19991226
- Enabled utmpx support by default for Solaris - Cleanup sshd.c PAM a little more 19991225 - Merged fixes from Ben Taylor <bent@clark.net> - Fixed configure support for PAM. Reported by Naz <96na@eng.cam.ac.uk> - Disabled logging of PAM password authentication failures when password is empty. (e.g start of authentication loop). Reported by Naz <96na@eng.cam.ac.uk>)
This commit is contained in:
Damien Miller
parent
2e1b082dfb
commit
32b3cf2c96
13
ChangeLog
13
ChangeLog
|
|
@ -1,13 +1,24 @@
|
|||
19991226
|
||||
- Enabled utmpx support by default for Solaris
|
||||
- Cleanup sshd.c PAM a little more
|
||||
|
||||
19991225
|
||||
- More fixes from Andre Lucas <andre.lucas@dial.pipex.com>
|
||||
- Cleanup of auth-passwd.c for shadow and MD5 passwords
|
||||
- Cleanup and bugfix of PAM authentication code
|
||||
- Released 1.2.1pre20
|
||||
|
||||
- Merged fixes from Ben Taylor <bent@clark.net>
|
||||
- Fixed configure support for PAM. Reported by Naz <96na@eng.cam.ac.uk>
|
||||
- Disabled logging of PAM password authentication failures when password
|
||||
is empty. (e.g start of authentication loop). Reported by Naz
|
||||
<96na@eng.cam.ac.uk>)
|
||||
|
||||
19991223
|
||||
- Merged later HPUX patch from Andre Lucas
|
||||
<andre.lucas@dial.pipex.com>
|
||||
- Above patch included better utmpx support from Ben Taylor
|
||||
<bent@clark.net>:
|
||||
<bent@clark.net>
|
||||
|
||||
19991222
|
||||
- Fix undefined fd_set type in ssh.h from Povl H. Pedersen
|
||||
|
|
|
|||
|
|
@ -44,6 +44,10 @@ LIBOBJS= atomicio.o authfd.o authfile.o bsd-daemon.o bsd-mktemp.o \
|
|||
|
||||
all: $(OBJS) $(TARGETS)
|
||||
|
||||
$(OBJS): config.h
|
||||
|
||||
$(LIBOBJS): config.h
|
||||
|
||||
libssh.a: $(LIBOBJS)
|
||||
$(AR) rv $@ $(LIBOBJS)
|
||||
$(RANLIB) $@
|
||||
|
|
|
|||
17
acconfig.h
17
acconfig.h
|
|
@ -222,6 +222,23 @@ enum
|
|||
# endif
|
||||
#endif
|
||||
|
||||
#if defined(HAVE_UTMPX_H) && defined(USE_UTMPX)
|
||||
# ifndef _PATH_UTMPX
|
||||
# ifdef UTMPX_FILE
|
||||
# define _PATH_UTMPX UTMPX_FILE
|
||||
# else
|
||||
# define _PATH_UTMPX "/var/adm/utmpx"
|
||||
# endif
|
||||
# endif
|
||||
# ifndef _PATH_WTMPX
|
||||
# ifdef WTMPX_FILE
|
||||
# define _PATH_WTMPX WTMPX_FILE
|
||||
# else
|
||||
# define _PATH_WTMPX "/var/adm/wtmp"
|
||||
# endif
|
||||
# endif
|
||||
#endif
|
||||
|
||||
#ifndef _PATH_BSHELL
|
||||
# define _PATH_BSHELL "/bin/sh"
|
||||
#endif
|
||||
|
|
|
|||
16
bsd-login.c
16
bsd-login.c
|
|
@ -65,24 +65,24 @@ login(utp)
|
|||
struct utmp *utp;
|
||||
#endif /* defined(HAVE_UTMPX_H) && defined(USE_UTMPX) */
|
||||
{
|
||||
#if defined(HAVE_HOST_IN_UTMP)
|
||||
struct utmp old_ut;
|
||||
#endif
|
||||
#if defined(HAVE_UTMPX_H) && defined(USE_UTMPX)
|
||||
struct utmpx *old_utx;
|
||||
#endif /* defined(HAVE_UTMPX_H) && defined(USE_UTMPX) */
|
||||
register int fd;
|
||||
int tty;
|
||||
|
||||
#ifndef UT_LINESIZE
|
||||
# define UT_LINESIZE (sizeof(old_ut.ut_line))
|
||||
# define UT_NAMESIZE (sizeof(old_ut.ut_name))
|
||||
# ifdef HAVE_HOST_IN_UTMP
|
||||
# define UT_HOSTSIZE (sizeof(old_ut.ut_host))
|
||||
# endif
|
||||
#endif
|
||||
|
||||
tty = ttyslot();
|
||||
if (tty > 0 && (fd = open(_PATH_UTMP, O_RDWR|O_CREAT, 0644)) >= 0) {
|
||||
|
||||
#if defined(HAVE_HOST_IN_UTMP)
|
||||
# ifndef UT_LINESIZE
|
||||
# define UT_LINESIZE (sizeof(old_ut.ut_line))
|
||||
# define UT_NAMESIZE (sizeof(old_ut.ut_name))
|
||||
# define UT_HOSTSIZE (sizeof(old_ut.ut_host))
|
||||
# endif
|
||||
(void)lseek(fd, (off_t)(tty * sizeof(struct utmp)), SEEK_SET);
|
||||
/*
|
||||
* Prevent luser from zero'ing out ut_host.
|
||||
|
|
|
|||
10
configure.in
10
configure.in
|
|
@ -53,6 +53,9 @@ case "$host" in
|
|||
AC_DEFINE(DISABLE_SHADOW)
|
||||
fi
|
||||
;;
|
||||
*-*-solaris*)
|
||||
AC_DEFINE(USE_UTMPX)
|
||||
;;
|
||||
esac
|
||||
|
||||
dnl Check for OpenSSL/SSLeay directories.
|
||||
|
|
@ -101,11 +104,14 @@ AC_ARG_WITH(pam,
|
|||
[ --without-pam Disable PAM support ],
|
||||
[
|
||||
if test "x$withval" != "xno" ; then
|
||||
AC_CHECK_LIB(dl, dlopen, , )
|
||||
AC_CHECK_LIB(pam, pam_authenticate, , )
|
||||
no_pam=1
|
||||
fi
|
||||
]
|
||||
)
|
||||
if test -z "$no_pam" ; then
|
||||
AC_CHECK_LIB(dl, dlopen, , )
|
||||
AC_CHECK_LIB(pam, pam_authenticate, , )
|
||||
fi
|
||||
|
||||
dnl Checks for header files.
|
||||
AC_CHECK_HEADERS(endian.h lastlog.h login.h maillock.h netgroup.h paths.h poll.h pty.h shadow.h util.h utmp.h utmpx.h sys/bsdtty.h sys/poll.h sys/select.h sys/stropts.h sys/time.h sys/ttcompat.h)
|
||||
|
|
|
|||
19
login.c
19
login.c
|
|
@ -18,7 +18,7 @@
|
|||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$Id: login.c,v 1.11 1999/12/24 23:11:29 damien Exp $");
|
||||
RCSID("$Id: login.c,v 1.12 1999/12/25 23:21:48 damien Exp $");
|
||||
|
||||
#if defined(HAVE_UTMPX_H) && defined(USE_UTMPX)
|
||||
# include <utmpx.h>
|
||||
|
|
@ -155,18 +155,19 @@ record_login(int pid, const char *ttyname, const char *user, uid_t uid,
|
|||
strncpy(utx.ut_line, ttyname + 5, sizeof(utx.ut_line));
|
||||
utx.ut_pid = (pid_t)pid;
|
||||
utx.ut_tv.tv_sec = time(NULL);
|
||||
u.ut_type = (uid == -1)?DEAD_PROCESS:USER_PROCESS;
|
||||
#ifdef HAVE_HOST_IN_UTMPX
|
||||
#ifdef HAVE_SYSLEN_IN_UTMPX
|
||||
utx.ut_type = (uid == -1)?DEAD_PROCESS:USER_PROCESS;
|
||||
# ifdef HAVE_HOST_IN_UTMPX
|
||||
# ifdef HAVE_SYSLEN_IN_UTMPX
|
||||
utx.ut_syslen = strlen(host);
|
||||
strncpy(utx.ut_host, host, utx.ut_syslen );
|
||||
#else
|
||||
strncpy(utx.ut_host, host, utx.ut_syslen);
|
||||
# else
|
||||
strncpy(utx.ut_host, host, sizeof(utx.ut_host));
|
||||
#endif /* HAVE_SYSLEN_IN_UTMPX */
|
||||
#endif
|
||||
# endif /* HAVE_SYSLEN_IN_UTMPX */
|
||||
# endif
|
||||
#endif /* defined(HAVE_UTMPX_H) && defined(USE_UTMPX) */
|
||||
|
||||
#if defined(HAVE_UTMPX_H) && defined(USE_UTMPX) && !defined(HAVE_LOGIN)
|
||||
/*#if defined(HAVE_UTMPX_H) && defined(USE_UTMPX) && !defined(HAVE_LOGIN)*/
|
||||
#if defined(HAVE_UTMPX_H) && defined(USE_UTMPX)
|
||||
login(&u, &utx);
|
||||
#else /* defined(HAVE_UTMPX_H) && defined(USE_UTMPX) */
|
||||
login(&u);
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
Summary: OpenSSH free Secure Shell (SSH) implementation
|
||||
Name: openssh
|
||||
Version: 1.2.1pre20
|
||||
Version: 1.2.1pre21
|
||||
Release: 1
|
||||
Packager: Damien Miller <djm@ibs.com.au>
|
||||
Source0: openssh-%{version}.tar.gz
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
Summary: OpenSSH, a free Secure Shell (SSH) implementation
|
||||
Name: openssh
|
||||
Version: 1.2.1pre20
|
||||
Version: 1.2.1pre21
|
||||
Release: 1
|
||||
Source0: openssh-%{version}.tar.gz
|
||||
Copyright: BSD
|
||||
|
|
|
|||
11
sshd.c
11
sshd.c
|
|
@ -11,7 +11,7 @@
|
|||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$Id: sshd.c,v 1.40 1999/12/24 23:11:29 damien Exp $");
|
||||
RCSID("$Id: sshd.c,v 1.41 1999/12/25 23:21:48 damien Exp $");
|
||||
|
||||
#ifdef HAVE_POLL_H
|
||||
# include <poll.h>
|
||||
|
|
@ -249,8 +249,10 @@ int do_pam_auth(const char *user, const char *password)
|
|||
log("PAM Password authentication accepted for user \"%.100s\"", user);
|
||||
return 1;
|
||||
} else {
|
||||
log("PAM Password authentication for \"%.100s\" failed: %s",
|
||||
user, PAM_STRERROR((pam_handle_t *)pamh, pam_retval));
|
||||
/* Don't log failure for auth attempts with empty password */
|
||||
if (password[0] != '\0')
|
||||
log("PAM Password authentication for \"%.100s\" failed: %s",
|
||||
user, PAM_STRERROR((pam_handle_t *)pamh, pam_retval));
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
|
@ -1362,9 +1364,6 @@ do_authloop(struct passwd * pw)
|
|||
int plen, dlen, nlen, ulen, elen;
|
||||
int type = 0;
|
||||
void (*authlog) (const char *fmt,...) = verbose;
|
||||
#ifdef HAVE_LIBPAM
|
||||
int pam_retval;
|
||||
#endif /* HAVE_LIBPAM */
|
||||
|
||||
/* Indicate that authentication is needed. */
|
||||
packet_start(SSH_SMSG_FAILURE);
|
||||
|
|
|
|||
Loading…
Reference in New Issue