Call for testing for 3.5 OpenSSH

Tim Rice tim at multitalents.net
Thu Sep 26 04:42:42 EST 2002 

On Wed, 25 Sep 2002, Ben Lindstrom wrote:

>
> Go ahead and commit it.
>
> This just leaves the crc issue.  Can I see a new patch for it?

I've attached what I have in my tree. (no deattack.c stuff)

Wendy, note the NO_SSH_LASTLOG change from the last patch I sent.

I'm wondering if NO_SSH_LASTLOG should really be DISABLE_LASTLOG
like used in loginrec.c

>
> - Ben

-- 
Tim Rice				Multitalents	(707) 887-1469
tim at multitalents.net

-------------- next part --------------
--- configure.ac.old	Mon Sep 23 16:54:12 2002
+++ configure.ac	Wed Sep 25 11:21:37 2002
@@ -303,6 +303,7 @@
 	no_libnsl=1
 	AC_DEFINE(USE_PIPES)
 	AC_DEFINE(DISABLE_FD_PASSING)
+	AC_DEFINE(NO_SSH_LASTLOG)
 	LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
 	LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
 	MANTYPE=cat
@@ -376,14 +377,14 @@
 
 # Checks for header files.
 AC_CHECK_HEADERS(bstring.h crypt.h endian.h floatingpoint.h \
-	getopt.h glob.h lastlog.h limits.h login.h \
+	getopt.h glob.h ia.h lastlog.h limits.h login.h \
 	login_cap.h maillock.h netdb.h netgroup.h \
 	netinet/in_systm.h paths.h pty.h readpassphrase.h \
 	rpc/types.h security/pam_appl.h shadow.h stddef.h stdint.h \
 	strings.h sys/bitypes.h sys/bsdtty.h sys/cdefs.h \
 	sys/mman.h sys/select.h sys/stat.h \
 	sys/stropts.h sys/sysmacros.h sys/time.h \
-	sys/un.h time.h ttyent.h usersec.h \
+	sys/un.h time.h tmpdir.h ttyent.h usersec.h \
 	util.h utime.h utmp.h utmpx.h)
 
 # Checks for libraries.
--- defines.h.old	Wed Aug 21 08:08:49 2002
+++ defines.h	Tue Sep 24 14:50:25 2002
@@ -124,7 +124,7 @@
 # if (SIZEOF_SHORT_INT == 2)
 typedef short int int16_t;
 # else
-#  if defined(_CRAY) && !defined(_CRAYSV2)
+#  ifdef _UNICOS
 #   if (SIZEOF_SHORT_INT == 4)
 typedef short int16_t;
 #   else
@@ -132,16 +132,16 @@
 #   endif
 #  else
 #   error "16 bit int type not found."
-#  endif /* _CRAY */
+#  endif /* _UNICOS */
 # endif
 # if (SIZEOF_INT == 4)
 typedef int int32_t;
 # else
-#  if defined(_CRAY) && !defined(_CRAYSV2)
+#  ifdef _UNICOS
 typedef long  int32_t;
 #  else
 #   error "32 bit int type not found."
-#  endif /* _CRAY */
+#  endif /* _UNICOS */
 # endif
 #endif
 
@@ -161,7 +161,7 @@
 #  if (SIZEOF_SHORT_INT == 2)
 typedef unsigned short int u_int16_t;
 #  else
-#   if defined(_CRAY) && !defined(_CRAYSV2)
+#   ifdef _UNICOS
 #    if (SIZEOF_SHORT_INT == 4)
 typedef unsigned short u_int16_t;
 #    else
@@ -174,7 +174,7 @@
 #  if (SIZEOF_INT == 4)
 typedef unsigned int u_int32_t;
 #  else
-#   if defined(_CRAY) && !defined(_CRAYSV2)
+#   ifdef _UNICOS
 typedef unsigned long  u_int32_t;
 #   else
 #    error "32 bit int type not found."
--- includes.h.old	Thu Jul 18 09:57:09 2002
+++ includes.h	Tue Sep 24 08:50:37 2002
@@ -149,6 +149,14 @@
 # include <readpassphrase.h>
 #endif
 
+#ifdef HAVE_IA_H
+# include <ia.h>
+#endif
+
+#ifdef HAVE_TMPDIR_H
+# include <tmpdir.h>
+#endif
+
 #include <openssl/opensslv.h> /* For OPENSSL_VERSION_NUMBER */
 
 #include "defines.h"
--- auth1.c.orig	Thu Sep 12 13:09:26 2002
+++ auth1.c	Tue Sep 24 14:36:30 2002
@@ -304,6 +304,15 @@
 			fatal("INTERNAL ERROR: authenticated invalid user %s",
 			    authctxt->user);
 
+#ifdef _UNICOS
+		if (type == SSH_CMSG_AUTH_PASSWORD && !authenticated)
+			cray_login_failure(authctxt->user, IA_UDBERR);
+		if (authenticated && cray_access_denied(authctxt->user)) {
+			authenticated = 0;
+			fatal("Access denied for user %s.",authctxt->user);
+		}
+#endif /* _UNICOS */
+
 #ifdef HAVE_CYGWIN
 		if (authenticated &&
 		    !check_nt_auth(type == SSH_CMSG_AUTH_PASSWORD, pw)) {
--- auth2.c.orig	Tue Sep 10 10:09:45 2002
+++ auth2.c	Tue Sep 24 14:37:05 2002
@@ -216,6 +216,13 @@
 		authenticated = 0;
 #endif /* USE_PAM */
 
+#ifdef _UNICOS
+	if (authenticated && cray_access_denied(authctxt->user)) {
+		authenticated = 0;
+		fatal("Access denied for user %s.",authctxt->user);
+	}
+#endif /* _UNICOS */
+
 	/* Log before sending the reply */
 	auth_log(authctxt, authenticated, method, " ssh2");
 
@@ -235,6 +242,10 @@
 		if (authctxt->failures++ > AUTH_FAIL_MAX) {
 			packet_disconnect(AUTH_FAIL_MSG, authctxt->user);
 		}
+#ifdef _UNICOS
+		if (strcmp(method, "password") == 0)
+			cray_login_failure(authctxt->user, IA_UDBERR);
+#endif /* _UNICOS */
 		methods = authmethods_get();
 		packet_start(SSH2_MSG_USERAUTH_FAILURE);
 		packet_put_cstring(methods);
--- loginrec.c.old	Wed Jul 24 15:00:48 2002
+++ loginrec.c	Tue Sep 24 14:50:41 2002
@@ -622,13 +622,13 @@
 	switch (li->type) {
 	case LTYPE_LOGIN:
 		ut->ut_type = USER_PROCESS;
-#if defined(_CRAY) && !defined(_CRAYSV2)
+#ifdef _UNICOS
 		cray_set_tmpdir(ut);
 #endif
 		break;
 	case LTYPE_LOGOUT:
 		ut->ut_type = DEAD_PROCESS;
-#if defined(_CRAY) && !defined(_CRAYSV2)
+#ifdef _UNICOS
 		cray_retain_utmp(ut, li->pid);
 #endif
 		break;
--- serverloop.c.orig	Mon Sep 23 07:28:01 2002
+++ serverloop.c	Tue Sep 24 15:28:06 2002
@@ -144,7 +144,9 @@
 	int save_errno = errno;
 	debug("Received SIGCHLD.");
 	child_terminated = 1;
+#ifndef _UNICOS
 	mysignal(SIGCHLD, sigchld_handler);
+#endif
 	notify_parent();
 	errno = save_errno;
 }
--- session.c.orig	Mon Sep 23 07:28:02 2002
+++ session.c	Wed Sep 25 11:22:38 2002
@@ -519,10 +519,17 @@
 			perror("dup2 stderr");
 #endif /* USE_PIPES */
 
+#ifdef _UNICOS
+		cray_init_job(s->pw); /* set up cray jid and tmpdir */
+#endif
+
 		/* Do processing for the child (exec command etc). */
 		do_child(s, command);
 		/* NOTREACHED */
 	}
+#ifdef _UNICOS
+	signal(WJSIGNAL, cray_job_termination_handler);
+#endif /* _UNICOS */
 #ifdef HAVE_CYGWIN
 	if (is_winnt)
 		cygwin_set_impersonation_token(INVALID_HANDLE_VALUE);
@@ -610,8 +617,12 @@
 
 		/* record login, etc. similar to login(1) */
 #ifndef HAVE_OSF_SIA
-		if (!(options.use_login && command == NULL))
+		if (!(options.use_login && command == NULL)) {
+#ifdef _UNICOS
+			cray_init_job(s->pw); /* set up cray jid and tmpdir */
+#endif /* _UNICOS */
 			do_login(s, command);
+		}
 # ifdef LOGIN_NEEDS_UTMPX
 		else
 			do_pre_login(s);
@@ -622,6 +633,9 @@
 		do_child(s, command);
 		/* NOTREACHED */
 	}
+#ifdef _UNICOS
+	signal(WJSIGNAL, cray_job_termination_handler);
+#endif /* _UNICOS */
 #ifdef HAVE_CYGWIN
 	if (is_winnt)
 		cygwin_set_impersonation_token(INVALID_HANDLE_VALUE);
@@ -762,6 +776,7 @@
 		printf("%s\n", aixloginmsg);
 #endif /* WITH_AIXAUTHENTICATE */
 
+#ifndef NO_SSH_LASTLOG
 	if (options.print_lastlog && s->last_login_time != 0) {
 		time_string = ctime(&s->last_login_time);
 		if (strchr(time_string, '\n'))
@@ -772,6 +787,7 @@
 			printf("Last login: %s from %s\r\n", time_string,
 			    s->hostname);
 	}
+#endif /* NO_SSH_LASTLOG */
 
 	do_motd();
 }
@@ -1031,6 +1047,11 @@
 		child_set_env(&env, &envsize, "SSH_ORIGINAL_COMMAND",
 		    original_command);
 
+#ifdef _UNICOS
+	if (cray_tmpdir[0] != '\0')
+		child_set_env(&env, &envsize, "TMPDIR", cray_tmpdir);
+#endif /* _UNICOS */
+
 #ifdef _AIX
 	{
 		char *cp;
@@ -1281,6 +1302,10 @@
 	/* login(1) is only called if we execute the login shell */
 	if (options.use_login && command != NULL)
 		options.use_login = 0;
+
+#ifdef _UNICOS
+	cray_setup(pw->pw_uid, pw->pw_name, command);
+#endif /* _UNICOS */
 
 	/*
 	 * Login(1) does this as well, and it needs uid 0 for the "-h"
--- sshd.c.old	Mon Sep 23 07:28:03 2002
+++ sshd.c	Tue Sep 24 14:50:51 2002
@@ -940,7 +940,7 @@
 	    SYSLOG_FACILITY_AUTH : options.log_facility,
 	    !inetd_flag);
 
-#if defined(_CRAY) && !defined(_CRAYSV2)
+#ifdef _UNICOS
 	/* Cray can define user privs drop all prives now!
 	 * Not needed on PRIV_SU systems!
 	 */
--- sshpty.c.old	Wed Jul 24 15:00:49 2002
+++ sshpty.c	Tue Sep 24 14:51:21 2002
@@ -162,7 +162,7 @@
 	}
 	return 1;
 #else /* HAVE_DEV_PTS_AND_PTC */
-#if defined(_CRAY) && !defined(_CRAYSV2)
+#ifdef _UNICOS
 	char buf[64];
 	int i;
 	int highpty;
@@ -268,7 +268,7 @@
 	void *old;
 #endif /* USE_VHANGUP */
 
-#if defined(_CRAY) && !defined(_CRAYSV2)
+#ifdef _UNICOS
 	if (setsid() < 0)
 		error("setsid: %.100s", strerror(errno));
 
@@ -290,7 +290,7 @@
 		error("%.100s: %.100s", ttyname, strerror(errno));
 	close(*ttyfd);
 	*ttyfd = fd;
-#else /* _CRAY */
+#else /* _UNICOS */
 
 	/* First disconnect from the old controlling tty. */
 #ifdef TIOCNOTTY
@@ -345,7 +345,7 @@
 		    strerror(errno));
 	else 
 		close(fd);
-#endif /* _CRAY */
+#endif /* _UNICOS */
 }
 
 /* Changes the window size associated with the pty. */
--- openbsd-compat/bsd-cray.c.old	Wed Jul 24 15:00:52 2002
+++ openbsd-compat/bsd-cray.c	Tue Sep 24 14:46:13 2002
@@ -34,7 +34,7 @@
  * on UNICOS systems.
  *
  */
-#if defined(_CRAY) && !defined(_CRAYSV2)
+#ifdef _UNICOS
 
 #include <udb.h>
 #include <tmpdir.h>
--- openbsd-compat/bsd-cray.h.old	Wed Jul 24 15:00:52 2002
+++ openbsd-compat/bsd-cray.h	Tue Sep 24 14:46:43 2002
@@ -37,7 +37,7 @@
 #ifndef _BSD_CRAY_H
 #define _BSD_CRAY_H
 
-#if defined(_CRAY) && !defined(_CRAYSV2)
+#ifdef _UNICOS
 void cray_init_job(struct passwd *);		/* init cray job */
 void cray_job_termination_handler(int);		/* process end of job signal */
 void cray_login_failure(char *username, int errcode);

More information about the openssh-unix-dev mailing list