OS/390 openssh

Martin Kraemer Martin.Kraemer at fujitsu-siemens.com
Wed Oct 8 22:43:45 EST 2003 

On Wed, Oct 08, 2003 at 10:26:31PM +1000, Darren Tucker wrote:
> In openbsd-compat, add a port-bs2000.c (or maybe a port-ebcdic.c or maybe
> both) and put your platform-specific functions in there.

Excellent idea. Will do, alongside port-irix.c et al.


> Instead of doing this:
> >  #ifdef CUSTOM_FAILED_LOGIN
> >        if (authenticated == 0 && strcmp(method, "password") == 0)
> > +#if #system(bs2000)
> > +               record_failed_login_attempt(authctxt->user,
> [snip]
> >  #else
> >                 record_failed_login(authctxt->user, "ssh");
> >  #endif
> Add another argument to record_failed_login() (eg "reason", maybe make it
> an enum), put your own record_failed_login() into port-bs2000.c and lose
> the #ifdefs.

Granted. This was a recent hack because the old API did not supply
the remote IP information. You are right that is better to change the API
(and ignore the new arguments in the other OS's). Will do.


> > diff -bur openssh-3.7.1p2.orig/contrib/solaris/opensshd.in
> 
> Why are you modifying Solaris files?

Oops - my bad. This was not meant to be submitted; it is what we use
internally because we use a mostly-identical rc script. The mods should
not be in openssh-portable, of course, sorry.


> >        /* Fork the child. */
> > +#if #system(bs2000)
> [snip]
> > +         if ((pid = ufork(upper)) == -1 && errno == EPERM) {
> 
> Could you achieve the same thing by creating a replacement fork() funtion
> in port-bs2000.c?

Alas, impossible: there *is* a real fork() in BS2000, but it cannot
be used in combination with changed user identities. When changing the
user, the respective fork() must already pre-initialize for the new
user-to-be which it need not if the user identity is not changed.
It is unclean, but I see no portable solution to this one.


> > + /* EBCDIC problem: A-I J-R S-Z are contiguous, but there's a gap between
> > the three subranges:
> 
> What kind of drugs were involved in creating a character set where the
> alphabet is non-contiguous :-?

;-) Not by me... Ask IBM. The reason in found in the Hollerith card
    punching scheme.
    OTOH: My *real* machine is FreeBSD.

  Martin
-- 
<Martin.Kraemer at Fujitsu-Siemens.com>         |     Fujitsu Siemens
Fon: +49-89-636-46021, FAX: +49-89-636-47655 | 81730  Munich,  Germany

More information about the openssh-unix-dev mailing list