A error in auth.c of openssh-2.1.1p2 port on systems with a mixture of shadowed and non-shadowed passwords and Japanese Translations.

[HARUYAMA Seigo]

  Hi.

  I have found a error of
  openssh-2.1.1p2 port on systems 
  with a mixture of shadowed and non-shadowed passwords.

  I reported a same type of error to Mr. Miller 
  when openssh-1.2.1pre23 was released.


  On our systems,
  our local machines have shadowed /etc/passwd (and /etc/shadow)
  and our NIS server distributes non-shadowed password
  of general users.

  We have to use getspnam(3) for shadowed local users' 
  ( for example, "root") entries and
  getpwnam(3) for non-shadowed users' entries.

  Otherwise, the function "allowed_user" in auth.c of openssh-2.1.1p2 
  has the following lines:

59  #if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) && \
60          defined(HAS_SHADOW_EXPIRE)
61    struct spwd *spw;
62
63          /* Shouldn't be called if pw is NULL, but better safe than sorry
*/
64          if (!pw)
65                  return 0;
66
67          spw = getspnam(pw->pw_name);
68          if (spw == NULL)
69                  return 0;

  .
  
  So, getspnam will returns NULL for our general users and 
  allowed_user returns 0.

  As a result, our general users cannot login.

  I fixed this problem.

diff openssh-2.1.1p2.bak/auth.c openssh-2.1.1p2/auth.c
68,69c68
<       if (spw == NULL)
<               return 0;
---
>       if (spw){
78a78
>       }

-------

  I translated README and UPGRADING documents of openssh port 
  into Japanese.
  Now I have translated INSTALL and README.openssh2.
  These documents are open to the public at 

  http://www.unixuser.org/%7Eharuyama/security/openssh/index.html 
  .
  Now, all translated documents update when new version of openssh port
  releases.

  Regards,
  HARUYAMA Seigo         
  haruyama at unixuser.org