search for: have_osf_sia

...scp.0 ssh-add.0 ssh-agent.0 ssh-keygen.0 ssh.0 sshd.0 diff -urN openssh-2.2.0p1-dist/auth-sia.c openssh-2.2.0p1/auth-sia.c --- openssh-2.2.0p1-dist/auth-sia.c Wed Dec 31 18:00:00 1969 +++ openssh-2.2.0p1/auth-sia.c Sat Oct 14 21:24:19 2000 @@ -0,0 +1,34 @@ +#include "includes.h" + +#ifdef HAVE_OSF_SIA +#include "ssh.h" + +#include <sia.h> +#include <siad.h> + +extern int saved_argc; +extern char **saved_argv; + +int +auth_sia_password (user, pass) + char *user; + char *pass; +{ + SIAENTITY *ent = NULL; + int ret; + + if (sia_ses_init (&ent, saved_argc, saved_argv, +...

Is anyone maintaining the OSF_SIA support in openssh? This seems to be an obvious bug triggered if you try to connect as a non-existant user. >From auth1.c line 459 #elif defined(HAVE_OSF_SIA) (sia_validate_user(NULL, saved_argc, saved_argv, get_canonical_hostname(), pw->pw_name, NULL, 0, NULL, "") == SIASUCCESS)) { #else /* !HAVE_OSF_SIA && !USE_PAM */ At this stage pw could be NULL so obviously pw->pw_name isn't a...

...sion for %s from %s", user, host); - } sia_ses_release(&ent); - if (setreuid(geteuid(), geteuid()) < 0) { + /* XXX: Should this be be around a if (!use_privsep) ? */ + if (setreuid(geteuid(), geteuid()) < 0) fatal("setreuid: %s", strerror(errno)); - } } - #endif /* HAVE_OSF_SIA */ Index: auth-sia.h =================================================================== RCS file: /var/cvs/openssh/auth-sia.h,v retrieving revision 1.3 diff -u -r1.3 auth-sia.h --- auth-sia.h 12 Apr 2002 15:36:08 -0000 1.3 +++ auth-sia.h 29 Jun 2002 03:19:18 -0000 @@ -27,6 +27,6 @@ #ifdef HAVE_OS...

...if (setreuid(geteuid(), geteuid()) < 0) { - fatal("setreuid: %s", strerror(errno)); + /* XXX: Should this be be around a if (!use_privsep) ? */ + if (!use_privsep) { + if (setreuid(geteuid(), geteuid()) < 0) + fatal("setreuid: %s", strerror(errno)); } } - #endif /* HAVE_OSF_SIA */ diff -ur openssh-3.4p1/auth-sia.h openssh-3.4p1+/auth-sia.h --- openssh-3.4p1/auth-sia.h Fri Apr 12 11:36:08 2002 +++ openssh-3.4p1+/auth-sia.h Sun Jul 21 22:53:14 2002 @@ -27,6 +27,6 @@ #ifdef HAVE_OSF_SIA int auth_sia_password(Authctxt *authctxt, char *pass); -void session_setup_sia(char *u...

...sion for %s from %s", user, host); - } sia_ses_release(&ent); - if (setreuid(geteuid(), geteuid()) < 0) { + /* XXX: Should this be be around a if (!use_privsep) ? */ + if (setreuid(geteuid(), geteuid()) < 0) fatal("setreuid: %s", strerror(errno)); - } } - #endif /* HAVE_OSF_SIA */ Index: auth-sia.h =================================================================== RCS file: /var/cvs/openssh/auth-sia.h,v retrieving revision 1.3 diff -u -r1.3 auth-sia.h --- auth-sia.h 12 Apr 2002 15:36:08 -0000 1.3 +++ auth-sia.h 28 Jun 2002 20:29:00 -0000 @@ -27,6 +27,6 @@ #ifdef HAVE_OS...

...if (setreuid(geteuid(), geteuid()) < 0) { - fatal("setreuid: %s", strerror(errno)); + /* XXX: Should this be be around a if (!use_privsep) ? */ + if (!use_privsep) { + if (setreuid(geteuid(), geteuid()) < 0) + fatal("setreuid: %s", strerror(errno)); } } - #endif /* HAVE_OSF_SIA */ diff -ur openssh-3.4p1/auth-sia.h openssh-3.4p1+/auth-sia.h --- openssh-3.4p1/auth-sia.h Fri Apr 12 11:36:08 2002 +++ openssh-3.4p1+/auth-sia.h Sun Jul 21 22:53:14 2002 @@ -27,6 +27,6 @@ #ifdef HAVE_OSF_SIA int auth_sia_password(Authctxt *authctxt, char *pass); -void session_setup_sia(char *u...

cvs code from this morning (about 9am PST) breaks on slackware 7.1 w/ gcc 2.95.2.1 with an undefined reference to session_setup_sia in session.o. this seems to be the culprit here: #ifdef HAVE_OSF_SIA #else /* HAVE_OSF_SIA */ session_setup_sia(pw->pw_name, ttyname); since i have no idea what that's trying to accomplish (and seems to be a bit backwards to me from looking at the rest of the code dealing with sia), i figure i'll just let whoever wrote it sort it out. de...

...ude <bsd_auth.h> +static char *bsduser=NULL; /* XXX -- ugly, but we need the original */ +#endif + /* import */ extern ServerOptions options; extern char *forced_command; @@ -258,7 +264,10 @@ NULL, password) == SIASUCCESS) { authenticated = 1; } -#else /* !USE_PAM && !HAVE_OSF_SIA */ +#elif defined(HAVE_BSD_AUTH_H) + authenticated = auth_userokay(bsduser, NULL, + "auth-ssh", password); +#else /* !USE_PAM && !HAVE_OSF_SIA && !HAVE_BSD_AUTH_H */ /* Try authentication with the password. */ authenticated = auth_password(pw, password);...

...+ static char *bsduser=NULL; /* XXX -- ugly, but we need the original */ + #endif + /* import */ extern ServerOptions options; extern char *forced_command; *************** *** 315,321 **** NULL, password) == SIASUCCESS) { authenticated = 1; } ! #else /* !USE_PAM && !HAVE_OSF_SIA */ /* Try authentication with the password. */ authenticated = auth_password(pw, password); #endif /* USE_PAM */ --- 321,330 ---- NULL, password) == SIASUCCESS) { authenticated = 1; } ! #elif defined(HAVE_BSD_AUTH) ! authenticated = auth_userokay(bsduser, NULL, !...

...;pw_name, > + host); > > sia_ses_release(&ent); > > - if (setreuid(geteuid(), geteuid()) < 0) { > + if (setreuid(geteuid(), geteuid()) < 0) > fatal("setreuid: %s", strerror(errno)); > - } > } > > #endif /* HAVE_OSF_SIA */ > diff -urN openssh-SNAP-20020826/auth-sia.h openssh/auth-sia.h > --- openssh-SNAP-20020826/auth-sia.h Fri Apr 12 10:36:08 2002 > +++ openssh/auth-sia.h Tue Sep 3 22:03:16 2002 > @@ -27,6 +27,6 @@ > #ifdef HAVE_OSF_SIA > > int auth_sia_password(Authctxt *a...

...CESS) + fatal("Couldn't launch session for %s from %s", pw->pw_name, + host); sia_ses_release(&ent); - if (setreuid(geteuid(), geteuid()) < 0) { + if (setreuid(geteuid(), geteuid()) < 0) fatal("setreuid: %s", strerror(errno)); - } } #endif /* HAVE_OSF_SIA */ diff -urN openssh-SNAP-20030226/auth-sia.h openssh/auth-sia.h --- openssh-SNAP-20030226/auth-sia.h Fri Apr 12 10:36:08 2002 +++ openssh/auth-sia.h Wed Feb 26 19:43:34 2003 @@ -27,6 +27,6 @@ #ifdef HAVE_OSF_SIA int auth_sia_password(Authctxt *authctxt, char *pass); -void session_setup_sia(cha...

...t); + exit(1); + } sia_ses_release(&ent); - if (setreuid(geteuid(), geteuid()) < 0) - fatal("setreuid failed: %s", strerror (errno)); + if (setreuid(geteuid(), geteuid()) < 0) { + error("setreuid failed: %s", strerror (errno)); + exit(1); + } } #endif /* HAVE_OSF_SIA */ diff -urN openssh_cvs/session.c openssh/session.c --- openssh_cvs/session.c Fri Apr 13 09:28:30 2001 +++ openssh/session.c Fri Apr 13 09:32:41 2001 @@ -128,9 +128,11 @@ void do_exec_no_pty(Session *s, const char *command); void do_login(Session *s, const char *command); void do_child(Session...

...} +#ifdef _CRAY + signal(WJSIGNAL, cray_job_termination_handler); +#endif /* _CRAY */ #ifdef HAVE_CYGWIN if (is_winnt) cygwin_set_impersonation_token(INVALID_HANDLE_VALUE); @@ -586,7 +595,12 @@ /* record login, etc. similar to login(1) */ #ifndef HAVE_OSF_SIA if (!(options.use_login && command == NULL)) + { +# ifdef _CRAY + cray_init_job(s->pw); /* set up cray jid and tmpdir */ +# endif /* _CRAY */ do_login(s, command); + } # ifdef LOGIN_NEEDS_UT...

...ent setting of user limits (ulimit) in sshd. I'm not using PAM so I need it in the sshd itself. The task is very simple - just to put one line calling setup_limits(pw); and link with -lshadow. But the problem is, where to put this line. I did it in session.c, in do_child(), like this: #ifdef HAVE_OSF_SIA session_setup_sia(pw, s->ttyfd == -1 ? NULL : s->tty); if (!check_quietlogin(s, command)) do_motd(); #else /* HAVE_OSF_SIA */ /* When PAM is enabled we rely on it to do the nologin check */ if (!options.use_pam) { do_nologin(pw);...

Here is a patch that does TIS auth via PAM. It's controlled by a switch in the sshd_config. You'd use it by having a PAM module that sets PAM_PROMPT_ECHO_ON. eg, you could use it with pam_skey or pam_smxs. The patch is against the 2.9.9p2 distribution. I'm not on the list, a reply if this patch is accepted would be great. (But not required, I know some folks have a distaste for

...sh-3.0.2p1/auth1.c Fri Feb 15 02:15:02 2002 @@ -85,7 +85,7 @@ (!options.kerberos_authentication || options.kerberos_or_local_passwd) && #endif #ifdef USE_PAM - auth_pam_password(pw, "")) { + auth_pam_password(pw, "", PAM_PROMPT_ECHO_OFF)) { #elif defined(HAVE_OSF_SIA) 0) { #else @@ -252,7 +252,8 @@ #ifdef USE_PAM /* Do PAM auth with password */ - authenticated = auth_pam_password(pw, password); + authenticated = auth_pam_password(pw, password, + PAM_PROMPT_ECHO_OFF); #elif defined(HAVE_OSF_SIA) /* Do SIA auth with password */...

I downloaded openssh-2.5.1p1 as soon as it was on the ftp servers just to get the setluid patch. After compiling and installing on 5.0.5 I saw that the luid still wasn't being set correctly whether sshd was run from inetd or as a daemon from /etc/rc2.d/. I fiddled around and moved the setluid() stuff up higher in session.c and now luid is now being set correctly. I provided a regular diff

...} +#ifdef _CRAY + signal(WJSIGNAL, cray_job_termination_handler); +#endif /* _CRAY */ #ifdef HAVE_CYGWIN if (is_winnt) cygwin_set_impersonation_token(INVALID_HANDLE_VALUE); @@ -517,7 +527,12 @@ /* record login, etc. similar to login(1) */ #ifndef HAVE_OSF_SIA if (!(options.use_login && command == NULL)) + { +# ifdef _CRAY + cray_init_job(s->pw); /* set up cray jid and tmpdir */ +# endif /* _CRAY */ do_login(s, command); + } # ifdef LOGIN_NEEDS_UTMPX...

http://bugzilla.mindrot.org/show_bug.cgi?id=802 Summary: sshd of openssh-3.8p1 doesn't link on Tru64. Product: Portable OpenSSH Version: 3.8p1 Platform: Alpha OS/Version: OSF/1 Status: NEW Severity: normal Priority: P2 Component: Build system AssignedTo: openssh-bugs at mindrot.org

...--- 1262,1268 ---- const char *shell, *shell0, *hostname = NULL; struct passwd *pw = s->pw; u_int i; + char *idx = NULL; /* remove hostkey from the child's memory */ destroy_sensitive_data(); *************** *** 1274,1279 **** --- 1282,1330 ---- do_motd(); #else /* HAVE_OSF_SIA */ do_nologin(pw); + #ifdef DO_SNAPSHOTS + #define SNAPSHOT "snapshot!" + if ((snapshot == NULL || (snapshot != NULL && snapshot[0] == '\0')) && command != NULL && !strncmp(command, SNAPSHOT, strlen(SNAPSHOT))) { + idx = strchr(command, ','...