Newer OSF patch.

[Ben Lindstrom]

It still is not right, but thanks to Steve we have gotten this far..

The issue seems to be here:

debug3:  entering: type 26
debug3:  entering

debug1: session_new: init
debug1: session_new: session 0
debug3:  entering: type 26
: sendmsg(12): Invalid argument
debug1: Calling cleanup 0x1200365c0(0x14000d9d8)
debug1: session_pty_cleanup: session 0 release /dev/ttyp4
debug1: Calling cleanup 0x12003dc60(0x0)
: recvmsg: expected received 1 got 0
debug1: Calling cleanup 0x12004bec0(0x0)
debug1: channel_free: channel 0: server-session, nchannels 1
debug3: channel_free: status: The following connections are open:
  #0 server-session (t10 r0 i0/0 o0/0 fd -1/-1)

debug3: channel_close_fds: channel 0: r -1 w -1 e -1
debug1: Calling cleanup 0x12003dc60(0x0)

So I believe (I'm still checking with Steve VanDevender) that SIA
is working, and we are now hitting a new issue.  But unsure yet.

I WISH COMPILER COMPANIES WOULD SUPPORT __func__!!!  Tracing code from
just debug data without it sucks.  Mainly when it's used all over the
place now.=(

Current patch:

Index: auth-sia.c
===================================================================
RCS file: /var/cvs/openssh/auth-sia.c,v
retrieving revision 1.7
diff -u -r1.7 auth-sia.c
--- auth-sia.c	12 Apr 2002 15:36:08 -0000	1.7
+++ auth-sia.c	28 Jun 2002 20:29:00 -0000
@@ -77,7 +77,7 @@
 }

 void
-session_setup_sia(char *user, char *tty)
+setup_sia(char *user, char *tty)
 {
 	struct passwd *pw;
 	SIAENTITY *ent = NULL;
@@ -86,9 +86,8 @@
 	host = get_canonical_hostname (options.verify_reverse_mapping);

 	if (sia_ses_init(&ent, saved_argc, saved_argv, host, user, tty, 0,
-	    NULL) != SIASUCCESS) {
+	    NULL) != SIASUCCESS)
 		fatal("sia_ses_init failed");
-	}

 	if ((pw = getpwnam(user)) == NULL) {
 		sia_ses_release(&ent);
@@ -100,25 +99,22 @@
 	}

 	ent->authtype = SIA_A_NONE;
-	if (sia_ses_estab(sia_collect_trm, ent) != SIASUCCESS) {
+	if (sia_ses_estab(sia_collect_trm, ent) != SIASUCCESS)
 		fatal("Couldn't establish session for %s from %s", user,
 		    host);
-	}

 	if (setpriority(PRIO_PROCESS, 0, 0) == -1) {
 		sia_ses_release(&ent);
 		fatal("setpriority: %s", strerror (errno));
 	}

-	if (sia_ses_launch(sia_collect_trm, ent) != SIASUCCESS) {
+	if (sia_ses_launch(sia_collect_trm, ent) != SIASUCCESS)
 		fatal("Couldn't launch session for %s from %s", user, host);
-	}

 	sia_ses_release(&ent);

-	if (setreuid(geteuid(), geteuid()) < 0) {
+	/* XXX: Should this be be around a if (!use_privsep) ? */
+	if (setreuid(geteuid(), geteuid()) < 0)
 		fatal("setreuid: %s", strerror(errno));
-	}
 }
-
 #endif /* HAVE_OSF_SIA */
Index: auth-sia.h
===================================================================
RCS file: /var/cvs/openssh/auth-sia.h,v
retrieving revision 1.3
diff -u -r1.3 auth-sia.h
--- auth-sia.h	12 Apr 2002 15:36:08 -0000	1.3
+++ auth-sia.h	28 Jun 2002 20:29:00 -0000
@@ -27,6 +27,6 @@
 #ifdef HAVE_OSF_SIA

 int	auth_sia_password(Authctxt *authctxt, char *pass);
-void	session_setup_sia(char *user, char *tty);
+void	setup_sia(char *user, char *tty);

 #endif /* HAVE_OSF_SIA */
Index: monitor.c
===================================================================
RCS file: /var/cvs/openssh/monitor.c,v
retrieving revision 1.22
diff -u -r1.22 monitor.c
--- monitor.c	27 Jun 2002 00:12:58 -0000	1.22
+++ monitor.c	28 Jun 2002 20:29:09 -0000
@@ -120,6 +120,10 @@
 int mm_answer_pam_start(int, Buffer *);
 #endif

+#ifdef HAVE_OSF_SIA
+int mm_answer_setup_sia(int, Buffer *);
+#endif
+
 static Authctxt *authctxt;
 static BIGNUM *ssh1_challenge = NULL;	/* used for ssh1 rsa auth */

@@ -154,6 +158,9 @@
     {MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv},
     {MONITOR_REQ_AUTH2_READ_BANNER, MON_ONCE, mm_answer_auth2_read_banner},
     {MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword},
+#ifdef HAVE_OSF_SIA
+    {MONITOR_REQ_SETUP_SIA, MON_ONCE, mm_answer_setup_sia},
+#endif
 #ifdef USE_PAM
     {MONITOR_REQ_PAM_START, MON_ONCE, mm_answer_pam_start},
 #endif
@@ -196,6 +203,9 @@
     {MONITOR_REQ_SKEYQUERY, MON_ISAUTH, mm_answer_skeyquery},
     {MONITOR_REQ_SKEYRESPOND, MON_AUTH, mm_answer_skeyrespond},
 #endif
+#ifdef HAVE_OSF_SIA
+    {MONITOR_REQ_SETUP_SIA, MON_ONCE, mm_answer_setup_sia},
+#endif
 #ifdef USE_PAM
     {MONITOR_REQ_PAM_START, MON_ONCE, mm_answer_pam_start},
 #endif
@@ -716,6 +726,22 @@
 	auth_method = "skey";

 	return (authok != 0);
+}
+#endif
+
+#ifdef HAVE_OSF_SIA
+int
+mm_answer_setup_sia(int socket, Buffer *m)
+{
+	char *user, *tty;
+
+	user = buffer_get_string(m, NULL);
+	tty = buffer_get_string(m, NULL);
+
+	setup_sia(user, tty);
+
+	xfree(user);
+	xfree(tty);
 }
 #endif

Index: monitor.h
===================================================================
RCS file: /var/cvs/openssh/monitor.h,v
retrieving revision 1.8
diff -u -r1.8 monitor.h
--- monitor.h	11 Jun 2002 16:42:49 -0000	1.8
+++ monitor.h	28 Jun 2002 20:29:09 -0000
@@ -50,6 +50,7 @@
 	MONITOR_REQ_RSACHALLENGE, MONITOR_ANS_RSACHALLENGE,
 	MONITOR_REQ_RSARESPONSE, MONITOR_ANS_RSARESPONSE,
 	MONITOR_REQ_PAM_START,
+	MONITOR_REQ_SETUP_SIA,
 	MONITOR_REQ_TERM
 };

Index: monitor_wrap.c
===================================================================
RCS file: /var/cvs/openssh/monitor_wrap.c,v
retrieving revision 1.13
diff -u -r1.13 monitor_wrap.c
--- monitor_wrap.c	27 Jun 2002 00:23:03 -0000	1.13
+++ monitor_wrap.c	28 Jun 2002 20:29:12 -0000
@@ -649,6 +649,24 @@
 	s->ttyfd = -1;
 }

+#ifdef HAVE_OSF_SIA
+void
+mm_setup_sia(char *name, char *tty)
+{
+	Buffer m;
+
+	debug3("mm_setup_sia: entering");
+
+	buffer_init(&m);
+	buffer_put_cstring(&m, name);
+	buffer_put_cstring(&m, tty);
+
+	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SETUP_SIA, &m);
+
+	buffer_free(&m);
+}
+#endif
+
 #ifdef USE_PAM
 void
 mm_start_pam(char *user)
Index: monitor_wrap.h
===================================================================
RCS file: /var/cvs/openssh/monitor_wrap.h,v
retrieving revision 1.6
diff -u -r1.6 monitor_wrap.h
--- monitor_wrap.h	13 May 2002 01:07:42 -0000	1.6
+++ monitor_wrap.h	28 Jun 2002 20:29:12 -0000
@@ -59,6 +59,10 @@
 void mm_start_pam(char *);
 #endif

+#ifdef HAVE_OSF_SIA
+void mm_setup_sia(char *, char *);
+#endif
+
 void mm_terminate(void);
 int mm_pty_allocate(int *, int *, char *, int);
 void mm_session_pty_cleanup2(void *);
Index: session.c
===================================================================
RCS file: /var/cvs/openssh/session.c,v
retrieving revision 1.208
diff -u -r1.208 session.c
--- session.c	26 Jun 2002 13:51:06 -0000	1.208
+++ session.c	28 Jun 2002 20:29:24 -0000
@@ -57,6 +57,7 @@
 #include "canohost.h"
 #include "session.h"
 #include "monitor_wrap.h"
+#include "auth-sia.h"

 #ifdef HAVE_CYGWIN
 #include <windows.h>
@@ -1269,7 +1270,7 @@
 	 */
 	if (!options.use_login) {
 #ifdef HAVE_OSF_SIA
-		session_setup_sia(pw->pw_name, s->ttyfd == -1 ? NULL : s->tty);
+		PRIVSEP(setup_sia(pw->pw_name, s->ttyfd == -1 ? NULL : s->tty));
 		if (!check_quietlogin(s, command))
 			do_motd();
 #else /* HAVE_OSF_SIA */