From 3bd49ec5c4b1e5d9fb08282796b4a3b487f8f196 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Mon, 15 Nov 1999 15:40:55 +1100 Subject: [PATCH] - Various small cleanups to bring diff (against OpenBSD) size down. --- ChangeLog | 1 + configure.in | 2 +- includes.h | 4 +++- packet.h | 5 +++-- pty.c | 3 +-- sshd.c | 39 ++++++++++++++++++++++++--------------- 6 files changed, 33 insertions(+), 21 deletions(-) diff --git a/ChangeLog b/ChangeLog index d1c75cce8..a35b9b4b1 100644 --- a/ChangeLog +++ b/ChangeLog @@ -22,6 +22,7 @@ [ssh.c] print _all_ bad config-options in ssh(1), too [sshconnect.c] disconnect if getpeername() fails - OpenBSD's changes to sshd.c broke the PAM stuff, re-merged it. + - Various small cleanups to bring diff (against OpenBSD) size down. 19991114 - Solaris compilation fixes (still imcomplete) diff --git a/configure.in b/configure.in index d1dad1e48..fd6aea36b 100644 --- a/configure.in +++ b/configure.in @@ -55,7 +55,7 @@ AC_CHECK_LIB(dl, dlopen, , ) AC_CHECK_LIB(pam, pam_authenticate, , ) dnl Checks for header files. -AC_CHECK_HEADERS(pty.h endian.h paths.h lastlog.h shadow.h) +AC_CHECK_HEADERS(pty.h endian.h paths.h lastlog.h shadow.h netgroup.h) dnl Check for ut_host field in utmp AC_MSG_CHECKING([whether utmp.h has ut_host field]) diff --git a/includes.h b/includes.h index 198e72979..e2a0ea3b6 100644 --- a/includes.h +++ b/includes.h @@ -41,7 +41,6 @@ static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg } #include #include #include -#include #include #include #include @@ -55,6 +54,9 @@ static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg } #include "config.h" +#ifdef HAVE_NETGROUP_H +# include +#endif #ifdef HAVE_PATHS_H # include #endif diff --git a/packet.h b/packet.h index 6822203c8..0a4df7993 100644 --- a/packet.h +++ b/packet.h @@ -13,12 +13,13 @@ Interface for the packet protocol functions. */ -/* RCSID("$Id: packet.h,v 1.2 1999/10/28 03:25:17 damien Exp $"); */ +/* RCSID("$Id: packet.h,v 1.3 1999/11/15 04:40:55 damien Exp $"); */ -#include "config.h" #ifndef PACKET_H #define PACKET_H +#include "config.h" + #ifdef HAVE_OPENSSL #include #endif diff --git a/pty.c b/pty.c index 141ef7d35..bbe18fd03 100644 --- a/pty.c +++ b/pty.c @@ -14,10 +14,9 @@ Allocating a pseudo-terminal, and making it the controlling tty. */ #include "includes.h" -RCSID("$Id: pty.c,v 1.2 1999/11/08 04:30:59 damien Exp $"); +RCSID("$Id: pty.c,v 1.3 1999/11/15 04:40:55 damien Exp $"); #ifdef HAVE_PTY_H -/* Unfortunate namespace collision */ #include #endif /* HAVE_PTY_H */ diff --git a/sshd.c b/sshd.c index a0cc46638..2eeb6d6b7 100644 --- a/sshd.c +++ b/sshd.c @@ -18,7 +18,7 @@ agent connections. */ #include "includes.h" -RCSID("$Id: sshd.c,v 1.18 1999/11/15 04:25:10 damien Exp $"); +RCSID("$Id: sshd.c,v 1.19 1999/11/15 04:40:55 damien Exp $"); #include "xmalloc.h" #include "rsa.h" @@ -133,8 +133,8 @@ void do_child(const char *command, struct passwd *pw, const char *term, #ifdef HAVE_LIBPAM static int pamconv(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr); -void do_pam_account_and_session(const char *username, - const char *remote_user, const char *remote_host); +void do_pam_account_and_session(char *username, char *remote_user, + const char *remote_host); void pam_cleanup_proc(void *context); static struct pam_conv conv = { @@ -230,7 +230,8 @@ void pam_cleanup_proc(void *context) } } -void do_pam_account_and_session(const char *username, const char *remote_user, const char *remote_host) +void do_pam_account_and_session(char *username, char *remote_user, + const char *remote_host) { int pam_retval; @@ -1201,12 +1202,17 @@ do_authentication(char *user) pw = &pwcopy; #ifdef HAVE_LIBPAM - debug("Starting up PAM with username \"%.200s\"", pw->pw_name); + { + int pam_retval; + + debug("Starting up PAM with username \"%.200s\"", pw->pw_name); - if (pam_start("sshd", pw->pw_name, &conv, (pam_handle_t**)&pamh) != PAM_SUCCESS) - fatal("PAM initialisation failed: %.200s", pam_strerror((pam_handle_t *)pamh, pam_retval)); + pam_retval = pam_start("sshd", pw->pw_name, &conv, (pam_handle_t**)&pamh); + if (pam_retval != PAM_SUCCESS) + fatal("PAM initialisation failed: %.200s", pam_strerror((pam_handle_t *)pamh, pam_retval)); - fatal_add_cleanup(&pam_cleanup_proc, NULL); + fatal_add_cleanup(&pam_cleanup_proc, NULL); + } #endif /* If we are not running as root, the user must have the same uid as the @@ -1263,8 +1269,11 @@ do_authloop(struct passwd *pw) unsigned int client_host_key_bits; BIGNUM *client_host_key_e, *client_host_key_n; BIGNUM *n; - char *client_user, *password; + char *client_user = NULL, *password = NULL; int plen, dlen, nlen, ulen, elen; +#ifdef HAVE_LIBPAM + int pam_retval; +#endif /* HAVE_LIBPAM */ /* Indicate that authentication is needed. */ packet_start(SSH_SMSG_FAILURE); @@ -1435,18 +1444,18 @@ do_authloop(struct passwd *pw) packet_integrity_check(plen, 4 + dlen, type); #ifdef HAVE_LIBPAM - /* Do PAM auth with password */ + /* Do PAM auth with password */ pampasswd = password; - pam_retval = pam_authenticate((pam_handle_t *)pamh, 0); + pam_retval = pam_authenticate((pam_handle_t *)pamh, 0); if (pam_retval == PAM_SUCCESS) { - log("PAM Password authentication accepted for user \"%.100s\"", user); + log("PAM Password authentication accepted for user \"%.100s\"", pw->pw_name); authenticated = 1; break; } - - log("PAM Password authentication for \"%.100s\" failed: %s", - user, pam_strerror((pam_handle_t *)pamh, pam_retval)); + + log("PAM Password authentication for \"%.100s\" failed: %s", + pw->pw_name, pam_strerror((pam_handle_t *)pamh, pam_retval)); break; #else /* HAVE_LIBPAM */ /* Try authentication with the password. */