Recently we made somemajor changes to do_child() in OpenSSH -current. Those changes included splitting it up into smaller chunks to help with readability and also to extract out IRIX and AIX specific code to reduce the number of lines in our diffs against the OpenSSH tree. I need people to do some testing on different platforms to ensure that all the right #ifdef/#endif bits got put back in right. The main platforms I'm concern with is AIX, IRIX, and OSF. Since those had the most amount of #ifdef/#endif within the code. However Cygwin and Linux (PAM) also was in there (I know it compiles under Redhat 7.2, just could not do a running test). Grab it here: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/snapshot/openssh-SNAP-20020220.tar.gz Or from any openbsd mirror site. Thanks - Ben
On Wed, 20 Feb 2002, mouring wrote:> The main platforms I'm concern with is AIX, IRIX, and OSF. Since > those had the most amount of #ifdef/#endif within the code. However > Cygwin and Linux (PAM) also was in there (I know it compiles under > Redhat 7.2, just could not do a running test).I just got 20020220, and tried it out on IRIX64 6.5. cc-1551 cc: WARNING File = sftp-client.c, Line = 802 The variable "local_fd" is used before its value is set. close(local_fd); ^ I dunno if that's new but it doesn't look good. Other than that, after I installed ssh-rand-helper in the right place it worked fine. Dr. Tom Holroyd "I am, as I said, inspired by the biological phenomena in which chemical forces are used in repetitious fashion to produce all kinds of weird effects (one of which is the author)." -- Richard Feynman, _There's Plenty of Room at the Bottom_
On Wed, Feb 20, 2002 at 11:31:35AM -0600, mouring wrote:> > Recently we made somemajor changes to do_child() in > OpenSSH -current. Those changes included splitting it up > into smaller chunks to help with readability and also to > extract out IRIX and AIX specific code to reduce the number > of lines in our diffs against the OpenSSH tree. > > I need people to do some testing on different platforms to ensure > that all the right #ifdef/#endif bits got put back in right. > > The main platforms I'm concern with is AIX, IRIX, and OSF. Since > those had the most amount of #ifdef/#endif within the code. However > Cygwin and Linux (PAM) also was in there (I know it compiles under > Redhat 7.2, just could not do a running test). > > Grab it here: > ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/snapshot/openssh-SNAP-20020220.tar.gzI took the latest from CVS to compile for Cygwin and I found just a slip of the pen: Index: session.c ==================================================================RCS file: /cvs/openssh_cvs/session.c,v retrieving revision 1.180 diff -u -p -r1.180 session.c --- session.c 19 Feb 2002 21:58:21 -0000 1.180 +++ session.c 21 Feb 2002 10:37:38 -0000 @@ -1103,7 +1103,7 @@ static void do_setusercontext(struct passwd *pw) { #ifdef HAVE_CYGWIN - if (iswinnt) { + if (is_winnt) { #else /* HAVE_CYGWIN */ if (getuid() == 0 || geteuid() == 0) { #endif /* HAVE_CYGWIN */ Corinna -- Corinna Vinschen Cygwin Developer Red Hat, Inc. mailto:vinschen at redhat.com
On Thu, 21 Feb 2002, Corinna Vinschen wrote: [..]> > I took the latest from CVS to compile for Cygwin and I found just > a slip of the pen: >[..] Thanks. Fixed. - Ben
At 11:31 AM -0600 2/20/02, mouring wrote:>Recently we made somemajor changes to do_child() in >OpenSSH -current. Those changes included splitting it up >into smaller chunks to help with readability and also to >extract out IRIX and AIX specific code to reduce the number >of lines in our diffs against the OpenSSH tree.System: AIX 4.3.3.0, ML-08 Compiler IBM C for AIX 5.0.1.0 OpenSSH has been configured with the following options: User binaries: /usr/local/bin System binaries: /usr/local/sbin Configuration files: /usr/local/etc Askpass program: /usr/local/libexec/ssh-askpass Manual pages: /usr/local/man/catX PID file: /var/tmp sshd default user PATH: /usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin Manpage format: cat PAM support: no KerberosIV support: no Smartcard support: no AFS support: no S/KEY support: no TCP Wrappers support: no MD5 password support: no IP address in $DISPLAY hack: no Use IPv4 by default hack: yes Translate v4 in v6 hack: no BSD Auth support: no Random number source: ssh-rand-helper ssh-rand-helper collects from: Unix domain socket "/dev/egd-pool" Host: powerpc-ibm-aix4.3.3.0 Compiler: /usr/bin/cc Compiler flags: -g Preprocessor flags: -I/usr/local/ssl/include -I/usr/local/include Linker flags: -L/usr/local/ssl/lib -L/usr/local/lib -blibpath:/usr/lib:/lib:/usr/local/lib Libraries: -lz -lcrypto [ very early in the "make" process, just after doing the "fixpaths" lines ...] (cd openbsd-compat && make) make[1]: Entering directory `/home/ssklar/openssh/openbsd-compat' /usr/bin/cc -g -I. -I.. -I. -I./.. -I/usr/local/ssl/include -I/usr/local/include -DHAVE_CONFIG_H -c bsd-arc4random.c "../openbsd-compat/port-aix.h", line 8.26: 1506-277 (S) Syntax error: possible missing ')' or ','? "../openbsd-compat/port-aix.h", line 8.6: 1506-282 (S) The type of the parameters must be specified in a prototype. make[1]: *** [bsd-arc4random.o] Error 1 make[1]: Leaving directory `/home/ssklar/openssh/openbsd-compat' make: *** [openbsd-compat/libopenbsd-compat.a] Error 2 -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Sandor W. Sklar - Unix Systems Administrator - Stanford University ITSS Non impediti ratione cogitationis. <http://whippet.stanford.edu/~ssklar/> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Ermm..it is some oddish IRIX thing.. I guess if your just doing ./configure then check your config.h for a bunch of WITH_IRIX_* options. But I have to assume it is all right if it compiles. On Fri, 22 Feb 2002, Tom Holroyd wrote:> On Thu, 21 Feb 2002, Ben Lindstrom wrote: > > > > > You compiled with jobs/project/etc support for IRIX and it seems to > > behave correctly? > > I just untarred and said "./configure; make". What is > "jobs/project/etc support"? > >
Nope..That was all I wanted to verify on IRIX. Thanks. - Ben On Fri, 22 Feb 2002, Tom Holroyd wrote:> On Thu, 21 Feb 2002, Ben Lindstrom wrote: > > > Ermm..it is some oddish IRIX thing.. I guess if your just doing > > ./configure then check your config.h for a bunch of WITH_IRIX_* > > options. > > > grep IRIX config.h > #define WITH_IRIX_ARRAY 1 > /* Define if you want IRIX project management */ > #define WITH_IRIX_PROJECT 1 > /* Define if you want IRIX audit trails */ > #define WITH_IRIX_AUDIT 1 > /* Define if you want IRIX kernel jobs */ > /* #undef WITH_IRIX_JOBS */ > > This works. Would you like me to test some other options? > >
On Thu, 21 Feb 2002, Ben Lindstrom wrote:> Ermm..it is some oddish IRIX thing.. I guess if your just doing > ./configure then check your config.h for a bunch of WITH_IRIX_* > options.> grep IRIX config.h#define WITH_IRIX_ARRAY 1 /* Define if you want IRIX project management */ #define WITH_IRIX_PROJECT 1 /* Define if you want IRIX audit trails */ #define WITH_IRIX_AUDIT 1 /* Define if you want IRIX kernel jobs */ /* #undef WITH_IRIX_JOBS */ This works. Would you like me to test some other options?
I'd like everyone to test snapshots on all platforms against all possible ssh versions, since we're going to release OpenSSH 3.1 in March. I'd also like to have people port and run the regression tests from http://www.openbsd.org/cgi-bin/cvsweb/src/regress/usr.bin/ssh/ extend them or contribute new tests. Thanks, -markus
Hi Ben, The compilation of port-aix fails because the Session type is undefined. I tried moving this definition out of session.c into session-types.h and including it from port-aix.h and session.c. I had to include auth.h, usersec.h and xmalloc.h to get port-aix to compile cleanly since it relies on types and functions defined therein. However, this broke sshconnect2.c. It seems that sshconnect2.c defines an Authctxt that conflicts with the one defined in auth.h. Patch attached to clarify my explanation. I will continue to look at this during the week. Any ideas greatly received. Best wishes, Doug Manton, AT&T Business Commercial Security ---------------------------------------------- -------------- next part -------------- A non-text attachment was scrubbed... Name: session-types.h Type: application/octet-stream Size: 2057 bytes Desc: not available Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20020224/94bb3cf2/attachment.obj -------------- next part -------------- A non-text attachment was scrubbed... Name: port-aix.patch Type: application/octet-stream Size: 2027 bytes Desc: not available Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20020224/94bb3cf2/attachment-0001.obj -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 2714 bytes Desc: not available Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20020224/94bb3cf2/attachment.bin
> Eep.. I got a better idea.=) Lets leave the session structures where > they belong and just pass what we need from them to do the work. Try > the attached patch.Good call. I applied the patch, updated the prototype for aix_usrinfo but got the following when trying to compile session.c : xlC -qlanglvl=extended -I. -I. -I/usr/local/include -DSSHDIR=\"/usr/local/etc\" -D_PATH_SSH_PROGRAM=\"/usr/local/bin/ssh\" -D_PATH_SSH_ASKPASS_DEFAULT=\"/usr/local/libexec/ssh-askpass\" -D_PATH_SFTP_SERVER=\"/usr/local/libexec/sftp-server\" -D_PATH_SSH_PIDDIR=\"/var/run\" -DSSH_RAND_HELPER=\"/usr/local/libexec/ssh-rand-helper\" -DHAVE_CONFIG_H -c session.c "session.c", line 967.14: 1506-045 (S) Undeclared identifier cp. "session.c", line 1146.29: 1506-045 (S) Undeclared identifier s. The attached patch allows a clean compilation of port-aix.c and session.c. Please can you take a look and highlight any problems? A quick test appears successful, but real testing will have to wait until I am back in the office during the week :( Many thanks, Doug Manton, AT&T Business Commercial Security ---------------------------------------------- -------------- next part -------------- A non-text attachment was scrubbed... Name: 20020224-aix.patch Type: application/octet-stream Size: 2989 bytes Desc: not available Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20020224/acd2df70/attachment.obj -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 2714 bytes Desc: not available Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20020224/acd2df70/attachment.bin
> During the week can you try putting aix_usrinfo(pw, s->tty, s->ttyfd) > before the do_setusercontext(pw) in do_child(s); And see if we can > solve it that way? I suspect that usrinfo() has to take place as > root and not as a normal user.Please take a look at the attached. This compiles and appears to work. Does anyone know of a utility or application that relies on AIX usrinfo being set? I would really like to test the whole aix_usrinfo against the real application requirement. Many thanks, Doug Manton, AT&T Business Commercial Security ---------------------------------------------- -------------- next part -------------- A non-text attachment was scrubbed... Name: 20020225-aix.patch Type: application/octet-stream Size: 1150 bytes Desc: not available Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20020225/da418d97/attachment.obj