tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

- (djm) [configure.ac] Warn if the system has no known way of figuring out 

which user is on the other end of a Unix domain socket; ok dtucker@
This commit is contained in:
Damien Miller 2004-05-23 14:09:40 +10:00
parent 701d0514ee
commit b409718797
2 changed files with 30 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
ChangeLog
View File

@ -1,6 +1,8 @@
20040523 20040523
- (djm) Explain consequences of UsePAM=yes a little better in sshd_config; - (djm) [sshd_config] Explain consequences of UsePAM=yes a little better in
ok dtucker@ sshd_config; ok dtucker@
- (djm) [configure.ac] Warn if the system has no known way of figuring out
which user is on the other end of a Unix domain socket; ok dtucker@
20040513 20040513
- (dtucker) [configure.ac] Bug #867: Additional tests for res_query in - (dtucker) [configure.ac] Bug #867: Additional tests for res_query in
@ -1122,4 +1124,4 @@
- (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Trim deprecated options from INSTALL. Mention UsePAM
- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
$Id: ChangeLog,v 1.3356 2004/05/23 01:47:58 djm Exp $ $Id: ChangeLog,v 1.3357 2004/05/23 04:09:40 djm Exp $

26
configure.ac
View File

@ -1,4 +1,4 @@
# $Id: configure.ac,v 1.217 2004/05/13 01:56:17 dtucker Exp $ # $Id: configure.ac,v 1.218 2004/05/23 04:09:40 djm Exp $
# #
# Copyright (c) 1999-2004 Damien Miller # Copyright (c) 1999-2004 Damien Miller
# #
@ -926,6 +926,20 @@ int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
) )
fi fi
# Check for missing getpeereid (or equiv) support
NO_PEERCHECK=""
if test "x$ac_cv_func_getpeereid" != "xyes" ; then
AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
AC_TRY_COMPILE(
[#include <sys/types.h>
#include <sys/socket.h>],
[int i = SO_PEERCRED;],
[AC_MSG_RESULT(yes)],
[AC_MSG_RESULT(no)
NO_PEERCHECK=1]
)
fi
dnl see whether mkstemp() requires XXXXXX dnl see whether mkstemp() requires XXXXXX
if test "x$ac_cv_func_mkdtemp" = "xyes" ; then if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
AC_MSG_CHECKING([for (overly) strict mkstemp]) AC_MSG_CHECKING([for (overly) strict mkstemp])
@ -2975,3 +2989,13 @@ if test ! -z "$RAND_HELPER_CMDHASH" ; then
echo "" echo ""
fi fi
if test ! -z "$NO_PEERCHECK" ; then
echo "WARNING: the operating system that you are using does not "
echo "appear to support either the getpeereid() API nor the "
echo "SO_PEERCRED getsockopt() option. These facilities are used to "
echo "enforce security checks to prevent unauthorised connections to "
echo "ssh-agent. Their absence increases the risk that a malicious "
echo "user can connect to your agent. "
echo ""
fi