Kees Cook <cook@cpoint.net> - scp fixes
Kenji Miyake <kenji@miyake.org> - Configure fixes
Kevin O'Connor <kevin_oconnor@standardandpoors.com> - RSAless operation
+Kevin Steves <stevesk@sweden.hp.com> - HP support, bugfixes, improvements
Kiyokazu SUTO <suto@ks-and-ks.ne.jp> - Bugfixes
+Larry Jones <larry.jones@sdrc.com> - Bugfixes
Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> - Bugfixes
Marc G. Fournier <marc.fournier@acadiau.ca> - Solaris patches
Mark Miller <markm@swoon.net> - Bugfixes
Nalin Dahyabhai <nalin.dahyabhai@pobox.com> - PAM environment patch
Nate Itkin <nitkin@europa.com> - SunOS 4.1.x fixes
Niels Kristian Bech Jensen <nkbj@image.dk> - Assorted patches
+Pavel Troller <patrol@omni.sinus.cz> - Bugfixes
Peter Kocks <peter.kocks@baygate.com> - Makefile fixes
Phil Hands <phil@hands.com> - Debian scripts, assorted patches
Phil Karn <karn@ka9q.ampr.org> - Autoconf fix
20000916
+ - (djm) Shadow expiry check fix from Pavel Troller <patrol@omni.sinus.cz>
+ - (djm) Re-enable int64_t types - we need them for sftp
+ - (djm) Use libexecdir from configure , rather than libexecdir/ssh
+ - (djm) Update Redhat SPEC file accordingly
+ - (djm) Add Kevin Steves <stevesk@sweden.hp.com> HP/UX contrib files
+ - (djm) Add Charles Levert <charles@comm.polymtl.ca> getpgrp patch
+ - (djm) Fix password auth on HP/UX 10.20. Patch from Dirk De Wachter
+ <Dirk.DeWachter@rug.ac.be>
+ - (djm) Fixprogs and entropy list fixes from Larry Jones
+ <larry.jones@sdrc.com>
+ - (djm) Fix for SuSE spec file from Takashi YOSHIDA
+ <tyoshida@gemini.rc.kyushu-u.ac.jp>
- (djm) Merge OpenBSD changes:
- markus@cvs.openbsd.org 2000/09/05 02:59:57
[session.c]
VPATH=@srcdir@
SSH_PROGRAM=@bindir@/ssh
-LIBEXEC=@libexecdir@/ssh
-ASKPASS_PROGRAM=$(LIBEXEC)/ssh-askpass
+ASKPASS_PROGRAM=$(libexecdir)/ssh-askpass
CC=@CC@
LD=@LD@
CONFIGFILES=sshd_config ssh_config
-PATHSUBS = -D/etc/ssh_config=$(sysconfdir)/ssh_config -D/etc/known_hosts=$(sysconfdir)/ssh_known_hosts -D/etc/sshd_config=$(sysconfdir)/sshd_config -D/usr/libexec=$(LIBEXEC) -D/etc/shosts.equiv=$(sysconfdir)/shosts.equiv -D/etc/ssh_host_key=$(sysconfdir)/ssh_host_key -D/var/run/sshd.pid=$(piddir)/sshd.pid
+PATHSUBS = -D/etc/ssh_config=$(sysconfdir)/ssh_config -D/etc/known_hosts=$(sysconfdir)/ssh_known_hosts -D/etc/sshd_config=$(sysconfdir)/sshd_config -D/usr/libexec=$(libexecdir) -D/etc/shosts.equiv=$(sysconfdir)/shosts.equiv -D/etc/ssh_host_key=$(sysconfdir)/ssh_host_key -D/var/run/sshd.pid=$(piddir)/sshd.pid
FIXPATHSCMD = $(PERL) $(srcdir)/fixpaths $(PATHSUBS)
./mkinstalldirs $(DESTDIR)$(mandir)
./mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)1
./mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)8
- ./mkinstalldirs $(DESTDIR)$(LIBEXEC)
+ ./mkinstalldirs $(DESTDIR)$(libexecdir)
$(INSTALL) -m 4755 -s ssh $(DESTDIR)$(bindir)/ssh
$(INSTALL) -m 0755 -s scp $(DESTDIR)$(bindir)/scp
$(INSTALL) -m 0755 -s ssh-add $(DESTDIR)$(bindir)/ssh-add
$(INSTALL) -m 0755 -s ssh-agent $(DESTDIR)$(bindir)/ssh-agent
$(INSTALL) -m 0755 -s ssh-keygen $(DESTDIR)$(bindir)/ssh-keygen
$(INSTALL) -m 0755 -s sshd $(DESTDIR)$(sbindir)/sshd
- $(INSTALL) -m 0755 -s sftp-server $(DESTDIR)$(LIBEXEC)/sftp-server
+ $(INSTALL) -m 0755 -s sftp-server $(DESTDIR)$(libexecdir)/sftp-server
$(INSTALL) -m 644 ssh.[01].out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1
$(INSTALL) -m 644 scp.[01].out $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1
$(INSTALL) -m 644 ssh-add.[01].out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1
#ifdef HAVE_GETPWANAM
struct passwd_adjunct *spw;
#endif
+# ifdef HAVE_HPUX_TRUSTED_SYSTEM_PW
+ struct pr_passwd *prpw;
+#endif
#ifdef WITH_AIXAUTHENTICATE
char *authmsg;
char *loginmsg;
}
#endif
+# ifdef HAVE_HPUX_TRUSTED_SYSTEM_PW
+ prpw = getprpwnam(pw->pw_name);
+ pw_password = prpw->ufld.fd_encrypt;
+#else
+ pw_password = pw->pw_passwd;
+#endif
+
/* Check for users with no password. */
- if (strcmp(password, "") == 0 && strcmp(pw->pw_passwd, "") == 0)
+ if (strcmp(password, "") == 0 && strcmp(pw_password, "") == 0)
return 1;
- pw_password = pw->pw_passwd;
-
#if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW)
spw = getspnam(pw->pw_name);
if (spw != NULL)
return 0;
/* Check password expiry */
- if ((spw->sp_lstchg > 0) && (spw->sp_inact > 0) &&
- (days > (spw->sp_lstchg + spw->sp_inact)))
+ if ((spw->sp_lstchg > 0) && (spw->sp_max > 0) &&
+ (days > (spw->sp_lstchg + spw->sp_max)))
return 0;
}
#else
)
fi
+AC_FUNC_GETPGRP
+
PAM_MSG="no"
AC_ARG_WITH(pam,
[ --without-pam Disable PAM support ],
--- /dev/null
+README for OpenSSH HP-UX contrib files
+Kevin Steves <stevesk@sweden.hp.com>
+
+sshd: configuration file for sshd.rc
+sshd.rc: SSH startup script
+
+To install:
+
+o Verify paths in sshd.rc match your local installation
+ (WHAT_PATH and WHAT_PID)
+o Customize sshd if needed (SSHD_ARGS)
+o Install:
+
+ # cp sshd /etc/rc.config.d
+ # chmod 444 /etc/rc.config.d/sshd
+ # cp sshd.rc /sbin/init.d
+ # chmod 555 /sbin/init.d/sshd.rc
+ # ln -s /sbin/init.d/sshd.rc /sbin/rc1.d/K100sshd
+ # ln -s /sbin/init.d/sshd.rc /sbin/rc2.d/S900sshd
--- /dev/null
+# SSHD_START: Set to 1 to start SSH daemon
+# SSHD_ARGS: Command line arguments to pass to sshd
+#
+SSHD_START=1
+SSHD_ARGS=
--- /dev/null
+#!/sbin/sh
+
+#
+# sshd.rc: SSH daemon start-up and shutdown script
+#
+
+# Allowed exit values:
+# 0 = success; causes "OK" to show up in checklist.
+# 1 = failure; causes "FAIL" to show up in checklist.
+# 2 = skip; causes "N/A" to show up in the checklist.
+# Use this value if execution of this script is overridden
+# by the use of a control variable, or if this script is not
+# appropriate to execute for some other reason.
+# 3 = reboot; causes the system to be rebooted after execution.
+
+# Input and output:
+# stdin is redirected from /dev/null
+#
+# stdout and stderr are redirected to the /etc/rc.log file
+# during checklist mode, or to the console in raw mode.
+
+PATH=/usr/sbin:/usr/bin:/sbin
+export PATH
+
+WHAT='OpenSSH'
+WHAT_PATH=/opt/openssh/sbin/sshd
+WHAT_PID=/var/run/sshd.pid
+WHAT_CONFIG=/etc/rc.config.d/sshd
+
+# NOTE: If your script executes in run state 0 or state 1, then /usr might
+# not be available. Do not attempt to access commands or files in
+# /usr unless your script executes in run state 2 or greater. Other
+# file systems typically not mounted until run state 2 include /var
+# and /opt.
+
+rval=0
+
+# Check the exit value of a command run by this script. If non-zero, the
+# exit code is echoed to the log file and the return value of this script
+# is set to indicate failure.
+
+set_return() {
+ x=$?
+ if [ $x -ne 0 ]; then
+ echo "EXIT CODE: $x"
+ rval=1 # script FAILed
+ fi
+}
+
+case $1 in
+'start_msg')
+ echo "Starting $WHAT"
+ ;;
+
+'stop_msg')
+ echo "Stopping $WHAT"
+ ;;
+
+'start')
+ if [ -f $WHAT_CONFIG ] ; then
+ . $WHAT_CONFIG
+ else
+ echo "ERROR: $WHAT_CONFIG defaults file MISSING"
+ fi
+
+ if [ "$SSHD_START" -eq 1 -a -x "$WHAT_PATH" ]; then
+ $WHAT_PATH $SSHD_ARGS && echo "$WHAT started"
+ set_return
+ else
+ rval=2
+ fi
+ ;;
+
+'stop')
+ if kill `cat $WHAT_PID`; then
+ echo "$WHAT stopped"
+ else
+ rval=1
+ echo "Unable to stop $WHAT"
+ fi
+ set_return
+ ;;
+
+*)
+ echo "usage: $0 {start|stop|start_msg|stop_msg}"
+ rval=1
+ ;;
+esac
+
+exit $rval
%build
-%configure --sysconfdir=/etc/ssh --with-tcp-wrappers \
- --with-rsh=/usr/bin/rsh
+%configure --sysconfdir=/etc/ssh --libexecdir=/usr/libexec/openssh \
+ --with-tcp-wrappers --with-rsh=/usr/bin/rsh
make
install -d $RPM_BUILD_ROOT/etc/pam.d/
install -d $RPM_BUILD_ROOT/etc/rc.d/init.d
-install -d $RPM_BUILD_ROOT/usr/libexec/ssh
+install -d $RPM_BUILD_ROOT/usr/libexec/openssh
install -m644 contrib/redhat/sshd.pam $RPM_BUILD_ROOT/etc/pam.d/sshd
install -m755 contrib/redhat/sshd.init $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd
%if ! %{no_x11_askpass}
-install -s x11-ssh-askpass-%{aversion}/x11-ssh-askpass $RPM_BUILD_ROOT/usr/libexec/ssh/x11-ssh-askpass
-ln -s /usr/libexec/ssh/x11-ssh-askpass $RPM_BUILD_ROOT/usr/libexec/ssh/ssh-askpass
+install -s x11-ssh-askpass-%{aversion}/x11-ssh-askpass $RPM_BUILD_ROOT/usr/libexec/openssh/x11-ssh-askpass
+ln -s /usr/libexec/openssh/x11-ssh-askpass $RPM_BUILD_ROOT/usr/libexec/openssh/ssh-askpass
%endif
%if ! %{no_gnome_askpass}
-install -s contrib/gnome-ssh-askpass $RPM_BUILD_ROOT/usr/libexec/ssh/gnome-ssh-askpass
+install -s contrib/gnome-ssh-askpass $RPM_BUILD_ROOT/usr/libexec/openssh/gnome-ssh-askpass
%endif
%clean
%attr(0644,root,root) /usr/man/man1/ssh-keygen.1*
%attr(0644,root,root) /usr/man/man1/scp.1*
%attr(0755,root,root) %dir /etc/ssh
-%attr(0755,root,root) %dir /usr/libexec/ssh
+%attr(0755,root,root) %dir /usr/libexec/openssh
%files clients
%defattr(-,root,root)
%doc x11-ssh-askpass-%{aversion}/README
%doc x11-ssh-askpass-%{aversion}/ChangeLog
%doc x11-ssh-askpass-%{aversion}/SshAskpass*.ad
-%attr(0755,root,root) /usr/libexec/ssh/ssh-askpass
-%attr(0755,root,root) /usr/libexec/ssh/x11-ssh-askpass
+%attr(0755,root,root) /usr/libexec/openssh/ssh-askpass
+%attr(0755,root,root) /usr/libexec/openssh/x11-ssh-askpass
%endif
%if ! %{no_gnome_askpass}
%files askpass-gnome
%defattr(-,root,root)
-%attr(0755,root,root) /usr/libexec/ssh/gnome-ssh-askpass
+%attr(0755,root,root) /usr/libexec/openssh/gnome-ssh-askpass
%endif
%build
CFLAGS="$RPM_OPT_FLAGS" \
-./configure --prefix=/usr --sysconfdir=/etc/ssh --with-gnome-askpass \
- --with-tcp-wrappers --with-ipv4-default
+./configure --prefix=/usr --sysconfdir=/etc/ssh \
+ --libexecdir=/usr/libexec/ssh --with-gnome-askpass \
+ --with-tcp-wrappers --with-ipv4-default
make
cd contrib
install -d $RPM_BUILD_ROOT/etc/pam.d/
install -d $RPM_BUILD_ROOT/sbin/init.d/
install -d $RPM_BUILD_ROOT/var/adm/fillup-templates
-install -d $RPM_BUILD_ROOT/usr/libexec/ssh
-install -m644 sshd.pam.generic $RPM_BUILD_ROOT/etc/pam.d/sshd
+install -d $RPM_BUILD_ROOT/usr/libexec/openssh
+install -m644 contrib/sshd.pam.generic $RPM_BUILD_ROOT/etc/pam.d/sshd
install -m744 contrib/suse/rc.sshd $RPM_BUILD_ROOT/sbin/init.d/sshd
ln -s ../../sbin/init.d/sshd $RPM_BUILD_ROOT/usr/sbin/rcsshd
-install -s contrib/gnome-ssh-askpass $RPM_BUILD_ROOT/usr/libexec/ssh/gnome-ssh-askpass
-ln -s gnome-ssh-askpass $RPM_BUILD_ROOT/usr/libexec/ssh/ssh-askpass
+install -s contrib/gnome-ssh-askpass $RPM_BUILD_ROOT/usr/libexec/openssh/gnome-ssh-askpass
+ln -s gnome-ssh-askpass $RPM_BUILD_ROOT/usr/libexec/openssh/ssh-askpass
install -m744 contrib/suse/rc.config.sshd \
$RPM_BUILD_ROOT/var/adm/fillup-templates
%attr(0644,root,root) %doc /usr/man/man1/ssh-keygen.1*
%attr(0644,root,root) %doc /usr/man/man1/scp.1*
%attr(0755,root,root) %dir /etc/ssh
-%attr(0755,root,root) %dir /usr/libexec/ssh
+%attr(0755,root,root) %dir /usr/libexec/openssh
%files clients
%defattr(-,root,root)
%files server
%defattr(-,root,root)
%attr(0755,root,root) /usr/sbin/sshd
-%attr(0755,root,root) /usr/libexec/ssh/sftp-server
+%attr(0755,root,root) /usr/libexec/openssh/sftp-server
%attr(0644,root,root) %doc /usr/man/man8/sshd.8*
%attr(0644,root,root) %doc /usr/man/man8/sftp-server.8*
%attr(0600,root,root) %config /etc/ssh/sshd_config
%files askpass
%defattr(-,root,root)
-%attr(0755,root,root) /usr/libexec/ssh/ssh-askpass
-%attr(0755,root,root) /usr/libexec/ssh/gnome-ssh-askpass
+%attr(0755,root,root) /usr/libexec/openssh/ssh-askpass
+%attr(0755,root,root) /usr/libexec/openssh/gnome-ssh-askpass
# else
# error "32 bit int type not found."
# endif
-/*
# if (SIZEOF_LONG_INT == 8)
typedef long int int64_t;
# else
# error "64 bit int type not found."
# endif
# endif
-*/
#endif
/* If sys/types.h does not supply u_intXX_t, supply them ourselves */
typedef uint8_t u_int8_t;
typedef uint16_t u_int16_t;
typedef uint32_t u_int32_t;
-/*
typedef uint64_t u_int64_t;
-*/
# define HAVE_U_INTXX_T 1
# else
# if (SIZEOF_CHAR == 1)
# else
# error "32 bit int type not found."
# endif
-/*
# if (SIZEOF_LONG_INT == 8)
typedef unsigned long int u_int64_t;
# else
# error "64 bit int type not found."
# endif
# endif
-*/
# endif
#endif
# define USE_VHANGUP
#endif /* defined(HAVE_VHANGUP) && !defined(BROKEN_VHANGUP) */
+#ifndef GETPGRP_VOID
+# define getpgrp() getpgrp(0)
+#endif
+
/**
** login recorder definitions
**/
if (! ($pid = fork())) {
# child
close STDIN; close STDOUT; close STDERR;
- open STDIN, "</dev/null";
- open STDOUT, ">/dev/null";
- open STDERR, ">/dev/null";
+ open (STDIN, "</dev/null");
+ open (STDOUT, ">/tmp/foo");
+ open (STDERR, ">/dev/null");
exec $path @args;
exit 1; # shouldn't be here
}
/* MISC functions */
int waitpid(int pid,int *stat_loc,int options);
-#define getpgrp() getpgrp(0)
pid_t setsid(void);
/* TC */
"ls -alni /tmp" @PROG_LS@ 0.02
"ls -alni /var/tmp" @PROG_LS@ 0.02
"ls -alni /usr/tmp" @PROG_LS@ 0.02
+"ls -alTi /var/log" @PROG_LS@ 0.02
+"ls -alTi /var/adm" @PROG_LS@ 0.02
+"ls -alTi /var/mail" @PROG_LS@ 0.02
+"ls -alTi /var/adm/syslog" @PROG_LS@ 0.02
+"ls -alTi /var/spool/mail" @PROG_LS@ 0.02
+"ls -alTi /proc" @PROG_LS@ 0.02
+"ls -alTi /tmp" @PROG_LS@ 0.02
+"ls -alTi /var/tmp" @PROG_LS@ 0.02
+"ls -alTi /usr/tmp" @PROG_LS@ 0.02
"netstat -an" @PROG_NETSTAT@ 0.05
"netstat -in" @PROG_NETSTAT@ 0.05