- Added (untested) Entropy Gathering Daemon (EGD) support
- Merged several minor fixed: - ssh-agent commandline parsing - RPM spec file now installs ssh setuid root - Makefile creates libdir - Merged beginnings of Solaris compability from Marc G. Fournier <marc.fournier@acadiau.ca>
This commit is contained in:
parent
b77870fa73
commit
ab18c412e6
|
@ -1,8 +1,13 @@
|
|||
19991111
|
||||
- Added (untested) Entropy Gathering Daemon (EGD) support
|
||||
|
||||
19991110
|
||||
- Merged several minor fixed:
|
||||
- ssh-agent commandline parsing
|
||||
- RPM spec file now installs ssh setuid root
|
||||
- Makefile creates libdir
|
||||
- Merged beginnings of Solaris compability from Marc G. Fournier
|
||||
<marc.fournier@acadiau.ca>
|
||||
|
||||
19991109
|
||||
- Autodetection of SSL/Crypto library location via autoconf
|
||||
|
|
12
acconfig.h
12
acconfig.h
|
@ -3,8 +3,20 @@
|
|||
/* SSL directory. */
|
||||
#undef ssldir
|
||||
|
||||
/* Random number pool */
|
||||
#undef RANDOM_POOL
|
||||
|
||||
/* Are we using the Entropy gathering daemon */
|
||||
#undef HAVE_EGD
|
||||
|
||||
/* Define if your ssl headers are included with #include <ssl/header.h> */
|
||||
#undef HAVE_SSL
|
||||
|
||||
/* Define if your ssl headers are included with #include <openssl/header.h> */
|
||||
#undef HAVE_OPENSSL
|
||||
|
||||
/* Define is utmp.h has a ut_host field */
|
||||
#undef HAVE_HOST_IN_UTMP
|
||||
|
||||
/* Define is libutil has login() function */
|
||||
#undef HAVE_LIBUTIL_LOGIN
|
||||
|
|
81
configure.in
81
configure.in
|
@ -1,44 +1,25 @@
|
|||
dnl Process this file with autoconf to produce a configure script.
|
||||
|
||||
AC_INIT(auth-krb4.c)
|
||||
AC_INIT(ssh.c)
|
||||
|
||||
AC_CONFIG_HEADER(config.h)
|
||||
|
||||
dnl Checks for programs.
|
||||
AC_PROG_CC
|
||||
AC_PROG_CPP
|
||||
AC_PROG_RANLIB
|
||||
AC_CHECK_PROG(AR, ar, ar)
|
||||
if test "$GCC" = "yes"; then CFLAGS="$CFLAGS -Wall"; fi
|
||||
|
||||
dnl Checks for libraries.
|
||||
dnl Replace `main' with a function in -lcrypto:
|
||||
AC_CHECK_LIB(crypto, CRYPTO_lock, ,AC_MSG_ERROR([*** libcrypto missing - please install first ***]))
|
||||
dnl Replace `main' with a function in -lutil:
|
||||
AC_CHECK_LIB(util, logout, ,AC_MSG_ERROR([*** -lutil missing - this is part of libc. ***]))
|
||||
dnl Replace `main' with a function in -lz:
|
||||
AC_CHECK_LIB(z, deflate, ,AC_MSG_ERROR([*** zlib missing - please install first ***]))
|
||||
dnl check for nsl
|
||||
AC_CHECK_LIB(nsl, yp_match, , )
|
||||
dnl check for dl
|
||||
AC_CHECK_LIB(dl, dlopen, , )
|
||||
dnl check for pam
|
||||
AC_CHECK_LIB(pam, pam_authenticate, , )
|
||||
|
||||
dnl Check for OpenSSL/SSLeay directories.
|
||||
AC_MSG_CHECKING([for OpenSSL/SSLeay directory])
|
||||
for dir in /usr /usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/pkg ; do
|
||||
ssldir="$dir"
|
||||
if test -f "$dir/include/openssl/crypto.h"; then
|
||||
for ssldir in /usr /usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local $prefix /usr/pkg ; do
|
||||
if test -f "$ssldir/include/openssl/crypto.h"; then
|
||||
AC_DEFINE(HAVE_OPENSSL)
|
||||
break
|
||||
fi
|
||||
if test -f "$dir/include/ssl/crypto.h"; then
|
||||
if test -f "$ssldir/include/ssl/crypto.h"; then
|
||||
AC_DEFINE(HAVE_SSL)
|
||||
break
|
||||
fi
|
||||
if test -f "$dir/include/crypto.h"; then
|
||||
break
|
||||
fi
|
||||
done
|
||||
AC_MSG_RESULT($ssldir)
|
||||
AC_SUBST(ssldir)
|
||||
|
@ -57,17 +38,67 @@ AC_TRY_LINK([], [],
|
|||
[AC_MSG_RESULT(yes); ],
|
||||
[AC_MSG_RESULT(no)]; LIBS="$saved_LIBS")
|
||||
|
||||
dnl Checks for libraries.
|
||||
AC_CHECK_LIB(crypto, CRYPTO_lock, ,AC_MSG_ERROR([*** libcrypto missing - please install first ***]))
|
||||
AC_CHECK_LIB(z, deflate, ,AC_MSG_ERROR([*** zlib missing - please install first ***]))
|
||||
AC_CHECK_LIB(util, login, AC_DEFINE(HAVE_LIBUTIL_LOGIN) LIBS="$LIBS -lutil")
|
||||
AC_CHECK_LIB(nsl, yp_match, , )
|
||||
AC_CHECK_LIB(socket, main, , )
|
||||
|
||||
dnl libdl is needed by PAM on Redhat systems
|
||||
AC_CHECK_LIB(dl, dlopen, , )
|
||||
AC_CHECK_LIB(pam, pam_authenticate, , )
|
||||
|
||||
dnl Checks for header files.
|
||||
AC_CHECK_HEADERS(pty.h)
|
||||
AC_CHECK_HEADERS(pty.h endian.h paths.h lastlog.h)
|
||||
|
||||
dnl Checks for library functions.
|
||||
AC_PROG_GCC_TRADITIONAL
|
||||
AC_CHECK_FUNCS(openpty strlcpy mkdtemp arc4random setproctitle)
|
||||
|
||||
dnl Check for ut_host field in utmp
|
||||
AC_MSG_CHECKING([whether utmp.h has ut_host field])
|
||||
AC_EGREP_HEADER(ut_host, utmp.h,
|
||||
[AC_DEFINE(HAVE_HOST_IN_UTMP) AC_MSG_RESULT(yes); ],
|
||||
[AC_MSG_RESULT(no)]
|
||||
)
|
||||
|
||||
dnl Check whether user wants GNOME ssh-askpass
|
||||
AC_ARG_WITH(gnome-askpass,
|
||||
[ --with-gnome-askpass Build and use the GNOME passphrase requester],
|
||||
[GNOME_ASKPASS="gnome-ssh-askpass"])
|
||||
AC_SUBST(GNOME_ASKPASS)
|
||||
|
||||
dnl Check for user-specified random device
|
||||
AC_ARG_WITH(random,
|
||||
[ --with-random=FILE read randomness from FILE (default /dev/urandom)],
|
||||
[
|
||||
RANDOM_POOL="$withval";
|
||||
AC_DEFINE(RANDOM_POOL, "$RANDOM_POOL")
|
||||
],
|
||||
[
|
||||
dnl Check for random device
|
||||
AC_CHECK_FILE("/dev/urandom",
|
||||
[
|
||||
RANDOM_POOL="/dev/urandom";
|
||||
AC_DEFINE(RANDOM_POOL, "$RANDOM_POOL")
|
||||
]
|
||||
)
|
||||
]
|
||||
)
|
||||
|
||||
dnl Check for EGD pool file
|
||||
AC_ARG_WITH(egd-pool,
|
||||
[ --with-egd-pool=FILE read randomness from EGD pool FILE],
|
||||
[
|
||||
RANDOM_POOL="$withval";
|
||||
AC_DEFINE(HAVE_EGD)
|
||||
AC_DEFINE(RANDOM_POOL, "$RANDOM_POOL")
|
||||
]
|
||||
)
|
||||
|
||||
if test -z "$RANDOM_POOL" -a -z "$EGD_POOL"; then
|
||||
AC_MSG_ERROR([No random device found, and no EGD random pool specified])
|
||||
fi
|
||||
|
||||
AC_OUTPUT(Makefile)
|
||||
|
|
40
helper.c
40
helper.c
|
@ -45,6 +45,7 @@
|
|||
|
||||
#include "rc4.h"
|
||||
#include "xmalloc.h"
|
||||
#include "ssh.h"
|
||||
#include "config.h"
|
||||
#include "helper.h"
|
||||
|
||||
|
@ -79,28 +80,35 @@ void arc4random_stir(void)
|
|||
|
||||
void get_random_bytes(unsigned char *buf, int len)
|
||||
{
|
||||
int urandom;
|
||||
int random_pool;
|
||||
int c;
|
||||
#ifdef HAVE_EGD
|
||||
char egd_message[2] = { 0x02, 0x00 };
|
||||
#endif /* HAVE_EGD */
|
||||
|
||||
urandom = open("/dev/urandom", O_RDONLY);
|
||||
if (urandom == -1)
|
||||
{
|
||||
fprintf(stderr, "Couldn't open /dev/urandom: %s", strerror(errno));
|
||||
exit(1);
|
||||
}
|
||||
random_pool = open(RANDOM_POOL, O_RDONLY);
|
||||
if (random_pool == -1)
|
||||
fatal("Couldn't open random pool \"%s\": %s", RANDOM_POOL, strerror(errno));
|
||||
|
||||
c = read(urandom, buf, len);
|
||||
#ifdef HAVE_EGD
|
||||
if (len > 255)
|
||||
fatal("Too many bytes to read from EGD");
|
||||
|
||||
/* Send blocking read request to EGD */
|
||||
egd_message[1] = len;
|
||||
c = write(random_pool, egd_message, sizeof(egd_message));
|
||||
if (c == -1)
|
||||
{
|
||||
fprintf(stderr, "Couldn't read from /dev/urandom: %s", strerror(errno));
|
||||
exit(1);
|
||||
}
|
||||
fatal("Couldn't write to EGD socket \"%s\": %s", RANDOM_POOL, strerror(errno));
|
||||
#endif /* HAVE_EGD */
|
||||
|
||||
c = read(random_pool, buf, len);
|
||||
if (c == -1)
|
||||
fatal("Couldn't read from random pool \"%s\": %s", RANDOM_POOL, strerror(errno));
|
||||
|
||||
if (c != len)
|
||||
{
|
||||
fprintf(stderr, "Short read from /dev/urandom");
|
||||
exit(1);
|
||||
}
|
||||
fatal("Short read from random pool \"%s\"", RANDOM_POOL);
|
||||
|
||||
close(random_pool);
|
||||
}
|
||||
#endif /* !HAVE_ARC4RANDOM */
|
||||
|
||||
|
|
12
includes.h
12
includes.h
|
@ -37,7 +37,6 @@ static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg }
|
|||
#include <arpa/inet.h>
|
||||
#include <netdb.h>
|
||||
|
||||
#include <endian.h>
|
||||
#include <stdio.h>
|
||||
#include <ctype.h>
|
||||
#include <errno.h>
|
||||
|
@ -52,13 +51,18 @@ static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg }
|
|||
#include <grp.h>
|
||||
#include <unistd.h>
|
||||
#include <time.h>
|
||||
#include <paths.h>
|
||||
#include <dirent.h>
|
||||
|
||||
#include "version.h"
|
||||
|
||||
#include "config.h"
|
||||
|
||||
#ifdef HAVE_PATHS_H
|
||||
# include <paths.h>
|
||||
#endif
|
||||
#ifdef HAVE_ENDIAN_H
|
||||
# include <endian.h>
|
||||
#endif
|
||||
|
||||
#include "version.h"
|
||||
#include "helper.h"
|
||||
#include "mktemp.h"
|
||||
#include "strlcpy.h"
|
||||
|
|
16
login.c
16
login.c
|
@ -18,9 +18,14 @@ on a tty.
|
|||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$Id: login.c,v 1.1 1999/10/27 03:42:44 damien Exp $");
|
||||
RCSID("$Id: login.c,v 1.2 1999/11/10 23:40:23 damien Exp $");
|
||||
|
||||
#include <utmp.h>
|
||||
|
||||
#ifdef HAVE_LASTLOG_H
|
||||
# include <lastlog.h>
|
||||
#endif
|
||||
|
||||
#include "ssh.h"
|
||||
|
||||
/* Returns the time when the user last logged in. Returns 0 if the
|
||||
|
@ -76,7 +81,9 @@ void record_login(int pid, const char *ttyname, const char *user, uid_t uid,
|
|||
strncpy(u.ut_line, ttyname + 5, sizeof(u.ut_line));
|
||||
u.ut_time = time(NULL);
|
||||
strncpy(u.ut_name, user, sizeof(u.ut_name));
|
||||
#ifdef HAVE_HOST_IN_UTMP
|
||||
strncpy(u.ut_host, host, sizeof(u.ut_host));
|
||||
#endif
|
||||
|
||||
/* Figure out the file names. */
|
||||
utmp = _PATH_UTMP;
|
||||
|
@ -108,11 +115,14 @@ void record_login(int pid, const char *ttyname, const char *user, uid_t uid,
|
|||
}
|
||||
}
|
||||
|
||||
/* Records that the user has logged out. */
|
||||
|
||||
void record_logout(int pid, const char *ttyname)
|
||||
{
|
||||
#ifdef HAVE_LIBUTIL_LOGIN
|
||||
const char *line = ttyname + 5; /* /dev/ttyq8 -> ttyq8 */
|
||||
if (logout(line))
|
||||
logwtmp(line, "", "");
|
||||
#else /* HAVE_LIBUTIL_LOGIN */
|
||||
record_login(pid, ttyname, "", -1, "", NULL);
|
||||
#endif /* HAVE_LIBUTIL_LOGIN */
|
||||
}
|
||||
|
||||
|
|
2
mktemp.c
2
mktemp.c
|
@ -52,7 +52,7 @@ static char rcsid[] = "$OpenBSD: mktemp.c,v 1.13 1998/06/30 23:03:13 deraadt Exp
|
|||
|
||||
#ifndef HAVE_MKDTEMP
|
||||
|
||||
static int _gettemp __P((char *, int *, int, int));
|
||||
static int _gettemp(char *, int *, int, int);
|
||||
|
||||
int
|
||||
mkstemps(path, slen)
|
||||
|
|
10
rsa.h
10
rsa.h
|
@ -13,7 +13,7 @@ RSA key generation, encryption and decryption.
|
|||
|
||||
*/
|
||||
|
||||
/* RCSID("$Id: rsa.h,v 1.2 1999/10/28 03:25:17 damien Exp $"); */
|
||||
/* RCSID("$Id: rsa.h,v 1.3 1999/11/10 23:40:23 damien Exp $"); */
|
||||
#include "config.h"
|
||||
|
||||
#ifndef RSA_H
|
||||
|
@ -34,11 +34,11 @@ void rsa_generate_key(RSA *prv, RSA *pub, unsigned int bits);
|
|||
|
||||
/* Indicates whether the rsa module is permitted to show messages on
|
||||
the terminal. */
|
||||
void rsa_set_verbose __P((int verbose));
|
||||
void rsa_set_verbose(int verbose);
|
||||
|
||||
int rsa_alive __P((void));
|
||||
int rsa_alive(void);
|
||||
|
||||
void rsa_public_encrypt __P((BIGNUM *out, BIGNUM *in, RSA *prv));
|
||||
void rsa_private_decrypt __P((BIGNUM *out, BIGNUM *in, RSA *prv));
|
||||
void rsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA *prv);
|
||||
void rsa_private_decrypt(BIGNUM *out, BIGNUM *in, RSA *prv);
|
||||
|
||||
#endif /* RSA_H */
|
||||
|
|
6
ssh.h
6
ssh.h
|
@ -13,12 +13,14 @@ Generic header file for ssh.
|
|||
|
||||
*/
|
||||
|
||||
/* RCSID("$Id: ssh.h,v 1.8 1999/11/08 23:28:04 damien Exp $"); */
|
||||
/* RCSID("$Id: ssh.h,v 1.9 1999/11/10 23:40:23 damien Exp $"); */
|
||||
|
||||
#ifndef SSH_H
|
||||
#define SSH_H
|
||||
|
||||
/* Added by Dan */
|
||||
#include <netinet/in.h> /* For struct sockaddr_in */
|
||||
#include <pwd.h> /* For struct pw */
|
||||
|
||||
#ifndef SHUT_RDWR
|
||||
enum
|
||||
{
|
||||
|
|
Loading…
Reference in New Issue