From 96ad4350e6e9af520969aba04f4116e8e1130e79 Mon Sep 17 00:00:00 2001 From: damien Date: Mon, 22 Nov 1999 03:27:24 +0000 Subject: [PATCH] - Added autoconf test and macro to deal with old PAM libraries pam_strerror definition (one arg vs two). --- ChangeLog | 4 +++- acconfig.h | 10 ++++++++++ configure.in | 21 ++++++++++++++++++--- sshd.c | 16 ++++++++-------- 4 files changed, 39 insertions(+), 12 deletions(-) diff --git a/ChangeLog b/ChangeLog index 4c016a32..eb79657a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -6,8 +6,10 @@ key there. show fingerprint instead of public-key after keygeneration. ok niels@ - Added OpenBSD bsd-strlcat.c, created bsd-strlcat.h - - Added timersum() macro + - Added timersub() macro - Tidy RCSIDs of bsd-*.c + - Added autoconf test and macro to deal with old PAM libraries + pam_strerror definition (one arg vs two). 19991121 - OpenBSD CVS Changes: diff --git a/acconfig.h b/acconfig.h index db7fd18b..6459c637 100644 --- a/acconfig.h +++ b/acconfig.h @@ -54,6 +54,10 @@ /* Define if you want to allow MD5 passwords */ #undef HAVE_MD5_PASSWORDS +/* Define if you have an old version of PAM which takes only one argument */ +/* to pam_strerror */ +#undef HAVE_OLD_PAM + /* Data types */ #undef HAVE_QUAD_T #undef HAVE_INTXX_T @@ -195,3 +199,9 @@ enum } while (0) #endif + +#ifdef HAVE_OLD_PAM +# define PAM_STRERROR(a,b) pam_strerror((b)) +#else +# define PAM_STRERROR(a,b) pam_strerror((a),(b)) +#endif diff --git a/configure.in b/configure.in index 1fe0c30b..0678fa4c 100644 --- a/configure.in +++ b/configure.in @@ -77,7 +77,7 @@ AC_CHECK_SIZEOF(long int, 4) AC_CHECK_SIZEOF(long long int, 8) dnl More checks for data types -AC_MSG_CHECKING([For quad_t]) +AC_MSG_CHECKING([for quad_t]) AC_TRY_COMPILE( [#include ], [quad_t a; a = 1235;], @@ -88,7 +88,7 @@ AC_TRY_COMPILE( [AC_MSG_RESULT(no)] ) -AC_MSG_CHECKING([For intXX_t types]) +AC_MSG_CHECKING([for intXX_t types]) AC_TRY_COMPILE( [#include ], [int16_t a; int32_t b; a = 1235; b = 1235;], @@ -99,7 +99,7 @@ AC_TRY_COMPILE( [AC_MSG_RESULT(no)] ) -AC_MSG_CHECKING([For u_intXX_t types]) +AC_MSG_CHECKING([for u_intXX_t types]) AC_TRY_COMPILE( [#include ], [u_int16_t c; u_int32_t d; c = 1235; d = 1235;], @@ -121,6 +121,21 @@ AC_TRY_COMPILE( [AC_MSG_RESULT(no)] ) +dnl Check PAM strerror arguments +AC_MSG_CHECKING([whether pam_strerror takes only one argument]) +AC_TRY_COMPILE( + [ + #include + #include + ], + [(void)pam_strerror((pam_handle_t *)NULL, -1);], + [AC_MSG_RESULT(no)], + [ + AC_DEFINE(HAVE_OLD_PAM) + AC_MSG_RESULT(yes) + ] +) + dnl Check whether use wants to disable the external ssh-askpass INSTALL_ASKPASS="yes" AC_MSG_CHECKING([whether to enable external ssh-askpass support]) diff --git a/sshd.c b/sshd.c index 9bbf28b2..0ef3263f 100644 --- a/sshd.c +++ b/sshd.c @@ -221,14 +221,14 @@ void pam_cleanup_proc(void *context) if (pam_retval != PAM_SUCCESS) { log("Cannot close PAM session: %.200s", - pam_strerror((pam_handle_t *)pamh, pam_retval)); + PAM_STRERROR((pam_handle_t *)pamh, pam_retval)); } pam_retval = pam_end((pam_handle_t *)pamh, pam_retval); if (pam_retval != PAM_SUCCESS) { log("Cannot release PAM authentication: %.200s", - pam_strerror((pam_handle_t *)pamh, pam_retval)); + PAM_STRERROR((pam_handle_t *)pamh, pam_retval)); } } } @@ -244,7 +244,7 @@ void do_pam_account_and_session(char *username, char *remote_user, pam_retval = pam_set_item((pam_handle_t *)pamh, PAM_RHOST, remote_host); if (pam_retval != PAM_SUCCESS) { - log("PAM set rhost failed: %.200s", pam_strerror((pam_handle_t *)pamh, pam_retval)); + log("PAM set rhost failed: %.200s", PAM_STRERROR((pam_handle_t *)pamh, pam_retval)); do_fake_authloop(username); } } @@ -255,7 +255,7 @@ void do_pam_account_and_session(char *username, char *remote_user, pam_retval = pam_set_item((pam_handle_t *)pamh, PAM_RUSER, remote_user); if (pam_retval != PAM_SUCCESS) { - log("PAM set ruser failed: %.200s", pam_strerror((pam_handle_t *)pamh, pam_retval)); + log("PAM set ruser failed: %.200s", PAM_STRERROR((pam_handle_t *)pamh, pam_retval)); do_fake_authloop(username); } } @@ -263,14 +263,14 @@ void do_pam_account_and_session(char *username, char *remote_user, pam_retval = pam_acct_mgmt((pam_handle_t *)pamh, 0); if (pam_retval != PAM_SUCCESS) { - log("PAM rejected by account configuration: %.200s", pam_strerror((pam_handle_t *)pamh, pam_retval)); + log("PAM rejected by account configuration: %.200s", PAM_STRERROR((pam_handle_t *)pamh, pam_retval)); do_fake_authloop(username); } pam_retval = pam_open_session((pam_handle_t *)pamh, 0); if (pam_retval != PAM_SUCCESS) { - log("PAM session setup failed: %.200s", pam_strerror((pam_handle_t *)pamh, pam_retval)); + log("PAM session setup failed: %.200s", PAM_STRERROR((pam_handle_t *)pamh, pam_retval)); do_fake_authloop(username); } } @@ -1206,7 +1206,7 @@ do_authentication(char *user) pam_retval = pam_start("sshd", pw->pw_name, &conv, (pam_handle_t**)&pamh); if (pam_retval != PAM_SUCCESS) - fatal("PAM initialisation failed: %.200s", pam_strerror((pam_handle_t *)pamh, pam_retval)); + fatal("PAM initialisation failed: %.200s", PAM_STRERROR((pam_handle_t *)pamh, pam_retval)); fatal_add_cleanup(&pam_cleanup_proc, NULL); } @@ -1456,7 +1456,7 @@ do_authloop(struct passwd *pw) } log("PAM Password authentication for \"%.100s\" failed: %s", - pw->pw_name, pam_strerror((pam_handle_t *)pamh, pam_retval)); + pw->pw_name, PAM_STRERROR((pam_handle_t *)pamh, pam_retval)); break; #else /* HAVE_LIBPAM */ /* Try authentication with the password. */ -- 2.45.2