+19991211
+ - Fix compilation on systems with AFS. Reported by
+ aloomis@glue.umd.edu
+ - Fix installation on Solaris. Reported by
+ Gordon Rowell <gordonr@gormand.com.au>
+ - Fix gccisms (__attribute__ and inline). Report by edgy@us.ibm.com,
+ patch from Markus Friedl <markus.friedl@informatik.uni-erlangen.de>
+ - Auto-locate xauth. Patch from David Agraz <dagraz@jahoopa.com>
+ - Compile fix from David Agraz <dagraz@jahoopa.com>
+ - Avoid compiler warning in bsd-snprintf.c
+ - Added pam_limits.so to default PAM config. Suggested by
+ Jim Knoble <jmknoble@pobox.com>
+
19991209
- Import of patch from Ben Taylor <bent@clark.net>:
- Improved PAM support
GNOME_CFLAGS=`gnome-config --cflags gnome gnomeui`
GNOME_LIBS=`gnome-config --libs gnome gnomeui`
-OBJS= atomicio.o authfd.o authfile.o auth-passwd.o auth-rhosts.o \
- auth-rh-rsa.o auth-rsa.o auth-skey.o bsd-daemon.o bsd-login.o \
- bsd-mktemp.o bsd-snprintf.o bsd-strlcat.o bsd-strlcpy.o bufaux.o \
- buffer.o canohost.o channels.o cipher.o clientloop.o compress.o \
- crc32.o deattack.o helper.o helper.o hostfile.o log-client.o \
- login.o log-server.o match.o md5crypt.o mpaux.o packet.o pty.o \
- readconf.o readpass.o rsa.o servconf.o serverloop.o \
- sshconnect.o tildexpand.o ttymodes.o uidswap.o xmalloc.o
+OBJS= atomicio.o authfd.o authfile.o auth-krb4.o auth-passwd.o \
+ auth-rhosts.o auth-rh-rsa.o auth-rsa.o auth-skey.o bsd-daemon.o \
+ bsd-login.o bsd-mktemp.o bsd-snprintf.o bsd-strlcat.o bsd-strlcpy.o
+ bufaux.o buffer.o canohost.o channels.o cipher.o clientloop.o \
+ compress.o crc32.o deattack.o helper.o helper.o hostfile.o \
+ log-client.o login.o log-server.o match.o md5crypt.o mpaux.o \
+ packet.o pty.o radix.o readconf.o readpass.o rsa.o servconf.o \
+ serverloop.o sshconnect.o tildexpand.o ttymodes.o uidswap.o \
+ xmalloc.o
all: $(OBJS) $(TARGETS)
libssh.a: atomicio.o authfd.o authfile.o bsd-daemon.o bsd-mktemp.o \
buffer.o canohost.o channels.o cipher.o compat.o \
compress.o crc32.o deattack.o fingerprint.o helper.o \
hostfile.o log.o match.o mpaux.o nchan.o packet.o \
- readpass.o rsa.o tildexpand.o ttymodes.o uidswap.o xmalloc.o
+ radix.o readpass.o rsa.o tildexpand.o ttymodes.o uidswap.o \
+ xmalloc.o
$(AR) rv $@ $^
$(RANLIB) $@
ssh: ssh.o sshconnect.o log-client.o readconf.o clientloop.o libssh.a
$(CC) -o $@ $^ $(LFLAGS) $(LIBS)
-sshd: sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \
- pty.o log-server.o login.o servconf.o serverloop.o bsd-login.o \
- md5crypt.o libssh.a
+sshd: sshd.o auth-rhosts.o auth-krb4.o auth-passwd.o auth-rsa.o \
+ auth-rh-rsa.o pty.o log-server.o login.o servconf.o serverloop.o \
+ bsd-login.o md5crypt.o libssh.a
$(CC) -o $@ $^ $(LFLAGS) $(LIBS) $(LIBWRAP)
scp: scp.o libssh.a
$(INSTALL) -s ssh-agent $(bindir)/ssh-agent
$(INSTALL) -s ssh-keygen $(bindir)/ssh-keygen
$(INSTALL) -s sshd $(sbindir)/sshd
- $(INSTALL) -m644 ssh.1 $(mandir)/man1/ssh.1
- $(INSTALL) -m644 scp.1 $(mandir)/man1/scp.1
- $(INSTALL) -m644 ssh-add.1 $(mandir)/man1/ssh-add.1
- $(INSTALL) -m644 ssh-agent.1 $(mandir)/man1/ssh-agent.1
- $(INSTALL) -m644 ssh-keygen.1 $(mandir)/man1/ssh-keygen.1
- $(INSTALL) -m644 sshd.8 $(mandir)/man8/sshd.8
+ $(INSTALL) -m 644 ssh.1 $(mandir)/man1/ssh.1
+ $(INSTALL) -m 644 scp.1 $(mandir)/man1/scp.1
+ $(INSTALL) -m 644 ssh-add.1 $(mandir)/man1/ssh-add.1
+ $(INSTALL) -m 644 ssh-agent.1 $(mandir)/man1/ssh-agent.1
+ $(INSTALL) -m 644 ssh-keygen.1 $(mandir)/man1/ssh-keygen.1
+ $(INSTALL) -m 644 sshd.8 $(mandir)/man8/sshd.8
-rm -f $(bindir)/slogin
ln -s ssh $(bindir)/slogin
-rm -f $(mandir)/man1/slogin.1
ln -s ssh.1 $(mandir)/man1/slogin.1
- $(INSTALL) -d $(libexecdir) ;
- $(INSTALL) -d $(libexecdir)/ssh ;
if [ ! -z "@GNOME_ASKPASS@" ] ; then \
+ $(INSTALL) -d $(libexecdir) ;
+ $(INSTALL) -d $(libexecdir)/ssh ;
$(INSTALL) -s @GNOME_ASKPASS@ ${ASKPASS_PROGRAM} ; \
fi
if [ ! -f $(sysconfdir)/ssh_config -a ! -f $(sysconfdir)/sshd_config ]; then \
$(INSTALL) -d $(sysconfdir); \
- $(INSTALL) -m644 ssh_config $(sysconfdir)/ssh_config; \
- $(INSTALL) -m644 sshd_config $(sysconfdir)/sshd_config; \
+ $(INSTALL) -m 644 ssh_config $(sysconfdir)/ssh_config; \
+ $(INSTALL) -m 644 sshd_config $(sysconfdir)/sshd_config; \
fi
uninstallall: uninstall
-rm -f $(mandir)/man8/sshd.8
-rm -f $(bindir)/slogin
-rm -f $(mandir)/man1/slogin.1
- -rm -f $(mandir)/man1/slogin.1
-rm -f ${ASKPASS_PROGRAM}
-rmdir $(libexecdir)/ssh ;
/* Define if you have /dev/ptc */
#undef HAVE_DEV_PTS_AND_PTC
+/* Path to xauth binary */
+#undef XAUTH_PATH
+
@BOTTOM@
/* ******************* Shouldn't need to edit below this line ************** */
# define __P(x) x
#endif
+#ifdef __GNUC__
+# if __GNUC__ < 2
+# define INLINE inline
+# define __attribute__(x)
+# else
+# define INLINE __inline__
+# endif /* __GNUC__ < 2 */
+#else
+# define __attribute__(x)
+# define INLINE
+#endif /* __GNUC__ */
# include <utmp.h>
#endif
#include <stdio.h>
+#include <string.h>
void
login(utp)
tty = ttyslot();
if (tty > 0 && (fd = open(_PATH_UTMP, O_RDWR|O_CREAT, 0644)) >= 0) {
-#ifdef HAVE_HOST_IN_UTMP || HAVE_HOST_IN_UTMPX
+#if defined(HAVE_HOST_IN_UTMP) || defined(HAVE_HOST_IN_UTMPX)
(void)lseek(fd, (off_t)(tty * sizeof(struct UTMP_STR)), SEEK_SET);
/*
* Prevent luser from zero'ing out ut_host.
strncmp(old_ut.ut_line, utp->ut_line, UT_LINESIZE) == 0 &&
strncmp(old_ut.ut_name, utp->ut_name, UT_NAMESIZE) == 0)
(void)memcpy(utp->ut_host, old_ut.ut_host, UT_HOSTSIZE);
-#endif /* HAVE_HOST_IN_UTMP || HAVE_HOST_IN_UTMPX */
+#endif /* defined(HAVE_HOST_IN_UTMP) || defined(HAVE_HOST_IN_UTMPX) */
(void)lseek(fd, (off_t)(tty * sizeof(struct UTMP_STR)), SEEK_SET);
(void)write(fd, utp, sizeof(struct UTMP_STR));
(void)close(fd);
free(curobj);
}
-#if !defined(HAVE_SNPRINTF)
-int
-#if __STDC__
-snprintf(char *str, size_t n, char const *fmt, ...)
-#else
-snprintf(str, n, fmt, va_alist)
- char *str;
- size_t n;
- char *fmt;
- va_dcl
-#endif
-{
- va_list ap;
-#if __STDC__
- va_start(ap, fmt);
-#else
- va_start(ap);
-#endif
-
- return (vsnprintf(str, n, fmt, ap));
- va_end(ap);
-}
-#endif /* !defined(HAVE_SNPRINTF) */
-
#if !defined(HAVE_VSNPRINTF)
int
vsnprintf(str, n, fmt, ap)
}
#endif /* !defined(HAVE_VSNPRINTF) */
+#if !defined(HAVE_SNPRINTF)
+int
+#if __STDC__
+snprintf(char *str, size_t n, char const *fmt, ...)
+#else
+snprintf(str, n, fmt, va_alist)
+ char *str;
+ size_t n;
+ char *fmt;
+ va_dcl
+#endif
+{
+ va_list ap;
+#if __STDC__
+ va_start(ap, fmt);
+#else
+ va_start(ap);
+#endif
+
+ return (vsnprintf(str, n, fmt, ap));
+ va_end(ap);
+}
+#endif /* !defined(HAVE_SNPRINTF) */
+
#endif /* !defined(HAVE_SNPRINTF) || !defined(HAVE_VSNPRINTF) */
void (*cipher_attack_detected) (const char *fmt,...) = fatal;
-static inline void
+static INLINE void
detect_cbc_attack(const unsigned char *src,
unsigned int len)
{
[AC_DEFINE(HAVE_MD5_PASSWORDS)]
)
+dnl Check for the path to xauth
+AC_PATH_PROG(xauth_path, xauth)
+AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path")
+
AC_OUTPUT(Makefile)
#include "bsd-strlcat.h"
#include "bsd-mktemp.h"
#include "bsd-snprintf.h"
+#include "bsd-daemon.h"
/* Define this to be the path of the xauth program. */
#ifndef XAUTH_PATH
password required /lib/security/pam_cracklib.so
password required /lib/security/pam_pwdb.so shadow nullok use_authtok
session required /lib/security/pam_pwdb.so
+session required /lib/security/pam_limits.so
password required /lib/security/pam_cracklib.so
password required /lib/security/pam_unix.so shadow nullok use_authtok
session required /lib/security/pam_unix.so
+session required /lib/security/pam_limits.so