20070326
- (tim) [auth.c configure.ac defines.h session.c openbsd-compat/port-uw.c openbsd-compat/port-uw.h openbsd-compat/xcrypt.c] Rework libiaf test/defines to account for IRIX having libiaf but not set_id(). Patch with & ok dtucker@
This commit is contained in:
Tim Rice
parent
20e9f976c1
commit
99203ec48b
|
|
@ -1,3 +1,8 @@
|
||||||
|
20070326
|
||||||
|
- (tim) [auth.c configure.ac defines.h session.c openbsd-compat/port-uw.c
|
||||||
|
openbsd-compat/port-uw.h openbsd-compat/xcrypt.c] Rework libiaf test/defines
|
||||||
|
to account for IRIX having libiaf but not set_id(). Patch with & ok dtucker@
|
||||||
|
|
||||||
20070325
|
20070325
|
||||||
- (dtucker) [Makefile.in configure.ac] Replace single-purpose LIBSELINUX,
|
- (dtucker) [Makefile.in configure.ac] Replace single-purpose LIBSELINUX,
|
||||||
LIBWRAP and LIBPAM variables in Makefile with the general-purpose
|
LIBWRAP and LIBPAM variables in Makefile with the general-purpose
|
||||||
|
|
@ -2868,4 +2873,4 @@
|
||||||
OpenServer 6 and add osr5bigcrypt support so when someone migrates
|
OpenServer 6 and add osr5bigcrypt support so when someone migrates
|
||||||
passwords between UnixWare and OpenServer they will still work. OK dtucker@
|
passwords between UnixWare and OpenServer they will still work. OK dtucker@
|
||||||
|
|
||||||
$Id: ChangeLog,v 1.4648 2007/03/25 08:26:01 dtucker Exp $
|
$Id: ChangeLog,v 1.4649 2007/03/26 16:35:28 tim Exp $
|
||||||
|
|
|
||||||
8
auth.c
8
auth.c
|
|
@ -115,11 +115,11 @@ allowed_user(struct passwd * pw)
|
||||||
/* grab passwd field for locked account check */
|
/* grab passwd field for locked account check */
|
||||||
#ifdef USE_SHADOW
|
#ifdef USE_SHADOW
|
||||||
if (spw != NULL)
|
if (spw != NULL)
|
||||||
#if defined(HAVE_LIBIAF) && !defined(BROKEN_LIBIAF)
|
#ifdef USE_LIBIAF
|
||||||
passwd = get_iaf_password(pw);
|
passwd = get_iaf_password(pw);
|
||||||
#else
|
#else
|
||||||
passwd = spw->sp_pwdp;
|
passwd = spw->sp_pwdp;
|
||||||
#endif /* HAVE_LIBIAF && !BROKEN_LIBIAF */
|
#endif /* USE_LIBIAF */
|
||||||
#else
|
#else
|
||||||
passwd = pw->pw_passwd;
|
passwd = pw->pw_passwd;
|
||||||
#endif
|
#endif
|
||||||
|
|
@ -141,9 +141,9 @@ allowed_user(struct passwd * pw)
|
||||||
if (strstr(passwd, LOCKED_PASSWD_SUBSTR))
|
if (strstr(passwd, LOCKED_PASSWD_SUBSTR))
|
||||||
locked = 1;
|
locked = 1;
|
||||||
#endif
|
#endif
|
||||||
#if defined(HAVE_LIBIAF) && !defined(BROKEN_LIBIAF)
|
#ifdef USE_LIBIAF
|
||||||
free(passwd);
|
free(passwd);
|
||||||
#endif /* HAVE_LIBIAF && !BROKEN_LIBIAF */
|
#endif /* USE_LIBIAF */
|
||||||
if (locked) {
|
if (locked) {
|
||||||
logit("User %.100s not allowed because account is locked",
|
logit("User %.100s not allowed because account is locked",
|
||||||
pw->pw_name);
|
pw->pw_name);
|
||||||
|
|
|
||||||
11
configure.ac
11
configure.ac
|
|
@ -1,4 +1,4 @@
|
||||||
# $Id: configure.ac,v 1.374 2007/03/25 08:26:01 dtucker Exp $
|
# $Id: configure.ac,v 1.375 2007/03/26 16:35:28 tim Exp $
|
||||||
#
|
#
|
||||||
# Copyright (c) 1999-2004 Damien Miller
|
# Copyright (c) 1999-2004 Damien Miller
|
||||||
#
|
#
|
||||||
|
|
@ -15,7 +15,7 @@
|
||||||
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||||
|
|
||||||
AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
|
AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
|
||||||
AC_REVISION($Revision: 1.374 $)
|
AC_REVISION($Revision: 1.375 $)
|
||||||
AC_CONFIG_SRCDIR([ssh.c])
|
AC_CONFIG_SRCDIR([ssh.c])
|
||||||
|
|
||||||
AC_CONFIG_HEADER(config.h)
|
AC_CONFIG_HEADER(config.h)
|
||||||
|
|
@ -1977,7 +1977,12 @@ fi
|
||||||
# Search for SHA256 support in libc and/or OpenSSL
|
# Search for SHA256 support in libc and/or OpenSSL
|
||||||
AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
|
AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
|
||||||
|
|
||||||
AC_CHECK_LIB(iaf, ia_openinfo)
|
saved_LIBS="$LIBS"
|
||||||
|
AC_CHECK_LIB(iaf, ia_openinfo, [
|
||||||
|
LIBS="$LIBS -liaf"
|
||||||
|
AC_CHECK_FUNCS(set_id, [SSHDLIBS="$SSHDLIBS -liaf"])
|
||||||
|
])
|
||||||
|
LIBS="$saved_LIBS"
|
||||||
|
|
||||||
### Configure cryptographic random number support
|
### Configure cryptographic random number support
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -25,7 +25,7 @@
|
||||||
#ifndef _DEFINES_H
|
#ifndef _DEFINES_H
|
||||||
#define _DEFINES_H
|
#define _DEFINES_H
|
||||||
|
|
||||||
/* $Id: defines.h,v 1.138 2006/09/21 13:13:30 dtucker Exp $ */
|
/* $Id: defines.h,v 1.139 2007/03/26 16:35:28 tim Exp $ */
|
||||||
|
|
||||||
|
|
||||||
/* Constants */
|
/* Constants */
|
||||||
|
|
@ -696,7 +696,8 @@ struct winsize {
|
||||||
# define CUSTOM_SYS_AUTH_PASSWD 1
|
# define CUSTOM_SYS_AUTH_PASSWD 1
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifdef HAVE_LIBIAF
|
#if defined(HAVE_LIBIAF) && defined(HAVE_SET_ID) && !defined(BROKEN_LIBIAF)
|
||||||
|
# define USE_LIBIAF
|
||||||
# define CUSTOM_SYS_AUTH_PASSWD 1
|
# define CUSTOM_SYS_AUTH_PASSWD 1
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -79,7 +79,7 @@ sys_auth_passwd(Authctxt *authctxt, const char *password)
|
||||||
#endif /* UNIXWARE_LONG_PASSWORDS */
|
#endif /* UNIXWARE_LONG_PASSWORDS */
|
||||||
result = (strcmp(xcrypt(password, salt), pw_password) == 0);
|
result = (strcmp(xcrypt(password, salt), pw_password) == 0);
|
||||||
|
|
||||||
#if !defined(BROKEN_LIBIAF)
|
#ifdef USE_LIBIAF
|
||||||
if (authctxt->valid)
|
if (authctxt->valid)
|
||||||
free(pw_password);
|
free(pw_password);
|
||||||
#endif
|
#endif
|
||||||
|
|
@ -127,7 +127,7 @@ nischeck(char *namep)
|
||||||
functions that call shadow_pw() will need to free
|
functions that call shadow_pw() will need to free
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#if !defined(BROKEN_LIBIAF)
|
#ifdef USE_LIBIAF
|
||||||
char *
|
char *
|
||||||
get_iaf_password(struct passwd *pw)
|
get_iaf_password(struct passwd *pw)
|
||||||
{
|
{
|
||||||
|
|
@ -144,6 +144,6 @@ get_iaf_password(struct passwd *pw)
|
||||||
else
|
else
|
||||||
fatal("ia_openinfo: Unable to open the shadow passwd file");
|
fatal("ia_openinfo: Unable to open the shadow passwd file");
|
||||||
}
|
}
|
||||||
#endif /* !BROKEN_LIBIAF */
|
#endif /* USE_LIBIAF */
|
||||||
#endif /* HAVE_LIBIAF */
|
#endif /* HAVE_LIBIAF */
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -24,7 +24,7 @@
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
|
|
||||||
#if defined(HAVE_LIBIAF) && !defined(BROKEN_LIBIAF)
|
#ifdef USE_LIBIAF
|
||||||
char * get_iaf_password(struct passwd *pw);
|
char * get_iaf_password(struct passwd *pw);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -98,7 +98,7 @@ shadow_pw(struct passwd *pw)
|
||||||
pw_password = spw->sp_pwdp;
|
pw_password = spw->sp_pwdp;
|
||||||
# endif
|
# endif
|
||||||
|
|
||||||
#if defined(HAVE_LIBIAF) && !defined(BROKEN_LIBIAF)
|
#ifdef USE_LIBIAF
|
||||||
return(get_iaf_password(pw));
|
return(get_iaf_password(pw));
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1361,11 +1361,11 @@ do_setusercontext(struct passwd *pw)
|
||||||
# ifdef _AIX
|
# ifdef _AIX
|
||||||
aix_usrinfo(pw);
|
aix_usrinfo(pw);
|
||||||
# endif /* _AIX */
|
# endif /* _AIX */
|
||||||
#if defined(HAVE_LIBIAF) && !defined(BROKEN_LIBIAF)
|
#ifdef USE_LIBIAF
|
||||||
if (set_id(pw->pw_name) != 0) {
|
if (set_id(pw->pw_name) != 0) {
|
||||||
exit(1);
|
exit(1);
|
||||||
}
|
}
|
||||||
#endif /* HAVE_LIBIAF && !BROKEN_LIBIAF */
|
#endif /* USE_LIBIAF */
|
||||||
/* Permanently switch to the desired uid. */
|
/* Permanently switch to the desired uid. */
|
||||||
permanently_set_uid(pw);
|
permanently_set_uid(pw);
|
||||||
#endif
|
#endif
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue