A error in auth.c of openssh-2.1.1p2 port on systems with a mixture of shadowed and non-shadowed passwords and Japanese Translations.

HARUYAMA Seigo haruyama at nt.phys.s.u-tokyo.ac.jp
Sun Jul 2 18:28:35 EST 2000


  I have found a error of
  openssh-2.1.1p2 port on systems 
  with a mixture of shadowed and non-shadowed passwords.

  I reported a same type of error to Mr. Miller 
  when openssh-1.2.1pre23 was released.

  On our systems,
  our local machines have shadowed /etc/passwd (and /etc/shadow)
  and our NIS server distributes non-shadowed password
  of general users.

  We have to use getspnam(3) for shadowed local users' 
  ( for example, "root") entries and
  getpwnam(3) for non-shadowed users' entries.

  Otherwise, the function "allowed_user" in auth.c of openssh-2.1.1p2 
  has the following lines:

59  #if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) && \
60          defined(HAS_SHADOW_EXPIRE)
61    struct spwd *spw;
63          /* Shouldn't be called if pw is NULL, but better safe than sorry
64          if (!pw)
65                  return 0;
67          spw = getspnam(pw->pw_name);
68          if (spw == NULL)
69                  return 0;

  So, getspnam will returns NULL for our general users and 
  allowed_user returns 0.

  As a result, our general users cannot login.

  I fixed this problem.

diff openssh-2.1.1p2.bak/auth.c openssh-2.1.1p2/auth.c
<       if (spw == NULL)
<               return 0;
>       if (spw){
>       }


  I translated README and UPGRADING documents of openssh port 
  into Japanese.
  Now I have translated INSTALL and README.openssh2.
  These documents are open to the public at 

  Now, all translated documents update when new version of openssh port

  HARUYAMA Seigo         
  haruyama at unixuser.org

More information about the openssh-unix-dev mailing list