- Merge HP-UX fixes and TCB support from Ged Lodder <lodder@yacc.com.au>

CREDITS

@@ -21,6 +21,7 @@ David Del Piero <David.DelPiero@qed.qld.gov.au> - bug fixes
 David Hesprich <darkgrue@gue-tech.org> - Configure fixes
 David Rankin <drankin@bohemians.lexington.ky.us> - libwrap, AIX, NetBSD fixes
 Gary E. Miller <gem@rellim.com> - SCO support
+Ged Lodder <lodder@yacc.com.au> - HPUX fixes and enhancements
 HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp> - Translations & doc fixes
 Hideaki YOSHIFUJI <yoshfuji@ecei.tohoku.ac.jp> - IPv6 fixes
 Hiroshi Takekawa <takekawa@sr3.t.u-tokyo.ac.jp> - Configure fixes

ChangeLog

@@ -1,3 +1,7 @@
+20000430
+ - Merge HP-UX fixes and TCB support from Ged Lodder <lodder@yacc.com.au>
+ -
+
 20000429
  - Merge big update to OpenSSH-2.0 from OpenBSD CVS
    [README.openssh2]

auth-pam.c

@@ -13,7 +13,7 @@
 #include "xmalloc.h"
 #include "servconf.h"
 
-RCSID("$Id: auth-pam.c,v 1.3 2000/04/20 13:12:58 damien Exp $");
+RCSID("$Id: auth-pam.c,v 1.4 2000/04/29 14:47:29 damien Exp $");
 
 /* Callbacks */
 static int pamconv(int num_msg, const struct pam_message **msg,
@@ -226,7 +226,11 @@ void start_pam(struct passwd *pw)
 /* Return list of PAM enviornment strings */
 char **fetch_pam_environment(void)
 {
+#ifdef HAVE_PAM_GETENVLIST
 	return(pam_getenvlist((pam_handle_t *)pamh));
+#else /* HAVE_PAM_GETENVLIST */
+	return(NULL);
+#endif /* HAVE_PAM_GETENVLIST */
 }
 
 /* Print any messages that have been generated during authentication */

auth-passwd.c

@@ -11,7 +11,7 @@
 
 #ifndef USE_PAM
 
-RCSID("$Id: auth-passwd.c,v 1.18 2000/04/16 02:31:49 damien Exp $");
+RCSID("$Id: auth-passwd.c,v 1.19 2000/04/29 14:47:29 damien Exp $");
 
 #include "packet.h"
 #include "ssh.h"
@@ -19,9 +19,12 @@ RCSID("$Id: auth-passwd.c,v 1.18 2000/04/16 02:31:49 damien Exp $");
 #include "xmalloc.h"
 
 #ifdef WITH_AIXAUTHENTICATE
-#include <login.h>
+# include <login.h>
+#endif
+#ifdef HAVE_HPUX_TRUSTED_SYSTEM_PW
+# include <hpsecurity.h>
+# include <prot.h>
 #endif
-
 #ifdef HAVE_SHADOW_H
 # include <shadow.h>
 #endif
@@ -108,7 +111,11 @@ auth_password(struct passwd * pw, const char *password)
 	else
 		encrypted_password = crypt(password, salt);
 #else /* HAVE_MD5_PASSWORDS */    
+# ifdef HAVE_HPUX_TRUSTED_SYSTEM_PW
+	encrypted_password = bigcrypt(password, salt);
+# else
 	encrypted_password = crypt(password, salt);
+# endif /* HAVE_HPUX_TRUSTED_SYSTEM_PW */
 #endif /* HAVE_MD5_PASSWORDS */    
 
 	/* Authentication is accepted if the encrypted passwords are identical. */

configure.in

@@ -56,6 +56,28 @@ case "$host" in
 	MANTYPE='$(CATMAN)'
 	mansubdir=cat
 	;;
+*-*-hpux11*)
+	if test -z "$GCC"; then
+		CFLAGS="$CFLAGS -Ae"
+	fi
+	CFLAGS="$CFLAGS -D_HPUX_SOURCE"
+	CFLAGS="$CFLAGS -I/usr/local/include"
+	LDFLAGS="$LDFLAGS -L/usr/local/lib"
+	AC_DEFINE(IPADDR_IN_DISPLAY)
+	AC_DEFINE(USE_UTMPX)
+	AC_MSG_CHECKING(for HPUX trusted system password database)
+	if test -f /tcb/files/auth/system/default; then
+		AC_MSG_RESULT(yes)
+		AC_DEFINE(HAVE_HPUX_TRUSTED_SYSTEM_PW)
+		LIBS="$LIBS -lsec"
+		AC_MSG_WARN([This configuration is untested])
+	else
+		AC_MSG_RESULT(no)
+		AC_DEFINE(DISABLE_SHADOW)
+	fi
+	MANTYPE='$(CATMAN)'
+	mansubdir=cat
+	;;
 *-*-irix5*)
 	CFLAGS="$CFLAGS -I/usr/local/include"
 	LDFLAGS="$LDFLAGS -L/usr/local/lib"
@@ -140,6 +162,8 @@ if test -z "$no_pam" -a "x$ac_cv_header_security_pam_appl_h" = "xyes" ; then
 	AC_CHECK_LIB(dl, dlopen, , )
 	LIBS="$LIBS -lpam"
 
+	AC_CHECK_FUNC(pam_getenvlist)
+
 	# Check PAM strerror arguments (old PAM)
 	AC_MSG_CHECKING([whether pam_strerror takes only one argument])
 	AC_TRY_COMPILE(