From d9e0824b437bb4d65c1ae564b049e35c93e31010 Mon Sep 17 00:00:00 2001 From: Ben Lindstrom Date: Sun, 22 Jul 2001 19:32:00 +0000 Subject: [PATCH] - (bal) Starting the Unicossmk merger. File merged TODO, configure.in, myproposal.h, ssh_prng_cmds.in, and openbsd-compat/Makefile.in. Added openbsd-compat/bsd-cray.c. Rest will be merged after approval. Selective patches from William L. Jones --- ChangeLog | 9 +- TODO | 4 +- configure.in | 10 +- myproposal.h | 6 + openbsd-compat/Makefile.in | 4 +- openbsd-compat/bsd-cray.c | 223 +++++++++++++++++++++++++++++++++++++ ssh_prng_cmds.in | 10 +- 7 files changed, 260 insertions(+), 6 deletions(-) create mode 100644 openbsd-compat/bsd-cray.c diff --git a/ChangeLog b/ChangeLog index 30937b751..c3501fae9 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,10 @@ +20010722 + - (bal) Starting the Unicossmk merger. File merged TODO, configure.in, + myproposal.h, ssh_prng_cmds.in, and openbsd-compat/Makefile.in. + Added openbsd-compat/bsd-cray.c. Rest will be merged after + approval. Selective patches from William L. Jones + + 20010719 - (tim) [configure.in] put inet_aton back in AC_CHECK_FUNCS. report from Mark Miller @@ -6070,4 +6077,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.1415 2001/07/20 03:33:46 tim Exp $ +$Id: ChangeLog,v 1.1416 2001/07/22 19:32:00 mouring Exp $ diff --git a/TODO b/TODO index d314ec090..4d92acec4 100644 --- a/TODO +++ b/TODO @@ -55,6 +55,8 @@ Programming: - utmp/wtmp get corrupted (something in loginrec?) - can't build with PAM (no 64-bit libpam yet) +- Modify rijndael to support Cray 64bit machines. + Documentation: - More and better @@ -87,4 +89,4 @@ Packaging: - HP-UX: Provide DEPOT package scripts. (gilbert.r.loomis@saic.com) -$Id: TODO,v 1.41 2001/06/15 04:23:13 stevesk Exp $ +$Id: TODO,v 1.42 2001/07/22 19:32:01 mouring Exp $ diff --git a/configure.in b/configure.in index df71da46f..f6aa04608 100644 --- a/configure.in +++ b/configure.in @@ -1,4 +1,4 @@ -# $Id: configure.in,v 1.302 2001/07/20 03:33:47 tim Exp $ +# $Id: configure.in,v 1.303 2001/07/22 19:32:01 mouring Exp $ AC_INIT(ssh.c) @@ -241,6 +241,13 @@ mips-sony-bsd|mips-sony-newsos4) AC_CHECK_FUNCS(getluid setluid) MANTYPE=man ;; +*-*-unicos*) + no_libsocket=1 + no_libnsl=1 + AC_DEFINE(USE_PIPES) + LDFLAGS="$LDFLAGS -L/usr/local/lib" + LIBS="$LIBS -lgen -lrsc" + ;; *-dec-osf*) AC_MSG_CHECKING(for Digital Unix SIA) no_osfsia="" @@ -1444,6 +1451,7 @@ if (test -z "$RANDOM_POOL" && test -z "$PRNGD") ; then OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat) OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp) OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig) + OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat) OSSH_PATH_ENTROPY_PROG(PROG_PS, ps) OSSH_PATH_ENTROPY_PROG(PROG_W, w) OSSH_PATH_ENTROPY_PROG(PROG_WHO, who) diff --git a/myproposal.h b/myproposal.h index 4a9a36370..2f1cd97ce 100644 --- a/myproposal.h +++ b/myproposal.h @@ -25,11 +25,17 @@ */ #define KEX_DEFAULT_KEX "diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1" #define KEX_DEFAULT_PK_ALG "ssh-rsa,ssh-dss" +#ifdef _CRAY +/*Temporary hack until rijndael is ported to CRAY word addressable machines */ +#define KEX_DEFAULT_ENCRYPT \ + "3des-cbc,blowfish-cbc,cast128-cbc,arcfour" +#else #define KEX_DEFAULT_ENCRYPT \ "aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour," \ "aes192-cbc,aes256-cbc," \ "rijndael128-cbc,rijndael192-cbc,rijndael256-cbc," \ "rijndael-cbc@lysator.liu.se" +#endif #define KEX_DEFAULT_MAC \ "hmac-md5,hmac-sha1,hmac-ripemd160," \ "hmac-ripemd160@openssh.com," \ diff --git a/openbsd-compat/Makefile.in b/openbsd-compat/Makefile.in index d20bfb817..8ce35e531 100644 --- a/openbsd-compat/Makefile.in +++ b/openbsd-compat/Makefile.in @@ -1,4 +1,4 @@ -# $Id: Makefile.in,v 1.16 2001/07/16 02:07:51 tim Exp $ +# $Id: Makefile.in,v 1.17 2001/07/22 19:32:01 mouring Exp $ sysconfdir=@sysconfdir@ piddir=@piddir@ @@ -18,7 +18,7 @@ LDFLAGS=-L. @LDFLAGS@ OPENBSD=base64.o bindresvport.o daemon.o dirname.o getcwd.o getgrouplist.o getopt.o glob.o inet_aton.o inet_ntoa.o mktemp.o readpassphrase.o realpath.o rresvport.o setenv.o setproctitle.o sigact.o strlcat.o strlcpy.o strmode.o strsep.o vis.o -COMPAT=bsd-arc4random.o bsd-cygwin_util.o bsd-misc.o bsd-nextstep.o bsd-snprintf.o bsd-waitpid.o fake-getaddrinfo.o fake-getnameinfo.o +COMPAT=bsd-arc4random.o bsd-cray.o bsd-cygwin_util.o bsd-misc.o bsd-nextstep.o bsd-snprintf.o bsd-waitpid.o fake-getaddrinfo.o fake-getnameinfo.o .c.o: $(CC) $(CFLAGS) $(CPPFLAGS) -c $< diff --git a/openbsd-compat/bsd-cray.c b/openbsd-compat/bsd-cray.c new file mode 100644 index 000000000..c887322cb --- /dev/null +++ b/openbsd-compat/bsd-cray.c @@ -0,0 +1,223 @@ +/* + * The modules contains code to support cray t3e and sv1 computers. + * It is here to minimize the modifcations to the openssh base code. + */ + +#ifdef _CRAY + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +char cray_tmpdir[TPATHSIZ+1]; /* job TMPDIR path */ + +/* + * Functions. + */ +int cray_setup(uid_t, char *); +void cray_retain_utmp(struct utmp *, int); +void cray_create_tmpdir(int, uid_t, gid_t); +void cray_delete_tmpdir(char *, int , uid_t); +void cray_job_termination_handler (int); +void cray_init_job(struct passwd *); +void cray_set_tmpdir(struct utmp *); + +/* + * Orignal written by: + * Wayne Schroeder + * San Diego Supercomputer Center + * schroeder@sdsc.edu +*/ +int +cray_setup(uid_t uid, char *username) +{ + struct udb *p; + extern struct udb *getudb(); + extern char *setlimits(); + int i, j; + int accts[MAXVIDS]; + int naccts; + int err; + char *sr; + int pid; + struct jtab jbuf; + int jid; + + if ((jid = getjtab (&jbuf)) < 0) { + debug("getjtab"); + return -1; + } + + /* Find all of the accounts for a particular user */ + err = setudb(); /* open and rewind the Cray User DataBase */ + if(err != 0) { + debug("UDB open failure"); + return -1; + } + naccts = 0; + while ((p = getudb()) != UDB_NULL) { + if (p->ue_uid == -1) break; + if(uid == p->ue_uid) { + for(j = 0; p->ue_acids[j] != -1 && j < MAXVIDS; j++) { + accts[naccts] = p->ue_acids[j]; + naccts++; + } + } + } + endudb(); /* close the udb */ + if (naccts == 0 || accts[0] == 0) { + debug("No Cray accounts found"); + return -1; + } + + /* Perhaps someday we'll prompt users who have multiple accounts + to let them pick one (like CRI's login does), but for now just set + the account to the first entry. */ + if (acctid(0, accts[0]) < 0) { + debug("System call acctid failed, accts[0]=%d",accts[0]); + return -1; + } + + /* Now set limits, including CPU time for the (interactive) job and process, + and set up permissions (for chown etc), etc. This is via an internal CRI + routine, setlimits, used by CRI's login. */ + + pid = getpid(); + sr = setlimits(username, C_PROC, pid, UDBRC_INTER); + if (sr != NULL) { + debug("%.200s", sr); + return -1; + } + sr = setlimits(username, C_JOB, jid, UDBRC_INTER); + if (sr != NULL) { + debug("%.200s", sr); + return -1; + } + + return 0; +} + + +/* + * Retain utmp/wtmp information - used by cray accounting. + */ +void +cray_retain_utmp(struct utmp *ut, int pid) +{ + int fd; + struct utmp utmp; + + if ((fd = open(UTMP_FILE, O_RDONLY)) >= 0) { + while (read(fd, (char *)&utmp, sizeof(utmp)) == sizeof(utmp)) { + if (pid == utmp.ut_pid) { + ut->ut_jid = utmp.ut_jid; + strncpy(ut->ut_tpath, utmp.ut_tpath, TPATHSIZ); + strncpy(ut->ut_host, utmp.ut_host, strlen(utmp.ut_host)); + strncpy(ut->ut_name, utmp.ut_name, strlen(utmp.ut_name)); + break; + } + } + close(fd); + } +} + +/* + * tmpdir support. + */ + +/* + * find and delete jobs tmpdir. + */ +void +cray_delete_tmpdir(char *login, int jid, uid_t uid) +{ + int child; + static char jtmp[TPATHSIZ]; + struct stat statbuf; + int c; + int wstat; + + for (c = 'a'; c <= 'z'; c++) { + snprintf(jtmp, TPATHSIZ, "%s/jtmp.%06d%c", JTMPDIR, jid, c); + if (stat(jtmp, &statbuf) == 0 && statbuf.st_uid == uid) break; + } + + if (c > 'z') return; + + if ((child = fork()) == 0) { + execl(CLEANTMPCMD, CLEANTMPCMD, login, jtmp, 0); + fatal("ssh_cray_rmtmpdir: execl of CLEANTMPCMD failed"); + } + + while (waitpid (child, &wstat, 0) == -1 && errno == EINTR); +} + +/* + * Remove tmpdir on job termination. + */ +void +cray_job_termination_handler (int sig) +{ + int jid; + char *login = NULL; + struct jtab jtab; + + debug("Received SIG JOB."); + + if ((jid = waitjob(&jtab)) == -1 || + (login = uid2nam(jtab.j_uid)) == NULL) return; + + cray_delete_tmpdir(login, jid, jtab.j_uid); +} + + +/* + * Set job id and create tmpdir directory. + */ +void +cray_init_job(struct passwd *pw) +{ + int jid; + int c; + + jid = setjob(pw->pw_uid, WJSIGNAL); + if (jid < 0) fatal("System call setjob failure"); + + for (c = 'a'; c <= 'z'; c++) { + snprintf(cray_tmpdir, TPATHSIZ, "%s/jtmp.%06d%c", JTMPDIR, jid, c); + if (mkdir(cray_tmpdir, JTMPMODE) != 0) continue; + if (chown(cray_tmpdir, pw->pw_uid, pw->pw_gid) != 0) { + rmdir(cray_tmpdir); + continue; + } + break; + } + + if (c > 'z') cray_tmpdir[0] = '\0'; +} + +void +cray_set_tmpdir(struct utmp *ut) +{ + int jid; + struct jtab jbuf; + + if ((jid = getjtab (&jbuf)) < 0) return; + + /* + * Set jid and tmpdir in utmp record. + */ + ut->ut_jid = jid; + strncpy(ut->ut_tpath, cray_tmpdir, TPATHSIZ); +} + +#endif diff --git a/ssh_prng_cmds.in b/ssh_prng_cmds.in index 684a4f428..03fa5408e 100644 --- a/ssh_prng_cmds.in +++ b/ssh_prng_cmds.in @@ -5,12 +5,15 @@ # The "rate" represents the number of bits of usuable entropy per # byte of command output. Be conservative. # -# $Id: ssh_prng_cmds.in,v 1.6 2001/02/09 01:55:36 djm Exp $ +# $Id: ssh_prng_cmds.in,v 1.7 2001/07/22 19:32:01 mouring Exp $ "ls -alni /var/log" @PROG_LS@ 0.02 "ls -alni /var/adm" @PROG_LS@ 0.02 +"ls -alni /usr/adm" @PROG_LS@ 0.02 "ls -alni /var/mail" @PROG_LS@ 0.02 +"ls -alni /usr/mail" @PROG_LS@ 0.02 "ls -alni /var/adm/syslog" @PROG_LS@ 0.02 +"ls -alni /usr/adm/syslog" @PROG_LS@ 0.02 "ls -alni /var/spool/mail" @PROG_LS@ 0.02 "ls -alni /proc" @PROG_LS@ 0.02 "ls -alni /tmp" @PROG_LS@ 0.02 @@ -30,7 +33,9 @@ "netstat -in" @PROG_NETSTAT@ 0.05 "netstat -rn" @PROG_NETSTAT@ 0.02 "netstat -pn" @PROG_NETSTAT@ 0.02 +"netstat -ia" @PROG_NETSTAT@ 0.05 "netstat -s" @PROG_NETSTAT@ 0.02 +"netstat -is" @PROG_NETSTAT@ 0.07 "arp -a -n" @PROG_ARP@ 0.02 @@ -39,6 +44,7 @@ "ps laxww" @PROG_PS@ 0.03 "ps -al" @PROG_PS@ 0.03 "ps -efl" @PROG_PS@ 0.03 +"jstat" @PROG_JSTAT@ 0.07 "w" @PROG_W@ 0.05 @@ -51,6 +57,8 @@ "df" @PROG_DF@ 0.01 "df -i" @PROG_DF@ 0.01 +"sar -d" @PROG_SAR@ 0.04 + "vmstat" @PROG_VMSTAT@ 0.01 "uptime" @PROG_UPTIME@ 0.01