- Fix compilation on systems with AFS. Reported by
aloomis@glue.umd.edu
- Fix installation on Solaris. Reported by
Gordon Rowell <gordonr@gormand.com.au>
- Fix gccisms (__attribute__ and inline). Report by edgy@us.ibm.com,
patch from Markus Friedl <markus.friedl@informatik.uni-erlangen.de>
- Auto-locate xauth. Patch from David Agraz <dagraz@jahoopa.com>
- Compile fix from David Agraz <dagraz@jahoopa.com>
- Avoid compiler warning in bsd-snprintf.c
- Added pam_limits.so to default PAM config. Suggested by
Jim Knoble <jmknoble@pobox.com>
diff --git a/ChangeLog b/ChangeLog
index 1352588..28032d2 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,16 @@
+19991211
+ - Fix compilation on systems with AFS. Reported by
+ aloomis@glue.umd.edu
+ - Fix installation on Solaris. Reported by
+ Gordon Rowell <gordonr@gormand.com.au>
+ - Fix gccisms (__attribute__ and inline). Report by edgy@us.ibm.com,
+ patch from Markus Friedl <markus.friedl@informatik.uni-erlangen.de>
+ - Auto-locate xauth. Patch from David Agraz <dagraz@jahoopa.com>
+ - Compile fix from David Agraz <dagraz@jahoopa.com>
+ - Avoid compiler warning in bsd-snprintf.c
+ - Added pam_limits.so to default PAM config. Suggested by
+ Jim Knoble <jmknoble@pobox.com>
+
19991209
- Import of patch from Ben Taylor <bent@clark.net>:
- Improved PAM support
diff --git a/Makefile.in b/Makefile.in
index 7148c50..f728674 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -24,14 +24,15 @@
GNOME_CFLAGS=`gnome-config --cflags gnome gnomeui`
GNOME_LIBS=`gnome-config --libs gnome gnomeui`
-OBJS= atomicio.o authfd.o authfile.o auth-passwd.o auth-rhosts.o \
- auth-rh-rsa.o auth-rsa.o auth-skey.o bsd-daemon.o bsd-login.o \
- bsd-mktemp.o bsd-snprintf.o bsd-strlcat.o bsd-strlcpy.o bufaux.o \
- buffer.o canohost.o channels.o cipher.o clientloop.o compress.o \
- crc32.o deattack.o helper.o helper.o hostfile.o log-client.o \
- login.o log-server.o match.o md5crypt.o mpaux.o packet.o pty.o \
- readconf.o readpass.o rsa.o servconf.o serverloop.o \
- sshconnect.o tildexpand.o ttymodes.o uidswap.o xmalloc.o
+OBJS= atomicio.o authfd.o authfile.o auth-krb4.o auth-passwd.o \
+ auth-rhosts.o auth-rh-rsa.o auth-rsa.o auth-skey.o bsd-daemon.o \
+ bsd-login.o bsd-mktemp.o bsd-snprintf.o bsd-strlcat.o bsd-strlcpy.o
+ bufaux.o buffer.o canohost.o channels.o cipher.o clientloop.o \
+ compress.o crc32.o deattack.o helper.o helper.o hostfile.o \
+ log-client.o login.o log-server.o match.o md5crypt.o mpaux.o \
+ packet.o pty.o radix.o readconf.o readpass.o rsa.o servconf.o \
+ serverloop.o sshconnect.o tildexpand.o ttymodes.o uidswap.o \
+ xmalloc.o
all: $(OBJS) $(TARGETS)
libssh.a: atomicio.o authfd.o authfile.o bsd-daemon.o bsd-mktemp.o \
@@ -39,16 +40,17 @@
buffer.o canohost.o channels.o cipher.o compat.o \
compress.o crc32.o deattack.o fingerprint.o helper.o \
hostfile.o log.o match.o mpaux.o nchan.o packet.o \
- readpass.o rsa.o tildexpand.o ttymodes.o uidswap.o xmalloc.o
+ radix.o readpass.o rsa.o tildexpand.o ttymodes.o uidswap.o \
+ xmalloc.o
$(AR) rv $@ $^
$(RANLIB) $@
ssh: ssh.o sshconnect.o log-client.o readconf.o clientloop.o libssh.a
$(CC) -o $@ $^ $(LFLAGS) $(LIBS)
-sshd: sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \
- pty.o log-server.o login.o servconf.o serverloop.o bsd-login.o \
- md5crypt.o libssh.a
+sshd: sshd.o auth-rhosts.o auth-krb4.o auth-passwd.o auth-rsa.o \
+ auth-rh-rsa.o pty.o log-server.o login.o servconf.o serverloop.o \
+ bsd-login.o md5crypt.o libssh.a
$(CC) -o $@ $^ $(LFLAGS) $(LIBS) $(LIBWRAP)
scp: scp.o libssh.a
@@ -81,27 +83,27 @@
$(INSTALL) -s ssh-agent $(bindir)/ssh-agent
$(INSTALL) -s ssh-keygen $(bindir)/ssh-keygen
$(INSTALL) -s sshd $(sbindir)/sshd
- $(INSTALL) -m644 ssh.1 $(mandir)/man1/ssh.1
- $(INSTALL) -m644 scp.1 $(mandir)/man1/scp.1
- $(INSTALL) -m644 ssh-add.1 $(mandir)/man1/ssh-add.1
- $(INSTALL) -m644 ssh-agent.1 $(mandir)/man1/ssh-agent.1
- $(INSTALL) -m644 ssh-keygen.1 $(mandir)/man1/ssh-keygen.1
- $(INSTALL) -m644 sshd.8 $(mandir)/man8/sshd.8
+ $(INSTALL) -m 644 ssh.1 $(mandir)/man1/ssh.1
+ $(INSTALL) -m 644 scp.1 $(mandir)/man1/scp.1
+ $(INSTALL) -m 644 ssh-add.1 $(mandir)/man1/ssh-add.1
+ $(INSTALL) -m 644 ssh-agent.1 $(mandir)/man1/ssh-agent.1
+ $(INSTALL) -m 644 ssh-keygen.1 $(mandir)/man1/ssh-keygen.1
+ $(INSTALL) -m 644 sshd.8 $(mandir)/man8/sshd.8
-rm -f $(bindir)/slogin
ln -s ssh $(bindir)/slogin
-rm -f $(mandir)/man1/slogin.1
ln -s ssh.1 $(mandir)/man1/slogin.1
- $(INSTALL) -d $(libexecdir) ;
- $(INSTALL) -d $(libexecdir)/ssh ;
if [ ! -z "@GNOME_ASKPASS@" ] ; then \
+ $(INSTALL) -d $(libexecdir) ;
+ $(INSTALL) -d $(libexecdir)/ssh ;
$(INSTALL) -s @GNOME_ASKPASS@ ${ASKPASS_PROGRAM} ; \
fi
if [ ! -f $(sysconfdir)/ssh_config -a ! -f $(sysconfdir)/sshd_config ]; then \
$(INSTALL) -d $(sysconfdir); \
- $(INSTALL) -m644 ssh_config $(sysconfdir)/ssh_config; \
- $(INSTALL) -m644 sshd_config $(sysconfdir)/sshd_config; \
+ $(INSTALL) -m 644 ssh_config $(sysconfdir)/ssh_config; \
+ $(INSTALL) -m 644 sshd_config $(sysconfdir)/sshd_config; \
fi
uninstallall: uninstall
@@ -130,7 +132,6 @@
-rm -f $(mandir)/man8/sshd.8
-rm -f $(bindir)/slogin
-rm -f $(mandir)/man1/slogin.1
- -rm -f $(mandir)/man1/slogin.1
-rm -f ${ASKPASS_PROGRAM}
-rmdir $(libexecdir)/ssh ;
diff --git a/acconfig.h b/acconfig.h
index 811c00d..324f45d 100644
--- a/acconfig.h
+++ b/acconfig.h
@@ -73,6 +73,9 @@
/* Define if you have /dev/ptc */
#undef HAVE_DEV_PTS_AND_PTC
+/* Path to xauth binary */
+#undef XAUTH_PATH
+
@BOTTOM@
/* ******************* Shouldn't need to edit below this line ************** */
@@ -258,3 +261,14 @@
# define __P(x) x
#endif
+#ifdef __GNUC__
+# if __GNUC__ < 2
+# define INLINE inline
+# define __attribute__(x)
+# else
+# define INLINE __inline__
+# endif /* __GNUC__ < 2 */
+#else
+# define __attribute__(x)
+# define INLINE
+#endif /* __GNUC__ */
diff --git a/bsd-login.c b/bsd-login.c
index 9c12065..a2ec741 100644
--- a/bsd-login.c
+++ b/bsd-login.c
@@ -52,6 +52,7 @@
# include <utmp.h>
#endif
#include <stdio.h>
+#include <string.h>
void
login(utp)
@@ -78,7 +79,7 @@
tty = ttyslot();
if (tty > 0 && (fd = open(_PATH_UTMP, O_RDWR|O_CREAT, 0644)) >= 0) {
-#ifdef HAVE_HOST_IN_UTMP || HAVE_HOST_IN_UTMPX
+#if defined(HAVE_HOST_IN_UTMP) || defined(HAVE_HOST_IN_UTMPX)
(void)lseek(fd, (off_t)(tty * sizeof(struct UTMP_STR)), SEEK_SET);
/*
* Prevent luser from zero'ing out ut_host.
@@ -91,7 +92,7 @@
strncmp(old_ut.ut_line, utp->ut_line, UT_LINESIZE) == 0 &&
strncmp(old_ut.ut_name, utp->ut_name, UT_NAMESIZE) == 0)
(void)memcpy(utp->ut_host, old_ut.ut_host, UT_HOSTSIZE);
-#endif /* HAVE_HOST_IN_UTMP || HAVE_HOST_IN_UTMPX */
+#endif /* defined(HAVE_HOST_IN_UTMP) || defined(HAVE_HOST_IN_UTMPX) */
(void)lseek(fd, (off_t)(tty * sizeof(struct UTMP_STR)), SEEK_SET);
(void)write(fd, utp, sizeof(struct UTMP_STR));
(void)close(fd);
diff --git a/bsd-snprintf.c b/bsd-snprintf.c
index 11c4ff3..e85d929 100644
--- a/bsd-snprintf.c
+++ b/bsd-snprintf.c
@@ -101,30 +101,6 @@
free(curobj);
}
-#if !defined(HAVE_SNPRINTF)
-int
-#if __STDC__
-snprintf(char *str, size_t n, char const *fmt, ...)
-#else
-snprintf(str, n, fmt, va_alist)
- char *str;
- size_t n;
- char *fmt;
- va_dcl
-#endif
-{
- va_list ap;
-#if __STDC__
- va_start(ap, fmt);
-#else
- va_start(ap);
-#endif
-
- return (vsnprintf(str, n, fmt, ap));
- va_end(ap);
-}
-#endif /* !defined(HAVE_SNPRINTF) */
-
#if !defined(HAVE_VSNPRINTF)
int
vsnprintf(str, n, fmt, ap)
@@ -159,4 +135,28 @@
}
#endif /* !defined(HAVE_VSNPRINTF) */
+#if !defined(HAVE_SNPRINTF)
+int
+#if __STDC__
+snprintf(char *str, size_t n, char const *fmt, ...)
+#else
+snprintf(str, n, fmt, va_alist)
+ char *str;
+ size_t n;
+ char *fmt;
+ va_dcl
+#endif
+{
+ va_list ap;
+#if __STDC__
+ va_start(ap, fmt);
+#else
+ va_start(ap);
+#endif
+
+ return (vsnprintf(str, n, fmt, ap));
+ va_end(ap);
+}
+#endif /* !defined(HAVE_SNPRINTF) */
+
#endif /* !defined(HAVE_SNPRINTF) || !defined(HAVE_VSNPRINTF) */
diff --git a/cipher.c b/cipher.c
index e3bb05d..3d5895c 100644
--- a/cipher.c
+++ b/cipher.c
@@ -12,7 +12,7 @@
*/
#include "includes.h"
-RCSID("$Id: cipher.c,v 1.8 1999/11/25 00:54:58 damien Exp $");
+RCSID("$Id: cipher.c,v 1.9 1999/12/12 21:27:33 damien Exp $");
#include "ssh.h"
#include "cipher.h"
@@ -111,7 +111,7 @@
void (*cipher_attack_detected) (const char *fmt,...) = fatal;
-static inline void
+static INLINE void
detect_cbc_attack(const unsigned char *src,
unsigned int len)
{
diff --git a/configure.in b/configure.in
index 2e7623b..c4894c0 100644
--- a/configure.in
+++ b/configure.in
@@ -287,4 +287,8 @@
[AC_DEFINE(HAVE_MD5_PASSWORDS)]
)
+dnl Check for the path to xauth
+AC_PATH_PROG(xauth_path, xauth)
+AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path")
+
AC_OUTPUT(Makefile)
diff --git a/includes.h b/includes.h
index 6afe88d..c14ab6b 100644
--- a/includes.h
+++ b/includes.h
@@ -77,6 +77,7 @@
#include "bsd-strlcat.h"
#include "bsd-mktemp.h"
#include "bsd-snprintf.h"
+#include "bsd-daemon.h"
/* Define this to be the path of the xauth program. */
#ifndef XAUTH_PATH
diff --git a/packages/redhat/sshd.pam b/packages/redhat/sshd.pam
index 2a7d1fb..f466f9b 100644
--- a/packages/redhat/sshd.pam
+++ b/packages/redhat/sshd.pam
@@ -5,3 +5,4 @@
password required /lib/security/pam_cracklib.so
password required /lib/security/pam_pwdb.so shadow nullok use_authtok
session required /lib/security/pam_pwdb.so
+session required /lib/security/pam_limits.so
diff --git a/sshd.pam.generic b/sshd.pam.generic
index c67e7b6..4ec2a2a 100644
--- a/sshd.pam.generic
+++ b/sshd.pam.generic
@@ -5,3 +5,4 @@
password required /lib/security/pam_cracklib.so
password required /lib/security/pam_unix.so shadow nullok use_authtok
session required /lib/security/pam_unix.so
+session required /lib/security/pam_limits.so