tyler.durden/openssh-portable
1
0
Fork 0
mirror of https://github.com/PowerShell/openssh-portable.git synced 2025-07-27 07:44:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

- (bal) Updated contrib/cygwin/ by Corinna Vinschen <vinschen@redhat.com>

Browse Source 
Also removed some of the 'ISSUES' comments that have been verified by djm.
This commit is contained in:
Ben Lindstrom 2001-01-19 05:37:32 +00:00
parent 22e22bf9ba
commit b100ec9542
7 changed files with 346 additions and 67 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ChangeLog
View File

@ -19,6 +19,7 @@
rename *-skey.c *-chall.c since the files are not skey specific rename *-skey.c *-chall.c since the files are not skey specific
- (djm) Merge patch from Tim Waugh (via Nalin Dahyabhai <nalin@redhat.com>) - (djm) Merge patch from Tim Waugh (via Nalin Dahyabhai <nalin@redhat.com>)
to fix NULL pointer deref and fake authloop breakage in PAM code. to fix NULL pointer deref and fake authloop breakage in PAM code.
- (bal) Updated contrib/cygwin/ by Corinna Vinschen <vinschen@redhat.com>
20010118 20010118
- (bal) Super Sized OpenBSD Resync - (bal) Super Sized OpenBSD Resync

2
auth1.c
View File

@ -95,7 +95,7 @@ do_authloop(Authctxt *authctxt)
#ifdef KRB4 #ifdef KRB4
(!options.kerberos_authentication || options.kerberos_or_local_passwd) && (!options.kerberos_authentication || options.kerberos_or_local_passwd) &&
#endif #endif
#ifdef USE_PAM /* ISSUE: Right?? */ #ifdef USE_PAM
auth_pam_password(pw, password)) { auth_pam_password(pw, password)) {
#else #else
auth_password(pw, "")) { auth_password(pw, "")) {

6
auth2-pam.c
View File

@ -1,5 +1,5 @@
#include "includes.h" #include "includes.h"
RCSID("$Id: auth2-pam.c,v 1.4 2001/01/19 04:46:38 djm Exp $"); RCSID("$Id: auth2-pam.c,v 1.5 2001/01/19 05:37:32 mouring Exp $");
#ifdef USE_PAM #ifdef USE_PAM
#include "ssh.h" #include "ssh.h"
@ -44,10 +44,6 @@ auth2_pam(Authctxt *authctxt)
retval = (do_pam_authenticate(0) == PAM_SUCCESS); retval = (do_pam_authenticate(0) == PAM_SUCCESS);
dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, NULL); dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, NULL);
#if 0 /* ISSUE: No longer valid, but should this still be
handled?? */
userauth_log(authctxt, retval, method);
#endif
return retval; return retval;
} }

35
contrib/cygwin/README
View File

@ -20,18 +20,41 @@ of the files has changed from /usr/local to /usr. The global configuration
files are in /etc now. files are in /etc now.
If you are installing OpenSSH the first time, you can generate If you are installing OpenSSH the first time, you can generate
global config files, server keys and your own user keys by running global config files and server keys by running
/usr/bin/ssh-config /usr/bin/ssh-host-config
If you are updating your installation you may run the above ssh-config Note that this binary archive doesn't contain default config files in /etc.
That files are only created if ssh-host-config is started.
If you are updating your installation you may run the above ssh-host-config
as well to move your configuration files to the new location and to as well to move your configuration files to the new location and to
erase the files at the old location. erase the files at the old location.
Be sure to start the new ssh-config when updating! To support testing and unattended installation ssh-host-config got
some options:
Note that this binary archive doesn't contain default config files in /etc. usage: ssh-host-config [OPTION]...
That files are only created if ssh-config is started. Options:
--debug -d Enable shell's debug output.
--yes -y Answer all questions with "yes" automatically.
--no -n Answer all questions with "no" automatically.
You can create the private and public keys for a user now by running
/usr/bin/ssh-user-config
under the users account.
To support testing and unattended installation ssh-user-config got
some options as well:
usage: ssh-user-config [OPTION]...
Options:
--debug -d Enable shell's debug output.
--yes -y Answer all questions with "yes" automatically.
--no -n Answer all questions with "no" automatically.
--passphrase -p word Use "word" as passphrase automatically.
Install sshd as daemon via SRVANY.EXE (recommended on NT/W2K), via inetd Install sshd as daemon via SRVANY.EXE (recommended on NT/W2K), via inetd
(results in very slow deamon startup!) or from the command line (recommended (results in very slow deamon startup!) or from the command line (recommended

168
contrib/cygwin/ssh-config → contrib/cygwin/ssh-host-config Executable file → Normal file
View File

@ -1,11 +1,9 @@
#!/bin/sh #!/bin/sh
# #
# ssh-config, Copyright 2000, Red Hat Inc. # ssh-host-config, Copyright 2000, Red Hat Inc.
# #
# This file is part of the Cygwin port of OpenSSH. # This file is part of the Cygwin port of OpenSSH.
# set -x
# Subdirectory where the new package is being installed # Subdirectory where the new package is being installed
PREFIX=/usr PREFIX=/usr
@ -16,8 +14,19 @@ SYSCONFDIR=/etc
OLDPREFIX=/usr/local OLDPREFIX=/usr/local
OLDSYSCONFDIR=${OLDPREFIX}/etc OLDSYSCONFDIR=${OLDPREFIX}/etc
progname=$0
auto_answer=""
request() request()
{ {
if [ "${auto_answer}" = "yes" ]
then
return 0
elif [ "${auto_answer}" = "no" ]
then
return 1
fi
answer="" answer=""
while [ "X${answer}" != "Xyes" -a "X${answer}" != "Xno" ] while [ "X${answer}" != "Xyes" -a "X${answer}" != "Xno" ]
do do
@ -32,6 +41,48 @@ request()
fi fi
} }
# Check options
while :
do
case $# in
0)
break
;;
esac
option=$1
shift
case "$option" in
-d | --debug )
set -x
;;
-y | --yes )
auto_answer=yes
;;
-n | --no )
auto_answer=no
;;
*)
echo "usage: ${progname} [OPTION]..."
echo
echo "This script creates an OpenSSH host configuration."
echo
echo "Options:"
echo " --debug -d Enable shell's debug output."
echo " --yes -y Answer all questions with \"yes\" automatically."
echo " --no -n Answer all questions with \"no\" automatically."
echo
exit 1
;;
esac
done
# Check for running ssh/sshd processes first. Refuse to do anything while # Check for running ssh/sshd processes first. Refuse to do anything while
# some ssh processes are still running # some ssh processes are still running
@ -71,6 +122,7 @@ fi
# Check for an old installation in ${OLDPREFIX} unless ${OLDPREFIX} isn't # Check for an old installation in ${OLDPREFIX} unless ${OLDPREFIX} isn't
# the same as ${PREFIX} # the same as ${PREFIX}
old_install=0
if [ "${OLDPREFIX}" != "${PREFIX}" ] if [ "${OLDPREFIX}" != "${PREFIX}" ]
then then
if [ -f "${OLDPREFIX}/sbin/sshd" ] if [ -f "${OLDPREFIX}/sbin/sshd" ]
@ -116,6 +168,7 @@ then
rm -f ${OLDPREFIX}/sbin/sshd.exe rm -f ${OLDPREFIX}/sbin/sshd.exe
rm -f ${OLDPREFIX}/sbin/sftp-server.exe rm -f ${OLDPREFIX}/sbin/sftp-server.exe
fi fi
old_install=1
fi fi
fi fi
@ -124,13 +177,19 @@ fi
if [ ! -f "${SYSCONFDIR}/ssh_host_key" ] if [ ! -f "${SYSCONFDIR}/ssh_host_key" ]
then then
echo "Generating ${SYSCONFDIR}/ssh_host_key" echo "Generating ${SYSCONFDIR}/ssh_host_key"
ssh-keygen -f ${SYSCONFDIR}/ssh_host_key -N '' ssh-keygen -t rsa1 -f ${SYSCONFDIR}/ssh_host_key -N '' > /dev/null
fi
if [ ! -f "${SYSCONFDIR}/ssh_host_rsa_key" ]
then
echo "Generating ${SYSCONFDIR}/ssh_host_rsa_key"
ssh-keygen -t rsa -f ${SYSCONFDIR}/ssh_host_rsa_key -N '' > /dev/null
fi fi
if [ ! -f "${SYSCONFDIR}/ssh_host_dsa_key" ] if [ ! -f "${SYSCONFDIR}/ssh_host_dsa_key" ]
then then
echo "Generating ${SYSCONFDIR}/ssh_host_dsa_key" echo "Generating ${SYSCONFDIR}/ssh_host_dsa_key"
ssh-keygen -d -f ${SYSCONFDIR}/ssh_host_dsa_key -N '' ssh-keygen -t dsa -f ${SYSCONFDIR}/ssh_host_dsa_key -N '' > /dev/null
fi fi
# Check if ssh_config exists. If yes, ask for overwriting # Check if ssh_config exists. If yes, ask for overwriting
@ -151,7 +210,7 @@ fi
if [ ! -f "${SYSCONFDIR}/ssh_config" ] if [ ! -f "${SYSCONFDIR}/ssh_config" ]
then then
echo "Creating default ${SYSCONFDIR}/ssh_config file" echo "Generating ${SYSCONFDIR}/ssh_config file"
cat > ${SYSCONFDIR}/ssh_config << EOF cat > ${SYSCONFDIR}/ssh_config << EOF
# This is ssh client systemwide configuration file. This file provides # This is ssh client systemwide configuration file. This file provides
# defaults for users, and the values can be changed in per-user configuration # defaults for users, and the values can be changed in per-user configuration
@ -179,7 +238,6 @@ then
# BatchMode no # BatchMode no
# CheckHostIP yes # CheckHostIP yes
# StrictHostKeyChecking no # StrictHostKeyChecking no
# IdentityFile ~/.ssh/identity
# Port 22 # Port 22
# Protocol 2,1 # Protocol 2,1
# Cipher 3des # Cipher 3des
@ -190,6 +248,11 @@ Host *
ForwardAgent no ForwardAgent no
ForwardX11 no ForwardX11 no
FallBackToRsh no FallBackToRsh no
# Try authentification with the following identities
IdentityFile ~/.ssh/identity
IdentityFile ~/.ssh/id_rsa
IdentityFile ~/.ssh/id_dsa
EOF EOF
fi fi
@ -211,15 +274,20 @@ fi
if [ ! -f "${SYSCONFDIR}/sshd_config" ] if [ ! -f "${SYSCONFDIR}/sshd_config" ]
then then
echo "Creating default ${SYSCONFDIR}/sshd_config file" echo "Generating ${SYSCONFDIR}/sshd_config file"
cat > ${SYSCONFDIR}/sshd_config << EOF cat > ${SYSCONFDIR}/sshd_config << EOF
# This is ssh server systemwide configuration file. # This is ssh server systemwide configuration file.
Port 22 Port 22
#Protocol 2,1 #
Protocol 2,1
ListenAddress 0.0.0.0 ListenAddress 0.0.0.0
#ListenAddress :: #ListenAddress ::
#HostKey /etc/ssh_host_key #
# Uncomment the following lines according to the used authentication
HostKey /etc/ssh_host_key
HostKey /etc/ssh_host_rsa_key
HostKey /etc/ssh_host_dsa_key
ServerKeyBits 768 ServerKeyBits 768
LoginGraceTime 600 LoginGraceTime 600
KeyRegenerationInterval 3600 KeyRegenerationInterval 3600
@ -262,63 +330,55 @@ UseLogin no
EOF EOF
fi fi
# Ask user if user identity should be generated # Add port 22/tcp to services
_sys="`uname -a`"
if [ "X${HOME}" = "X" ] _nt=`expr "$_sys" : "CYGWIN_NT"`
if [ $_nt -gt 0 ]
then then
echo '$HOME is nonexistant. Cannot create user identity files.' _wservices="${SYSTEMROOT}\\system32\\drivers\\etc\\services"
exit 1 _wserv_tmp="${SYSTEMROOT}\\system32\\drivers\\etc\\srv.out.$$"
else
_wservices="${WINDIR}\\SERVICES"
_wserv_tmp="${WINDIR}\\SERV.$$"
fi fi
_services=`cygpath -u "${_wservices}"`
_serv_tmp=`cygpath -u "${_wserv_tmp}"`
if [ ! -d "${HOME}" ] mount -b -f "${_wservices}" "${_services}"
then mount -b -f "${_wserv_tmp}" "${_serv_tmp}"
echo '$HOME is not a valid directory. Cannot create user identity files.'
exit 1
fi
# If HOME is the root dir, set HOME to empty string to avoid error messages if [ `grep -q 'sshd[ \t][ \t]*22' "${_services}"; echo $?` -ne 0 ]
# in subsequent parts of that script.
if [ "X${HOME}" = "X/" ]
then then
HOME='' awk '{ if ( $2 ~ /^23\/tcp/ ) print "sshd 22/tcp #SSH daemon\r"; print $0; }' < "${_services}" > "${_serv_tmp}"
fi if [ -f "${_serv_tmp}" ]
if [ -e "${HOME}/.ssh" -a ! -d "${HOME}/.ssh" ]
then
echo '$HOME/.ssh is existant but not a directory. Cannot create user identity files.'
exit 1
fi
if [ ! -e "${HOME}/.ssh" ]
then
mkdir "${HOME}/.ssh"
if [ ! -e "${HOME}/.ssh" ]
then then
echo "Creating users ${HOME}/.ssh directory failed" if mv "${_serv_tmp}" "${_services}"
exit 1 then
echo "Added sshd to ${_services}"
else
echo "Adding sshd to ${_services} failed\!"
fi
rm -f "${_serv_tmp}"
else
echo "Adding sshd to ${_services} failed\!"
fi fi
fi fi
if [ ! -f "${HOME}/.ssh/identity" ] umount "${_services}"
umount "${_serv_tmp}"
# Add sshd line to inetd.conf
if [ -f /etc/inetd.conf ]
then then
if request "Shall I create an RSA identity file for you?" grep -q "^[# \t]*sshd" /etc/inetd.conf || echo "# sshd stream tcp nowait root /usr/sbin/sshd -i" >> /etc/inetd.conf
then
echo "Generating ${HOME}/.ssh/identity"
ssh-keygen -f "${HOME}/.ssh/identity"
fi
fi fi
if [ ! -f "${HOME}/.ssh/id_dsa" ] if [ "${old_install}" = "1" ]
then then
if request "Shall I create an DSA identity file for you? (yes/no) " echo
then echo "Note: If you have used sshd as service or from inetd, don't forget to"
echo "Generating ${HOME}/.ssh/id_dsa" echo " change the path to sshd.exe in the service entry or in inetd.conf."
ssh-keygen -d -f "${HOME}/.ssh/id_dsa"
fi
fi fi
echo echo
echo "Note: If you have used sshd as service or from inetd, don't forget to" echo "Host configuration finished. Have fun!"
echo " change the path to sshd.exe in the service entry or in inetd.conf."
echo
echo "Configuration finished. Have fun!"

200
contrib/cygwin/ssh-user-config Normal file
View File

@ -0,0 +1,200 @@
#!/bin/sh
#
# ssh-user-config, Copyright 2000, Red Hat Inc.
#
# This file is part of the Cygwin port of OpenSSH.
progname=$0
auto_answer=""
auto_passphrase="no"
passphrase=""
request()
{
if [ "${auto_answer}" = "yes" ]
then
return 0
elif [ "${auto_answer}" = "no" ]
then
return 1
fi
answer=""
while [ "X${answer}" != "Xyes" -a "X${answer}" != "Xno" ]
do
echo -n "$1 (yes/no) "
read answer
done
if [ "X${answer}" = "Xyes" ]
then
return 0
else
return 1
fi
}
# Check options
while :
do
case $# in
0)
break
;;
esac
option=$1
shift
case "$option" in
-d | --debug )
set -x
;;
-y | --yes )
auto_answer=yes
;;
-n | --no )
auto_answer=no
;;
-p | --passphrase )
with_passphrase="yes"
passphrase=$1
shift
;;
*)
echo "usage: ${progname} [OPTION]..."
echo
echo "This script creates an OpenSSH user configuration."
echo
echo "Options:"
echo " --debug -d Enable shell's debug output."
echo " --yes -y Answer all questions with \"yes\" automatically."
echo " --no -n Answer all questions with \"no\" automatically."
echo " --passphrase -p word Use \"word\" as passphrase automatically."
echo
exit 1
;;
esac
done
# Ask user if user identity should be generated
if [ ! -f /etc/passwd ]
then
echo '/etc/passwd is nonexistant. Please generate an /etc/passwd file'
echo 'first using mkpasswd. Check if it contains an entry for you and'
echo 'please care for the home directory in your entry as well.'
exit 1
fi
uid=`id -u`
pwdhome=`awk -F: '{ if ( $3 == '${uid}' ) print $6; }' < /etc/passwd`
if [ "X${pwdhome}" = "X" ]
then
echo 'There is no home directory set for you in /etc/passwd.'
echo 'Setting $HOME is not sufficient!'
exit 1
fi
if [ ! -d "${pwdhome}" ]
then
echo "${pwdhome} is set in /etc/passwd as your home directory"
echo 'but it is not a valid directory. Cannot create user identity files.'
exit 1
fi
# If home is the root dir, set home to empty string to avoid error messages
# in subsequent parts of that script.
if [ "X${pwdhome}" = "X/" ]
then
# But first raise a warning!
echo 'Your home directory in /etc/passwd is set to root (/). This is not recommended!'
if request "Would you like to proceed anyway?"
then
pwdhome=''
else
exit 1
fi
fi
if [ -e "${pwdhome}/.ssh" -a ! -d "${pwdhome}/.ssh" ]
then
echo "${pwdhome}/.ssh is existant but not a directory. Cannot create user identity files."
exit 1
fi
if [ ! -e "${pwdhome}/.ssh" ]
then
mkdir "${pwdhome}/.ssh"
if [ ! -e "${pwdhome}/.ssh" ]
then
echo "Creating users ${pwdhome}/.ssh directory failed"
exit 1
fi
fi
if [ ! -f "${pwdhome}/.ssh/identity" ]
then
if request "Shall I create an SSH1 RSA identity file for you?"
then
echo "Generating ${pwdhome}/.ssh/identity"
if [ "${with_passphrase}" = "yes" ]
then
ssh-keygen -t rsa1 -N "${passphrase}" -f "${pwdhome}/.ssh/identity" > /dev/null
else
ssh-keygen -t rsa1 -f "${pwdhome}/.ssh/identity" > /dev/null
fi
if request "Do you want to use this identity to login to this machine?"
then
echo "Adding to ${pwdhome}/.ssh/authorized_keys"
cat "${pwdhome}/.ssh/identity.pub" >> "${pwdhome}/.ssh/authorized_keys"
fi
fi
fi
if [ ! -f "${pwdhome}/.ssh/id_rsa" ]
then
if request "Shall I create an SSH2 RSA identity file for you? (yes/no) "
then
echo "Generating ${pwdhome}/.ssh/id_rsa"
if [ "${with_passphrase}" = "yes" ]
then
ssh-keygen -t rsa -N "${passphrase}" -f "${pwdhome}/.ssh/id_rsa" > /dev/null
else
ssh-keygen -t rsa -f "${pwdhome}/.ssh/id_rsa" > /dev/null
fi
if request "Do you want to use this identity to login to this machine?"
then
echo "Adding to ${pwdhome}/.ssh/authorized_keys2"
cat "${pwdhome}/.ssh/id_rsa.pub" >> "${pwdhome}/.ssh/authorized_keys2"
fi
fi
fi
if [ ! -f "${pwdhome}/.ssh/id_dsa" ]
then
if request "Shall I create an SSH2 DSA identity file for you? (yes/no) "
then
echo "Generating ${pwdhome}/.ssh/id_dsa"
if [ "${with_passphrase}" = "yes" ]
then
ssh-keygen -t dsa -N "${passphrase}" -f "${pwdhome}/.ssh/id_dsa" > /dev/null
else
ssh-keygen -t dsa -f "${pwdhome}/.ssh/id_dsa" > /dev/null
fi
if request "Do you want to use this identity to login to this machine?"
then
echo "Adding to ${pwdhome}/.ssh/authorized_keys2"
cat "${pwdhome}/.ssh/id_dsa.pub" >> "${pwdhome}/.ssh/authorized_keys2"
fi
fi
fi
echo
echo "Configuration finished. Have fun!"

1
session.c
View File

@ -2013,7 +2013,6 @@ do_authenticated2(Authctxt *authctxt)
startup_pipe = -1; startup_pipe = -1;
} }
#if defined(HAVE_LOGIN_CAP) && defined(HAVE_PW_CLASS_IN_PASSWD) #if defined(HAVE_LOGIN_CAP) && defined(HAVE_PW_CLASS_IN_PASSWD)
/* ISSUE: Is this correct? */
if ((lc = login_getclass(authctxt->pw->pw_class)) == NULL) { if ((lc = login_getclass(authctxt->pw->pw_class)) == NULL) {
error("unable to get login class"); error("unable to get login class");
return; return;