diff --git a/CREDITS b/CREDITS index 8658f2e0a..1edf82120 100644 --- a/CREDITS +++ b/CREDITS @@ -21,6 +21,7 @@ David Del Piero - bug fixes David Hesprich - Configure fixes David Rankin - libwrap, AIX, NetBSD fixes Gary E. Miller - SCO support +Ged Lodder - HPUX fixes and enhancements HARUYAMA Seigo - Translations & doc fixes Hideaki YOSHIFUJI - IPv6 fixes Hiroshi Takekawa - Configure fixes diff --git a/ChangeLog b/ChangeLog index 9efe31fef..9232f9cb5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +20000430 + - Merge HP-UX fixes and TCB support from Ged Lodder + - + 20000429 - Merge big update to OpenSSH-2.0 from OpenBSD CVS [README.openssh2] diff --git a/auth-pam.c b/auth-pam.c index e1e24854f..e3f4c4252 100644 --- a/auth-pam.c +++ b/auth-pam.c @@ -13,7 +13,7 @@ #include "xmalloc.h" #include "servconf.h" -RCSID("$Id: auth-pam.c,v 1.3 2000/04/20 13:12:58 damien Exp $"); +RCSID("$Id: auth-pam.c,v 1.4 2000/04/29 14:47:29 damien Exp $"); /* Callbacks */ static int pamconv(int num_msg, const struct pam_message **msg, @@ -226,7 +226,11 @@ void start_pam(struct passwd *pw) /* Return list of PAM enviornment strings */ char **fetch_pam_environment(void) { +#ifdef HAVE_PAM_GETENVLIST return(pam_getenvlist((pam_handle_t *)pamh)); +#else /* HAVE_PAM_GETENVLIST */ + return(NULL); +#endif /* HAVE_PAM_GETENVLIST */ } /* Print any messages that have been generated during authentication */ diff --git a/auth-passwd.c b/auth-passwd.c index 662f85f63..e64e65682 100644 --- a/auth-passwd.c +++ b/auth-passwd.c @@ -11,7 +11,7 @@ #ifndef USE_PAM -RCSID("$Id: auth-passwd.c,v 1.18 2000/04/16 02:31:49 damien Exp $"); +RCSID("$Id: auth-passwd.c,v 1.19 2000/04/29 14:47:29 damien Exp $"); #include "packet.h" #include "ssh.h" @@ -19,9 +19,12 @@ RCSID("$Id: auth-passwd.c,v 1.18 2000/04/16 02:31:49 damien Exp $"); #include "xmalloc.h" #ifdef WITH_AIXAUTHENTICATE -#include +# include +#endif +#ifdef HAVE_HPUX_TRUSTED_SYSTEM_PW +# include +# include #endif - #ifdef HAVE_SHADOW_H # include #endif @@ -108,7 +111,11 @@ auth_password(struct passwd * pw, const char *password) else encrypted_password = crypt(password, salt); #else /* HAVE_MD5_PASSWORDS */ +# ifdef HAVE_HPUX_TRUSTED_SYSTEM_PW + encrypted_password = bigcrypt(password, salt); +# else encrypted_password = crypt(password, salt); +# endif /* HAVE_HPUX_TRUSTED_SYSTEM_PW */ #endif /* HAVE_MD5_PASSWORDS */ /* Authentication is accepted if the encrypted passwords are identical. */ diff --git a/configure.in b/configure.in index 095c96737..fbf117b94 100644 --- a/configure.in +++ b/configure.in @@ -56,6 +56,28 @@ case "$host" in MANTYPE='$(CATMAN)' mansubdir=cat ;; +*-*-hpux11*) + if test -z "$GCC"; then + CFLAGS="$CFLAGS -Ae" + fi + CFLAGS="$CFLAGS -D_HPUX_SOURCE" + CFLAGS="$CFLAGS -I/usr/local/include" + LDFLAGS="$LDFLAGS -L/usr/local/lib" + AC_DEFINE(IPADDR_IN_DISPLAY) + AC_DEFINE(USE_UTMPX) + AC_MSG_CHECKING(for HPUX trusted system password database) + if test -f /tcb/files/auth/system/default; then + AC_MSG_RESULT(yes) + AC_DEFINE(HAVE_HPUX_TRUSTED_SYSTEM_PW) + LIBS="$LIBS -lsec" + AC_MSG_WARN([This configuration is untested]) + else + AC_MSG_RESULT(no) + AC_DEFINE(DISABLE_SHADOW) + fi + MANTYPE='$(CATMAN)' + mansubdir=cat + ;; *-*-irix5*) CFLAGS="$CFLAGS -I/usr/local/include" LDFLAGS="$LDFLAGS -L/usr/local/lib" @@ -140,6 +162,8 @@ if test -z "$no_pam" -a "x$ac_cv_header_security_pam_appl_h" = "xyes" ; then AC_CHECK_LIB(dl, dlopen, , ) LIBS="$LIBS -lpam" + AC_CHECK_FUNC(pam_getenvlist) + # Check PAM strerror arguments (old PAM) AC_MSG_CHECKING([whether pam_strerror takes only one argument]) AC_TRY_COMPILE(