/sshconnect.c
index e87dc6465bd8c94eea49403fe100d62a101dbc38..8d74aae182447d895c6b07eb99d08c3d9330102d 100644 (file)
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -14,10 +14,19 @@ login (authentication) dialog.
 
 */
 
+#include "config.h"
 #include "includes.h"
 RCSID("$Id$");
 
+#ifdef HAVE_OPENSSL
 #include <openssl/bn.h>
+#include <openssl/md5.h>
+#endif
+#ifdef HAVE_SSL
+#include <ssl/bn.h>
+#include <ssl/md5.h>
+#endif
+
 #include "xmalloc.h"
 #include "rsa.h"
 #include "ssh.h"
@@ -28,7 +37,6 @@ RCSID("$Id$");
 #include "uidswap.h"
 #include "compat.h"
 
-#include <openssl/md5.h>
 
 /* Session id for the current session. */
 unsigned char session_id[16];