Commit Graph

33 Commits

Author SHA1 Message Date
Darren Tucker
2923d026e5 Factor out platform-specific locked account check.
Also fixes an incorrect free on platforms with both libiaf and shadow
passwords (probably only Unixware).  Prompted by github PR#284,
originally from @c3h2_ctf and stoeckmann@.
2022-03-26 12:49:50 +11:00
Darren Tucker
9634ffbf29 Add headers to prevent warnings w/out OpenSSL. 2019-07-23 22:26:20 +10:00
markus@openbsd.org
5467fbcb09 upstream: remove legacy key emulation layer; ok djm@
OpenBSD-Commit-ID: 2b1f9619259e222bbd4fe9a8d3a0973eafb9dd8d
2018-07-12 13:18:25 +10:00
Damien Miller
120a1ec74e Adapt portable to legacy buffer API removal 2018-07-10 19:39:52 +10:00
Damien Miller
878e029797 Split platform_sys_dir_uid into its own file
platform.o is too heavy for libssh.a use; it calls into the server on
many platforms. Move just the function needed by misc.c into its own
file.
2017-08-25 13:25:01 +10:00
Darren Tucker
1e8013a17f Remove obsolete CVS $Id from source files.
Since -portable switched to git the CVS $Id tags are no longer being
updated and are becoming increasingly misleading.  Remove them.
2016-08-17 14:08:42 +10:00
Darren Tucker
57b4ee04ca Move platform_disable_tracing into its own file.
Prevents link errors resolving the extern "options" when platform.o
gets linked into ssh-agent when building --with-pam.
2016-06-15 11:29:24 +10:00
Darren Tucker
a86ec4d073 Use Solaris setpflags(__PROC_PROTECT, ...).
Where possible, use Solaris setpflags to disable process tracing on
ssh-agent and sftp-server.  bz#2584, based on a patch from huieying.lee
at oracle.com, ok djm.
2016-06-14 10:48:27 +10:00
Darren Tucker
0f916d39b0 Shorten prctl code a tiny bit. 2016-06-14 10:43:53 +10:00
Darren Tucker
0fb7f59853 Move prctl PR_SET_DUMPABLE into platform.c.
This should make it easier to add additional platform support such as
Solaris (bz#2584).
2016-06-09 16:23:07 +10:00
Darren Tucker
8c4739338f Don't call Solaris setproject() with UsePAM=yes.
When Solaris Projects are enabled along with PAM setting the project
is PAM's responsiblity.  bz#2425, based on patch from
brent.paulson at gmail.com.
2016-03-15 09:24:43 +11:00
Damien Miller
7acefbbcbe - millert@cvs.openbsd.org 2014/07/15 15:54:14
[PROTOCOL auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
     [auth-rsa.c auth.c auth1.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
     [auth2-passwd.c auth2-pubkey.c auth2.c canohost.c channels.c channels.h]
     [clientloop.c misc.c misc.h monitor.c mux.c packet.c readconf.c]
     [readconf.h servconf.c servconf.h serverloop.c session.c ssh-agent.c]
     [ssh.c ssh_config.5 sshconnect.c sshconnect1.c sshconnect2.c sshd.c]
     [sshd_config.5 sshlogin.c]
     Add support for Unix domain socket forwarding.  A remote TCP port
     may be forwarded to a local Unix domain socket and vice versa or
     both ends may be a Unix domain socket.  This is a reimplementation
     of the streamlocal patches by William Ahern from:
         http://www.25thandclement.com/~william/projects/streamlocal.html
     OK djm@ markus@
2014-07-18 14:11:24 +10:00
Tim Rice
9464ba6fb3 - (tim) [platform.c session.c] Fix bug affecting SVR5 platforms introduced
with sftp chroot support. Move set_id call after chroot.
2014-01-20 17:59:28 -08:00
Darren Tucker
f2bf36c3eb - (dtucker) [platform.c platform.h sshd.c] bz#2156: restore Linux oom_adj
setting when handling SIGHUP to maintain behaviour over retart.  Patch
   from Matthew Ife.
2013-09-22 19:02:40 +10:00
Darren Tucker
aa97d13fa2 - (dtucker) [auth.c configure.ac platform.c platform.h] Accept uid 2 ("bin")
in addition to root as an owner of system directories on AIX and HP-UX.
   ok djm@
2013-03-12 11:31:05 +11:00
Damien Miller
81ad4b1fc0 - (djm) [platform.c] Some missing includes that show up under -Werror 2011-01-11 17:02:23 +11:00
Darren Tucker
d995712383 - (dtucker) [platform.c session.c] Move the getluid call out of session.c and
into the platform-specific code  Only affects SCO, tested by and ok tim@.
2010-11-24 10:09:13 +11:00
Darren Tucker
d1ece6e4a2 - (dtucker) [platform.c] includes.h instead of defines.h so that we get
the correct typedefs.
2010-11-07 18:05:54 +11:00
Darren Tucker
9283d8cbc5 - (dtucker) [platform.c] Need servconf.h and extern options. 2010-11-05 18:56:08 +11:00
Darren Tucker
b12fe272a0 - (dtucker) [platform.c platform.h session.c] Move the Cygwin special-case
check into platform.c
2010-11-05 14:47:01 +11:00
Darren Tucker
cc12418e18 - (dtucker) [platform.c session.c] Move PAM credential establishment for the
non-LOGIN_CAP case into platform.c.
2010-11-05 13:32:52 +11:00
Darren Tucker
0b2ee6452c - (dtucker) [platform.c session.c] Move irix setusercontext fragment into
platform.c.
2010-11-05 13:29:25 +11:00
Darren Tucker
676b912e78 - (dtucker) platform.c session.c] Move aix_usrinfo frament into platform.c. 2010-11-05 13:11:04 +11:00
Darren Tucker
7a8afe3186 - (dtucker) platform.c session.c] Move the USE_LIBIAF fragment into
platform.c
2010-11-05 13:07:24 +11:00
Darren Tucker
728d8371a1 - (dtucker) [platform.c session.c] Move the PAM credential establishment for
the LOGIN_CAP case into platform.c.
2010-11-05 13:00:05 +11:00
Darren Tucker
fd4d8aa2cb - (dtucker) [platform.c] Only call setpgrp on BSDI if running as root to
retain previous behavior.
2010-11-05 12:50:41 +11:00
Darren Tucker
44a97be0cc - (dtucker) [platform.c session.c] Move the BSDI setpgrp into platform.c. 2010-11-05 12:45:18 +11:00
Darren Tucker
4db380701d - (dtucker) [platform.c session.c] Move the AIX setpcred+chroot hack into
platform.c
2010-11-05 12:41:13 +11:00
Darren Tucker
920612e45a - (dtucker) [platform.c platform.h session.c] Add a platform hook to run
after the user's groups are established and move the selinux calls into it.
2010-11-05 12:36:15 +11:00
Darren Tucker
97528353c2 - (dtucker) [configure.ac platform.{c,h} session.c
openbsd-compat/port-solaris.{c,h}] Bug #1824: Add Solaris Project support.
   Patch from cory.erickson at csu mnscu edu with a bit of rework from me.
   ok djm@
2010-11-05 12:03:05 +11:00
Darren Tucker
1bf3503c9d - (dtucker) [auth-krb5.c platform.{c,h} openbsd-compat/port-aix.{c,h}]
Bug #1583: Use system's kerberos principal name on AIX if it's available.
   Based on a patch from and tested by Miguel Sanders.
2009-12-21 10:49:21 +11:00
Darren Tucker
c8802aac28 - (dtucker) Bug #1470: Disable OOM-killing of the listening sshd on Linux,
based on a patch from Vaclav Ovsik and Colin Watson.  ok djm.
2009-12-08 13:39:48 +11:00
Damien Miller
1b06dc30ad - (djm) [CREDITS LICENCE Makefile.in auth.c configure.ac includes.h ]
[platform.c platform.h sshd.c openbsd-compat/Makefile.in]
   [openbsd-compat/openbsd-compat.h openbsd-compat/port-solaris.c]
   [openbsd-compat/port-solaris.h] Add support for Solaris process
   contracts, enabled with --use-solaris-contracts. Patch from Chad
   Mynhier, tweaked by dtucker@ and myself; ok dtucker@
2006-08-31 03:24:41 +10:00