3.6.1p1/SNAP-20030910, AIX & /etc/nologin (similar to bug #178)

David Bronder david-bronder at uiowa.edu
Wed Sep 17 01:58:34 EST 2003


Darren Tucker wrote:
> 
> Darren Tucker wrote:
> > 
> > David Bronder wrote:
> > > For the purpose of testing, I've tried one line with just the text
> > > "testing sshd and nologin" (including newline at the end), and two
> > > short lines of text with a blank line between (60-odd bytes).
> > 
> > I just tried it with the current CVS tree (AIX 5.1 ML4) and it worked
> > (although it printed the contents of nologin twice, not sure why).  No
> > hangs though.  Will build and test 3.6.1p1 to match your config.
> 
> 3.6.1p1 worked fine for me too.
> 
> A hunch: does this patch make a difference?

Nope, no joy.  I tried explicitly flushing stdout and stderr when I
was testing prior to posting to the list, but I hadn't tried closing
stderr.

One thought I had about differences between my failing config and your
working config is compilers.  I'm using IBM's VAC 6.0.0.2 compliler.

(Of course, this little problem will take a back seat to getting 3.7p1
out in light of the big security vulnerability hubbub.)

=Dave

> Index: session.c
> ===================================================================
> RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/session.c,v
> retrieving revision 1.232
> diff -u -p -r1.232 session.c
> --- session.c	21 Mar 2003 01:18:09 -0000	1.232
> +++ session.c	16 Sep 2003 08:59:09 -0000
> @@ -1197,7 +1197,8 @@ do_nologin(struct passwd *pw)
>  		while (fgets(buf, sizeof(buf), f))
>  			fputs(buf, stderr);
>  		fclose(f);
> -		fflush(NULL);
> +		fflush(stderr);
> +		close(STDERR_FILENO);
>  		exit(254);
>  	}
>  }


-- 
Hello World.                                    David Bronder - Systems Admin
Segmentation Fault                                     ITS-SPA, Univ. of Iowa
Core dumped, disk trashed, quota filled, soda warm.   david-bronder at uiowa.edu




More information about the openssh-unix-dev mailing list