4.3.3 ML3 or so, the AIX pty layer starting passing zero-length writes
on the pty slave as zero-length reads on the pty master, which sshd
interprets as the descriptor closing. Since most things don't do zero
length writes this rarely matters, but occasionally it happens, and when
it does the SSH pty session appears to hang, so we add a special case for
this condition. ok djm@
[contrib/redhat/sshd.init openbsd-compat/Makefile.in]
[openbsd-compat/openbsd-compat.h openbsd-compat/port-linux.c]
[openbsd-compat/port-linux.h] Add support for SELinux, setting
the execution and TTY contexts. based on patch from Daniel Walsh,
bz #880; ok dtucker@
[openbsd-compat/sha2.h openbsd-compat/openbsd-compat.h]
[openbsd-compat/sha2.c] First stab at portability glue for SHA256
KEX support, should work with libc SHA256 support or OpenSSL
EVP_sha256 if present
since not all platforms support it. Instead, use internal equivalent while
computing LLONG_MIN and LLONG_MAX. Remove special case for alpha-dec-osf*
as it's no longer required. Tested by Bernhard Simon, ok djm@
AC_CHECK_HEADERS test. Without it, if AC_CHECK_HEADERS is first run
by a platform specific check, builtin standard includes tests will be
skipped on the other platforms.
Analysis and suggestion by vinschen at redhat.com, patch by dtucker@.
OK tim@, djm@.
[openbsd-compat/port-tun.c openbsd-compat/port-tun.h] Add support
for tunnel forwarding for FreeBSD and NetBSD. NetBSD's support is
limited to IPv4 tunnels only, and most versions don't support the
tap(4) device at all.
[serverloop.c ssh.c openbsd-compat/Makefile.in]
[openbsd-compat/openbsd-compat.h] Implement tun(4) forwarding
compatability support for Linux, diff from reyk@
snprintf replacement can have a conflicting declaration in HP-UX's system
headers (const vs. no const) so we now check for and work around it. Patch
from the dynamic duo of David Leonard and Ted Percival.
again by providing a sys_tun_open() function for your platform and
setting the CUSTOM_SYS_TUN_OPEN define. More work is required to match
OpenBSD's tunnel protocol, which prepends the address family to the
packet
[auth-options.c includes.h misc.c misc.h readconf.c servconf.c]
[serverloop.c ssh.c ssh_config.5 sshd_config.5 configure.ac]
two changes to the new ssh tunnel support. this breaks compatibility
with the initial commit but is required for a portable approach.
- make the tunnel id u_int and platform friendly, use predefined types.
- support configuration of layer 2 (ethernet) or layer 3
(point-to-point, default) modes. configuration is done using the
Tunnel (yes|point-to-point|ethernet|no) option is ssh_config(5) and
restricted by the PermitTunnel (yes|point-to-point|ethernet|no) option
in sshd_config(5).
ok djm@, man page bits by jmc@
when they're available) need the real UID set otherwise pam_chauthtok will
set ADMCHG after changing the password, forcing the user to change it
again immediately.
openbsd-compat/bsd-snprintf.c openbsd-compat/openbsd-compat.h] Add an
asprintf() implementation, after syncing our {v,}snprintf() implementation
with some extra fixes from Samba's version. With help and debugging from
dtucker and tim; ok dtucker@
