diff --git a/ChangeLog b/ChangeLog index a865fce6d..d2d2f347f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +20050424 + - (dtucker) [INSTALL configure.ac] Make zlib version check test for 1.1.4 or + 1.2.1.2 or higher. With tim@, ok djm@ + 20050423 - (tim) [config.guess] Add support for OpenServer 6. @@ -5,6 +9,10 @@ - (dtucker) [session.c] Bug #1024: Don't check pam_session_is_open if UseLogin is set as PAM is not used to establish credentials in that case. Found by Michael Selvesteen, ok djm@ + - (dtucker) [auth-pam.c] Since people don't seem to be getting the message, + USE_POSIX_THREADS is now known as UNSUPPORTED_POSIX_THREADS_HACK. + USE_POSIX_THREADS will now generate an error so we don't silently change + behaviour. ok djm@ 20050419 - (dtucker) [INSTALL] Reference README.privsep for the privilege separation @@ -2444,4 +2452,4 @@ - (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu -$Id: ChangeLog,v 1.3746 2005/04/24 01:17:29 tim Exp $ +$Id: ChangeLog,v 1.3747 2005/04/24 07:52:22 dtucker Exp $ diff --git a/INSTALL b/INSTALL index 7de5cb496..753d2d061 100644 --- a/INSTALL +++ b/INSTALL @@ -3,7 +3,7 @@ You will need working installations of Zlib and OpenSSL. -Zlib 1.1.4 or greater: +Zlib 1.1.4 or 1.2.1.2 or greater (ealier 1.2.x versions have problems): http://www.gzip.org/zlib/ OpenSSL 0.9.6 or greater: @@ -225,4 +225,4 @@ Please refer to the "reporting bugs" section of the webpage at http://www.openssh.com/ -$Id: INSTALL,v 1.69 2005/04/19 05:40:51 dtucker Exp $ +$Id: INSTALL,v 1.70 2005/04/24 07:52:23 dtucker Exp $ diff --git a/configure.ac b/configure.ac index 8d8688bfb..20c8f1587 100644 --- a/configure.ac +++ b/configure.ac @@ -1,4 +1,4 @@ -# $Id: configure.ac,v 1.259 2005/04/12 02:00:18 tim Exp $ +# $Id: configure.ac,v 1.260 2005/04/24 07:52:23 dtucker Exp $ # # Copyright (c) 1999-2004 Damien Miller # @@ -643,29 +643,40 @@ AC_ARG_WITH(zlib-version-check, ] ) -AC_MSG_CHECKING(for zlib 1.1.4 or greater) +AC_MSG_CHECKING(for possibly buggy zlib) AC_RUN_IFELSE([AC_LANG_SOURCE([[ +#include #include int main() { - int a, b, c, v; - if (sscanf(ZLIB_VERSION, "%d.%d.%d", &a, &b, &c) != 3) + int a=0, b=0, c=0, d=0, n, v; + n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d); + if (n != 3 && n != 4) exit(1); - v = a*1000000 + b*1000 + c; - if (v >= 1001004) + v = a*1000000 + b*10000 + c*100 + d; + fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v); + + /* 1.1.4 is OK */ + if (a == 1 && b == 1 && c >= 4) exit(0); + + /* 1.2.1.2 and up are OK */ + if (v >= 1020102) + exit(0); + exit(2); } ]])], - AC_MSG_RESULT(yes), - [ AC_MSG_RESULT(no) + AC_MSG_RESULT(no), + [ AC_MSG_RESULT(yes) if test -z "$zlib_check_nonfatal" ; then AC_MSG_ERROR([*** zlib too old - check config.log *** Your reported zlib version has known security problems. It's possible your vendor has fixed these problems without changing the version number. If you are sure this is the case, you can disable the check by running "./configure --without-zlib-version-check". -If you are in doubt, upgrade zlib to version 1.1.4 or greater.]) +If you are in doubt, upgrade zlib to version 1.2.1.2 or greater. +See http://www.gzip.org/zlib/ for details.]) else AC_MSG_WARN([zlib version may have security problems]) fi