OpenSSH 3.8.1p1: call for testing
Darren Tucker
dtucker at zip.com.au
Mon Apr 19 09:54:40 EST 2004
Gert Doering wrote:
> OK. Testing on SCO Open Server 3.0 (3.2v4.2).
[snip]
> fixed by adding an explicit "extern int h_errno;" to that file.
I think we should have configure test for its presence rather than
(re)declaring it unconditionally. Please try attached patch (you will
need to run "autoconf" before running configure).
> The regression test isn't portable enough for oldish SCO:
> ("id" doesn't have any switch to only display the current user name).
> Hopefully quite portable fix:
[snip]
Seems reasonable.
> Doing individual tests leads to:
>
> - unprivileged ssh works fine (-1 and -2)
>
> - chmod 4711'ed ssh (for RhostsRSAAuthentication) is broken:
>
> ------------- snip ------------------
> gert at greenie:/u/softadm/openssh_cvs$ ./ssh -1 -v $targethost
> OpenSSH_3.8.1p1, OpenSSL 0.9.6g 9 Aug 2002
> debug1: Reading configuration data /etc/ssh_config
> debug1: Connecting to $targethost [19.20.21.100] port 22.
> rresvport: af=2 Permission denied
> ssh: connect to host $targethost port 22: Permission denied
> ------------- snip ------------------
Can't bind to a low port even with setuid? Not sure how to explain that
other than a broken kernel?
[snip sshv2 hang]
> (this is not a new thing - it was already in 3.6, but I haven't been
> able to figure out what's going on here)
There's a bug for this, but we (including the reporter) gave up on it
because we couldn't figure it out:
http://bugzilla.mindrot.org/show_bug.cgi?id=651
> - password authentication is completely broken - SCO uses SECUREWARE /
> "getprpwnam()" for "trusted computing base" password access, but
> the corresponding code from auth-passwd.c seems to have disappeared.
>
> I assume that a "CUSTOM_SYS_AUTH_PASSWD" module needs to be written
> to support SECUREWARE.
The getprpwname() stuff has just moved to openbsd-compat/xcrypt.c,
perhaps the #ifdef's aren't quite right?
> Summary: it might not be worth effort. I'm unsure whether anybody but
> myself is still interested in SCO Open Server 3.0 / SCO Unix 3.2v4.2,
> and I'm working on migrating myself away from this platform anyway.
>
> In any case it should be mentioned in the documentation that this old
> SCO system is now "unsupported" and *will not work* without major
> effort.
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: openssh-h_errno.patch
Url: http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20040419/b580ec6d/attachment.ksh
More information about the openssh-unix-dev
mailing list