- Various small cleanups to bring diff (against OpenBSD) size down.

ChangeLog

@@ -22,6 +22,7 @@
 	[ssh.c] print _all_ bad config-options in ssh(1), too
 	[sshconnect.c] disconnect if getpeername() fails
  - OpenBSD's changes to sshd.c broke the PAM stuff, re-merged it.
+ - Various small cleanups to bring diff (against OpenBSD) size down.
 
 19991114
  - Solaris compilation fixes (still imcomplete)

configure.in

@@ -55,7 +55,7 @@ AC_CHECK_LIB(dl, dlopen, , )
 AC_CHECK_LIB(pam, pam_authenticate, , )
 
 dnl Checks for header files.
-AC_CHECK_HEADERS(pty.h endian.h paths.h lastlog.h shadow.h)
+AC_CHECK_HEADERS(pty.h endian.h paths.h lastlog.h shadow.h netgroup.h)
 
 dnl Check for ut_host field in utmp
 AC_MSG_CHECKING([whether utmp.h has ut_host field])

includes.h

@@ -41,7 +41,6 @@ static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg }
 #include <ctype.h>
 #include <errno.h>
 #include <fcntl.h>
-#include <assert.h>
 #include <signal.h>
 #include <termios.h>
 #include <stdlib.h>
@@ -55,6 +54,9 @@ static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg }
 
 #include "config.h"
 
+#ifdef HAVE_NETGROUP_H
+# include <netgroup.h>
+#endif 
 #ifdef HAVE_PATHS_H
 # include <paths.h>
 #endif 

packet.h

@@ -13,12 +13,13 @@ Interface for the packet protocol functions.
 
 */
 
-/* RCSID("$Id: packet.h,v 1.2 1999/10/28 03:25:17 damien Exp $"); */
+/* RCSID("$Id: packet.h,v 1.3 1999/11/15 04:40:55 damien Exp $"); */
 
-#include "config.h"
 #ifndef PACKET_H
 #define PACKET_H
 
+#include "config.h"
+
 #ifdef HAVE_OPENSSL
 #include <openssl/bn.h>
 #endif

pty.c

@@ -14,10 +14,9 @@ Allocating a pseudo-terminal, and making it the controlling tty.
 */
 
 #include "includes.h"
-RCSID("$Id: pty.c,v 1.2 1999/11/08 04:30:59 damien Exp $");
+RCSID("$Id: pty.c,v 1.3 1999/11/15 04:40:55 damien Exp $");
 
 #ifdef HAVE_PTY_H
-/* Unfortunate namespace collision */
 #include <pty.h>
 #endif /* HAVE_PTY_H */
 

sshd.c

@@ -18,7 +18,7 @@ agent connections.
 */
 
 #include "includes.h"
-RCSID("$Id: sshd.c,v 1.18 1999/11/15 04:25:10 damien Exp $");
+RCSID("$Id: sshd.c,v 1.19 1999/11/15 04:40:55 damien Exp $");
 
 #include "xmalloc.h"
 #include "rsa.h"
@@ -133,8 +133,8 @@ void do_child(const char *command, struct passwd *pw, const char *term,
 #ifdef HAVE_LIBPAM
 static int pamconv(int num_msg, const struct pam_message **msg,
 		struct pam_response **resp, void *appdata_ptr);
-void do_pam_account_and_session(const char *username, 
+void do_pam_account_and_session(char *username, char *remote_user, 
-		const char *remote_user, const char *remote_host);
+		const char *remote_host);
 void pam_cleanup_proc(void *context);
 
 static struct pam_conv conv = {
@@ -230,7 +230,8 @@ void pam_cleanup_proc(void *context)
   }
 }
 
-void do_pam_account_and_session(const char *username, const char *remote_user, const char *remote_host)
+void do_pam_account_and_session(char *username, char *remote_user, 
+    const char *remote_host)
 {
   int pam_retval;
   
@@ -1201,12 +1202,17 @@ do_authentication(char *user)
   pw = &pwcopy;
 
 #ifdef HAVE_LIBPAM
-  debug("Starting up PAM with username \"%.200s\"", pw->pw_name);
+  {
+    int pam_retval;
 	 
-  if (pam_start("sshd", pw->pw_name, &conv, (pam_handle_t**)&pamh) != PAM_SUCCESS)
+    debug("Starting up PAM with username \"%.200s\"", pw->pw_name);
-    fatal("PAM initialisation failed: %.200s", pam_strerror((pam_handle_t *)pamh, pam_retval));
 
-  fatal_add_cleanup(&pam_cleanup_proc, NULL);
+    pam_retval = pam_start("sshd", pw->pw_name, &conv, (pam_handle_t**)&pamh);
+    if (pam_retval != PAM_SUCCESS)
+      fatal("PAM initialisation failed: %.200s", pam_strerror((pam_handle_t *)pamh, pam_retval));
+
+    fatal_add_cleanup(&pam_cleanup_proc, NULL);
+  }
 #endif
 
   /* If we are not running as root, the user must have the same uid as the
@@ -1263,8 +1269,11 @@ do_authloop(struct passwd *pw)
   unsigned int client_host_key_bits;
   BIGNUM *client_host_key_e, *client_host_key_n;
   BIGNUM *n;
-  char *client_user, *password;
+  char *client_user = NULL, *password = NULL;
   int plen, dlen, nlen, ulen, elen;
+#ifdef HAVE_LIBPAM
+  int pam_retval;
+#endif /* HAVE_LIBPAM */
 
   /* Indicate that authentication is needed. */
   packet_start(SSH_SMSG_FAILURE);
@@ -1435,18 +1444,18 @@ do_authloop(struct passwd *pw)
 	packet_integrity_check(plen, 4 + dlen, type);
   
 #ifdef HAVE_LIBPAM
-      	/* Do PAM auth with password */
+        /* Do PAM auth with password */
         pampasswd = password;
-	pam_retval = pam_authenticate((pam_handle_t *)pamh, 0);
+        pam_retval = pam_authenticate((pam_handle_t *)pamh, 0);
         if (pam_retval == PAM_SUCCESS)
         {
-          log("PAM Password authentication accepted for user \"%.100s\"", user);
+          log("PAM Password authentication accepted for user \"%.100s\"", pw->pw_name);
           authenticated = 1;
           break;
         }
 
- 	log("PAM Password authentication for \"%.100s\" failed: %s", 
+        log("PAM Password authentication for \"%.100s\" failed: %s", 
-	    user, pam_strerror((pam_handle_t *)pamh, pam_retval));
+            pw->pw_name, pam_strerror((pam_handle_t *)pamh, pam_retval));
         break;
 #else /* HAVE_LIBPAM */
 	/* Try authentication with the password. */