From 77bb0bca2e3539ecf8c3cc6efffabd7be67a5b84 Mon Sep 17 00:00:00 2001 From: djm Date: Fri, 29 Sep 2000 12:01:36 +0000 Subject: [PATCH] - (djm) Merged big SCO portability patch from Tim Rice --- CREDITS | 3 +- ChangeLog | 2 ++ Makefile.in | 30 +++++++++--------- acconfig.h | 6 ++++ auth-passwd.c | 16 ++++++++++ authfile.c | 2 +- channels.c | 4 +-- configure.in | 87 +++++++++++++++++++++++++++++++++++++++++++++------ defines.h | 22 ++++++++++++- includes.h | 1 - scp.c | 14 +++++++++ ssh-agent.c | 2 +- ssh.c | 2 +- sshd.c | 4 +++ 14 files changed, 164 insertions(+), 31 deletions(-) diff --git a/CREDITS b/CREDITS index 78ce2d69..a2674394 100644 --- a/CREDITS +++ b/CREDITS @@ -62,13 +62,14 @@ Pavel Troller - Bugfixes Pekka Savola - Bugfixes Peter Kocks - Makefile fixes Phil Hands - Debian scripts, assorted patches -Phil Karn - Autoconf fix +Phil Karn - Autoconf fixes Phill Camp - login code fix Rip Loomis - Solaris package support, fixes SAKAI Kiyotaka - Multiple bugfixes Simon Wilkinson - PAM fixes Svante Signell - Bugfixes Thomas Neumann - Shadow passwords +Tim Rice - Portability & SCO fixes Tom Bertelson's - AIX auth fixes Tor-Ake Fransson - AIX support Tudor Bosman - MD5 password support diff --git a/ChangeLog b/ChangeLog index 04173dce..efc6fb03 100644 --- a/ChangeLog +++ b/ChangeLog @@ -4,6 +4,8 @@ - (djm) Clean up. Strip some unnecessary differences with OpenBSD's code, tidy necessary differences. Use Markus' new debugN() in entropy.c + - (djm) Merged big SCO portability patch from Tim Rice + 20000926 - (djm) Update X11-askpass to 1.0.2 in RPM spec file diff --git a/Makefile.in b/Makefile.in index 626e79f6..2d47f637 100644 --- a/Makefile.in +++ b/Makefile.in @@ -20,7 +20,7 @@ ASKPASS_PROGRAM=$(libexecdir)/ssh-askpass CC=@CC@ LD=@LD@ PATHS=-DETCDIR=\"$(sysconfdir)\" -DSSH_PROGRAM=\"$(SSH_PROGRAM)\" -DSSH_ASKPASS_DEFAULT=\"$(ASKPASS_PROGRAM)\" -CFLAGS=@CFLAGS@ -I. -I$(srcdir) $(PATHS) @DEFS@ +CFLAGS=@CFLAGS@ $(PATHS) @DEFS@ LIBS=@LIBS@ AR=@AR@ RANLIB=@RANLIB@ @@ -29,6 +29,7 @@ PERL=@PERL@ ENT=@ENT@ LDFLAGS=-L. @LDFLAGS@ EXEEXT=@EXEEXT@ +SSH_MODE= @SSHMODE@ INSTALL_SSH_PRNG_CMDS=@INSTALL_SSH_PRNG_CMDS@ @@ -121,13 +122,13 @@ distprep: catman-do install: manpages $(TARGETS) install-files host-key install-files: - ./mkinstalldirs $(DESTDIR)$(bindir) - ./mkinstalldirs $(DESTDIR)$(sbindir) - ./mkinstalldirs $(DESTDIR)$(mandir) - ./mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)1 - ./mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)8 - ./mkinstalldirs $(DESTDIR)$(libexecdir) - $(INSTALL) -m 4755 -s ssh $(DESTDIR)$(bindir)/ssh + $(srcdir)/mkinstalldirs $(DESTDIR)$(bindir) + $(srcdir)/mkinstalldirs $(DESTDIR)$(sbindir) + $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir) + $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)1 + $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)8 + $(srcdir)/mkinstalldirs $(DESTDIR)$(libexecdir) + $(INSTALL) -m $(SSH_MODE) -s ssh $(DESTDIR)$(bindir)/ssh $(INSTALL) -m 0755 -s scp $(DESTDIR)$(bindir)/scp $(INSTALL) -m 0755 -s ssh-add $(DESTDIR)$(bindir)/ssh-add $(INSTALL) -m 0755 -s ssh-agent $(DESTDIR)$(bindir)/ssh-agent @@ -145,13 +146,14 @@ install-files: ln -s ssh$(EXEEXT) $(DESTDIR)$(bindir)/slogin -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1 ln -s ssh.1 $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1 + @FILEPRIV@ -f dev,filesys,driver $(DESTDIR)$(bindir)/ssh $(DESTDIR)$(bindir)/slogin if [ ! -f $(DESTDIR)$(sysconfdir)/ssh_config -a ! -f $(DESTDIR)$(sysconfdir)/sshd_config ]; then \ - ./mkinstalldirs $(DESTDIR)$(sysconfdir); \ + $(srcdir)/mkinstalldirs $(DESTDIR)$(sysconfdir); \ $(INSTALL) -m 644 ssh_config.out $(DESTDIR)$(sysconfdir)/ssh_config; \ $(INSTALL) -m 644 sshd_config.out $(DESTDIR)$(sysconfdir)/sshd_config; \ fi if [ -f ssh_prng_cmds -a ! -z "$(INSTALL_SSH_PRNG_CMDS)" ]; then \ - $(PERL) fixprogs ssh_prng_cmds $(ENT); \ + $(PERL) $(srcdir)/fixprogs ssh_prng_cmds $(ENT); \ $(INSTALL) -m 644 ssh_prng_cmds.out $(DESTDIR)$(sysconfdir)/ssh_prng_cmds; \ fi @@ -160,18 +162,18 @@ host-key: ssh-keygen$(EXEEXT) if [ -f "$(DESTDIR)$(sysconfdir)/ssh_host_key" ] ; then \ echo "$(DESTDIR)$(sysconfdir)/ssh_host_key already exists, skipping." ; \ else \ - ./ssh-keygen -b 1024 -f $(DESTDIR)$(sysconfdir)/ssh_host_key -N "" ; \ + $(srcdir)/ssh-keygen -b 1024 -f $(DESTDIR)$(sysconfdir)/ssh_host_key -N "" ; \ fi ; \ if [ -f $(DESTDIR)$(sysconfdir)/ssh_host_dsa_key ] ; then \ echo "$(DESTDIR)$(sysconfdir)/ssh_host_dsa_key already exists, skipping." ; \ else \ - ./ssh-keygen -d -f $(DESTDIR)$(sysconfdir)/ssh_host_dsa_key -N "" ; \ + $(srcdir)/ssh-keygen -d -f $(DESTDIR)$(sysconfdir)/ssh_host_dsa_key -N "" ; \ fi ; \ fi ; host-key-force: ssh-keygen$(EXEEXT) - ./ssh-keygen -b 1024 -f $(DESTDIR)$(sysconfdir)/ssh_host_key -N "" - ./ssh-keygen -d -f $(DESTDIR)$(sysconfdir)/ssh_host_dsa_key -N "" + $(srcdir)/ssh-keygen -b 1024 -f $(DESTDIR)$(sysconfdir)/ssh_host_key -N "" + $(srcdir)/ssh-keygen -d -f $(DESTDIR)$(sysconfdir)/ssh_host_dsa_key -N "" uninstallall: uninstall -rm -f $(DESTDIR)$(sysconfdir)/ssh_config diff --git a/acconfig.h b/acconfig.h index 1b860d66..a17cba82 100644 --- a/acconfig.h +++ b/acconfig.h @@ -6,6 +6,12 @@ @TOP@ +/* SCO workaround */ +#undef BROKEN_SYS_TERMIO_H + +/* Define if you have SCO protected password database */ +#undef HAVE_SCO_PROTECTED_PW + /* If your header files don't define LOGIN_PROGRAM, then use this (detected) */ /* from environment and PATH */ #undef LOGIN_PROGRAM_FALLBACK diff --git a/auth-passwd.c b/auth-passwd.c index 18f9b3c1..8dd6034d 100644 --- a/auth-passwd.c +++ b/auth-passwd.c @@ -75,6 +75,11 @@ RCSID("$OpenBSD: auth-passwd.c,v 1.17 2000/09/07 20:27:49 deraadt Exp $"); # include # include #endif +#ifdef HAVE_SCO_PROTECTED_PW +# include +# include +# include +#endif /* HAVE_SCO_PROTECTED_PW */ #if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) # include #endif @@ -108,6 +113,9 @@ auth_password(struct passwd * pw, const char *password) #ifdef __hpux struct pr_passwd *spw; #endif +#ifdef HAVE_SCO_PROTECTED_PW + struct pr_passwd *spw; +#endif /* HAVE_SCO_PROTECTED_PW */ #if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) struct spwd *spw; #endif @@ -181,10 +189,18 @@ auth_password(struct passwd * pw, const char *password) if (spw != NULL) pw_password = spw->sp_pwdp; #endif /* defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) */ + +#ifdef HAVE_SCO_PROTECTED_PW + spw = getprpwnam(pw->pw_name); + if (spw != NULL) + pw_password = spw->ufld.fd_encrypt; +#endif /* HAVE_SCO_PROTECTED_PW */ + #if defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW) if (issecure() && (spw = getpwanam(pw->pw_name)) != NULL) pw_password = spw->pwa_passwd; #endif /* defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW) */ + #if defined(__hpux) if (iscomsec() && (spw = getprpwnam(pw->pw_name)) != NULL) pw_password = spw->ufld.fd_encrypt; diff --git a/authfile.c b/authfile.c index c8eac189..afedd7bb 100644 --- a/authfile.c +++ b/authfile.c @@ -147,7 +147,7 @@ save_private_key_rsa(const char *filename, const char *passphrase, strerror(errno)); buffer_free(&encrypted); close(fd); - remove(filename); + unlink(filename); return 0; } close(fd); diff --git a/channels.c b/channels.c index 43253b3a..df56e949 100644 --- a/channels.c +++ b/channels.c @@ -1317,7 +1317,7 @@ channel_stop_listening() switch (channels[i].type) { case SSH_CHANNEL_AUTH_SOCKET: close(channels[i].sock); - remove(channels[i].path); + unlink(channels[i].path); channel_free(i); break; case SSH_CHANNEL_PORT_LISTENER: @@ -2139,7 +2139,7 @@ auth_get_socket_name() void cleanup_socket(void) { - remove(channel_forwarded_auth_socket_name); + unlink(channel_forwarded_auth_socket_name); rmdir(channel_forwarded_auth_socket_dir); } diff --git a/configure.in b/configure.in index 1c228dd9..a038c959 100644 --- a/configure.in +++ b/configure.in @@ -13,6 +13,7 @@ AC_PATH_PROG(PERL, perl) AC_SUBST(PERL) AC_PATH_PROG(ENT, ent) AC_SUBST(ENT) +AC_PATH_PROGS(FILEPRIV, filepriv, true, /sbin:/usr/sbin) # Use LOGIN_PROGRAM from environment if possible if test ! -z "$LOGIN_PROGRAM" ; then @@ -36,6 +37,8 @@ if test "$GCC" = "yes"; then CFLAGS="$CFLAGS -Wall" fi +CFLAGS="$CFLAGS -I. -I${srcdir-.}" + # Check for some target-specific stuff case "$host" in *-*-aix*) @@ -159,6 +162,22 @@ case "$host" in mansubdir=cat LIBS="$LIBS -lgen -lnsl -lucb" ;; +*-*-sysv4.2*) + CFLAGS="$CFLAGS -I/usr/local/include" + LDFLAGS="$LDFLAGS -L/usr/local/lib" + MANTYPE='$(CATMAN)' + mansubdir=cat + LIBS="$LIBS -lgen -lsocket -lnsl -lresolv" + enable_suid_ssh=no + ;; +*-*-sysv5*) + CFLAGS="$CFLAGS -I/usr/local/include" + LDFLAGS="$LDFLAGS -L/usr/local/lib" + MANTYPE='$(CATMAN)' + mansubdir=cat + LIBS="$LIBS -lgen -lsocket" + enable_suid_ssh=no + ;; *-*-sysv*) CFLAGS="$CFLAGS -I/usr/local/include" LDFLAGS="$LDFLAGS -L/usr/local/lib" @@ -166,14 +185,28 @@ case "$host" in mansubdir=cat LIBS="$LIBS -lgen -lsocket" ;; -*-*-sco3*) +*-*-sco3.2v4*) AC_DEFINE(USE_PIPES) + CFLAGS="$CFLAGS -Dftruncate=chsize -I/usr/local/include" + LDFLAGS="$LDFLAGS -L/usr/local/lib" + MANTYPE='$(CATMAN)' + mansubdir=cat + LIBS="$LIBS -lgen -lsocket -los -lprot -lx" + no_dev_ptmx=1 + RANLIB=true + AC_DEFINE(BROKEN_SYS_TERMIO_H) + rsh_path="/usr/bin/rcmd" + AC_DEFINE(HAVE_SCO_PROTECTED_PW) + ;; +*-*-sco3.2v5*) CFLAGS="$CFLAGS -I/usr/local/include" LDFLAGS="$LDFLAGS -L/usr/local/lib" MANTYPE='$(CATMAN)' mansubdir=cat - LIBS="$LIBS -lgen -lsocket" + LIBS="$LIBS -lgen -lsocket -lprot -lx" no_dev_ptmx=1 + rsh_path="/usr/bin/rcmd" + AC_DEFINE(HAVE_SCO_PROTECTED_PW) ;; *-dec-osf*) # This is untested @@ -230,10 +263,10 @@ if test -z "$no_libnsl" ; then fi # Checks for header files. -AC_CHECK_HEADERS(bstring.h endian.h floatingpoint.h getopt.h lastlog.h limits.h login.h login_cap.h maillock.h netdb.h netgroup.h netinet/in_systm.h paths.h poll.h pty.h shadow.h security/pam_appl.h sys/bitypes.h sys/bsdtty.h sys/cdefs.h sys/poll.h sys/select.h sys/stat.h sys/stropts.h sys/sysmacros.h sys/time.h sys/ttcompat.h stddef.h time.h ttyent.h usersec.h util.h utmp.h utmpx.h) +AC_CHECK_HEADERS(bstring.h endian.h floatingpoint.h getopt.h lastlog.h limits.h login.h login_cap.h maillock.h netdb.h netgroup.h netinet/in_systm.h paths.h poll.h pty.h shadow.h security/pam_appl.h sys/bitypes.h sys/bsdtty.h sys/cdefs.h sys/poll.h sys/select.h sys/stat.h sys/stropts.h sys/sysmacros.h sys/time.h sys/ttcompat.h sys/un.h stddef.h time.h ttyent.h usersec.h util.h utmp.h utmpx.h) dnl Checks for library functions. -AC_CHECK_FUNCS(arc4random atexit b64_ntop bcopy bindresvport_af clock freeaddrinfo futimes gai_strerror getaddrinfo getnameinfo getrusage getttyent inet_aton inet_ntoa innetgr login_getcapbool md5_crypt memmove mkdtemp on_exit openpty rresvport_af setenv seteuid setlogin setproctitle setreuid sigaction sigvec snprintf strerror strlcat strlcpy strsep strtok_r vsnprintf vhangup _getpty __b64_ntop) +AC_CHECK_FUNCS(arc4random atexit b64_ntop bcopy bindresvport_af clock fchmod freeaddrinfo futimes gai_strerror getaddrinfo getnameinfo getrusage getttyent inet_aton inet_ntoa innetgr login_getcapbool md5_crypt memmove mkdtemp on_exit openpty rresvport_af setenv seteuid setlogin setproctitle setreuid setrlimit sigaction sigvec snprintf strerror strlcat strlcpy strsep strtok_r vsnprintf vhangup _getpty __b64_ntop) dnl Checks for time functions AC_CHECK_FUNCS(gettimeofday time) dnl Checks for libutil functions @@ -615,7 +648,17 @@ AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [ ], [ sa_family_t foo; foo = 1235; ], [ ac_cv_have_sa_family_t="yes" ], + [ AC_TRY_COMPILE( + [ +#include +#include +#include + ], + [ sa_family_t foo; foo = 1235; ], + [ ac_cv_have_sa_family_t="yes" ], + [ ac_cv_have_sa_family_t="no" ] + )] ) ]) if test "x$ac_cv_have_sa_family_t" = "xyes" ; then @@ -712,9 +755,7 @@ if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then AC_DEFINE(HAVE_STRUCT_ADDRINFO) fi - -# Checks for structure members - +dnl Checks for structure members OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP) OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX) OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX) @@ -732,6 +773,7 @@ OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP) OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP) OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX) OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX) +AC_STRUCT_ST_BLKSIZE AC_CACHE_CHECK([for sun_len field in struct sockaddr_un], ac_cv_have_sun_len_in_struct_sockaddr_un, [ @@ -855,7 +897,7 @@ AC_ARG_WITH(xauth, fi ], [ - AC_PATH_PROG(xauth_path, xauth) + AC_PATH_PROG(xauth_path, xauth,,$PATH:/usr/X/bin:/usr/bin/X11:/usr/X11R6/bin:/usr/openwin/bin) if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then xauth_path="/usr/openwin/bin/xauth" fi @@ -1142,7 +1184,7 @@ AC_ARG_WITH(default-path, [ --with-default-path=PATH Specify default \$PATH environment for server], [ if test "x$withval" != "xno" ; then - AC_DEFINE_UNQUOTED(USER_PATH, "$withval") + user_path="$withval" SERVER_PATH_MSG="$withval" fi ] @@ -1183,6 +1225,25 @@ AC_ARG_WITH(4in6, ] ) +AC_MSG_CHECKING(whether to install ssh as suid root) +AC_ARG_ENABLE(suid-ssh, +[ --enable-suid-ssh Install ssh as suid root (default) + --disable-suid-ssh Install ssh without suid bit], +[ case "$enableval" in + no) + AC_MSG_RESULT(no) + SSHMODE=0711 + ;; + *) AC_MSG_RESULT(yes) + SSHMODE=04711 + ;; + esac ], + AC_MSG_RESULT(yes) + SSHMODE=04711 +) +AC_SUBST(SSHMODE) + + # Where to place sshd.pid piddir=/var/run AC_ARG_WITH(pid-dir, @@ -1194,6 +1255,14 @@ AC_ARG_WITH(pid-dir, ] ) +# make sure the directory exists +if test ! -d $piddir ; then + piddir=`eval echo ${sysconfdir}` + case $piddir in + NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;; + esac +fi + AC_DEFINE_UNQUOTED(PIDDIR, "$piddir") AC_SUBST(piddir) diff --git a/defines.h b/defines.h index a8e2659c..323ff29b 100644 --- a/defines.h +++ b/defines.h @@ -11,10 +11,12 @@ #include /* For [u]intxx_t */ #include /* For SHUT_XXXX */ #include /* For MAXPATHLEN */ -#include /* For SUN_LEN */ #include /* For typedefs */ #include /* For IPv6 macros */ #include /* For IPTOS macros */ +#ifdef HAVE_SYS_UN_H +# include /* For SUN_LEN */ +#endif #ifdef HAVE_SYS_BITYPES_H # include /* For u_intXX_t */ #endif @@ -44,6 +46,7 @@ #endif #include /* For STDIN_FILENO, etc */ +#include /* Struct winsize */ /* Constants */ @@ -219,6 +222,23 @@ typedef int mode_t; # define ss_family __ss_family #endif /* !defined(HAVE_SS_FAMILY_IN_SS) && defined(HAVE_SA_FAMILY_IN_SS) */ +#ifndef HAVE_SYS_UN_H +struct sockaddr_un { + short sun_family; /* AF_UNIX */ + char sun_path[108]; /* path name (gag) */ +}; +#endif /* HAVE_SYS_UN_H */ + +#if defined(BROKEN_SYS_TERMIO_H) && !defined(_STRUCT_WINSIZE) +#define _STRUCT_WINSIZE +struct winsize { + unsigned short ws_row; /* rows, in characters */ + unsigned short ws_col; /* columns, in character */ + unsigned short ws_xpixel; /* horizontal size, pixels */ + unsigned short ws_ypixel; /* vertical size, pixels */ +}; +#endif + /* Paths */ #ifndef _PATH_BSHELL diff --git a/includes.h b/includes.h index b7b01374..37881f6b 100644 --- a/includes.h +++ b/includes.h @@ -38,7 +38,6 @@ static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg } #include #include #include -#include #include #include #include diff --git a/scp.c b/scp.c index 72949d0e..356d97e6 100644 --- a/scp.c +++ b/scp.c @@ -80,7 +80,9 @@ RCSID("$OpenBSD: scp.c,v 1.40 2000/09/21 11:11:42 markus Exp $"); #include "ssh.h" #include "xmalloc.h" +#ifndef _PATH_CP #define _PATH_CP "cp" +#endif /* For progressmeter() -- number of seconds before xfer considered "stalled" */ #define STALLTIME 5 @@ -915,12 +917,20 @@ bad: run_err("%s: %s", np, strerror(errno)); #endif if (pflag) { if (exists || omode != mode) +#ifdef HAVE_FCHMOD if (fchmod(ofd, omode)) +#else /* HAVE_FCHMOD */ + if (chmod(np, omode)) +#endif /* HAVE_FCHMOD */ run_err("%s: set mode: %s", np, strerror(errno)); } else { if (!exists && omode != mode) +#ifdef HAVE_FCHMOD if (fchmod(ofd, omode & ~mask)) +#else /* HAVE_FCHMOD */ + if (chmod(np, omode & ~mask)) +#endif /* HAVE_FCHMOD */ run_err("%s: set mode: %s", np, strerror(errno)); } @@ -1086,6 +1096,7 @@ allocbuf(bp, fd, blksize) int fd, blksize; { size_t size; +#ifdef HAVE_ST_BLKSIZE struct stat stb; if (fstat(fd, &stb) < 0) { @@ -1097,6 +1108,9 @@ allocbuf(bp, fd, blksize) else size = blksize + (stb.st_blksize - blksize % stb.st_blksize) % stb.st_blksize; +#else /* HAVE_ST_BLKSIZE */ + size = blksize; +#endif /* HAVE_ST_BLKSIZE */ if (bp->cnt >= size) return (bp); if (bp->buf == NULL) diff --git a/ssh-agent.c b/ssh-agent.c index e6fb336e..479388fa 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -638,7 +638,7 @@ check_parent_exists(int sig) void cleanup_socket(void) { - remove(socket_name); + unlink(socket_name); rmdir(socket_dir); } diff --git a/ssh.c b/ssh.c index 5a69115e..aff79a5b 100644 --- a/ssh.c +++ b/ssh.c @@ -244,7 +244,7 @@ main(int ac, char **av) original_real_uid = getuid(); original_effective_uid = geteuid(); -#ifndef HAVE_CYGWIN +#if !defined(HAVE_SETRLIMIT) || !defined(HAVE_CYGWIN) /* If we are installed setuid root be careful to not drop core. */ if (original_real_uid != original_effective_uid) { struct rlimit rlim; diff --git a/sshd.c b/sshd.c index c11a8960..7fed51c4 100644 --- a/sshd.c +++ b/sshd.c @@ -667,6 +667,10 @@ main(int ac, char **av) } } +#ifdef HAVE_SCO_PROTECTED_PW + (void) set_auth_parameters(ac, av); +#endif + /* Initialize the log (it is reinitialized below in case we forked). */ if (debug_flag && !inetd_flag) log_stderr = 1; -- 2.45.2