- Merge HP-UX fixes and TCB support from Ged Lodder <lodder@yacc.com.au>
diff --git a/CREDITS b/CREDITS
index 8658f2e..1edf821 100644
--- a/CREDITS
+++ b/CREDITS
@@ -21,6 +21,7 @@
David Hesprich <darkgrue@gue-tech.org> - Configure fixes
David Rankin <drankin@bohemians.lexington.ky.us> - libwrap, AIX, NetBSD fixes
Gary E. Miller <gem@rellim.com> - SCO support
+Ged Lodder <lodder@yacc.com.au> - HPUX fixes and enhancements
HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp> - Translations & doc fixes
Hideaki YOSHIFUJI <yoshfuji@ecei.tohoku.ac.jp> - IPv6 fixes
Hiroshi Takekawa <takekawa@sr3.t.u-tokyo.ac.jp> - Configure fixes
diff --git a/ChangeLog b/ChangeLog
index 9efe31f..9232f9c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+20000430
+ - Merge HP-UX fixes and TCB support from Ged Lodder <lodder@yacc.com.au>
+ -
+
20000429
- Merge big update to OpenSSH-2.0 from OpenBSD CVS
[README.openssh2]
diff --git a/auth-pam.c b/auth-pam.c
index e1e2485..e3f4c42 100644
--- a/auth-pam.c
+++ b/auth-pam.c
@@ -13,7 +13,7 @@
#include "xmalloc.h"
#include "servconf.h"
-RCSID("$Id: auth-pam.c,v 1.3 2000/04/20 13:12:58 damien Exp $");
+RCSID("$Id: auth-pam.c,v 1.4 2000/04/29 14:47:29 damien Exp $");
/* Callbacks */
static int pamconv(int num_msg, const struct pam_message **msg,
@@ -226,7 +226,11 @@
/* Return list of PAM enviornment strings */
char **fetch_pam_environment(void)
{
+#ifdef HAVE_PAM_GETENVLIST
return(pam_getenvlist((pam_handle_t *)pamh));
+#else /* HAVE_PAM_GETENVLIST */
+ return(NULL);
+#endif /* HAVE_PAM_GETENVLIST */
}
/* Print any messages that have been generated during authentication */
diff --git a/auth-passwd.c b/auth-passwd.c
index 662f85f..e64e656 100644
--- a/auth-passwd.c
+++ b/auth-passwd.c
@@ -11,7 +11,7 @@
#ifndef USE_PAM
-RCSID("$Id: auth-passwd.c,v 1.18 2000/04/16 02:31:49 damien Exp $");
+RCSID("$Id: auth-passwd.c,v 1.19 2000/04/29 14:47:29 damien Exp $");
#include "packet.h"
#include "ssh.h"
@@ -19,9 +19,12 @@
#include "xmalloc.h"
#ifdef WITH_AIXAUTHENTICATE
-#include <login.h>
+# include <login.h>
#endif
-
+#ifdef HAVE_HPUX_TRUSTED_SYSTEM_PW
+# include <hpsecurity.h>
+# include <prot.h>
+#endif
#ifdef HAVE_SHADOW_H
# include <shadow.h>
#endif
@@ -108,7 +111,11 @@
else
encrypted_password = crypt(password, salt);
#else /* HAVE_MD5_PASSWORDS */
+# ifdef HAVE_HPUX_TRUSTED_SYSTEM_PW
+ encrypted_password = bigcrypt(password, salt);
+# else
encrypted_password = crypt(password, salt);
+# endif /* HAVE_HPUX_TRUSTED_SYSTEM_PW */
#endif /* HAVE_MD5_PASSWORDS */
/* Authentication is accepted if the encrypted passwords are identical. */
diff --git a/configure.in b/configure.in
index 095c967..fbf117b 100644
--- a/configure.in
+++ b/configure.in
@@ -56,6 +56,28 @@
MANTYPE='$(CATMAN)'
mansubdir=cat
;;
+*-*-hpux11*)
+ if test -z "$GCC"; then
+ CFLAGS="$CFLAGS -Ae"
+ fi
+ CFLAGS="$CFLAGS -D_HPUX_SOURCE"
+ CFLAGS="$CFLAGS -I/usr/local/include"
+ LDFLAGS="$LDFLAGS -L/usr/local/lib"
+ AC_DEFINE(IPADDR_IN_DISPLAY)
+ AC_DEFINE(USE_UTMPX)
+ AC_MSG_CHECKING(for HPUX trusted system password database)
+ if test -f /tcb/files/auth/system/default; then
+ AC_MSG_RESULT(yes)
+ AC_DEFINE(HAVE_HPUX_TRUSTED_SYSTEM_PW)
+ LIBS="$LIBS -lsec"
+ AC_MSG_WARN([This configuration is untested])
+ else
+ AC_MSG_RESULT(no)
+ AC_DEFINE(DISABLE_SHADOW)
+ fi
+ MANTYPE='$(CATMAN)'
+ mansubdir=cat
+ ;;
*-*-irix5*)
CFLAGS="$CFLAGS -I/usr/local/include"
LDFLAGS="$LDFLAGS -L/usr/local/lib"
@@ -140,6 +162,8 @@
AC_CHECK_LIB(dl, dlopen, , )
LIBS="$LIBS -lpam"
+ AC_CHECK_FUNC(pam_getenvlist)
+
# Check PAM strerror arguments (old PAM)
AC_MSG_CHECKING([whether pam_strerror takes only one argument])
AC_TRY_COMPILE(