Openssh-2.1.1p1 and solaris 7/8

P.S.S.Camp P.S.S.Camp at ukc.ac.uk
Wed Jun 14 00:44:32 EST 2000 

On Tue, 13 Jun 2000, John Horne wrote:

> Hello,
> 
> I just installed the above openssh onto a Sun Solaris 7 and Solaris 8 system.
> No problem with that. However, I now seem to get some rubbish processed when
> I login with slogin. An example:
> 
> Last login: Tue Jun 13 12:31:27 2000 from jhorne.csd.plymo:tJ`
> ^[[?1;2c
> 
> Telnet logs in okay, but just shows 'Last login...jhorne.csd.plymo'.
> 
> This seems to get passed to the shell, which it of course errors on. I do,
> however, actually login okay. This is seen on both systems. As a test I
> purged the /var/adm/lastlog file - logged out, logged in  - this was okay.
> Logged out and logged in again, and got the same problem.
> 
> I upgraded from 2.1.0p3 to fix the utmpx problem; that version did not
> exhibit this problem. So far the utmpx problem hasn't recurred though :-)
> 
> I configured both systems using:
>   ./configure --with-egd-pool=/tmp/entropy --with-catman=man
>               --with-tcp-wrappers --with-default-path=/usr/bin:/usr/local/bin
> 
> Using the '--disable-lastlog' got around the problem. Something doesn't seem
> right though.
> 
Right to further my patch yesterday this superseeds it
--- loginrec.c.old      Wed Jun  7 12:32:13 2000
+++ loginrec.c  Tue Jun 13 15:29:19 2000
@@ -1087,7 +1087,7 @@
 #endif
                        line_fullname(li->line, utx.ut_line, sizeof(utx.ut_line));
 #ifdef HAVE_HOST_IN_UTMPX
-                       strlcpy(li->hostname, utx.ut_host, sizeof(utx.ut_line));
+                       strlcpy(li->hostname, utx.ut_host, sizeof(utx.ut_host));
 #endif
                }
                if (lseek(fd, (off_t)(0-2*sizeof(struct utmpx)),
SEEK_CUR) == -1) {
@@ -1289,7 +1289,10 @@
 lastlog_populate_entry(struct logininfo *li, struct lastlog *last)
 {
        line_fullname(li->line, last->ll_line, sizeof(li->line));
-       strlcpy(li->hostname, last->ll_host, sizeof(li->hostname));
+       /* limit at length of the smallest structre as some entries as not
+         * all are null terminated. */
+       strlcpy(li->hostname, last->ll_host, 
+            ( sizeof(last->ll_host) < sizeof(li->hostname) ) ? sizeof(last->ll_host) : sizeof(li->hostname)   );
        li->tv_sec = last->ll_time;
 }
 
----

This fixes corrupt lastlogin lines with --disable-lastlog and without
The first chunk fixes a str chop at ut_line(32) instead of ut_host(256)
The second that no all entries in lastlog file have zero terminated
strings ie those of max length, so this path modifies the strlcpy to
a limit of the smallest structutre involved in the copy, which should all
be resolved a comple time as it is costant, then the strlcpy correctly
termintes the copy. 

Phill. Camp

-- 
Computer Science Computing Officer
University Of Kent At Canterbury

More information about the openssh-unix-dev mailing list