Trusted HP-UX 10.26

Darren Cole dcole at keysoftsys.com
Fri Mar 29 11:07:39 EST 2002


comments below
----- Original Message -----
From: "Kevin Steves" <kevin at atomicgears.com>
To: "Darren Cole" <dcole at keysoftsys.com>
Cc: "Kevin Steves" <kevin at atomicgears.com>; <openssh-unix-dev at mindrot.org>
Sent: Thursday, March 28, 2002 1:25 PM
Subject: Re: Trusted HP-UX 10.26


> On Tue, 26 Mar 2002, Darren Cole wrote:
> :> i don't understand this.  why do you need the hashed password here?
[..]
> :authtxt now has the password information.  Without the getprpwnam call,
> :authtxt wont get the encrypted password.
>
> you should look at auth_password(); there is already hp-ux code there
> doing most of what you need.  auth2 should not be changed.

I am. And once I get through my next patch it will use this instead.

> :Hmm... Now that I know a bit more about autoconf, I see how I could make
> :HAVE_SCO_PROTECTED_PW be defined on trusted hp-ux.  Then I could move
this
> :functionality to auth-passwd.c.  Thanks, I will try that before I post my
[..]
> :> :+    // the "--" makes login hang on Trusted HP-UX
> :> :+    // 10.26
> :> :+       "-p", "-f", pw->pw_name, (char *)NULL);
> :> :+ #else
> :> :        "-p", "-f", "--", pw->pw_name, (char *)NULL);
> :> :+ #endif
> :> :
> :> :    /* Login couldn't be executed, die. */
> :>
> :> do you require UseLogin yes?
> :
> :Yes.  It seems much easier to let login taking care of checking and
setting
> :all that needs to be done on a CMW, instead of duplicating all of that
work
> :and code.
>
> login doesn't use getopt()?

I don't think so, though I would have to look through the source to be sure.
Login on these CMW systems is pretty darn hacked up.  If the "--" is there
it hangs and you eventually times out.  Why exactly I don't know, but it
does.  It might be one of the "security" features of login (just like it has
to be a descendent of init or it wont log you in).

Darren






More information about the openssh-unix-dev mailing list