search for: have_shadow_h

Hi Damien, I noticed you merged a couple of ifdefs in the fix for bug #442. The cvs comment says "Fix Bug #442 for PAM case". The code is now roughly: #if !defined(USE_PAM) && defined(HAVE_SHADOW_H) && \ !defined(DISABLE_SHADOW) && defined(HAS_SHADOW_EXPIRE) spw = getspnam(pw->pw_name); passwd = spw->sp_pwdp; #else passwd = pw->pw_passwd; #endif [test for locked passwd entry] If the platform is using PAM, /etc/passwd is checked regardles...

...p;& defined(HAVE_GETADDRINFO) */ + +#ifdef SUNOS4 +# define atexit on_exit +# define WCOREDUMP(x) (((union __wait*)&(x))->__w_coredump) +#endif #endif /* _DEFINES_H */ --- auth-passwd.c.DIST Sat Apr 29 08:47:29 2000 +++ auth-passwd.c Fri May 12 16:07:36 2000 @@ -28,6 +28,11 @@ #ifdef HAVE_SHADOW_H # include <shadow.h> #endif +#ifdef HAVE_GETPWANAM +# include <sys/label.h> +# include <sys/audit.h> +# include <pwdadj.h> +#endif #if defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT) # include "md5crypt.h" #endif /* defined(HAVE_MD5_PASSWORDS)...

Dear developers, The HPUX 10.20 trusted system hack doesn't work yet as intended. I have adapted the auth-passwd.c file to make it work. Please find a context diff file attached to this file. This diff is against the latest OpenSSH 2.2.0p1 released Sept 2, 2000. Also on HPUX 10.20, xauth is not found at the standard location. Perhaps this standard location could be changed automagically

...Aug 2003 01:51:19 -0000 1.75 +++ auth.c 25 Aug 2003 13:56:25 -0000 @@ -73,7 +73,7 @@ int allowed_user(struct passwd * pw) { struct stat st; - const char *hostname = NULL, *ipaddr = NULL, *passwd; + const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL; char *shell; int i; #if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) @@ -85,8 +85,7 @@ allowed_user(struct passwd * pw) return 0; #if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) - if (!options.use_pam) - spw = getspnam(pw->pw_name); + spw = getspnam(pw->pw_name); #ifdef HAS_SHADOW_EXPIRE #define DAY...

...+#endif /* * Check if the user is allowed to log in via ssh. If user is listed @@ -75,21 +81,22 @@ const char *hostname = NULL, *ipaddr = NULL; char *shell; int i; -#ifdef WITH_AIXAUTHENTICATE - char *loginmsg; -#endif /* WITH_AIXAUTHENTICATE */ #if !defined(USE_PAM) && defined(HAVE_SHADOW_H) && \ !defined(DISABLE_SHADOW) && defined(HAS_SHADOW_EXPIRE) struct spwd *spw; +#endif /* Shouldn't be called if pw is NULL, but better safe than sorry... */ if (!pw || !pw->pw_name) return 0; + buffer_init(&expire_message); +#if !defined(USE_PAM) &&amp...

....h does exist on HP-UX but seem not detected by configure. The normal non-Trusted, do have this file too, but according to the man page it should only be used on Trusted/UX systems. My tests also seem to indicate that this function return a NULL pointer on non-Trusted systems. Changing the #define HAVE_SHADOW_H 1 in config.h and recompiling makes it work fine. Due to my very limited knowledge of autoconf and requirement listed above (Trusted vs non-Trusted) altough both systems do have the library function (checking if result is NULL and keeping the value of "normal passwd function" should be e...

...I try expiring a user password in the /etc/shadow file, I cannot login. I continually get prompted for my password and I never get logged in. I viewed the config.h file after doing a ./configure in the openssh directory and found the following flags turned on: #define HAS_SHADOW_EXPIRE 1 #define HAVE_SHADOW_H 1 Could you please let me know of any extra compiling flags or other fixes for this problem? Thank you, Ryan Bathauer ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

...WITH_SMBMOUNT WITH_PAM WITH_TDB_SAM WITH_SYSLOG WITH_QUOTAS HAVE_POSIX_ACLS HAVE_LIBREADLINE Paths: CONFIGFILE: /etc/samba/smb.conf SBINDIR: /usr/sbin BINDIR: /usr/bin LOCKDIR: /var/run/samba LOGFILEBASE: /var/log/samba Other Build Options: HAVE_VOLATILE HAVE_SHADOW_H HAVE_CRYPT HAVE_CUPS HAVE_DLOPEN HAVE_DLCLOSE HAVE_DLSYM HAVE_DLERROR HAVE_UNIXSOCKET HAVE_SOCKLEN_T_TYPE HAVE_SIG_ATOMIC_T_TYPE HAVE_SETRESUID HAVE_SETRESGID HAVE_CONNECT HAVE_YP_GET_DEFAULT_DOMAIN HAVE_STAT64 HAVE_LSTAT64 HAVE_FSTAT64 HAVE_STRCAS...

http://bugzilla.mindrot.org/show_bug.cgi?id=647 Summary: Setting "UsePAM no" in sshd_config gives error if not config'ed w/ --with-pam Product: Portable OpenSSH Version: -current Platform: Sparc OS/Version: SunOS Status: NEW Severity: minor Priority: P4 Component: sshd

...general users. We have to use getspnam(3) for shadowed local users' ( for example, "root") entries and getpwnam(3) for non-shadowed users' entries. Otherwise, the function "allowed_user" in auth.c of openssh-2.1.1p2 has the following lines: 59 #if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) && \ 60 defined(HAS_SHADOW_EXPIRE) 61 struct spwd *spw; 62 63 /* Shouldn't be called if pw is NULL, but better safe than sorry */ 64 if (!pw) 65 return 0; 66 67 spw = getspnam(pw->pw_name); 6...

...ve installed OpenSSH-3.8 without any password expiry patch and that also works with PAM_LDAP with Shadow passwords. I am wondering why 3.7.1p2 alone do not work when 3.6, and 3.8 works. Both 3.7 and 3.8 have the following macros in config.h #undef DISABLE_SHADOW #define HAS_SHADOW_EXPIRE 1 #define HAVE_SHADOW_H 1 #define HAVE_SECURITY_PAM_APPL_H 1 #define USE_PAM 1 #define PAM_SUN_CODEBASE 1 #define HAVE_LIBPAM 1 /* #undef PAM_TTY_KLUDGE */ /* #undef HAVE_OLD_PAM */ /* #undef HAVE_PAM_GETENVLIST */ /* #undef HAVE_PAM_PUTENV */ Some more info on the PAM_LDAP library used on the system. When Shadow passwo...

...#define HAVE_FEATURES_H 1 | #define HAVE_FCNTL_H 1 | #define HAVE_GETOPT_H 1 | #define HAVE_GLOB_H 1 | #define HAVE_LIMITS_H 1 | #define HAVE_NETDB_H 1 | #define HAVE_PATHS_H 1 | #define HAVE_POLL_H 1 | #define HAVE_PTY_H 1 | #define HAVE_RPC_TYPES_H 1 | #define HAVE_SECURITY_PAM_APPL_H 1 | #define HAVE_SHADOW_H 1 | #define HAVE_STDDEF_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_STRING_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_SYS_BITYPES_H 1 | #define HAVE_SYS_CDEFS_H 1 | #define HAVE_SYS_DIR_H 1 | #define HAVE_SYS_MMAN_H 1 | #define HAVE_SYS_POLL_H 1 | #define HAVE_SYS_PRCTL_H 1 | #define HAVE_SYS_S...

...NSS_H HAVE_PWD_H HAVE_READLINE_HISTORY_H HAVE_READLINE_READLINE_H HAVE_RPCSVC_NIS_H HAVE_RPCSVC_YPCLNT_H HAVE_RPCSVC_YP_PROT_H HAVE_RPC_RPC_H HAVE_SECURITY_PAM_APPL_H HAVE_SECURITY_PAM_EXT_H HAVE_SECURITY_PAM_MODULES_H HAVE_SECURITY__PAM_MACROS_H HAVE_SETJMP_H HAVE_SHADOW_H HAVE_STDARG_H HAVE_STDBOOL_H HAVE_STDINT_H HAVE_STDIO_H HAVE_STDLIB_H HAVE_STRINGS_H HAVE_STRING_H HAVE_SYSCALL_H HAVE_SYSLOG_H HAVE_TERMIOS_H HAVE_TERMIO_H HAVE_TIME_H HAVE_UNISTD_H HAVE_UTIME_H UTMP Options: HAVE_GETUTMPX HAVE_UTMPX_H HAVE_UTMP...

...VE_NETINET_IN_SYSTM_H HAVE_NETINET_IP_H HAVE_NETINET_TCP_H HAVE_NET_IF_H HAVE_NSSWITCH_H HAVE_NSS_COMMON_H HAVE_POLL_H HAVE_READLINE_HISTORY_H HAVE_READLINE_READLINE_H HAVE_RPCSVC_YPCLNT_H HAVE_RPC_NETTYPE_H HAVE_SECURITY_PAM_APPL_H HAVE_SECURITY_PAM_MODULES_H HAVE_SHADOW_H HAVE_STDARG_H HAVE_STDLIB_H HAVE_STRINGS_H HAVE_STRING_H HAVE_STROPTS_H HAVE_SYSLOG_H HAVE_TERMIOS_H HAVE_TERMIO_H HAVE_UNISTD_H HAVE_UTIME_H UTMP Options: HAVE_GETUTMPX HAVE_UTMPX_H HAVE_UTMP_H HAVE_UT_UT_EXIT HAVE_UT_UT_ID HAVE_UT_UT_NAME HAVE_...

...HAVE_MNTENT_H HAVE_NETINET_IN_SYSTM_H HAVE_NETINET_IP_H HAVE_NETINET_TCP_H HAVE_NET_IF_H HAVE_NSS_H HAVE_POLL_H HAVE_RPCSVC_NIS_H HAVE_RPCSVC_YPCLNT_H HAVE_RPCSVC_YP_PROT_H HAVE_RPC_RPC_H HAVE_SECURITY_PAM_APPL_H HAVE_SECURITY_PAM_MODULES_H HAVE_SECURITY__PAM_MACROS_H HAVE_SHADOW_H HAVE_STDARG_H HAVE_STDINT_H HAVE_STDLIB_H HAVE_STRINGS_H HAVE_STRING_H HAVE_STROPTS_H HAVE_SYSCALL_H HAVE_SYSLOG_H HAVE_TERMIOS_H HAVE_TERMIO_H HAVE_UNISTD_H HAVE_UTIME_H UTMP Options: HAVE_GETUTMPX HAVE_UTMPX_H HAVE_UTMP_H HAVE_UT_UT_ADDR HAVE_UT_UT_EXIT HAVE_...

...have the <paths.h> header file. */ #define HAVE_PATHS_H 1 /* Define if you have the <poll.h> header file. */ /* #undef HAVE_POLL_H */ /* Define if you have the <pty.h> header file. */ /* #undef HAVE_PTY_H */ /* Define if you have the <shadow.h> header file. */ #define HAVE_SHADOW_H 1 /* Define if you have the <sys/poll.h> header file. */ #define HAVE_SYS_POLL_H 1 /* Define if you have the <sys/select.h> header file. */ /* #undef HAVE_SYS_SELECT_H */ /* Define if you have the <sys/stropts.h> header file. */ /* #undef HAVE_SYS_STROPTS_H */ /* Define if...

...HAVE_NET_IF_H HAVE_NSS_H HAVE_PAM_PAM_APPL_H HAVE_PAM_PAM_EXT_H HAVE_PAM_PAM_MODULES_H HAVE_PTHREAD_H HAVE_PWD_H HAVE_RPCSVC_NIS_H HAVE_RPCSVC_YPCLNT_H HAVE_RPCSVC_YP_PROT_H HAVE_RPC_RPC_H HAVE_SECURITY_PAM_APPL_H HAVE_SECURITY__PAM_MACROS_H HAVE_SETJMP_H HAVE_SHADOW_H HAVE_STDARG_H HAVE_STDBOOL_H HAVE_STDINT_H HAVE_STDIO_H HAVE_STDLIB_H HAVE_STRINGS_H HAVE_STRING_H HAVE_STROPTS_H HAVE_SYSCALL_H HAVE_SYSLOG_H HAVE_TERMIOS_H HAVE_TERMIO_H HAVE_TIME_H HAVE_UNISTD_H HAVE_UTIME_H HAVE_ZLIB_H UTMP Options: HAVE_GETU...

...erverOptions options; extern Buffer loginmsg; +extern Buffer expiremsg; /* Debugging messages */ Buffer auth_debug; @@ -86,9 +87,10 @@ if (!pw || !pw->pw_name) return 0; +#define DAY (24L * 60 * 60) /* 1 day in seconds */ +#define WEEK (DAY * 7) /* 1 week in seconds */ #if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) && \ defined(HAS_SHADOW_EXPIRE) -#define DAY (24L * 60 * 60) /* 1 day in seconds */ if (!options.use_pam && (spw = getspnam(pw->pw_name)) != NULL) { today = time(NULL) / DAY; debug3("allowed_user: today %d sp_expire %d sp_ls...

http://bugzilla.mindrot.org/show_bug.cgi?id=651 ------- Additional Comments From vikashb at comparexafrica.co.za 2003-12-30 16:39 ------- tried openssh-SNAP-20031223 does not compile: (cd openbsd-compat && make) gcc -g -O2 -Wall -Wpointer-arith -Wno-uninitialized -I. -I.. -I. -I./.. -I/usr/local/ssl/include -Dftruncate=chsize -I/usr/local/include -DHAVE_CONFIG_H -c

...erverOptions options; extern Buffer loginmsg; +extern Buffer expiremsg; /* Debugging messages */ Buffer auth_debug; @@ -86,9 +87,10 @@ if (!pw || !pw->pw_name) return 0; +#define DAY (24L * 60 * 60) /* 1 day in seconds */ +#define WEEK (DAY * 7) /* 1 week in seconds */ #if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) && \ defined(HAS_SHADOW_EXPIRE) -#define DAY (24L * 60 * 60) /* 1 day in seconds */ if (!options.use_pam && (spw = getspnam(pw->pw_name)) != NULL) { today = time(NULL) / DAY; debug3("allowed_user: today %d sp_expire %d sp_ls...