openssh unix dev - May 2000 - Openssh-2.1.0p1 test release

This to announce a test release of 2.1.0p1 before making it widely
available.

This release includes many fixes to problems reported over the last 
week. In particular:

 - spurious error and coredumps caused by the inbuilt entropy gathering
 - RSAref detection
 - Compilation fixes for Solaris and others

It also contains (completely untested) support for compiling without
RSA support. This may be useful to those of you in the USA. I am
interested to hear whether and how well this works. RSAless support
is enabled if a) OpenSSL is available, b) OpenSSL is built without
RSAref and c) RSAref cannot be found. In future it will be a config
option. 

Please report bugs to this mailing list directly. It is open again to
non-subscribers.

Regards,
Damien

Full Changelog:

20000517
 - Fix from Andre Lucas <andre.lucas at dial.pipex.com>
  - Fixes command line printing segfaults (spotter: Bladt Norbert)
  - Fixes erroneous printing of debug messages to syslog
  - Fixes utmp for MacOS X (spotter: Aristedes Maniatis)
  - Gives useful error message if PRNG initialisation fails
  - Reduced ssh startup delay
  - Measures cumulative command time rather than the time between reads
	 after select()
  - 'fixprogs' perl script to eliminate non-working entropy commands,
and
	 optionally run 'ent' to measure command entropy
 - Applied Tom Bertelson's <tbert at abac.com> AIX authentication fix
 - Avoid WCOREDUMP complation errors for systems that lack it
 - Avoid SIGCHLD warnings from entropy commands 
 - Fix HAVE_PAM_GETENVLIST setting from Simon Wilkinson <sxw at
dcs.ed.ac.uk>
 - OpenBSD CVS update:
  - markus at cvs.openbsd.org 
    [ssh.c]
    fix usage()
    [ssh2.h]
    draft-ietf-secsh-architecture-05.txt
    [ssh.1]
    document ssh -T -N (ssh2 only)
    [channels.c serverloop.c ssh.h sshconnect.c sshd.c aux.c]
    enable nonblocking IO for sshd w/ proto 1, too; split out common code
    [aux.c]
    missing include
 - Several patches from SAKAI Kiyotaka <ksakai at kso.netwk.ntt-at.co.jp>
  - INSTALL typo and URL fix
  - Makefile fix
  - Solaris fixes
 - Checking for ssize_t and memmove. Based on patch from SAKAI Kiyotaka 
   <ksakai at kso.netwk.ntt-at.co.jp>
 - RSAless operation patch from kevin_oconnor at standardandpoors.com
 - Detect OpenSSL seperatly from RSA
 - Better test for RSA (more compatible with RSAref). Based on work by 
   Ed Eden <ede370 at stl.rural.usda.gov>

20000513
 - Fix for non-recognised DSA keys from Arkadiusz Miskiewicz 
   <misiek at pld.org.pl>

20000511
 - Fix for prng_seed permissions checking from Lutz Jaenicke 
   <Lutz.Jaenicke at aet.TU-Cottbus.DE>
 - "make host-key" fix for Irix



-- 
| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller - http://www.mindrot.org/
| Email: djm at mindrot.org (home) -or- djm at ibs.com.au (work)

The patch for building openssh w/o rsa support does not seem to work (for
me, at least). It may allow you to link at run time to openssl w/o rsa,
but it does not let you build against such an openssl. 

I built openssl-0.9.5a with no-rc5, no-rsa, and no-idea.  When installing,
it does not install headers for rc5, rsa, or idea (of course).  (I know,
exlcuding rc5 and idea is a little out of scope for the patch in question,
but the issues are the same.) 

When trying to then build openssh-2.1.0p1 against this openssl, there are
all kinds of compile time errors because of the missing headers.  I went
ahead and copied the rc5, rsa, and idea headers for openssl into the
openssl include dir and tried to compile again.  This time there are
a bunch of errors at link time during the build.

If rsa (and rc5 and idea, for that matter) is missing at build time, would
it not be good to have some ifdefs in the openssh code to exclude sections
of code that rely on them.  I understand that this would basically turn
openssh into ssh2 only, so maybe it would be better to implement all this
as some compile time define that says ssh2 only. 

-Garrick James

On Wed, May 17, 2000 at 11:47:48PM +1000, Damien Miller
wrote:
> This to announce a test release of 2.1.0p1 before making it widely
> available.
...
> Please report bugs to this mailing list directly. It is open again to
> non-subscribers.
Hi,

again I am building OpenSSH-2.1.0p1 on HP-UX 10.20 :-)
[Longish post, sorry]

You have missed the patch sent from "Tom Bertelson <tbert at
abac.com>"
to fix a stacksize overflow on AIX (Tom) and HP-UX (experienced by myself):

*** serverloop.c.orig	Wed May 17 14:34:23 2000
--- serverloop.c	Thu May 18 09:44:54 2000
***************
*** 85,91 ****
  	int save_errno = errno;
  	debug("Received SIGCHLD.");
  	child_terminated = 1;
- 	signal(SIGCHLD, sigchld_handler2);
  	errno = save_errno;
  }
  
--- 85,90 ----
***************
*** 648,653 ****
--- 647,653 ----
  			while ((pid = waitpid(-1, &status, WNOHANG)) > 0)
  				session_close_by_pid(pid, status);
  			child_terminated = 0;
+ 			signal(SIGCHLD, sigchld_handler2);
  		}
  		channel_after_select(&readset, &writeset);
  		process_input(&readset);

> Full Changelog:
...
>   - 'fixprogs' perl script to eliminate non-working entropy
commands, and
> 	 optionally run 'ent' to measure command entropy
Sorry, I could not find "fixprogs" in the distribution. Hence:
...
        if [ -f ssh_prng_cmds -a ! -z "yes" ]; then \
                /usr/contrib/bin/perl fixprogs ssh_prng_cmds ; \
                /opt/imake/bin/install -c -m 644 ssh_prng_cmds.out
/etc/ssh/ssh_prng_cmds; \
        fi
Can't open perl script "fixprogs": No such file or directory
*** Error exit code 2

Stop.
...

I am not happy with the *-*-hpux10* stuff. Starting with HP-UX 10.0
the compiler understands the "-Ae" flag for extended ANSI mode (64bit
long long). Please change line 42 in configure.in to
                CFLAGS="$CFLAGS -Ae"
In lines 45,46 (and for hpux11 as well) the "/usr/local" hierarchy is
used as a standard place to look for includes and libraries. As of
HP-UX 10, the people at the "Software Porting and Archive Center for
HP-UX"
http://hpux.connect.org.uk/ have decided to move ported packages into the
/opt hierarchy (with a subdirectory for each package).
Even though I still enjoy using /usr/local instead (far more practical for
exporting via NFS), the decision about adding the /usr/local hierarchy should
be left to the user.
Recommendation: remove lines 45,46 and the corresponding lines for hpux11.

[I also think that the CFLAGS and CPPFLAGS (CPPFLAGS containing the
"-I" include paths and "-D" definitions) should be separated
as with
most packages using "configure".
Hence line 24 of Makefile.in should be changed from
CFLAGS=@CFLAGS@ $(PATHS) @DEFS@
to
CFLAGS=@CFLAGS@ @CPPFLAGS@ $(PATHS) @DEFS@
"configure" itself does handle CPPFLAGS.]

In the install target the "install" command (or replacement, whatever
might be
found by configure) is used with the "-d" flag to create
subdirectories.
This is not portable and maybe only available with gnu-install.
Other install programs, like the one delivered with HP-UX, or the bsdinst
script do not understand the "-d" flag and either use the
"mkdirhier"
script/command or "mkinstalldirs" or "mkdir" the hierarchy
themself.
As far as I understand, bsdinst and mkdirhier are supplied with X11, so
licensing should be no problem, mkinstalldirs is in the public domain
(according to the comment in src/helpers/mkdir.sh, the script used by
Apache). [This list of "install" replacements is for sure not complete
:-)]

Best regards,
	Lutz
-- 
Lutz Jaenicke                             Lutz.Jaenicke at aet.TU-Cottbus.DE
BTU Cottbus               http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik                  Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus              Fax. +49 355 69-4153

On Wed, May 17, 2000 at 11:47:48PM +1000, Damien Miller
wrote:
> This to announce a test release of 2.1.0p1 before making it widely
> available.
> This release includes many fixes to problems reported over the last 
> week. In particular:
>  - spurious error and coredumps caused by the inbuilt entropy gathering
>  - RSAref detection
>  - Compilation fixes for Solaris and others
> It also contains (completely untested) support for compiling without
> RSA support. This may be useful to those of you in the USA. I am
> interested to hear whether and how well this works. RSAless support
> is enabled if a) OpenSSL is available, b) OpenSSL is built without
> RSAref and c) RSAref cannot be found. In future it will be a config
> option. 
> Please report bugs to this mailing list directly. It is open again to
> non-subscribers.
	Still having problems with X11 forwarding:

[mhw at alcove mhw]$ ssh canyon
Last login: Thu May 18 08:11:53 2000 from alcove.wittsend.com
[mhw at canyon mhw]$ set | grep XAU
XAUTHORITY=/tmp/ssh-sfsQ2629/cookies
[mhw at canyon mhw]$ xterm
channel 0: istate 4 != open
channel 0: ostate 64 != open
X connection to canyon:10.0 broken (explicit kill or server shutdown).

	From sshd_config on Canyon (the server system):

X11Forwarding yes
X11DisplayOffset 10

	From ssh_config on Alcove (the client side):

Host *
        ForwardAgent yes
        ForwardX11 yes
        FallBackToRsh no

Here is what I get if I do this with with an ssh -v:

[mhw at canyon mhw]$ xterm
debug: Received X11 open request.
debug: fd 6 setting O_NONBLOCK
debug: channel 0: new [X11 connection from canyon port 1055]
debug: X11 connection uses different authentication protocol.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
	What's this all about?
debug: X11 rejected 0 i1/o16
debug: channel 0: read failed
debug: channel 0: input open -> drain
debug: channel 0: close_read
debug: channel 0: input: no drain shortcut
debug: channel 0: ibuf empty
debug: channel 0: input drain -> wait_oclose
debug: channel 0: send ieof
debug: channel 0: write failed
debug: channel 0: output open -> wait_ieof
debug: channel 0: send oclose
debug: channel 0: close_write
debug: X11 closed 0 i4/o64
debug: channel 0: rcvd ieof
debug: channel 0: non-open
channel 0: istate 4 != open
channel 0: ostate 64 != open
debug: channel 0: rcvd oclose
debug: channel 0: input wait_oclose -> closed
X connection to canyon:10.0 broken (explicit kill or server shutdown).
[mhw at canyon mhw]$

	So there is something foo'ed in the authentication protocol.
Seems like this use to work (1.2.3, I think).  What broke?
> Regards,
> Damien
> 
> Full Changelog:
> 
> 20000517
>  - Fix from Andre Lucas <andre.lucas at dial.pipex.com>
>   - Fixes command line printing segfaults (spotter: Bladt Norbert)
>   - Fixes erroneous printing of debug messages to syslog
>   - Fixes utmp for MacOS X (spotter: Aristedes Maniatis)
>   - Gives useful error message if PRNG initialisation fails
>   - Reduced ssh startup delay
>   - Measures cumulative command time rather than the time between reads
> 	 after select()
>   - 'fixprogs' perl script to eliminate non-working entropy
commands, and
> 	 optionally run 'ent' to measure command entropy
>  - Applied Tom Bertelson's <tbert at abac.com> AIX authentication
fix
>  - Avoid WCOREDUMP complation errors for systems that lack it
>  - Avoid SIGCHLD warnings from entropy commands 
>  - Fix HAVE_PAM_GETENVLIST setting from Simon Wilkinson <sxw at
dcs.ed.ac.uk>
>  - OpenBSD CVS update:
>   - markus at cvs.openbsd.org 
>     [ssh.c]
>     fix usage()
>     [ssh2.h]
>     draft-ietf-secsh-architecture-05.txt
>     [ssh.1]
>     document ssh -T -N (ssh2 only)
>     [channels.c serverloop.c ssh.h sshconnect.c sshd.c aux.c]
>     enable nonblocking IO for sshd w/ proto 1, too; split out common code
>     [aux.c]
>     missing include
>  - Several patches from SAKAI Kiyotaka <ksakai at
kso.netwk.ntt-at.co.jp>
>   - INSTALL typo and URL fix
>   - Makefile fix
>   - Solaris fixes
>  - Checking for ssize_t and memmove. Based on patch from SAKAI Kiyotaka 
>    <ksakai at kso.netwk.ntt-at.co.jp>
>  - RSAless operation patch from kevin_oconnor at standardandpoors.com
>  - Detect OpenSSL seperatly from RSA
>  - Better test for RSA (more compatible with RSAref). Based on work by 
>    Ed Eden <ede370 at stl.rural.usda.gov>
> 
> 20000513
>  - Fix for non-recognised DSA keys from Arkadiusz Miskiewicz 
>    <misiek at pld.org.pl>
> 
> 20000511
>  - Fix for prng_seed permissions checking from Lutz Jaenicke 
>    <Lutz.Jaenicke at aet.TU-Cottbus.DE>
>  - "make host-key" fix for Irix
> 
> 
> 
> -- 
> | "Bombay is 250ms from New York in the new world order" - Alan
Cox
> | Damien Miller - http://www.mindrot.org/
> | Email: djm at mindrot.org (home) -or- djm at ibs.com.au (work)
	Mike
-- 
 Michael H. Warfield    |  (770) 985-6132   |  mhw at WittsEnd.com
  (The Mad Wizard)      |  (770) 331-2437   |  http://www.wittsend.com/mhw/
  NIC whois:  MHW9      |  An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471    |  possible worlds.  A pessimist is sure of it!

On Fri, 19 May 2000, Lars Hecking wrote:
>  Under Solaris 8, /var/tmp/utmp is gone, and only utmpx is
>  used. There is a utmp daemon to watch/update the latter. Actually,
>  a quick look into utmp(4) on Solaris 7 says the same thing, and
>  the utmp daemon is there as well, but I never noticed these syslog
>  messages before. The timestamp on the utmp file corresponds to the
>  time of my ssh login
Does this patch help?

Index: bsd-login.c
==================================================================RCS file:
/var/cvs/openssh/bsd-login.c,v
retrieving revision 1.11
diff -u -r1.11 bsd-login.c
--- bsd-login.c	2000/05/17 12:53:34	1.11
+++ bsd-login.c	2000/05/20 02:55:51
@@ -73,7 +73,7 @@
 	int t = 0;
 	struct utmp * u;
 
-#ifdef HAVE_TYPE_IN_UTMP
+#if defined(HAVE_TYPE_IN_UTMP) || defined(HAVE_TYPE_IN_UTMPX)
 	setutent();
 
 	while((u = getutent()) != NULL) {
@@ -123,16 +123,26 @@
 	 */
 	tty = find_tty_slot(utp);
 
+#ifdef USE_UTMPX
+	fd = open(_PATH_UTMPX, O_RDWR|O_CREAT, 0644);
+	if (fd == -1) {
+		log("Couldn't open %s: %s", _PATH_UTMPX, strerror(errno));
+#else /* USE_UTMPX */
 	fd = open(_PATH_UTMP, O_RDWR|O_CREAT, 0644);
 	if (fd == -1) {
 		log("Couldn't open %s: %s", _PATH_UTMP, strerror(errno));
+#endif /* USE_UTMPX */
 	} else {
 		/* If no tty was found... */
 		if (tty == -1) {
 			/* ... append it to utmp on login */
-#ifdef HAVE_TYPE_IN_UTMP
+#if defined(HAVE_TYPE_IN_UTMP) || defined(HAVE_TYPE_IN_UTMPX)
 			if (utp->ut_type == USER_PROCESS) {
+#ifdef USE_UTMPX
+				if ((fd = open(_PATH_UTMPX, O_WRONLY|O_APPEND, 0)) >= 0) {
+#else /* USE_UTMPX */
 				if ((fd = open(_PATH_UTMP, O_WRONLY|O_APPEND, 0)) >= 0) {
+#endif /* USE_UTMPX */
 					(void)write(fd, utp, sizeof(struct utmp));
 					(void)close(fd);
 				}
Index: configure.in
==================================================================RCS file:
/var/cvs/openssh/configure.in,v
retrieving revision 1.123
diff -u -r1.123 configure.in
--- configure.in	2000/05/17 13:29:18	1.123
+++ configure.in	2000/05/20 02:55:56
@@ -494,6 +494,7 @@
 OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
 OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
 OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
+OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
 OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
 OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
 OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)


-- 
| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller - http://www.mindrot.org/
| Email: djm at mindrot.org (home) -or- djm at ibs.com.au (work)