- Fix compilation on systems with AFS. Reported by

aloomis@glue.umd.edu
 - Fix installation on Solaris. Reported by
   Gordon Rowell <gordonr@gormand.com.au>
 - Fix gccisms (__attribute__ and inline). Report by edgy@us.ibm.com,
   patch from Markus Friedl <markus.friedl@informatik.uni-erlangen.de>
 - Auto-locate xauth. Patch from David Agraz <dagraz@jahoopa.com>
 - Compile fix from David Agraz <dagraz@jahoopa.com>
 - Avoid compiler warning in bsd-snprintf.c
 - Added pam_limits.so to default PAM config. Suggested by
   Jim Knoble <jmknoble@pobox.com>

ChangeLog

@@ -1,3 +1,16 @@
+19991211
+ - Fix compilation on systems with AFS. Reported by 
+   aloomis@glue.umd.edu
+ - Fix installation on Solaris. Reported by 
+   Gordon Rowell <gordonr@gormand.com.au>
+ - Fix gccisms (__attribute__ and inline). Report by edgy@us.ibm.com,
+   patch from Markus Friedl <markus.friedl@informatik.uni-erlangen.de>
+ - Auto-locate xauth. Patch from David Agraz <dagraz@jahoopa.com>
+ - Compile fix from David Agraz <dagraz@jahoopa.com>
+ - Avoid compiler warning in bsd-snprintf.c
+ - Added pam_limits.so to default PAM config. Suggested by 
+   Jim Knoble <jmknoble@pobox.com>
+
 19991209
  - Import of patch from Ben Taylor <bent@clark.net>:
    - Improved PAM support

Makefile.in

@@ -24,14 +24,15 @@ LFLAGS=@LDFLAGS@
 GNOME_CFLAGS=`gnome-config --cflags gnome gnomeui`
 GNOME_LIBS=`gnome-config --libs gnome gnomeui`
 
-OBJS= atomicio.o authfd.o authfile.o auth-passwd.o auth-rhosts.o \
-  auth-rh-rsa.o auth-rsa.o auth-skey.o bsd-daemon.o bsd-login.o \
-  bsd-mktemp.o bsd-snprintf.o bsd-strlcat.o bsd-strlcpy.o bufaux.o \
-  buffer.o canohost.o channels.o cipher.o clientloop.o compress.o \
-  crc32.o deattack.o helper.o helper.o hostfile.o log-client.o \
-  login.o log-server.o match.o md5crypt.o mpaux.o packet.o pty.o \
-  readconf.o readpass.o rsa.o servconf.o serverloop.o \
-  sshconnect.o tildexpand.o ttymodes.o uidswap.o xmalloc.o 
+OBJS= atomicio.o authfd.o authfile.o auth-krb4.o auth-passwd.o \
+  auth-rhosts.o auth-rh-rsa.o auth-rsa.o auth-skey.o bsd-daemon.o \
+  bsd-login.o bsd-mktemp.o bsd-snprintf.o bsd-strlcat.o bsd-strlcpy.o 
+  bufaux.o buffer.o canohost.o channels.o cipher.o clientloop.o \
+  compress.o crc32.o deattack.o helper.o helper.o hostfile.o \
+  log-client.o login.o log-server.o match.o md5crypt.o mpaux.o \
+  packet.o pty.o radix.o readconf.o readpass.o rsa.o servconf.o \
+  serverloop.o sshconnect.o tildexpand.o ttymodes.o uidswap.o \
+  xmalloc.o 
 all: $(OBJS) $(TARGETS)
 
 libssh.a: atomicio.o authfd.o authfile.o bsd-daemon.o bsd-mktemp.o \
@@ -39,16 +40,17 @@ libssh.a: atomicio.o authfd.o authfile.o bsd-daemon.o bsd-mktemp.o \
   buffer.o canohost.o channels.o cipher.o compat.o \
   compress.o crc32.o deattack.o fingerprint.o helper.o \
   hostfile.o log.o match.o mpaux.o nchan.o packet.o \
-  readpass.o rsa.o tildexpand.o ttymodes.o uidswap.o xmalloc.o 
+  radix.o readpass.o rsa.o tildexpand.o ttymodes.o uidswap.o \
+  xmalloc.o 
 	$(AR) rv $@ $^
 	$(RANLIB) $@
 
 ssh: ssh.o sshconnect.o log-client.o readconf.o clientloop.o libssh.a
 	$(CC) -o $@ $^ $(LFLAGS) $(LIBS) 
 
-sshd:	sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \
-  pty.o log-server.o login.o servconf.o serverloop.o bsd-login.o \
-  md5crypt.o libssh.a
+sshd:	sshd.o auth-rhosts.o auth-krb4.o auth-passwd.o auth-rsa.o \
+  auth-rh-rsa.o pty.o log-server.o login.o servconf.o serverloop.o \
+  bsd-login.o md5crypt.o libssh.a
 	$(CC) -o $@ $^ $(LFLAGS) $(LIBS) $(LIBWRAP)
 
 scp:	scp.o libssh.a
@@ -81,27 +83,27 @@ install: all
 	$(INSTALL) -s ssh-agent $(bindir)/ssh-agent
 	$(INSTALL) -s ssh-keygen $(bindir)/ssh-keygen
 	$(INSTALL) -s sshd $(sbindir)/sshd
-	$(INSTALL) -m644 ssh.1 $(mandir)/man1/ssh.1
-	$(INSTALL) -m644 scp.1 $(mandir)/man1/scp.1
-	$(INSTALL) -m644 ssh-add.1 $(mandir)/man1/ssh-add.1
-	$(INSTALL) -m644 ssh-agent.1 $(mandir)/man1/ssh-agent.1
-	$(INSTALL) -m644 ssh-keygen.1 $(mandir)/man1/ssh-keygen.1
-	$(INSTALL) -m644 sshd.8 $(mandir)/man8/sshd.8
+	$(INSTALL) -m 644 ssh.1 $(mandir)/man1/ssh.1
+	$(INSTALL) -m 644 scp.1 $(mandir)/man1/scp.1
+	$(INSTALL) -m 644 ssh-add.1 $(mandir)/man1/ssh-add.1
+	$(INSTALL) -m 644 ssh-agent.1 $(mandir)/man1/ssh-agent.1
+	$(INSTALL) -m 644 ssh-keygen.1 $(mandir)/man1/ssh-keygen.1
+	$(INSTALL) -m 644 sshd.8 $(mandir)/man8/sshd.8
 	-rm -f $(bindir)/slogin
 	ln -s ssh $(bindir)/slogin
 	-rm -f $(mandir)/man1/slogin.1
 	ln -s ssh.1 $(mandir)/man1/slogin.1
 
-	$(INSTALL) -d $(libexecdir) ;
-	$(INSTALL) -d $(libexecdir)/ssh ;
 	if [ ! -z "@GNOME_ASKPASS@" ] ; then \
+		$(INSTALL) -d $(libexecdir) ;
+		$(INSTALL) -d $(libexecdir)/ssh ;
 		$(INSTALL) -s @GNOME_ASKPASS@ ${ASKPASS_PROGRAM} ; \
 	fi
 
 	if [ ! -f $(sysconfdir)/ssh_config -a ! -f $(sysconfdir)/sshd_config ]; then \
 		$(INSTALL) -d $(sysconfdir); \
-		$(INSTALL) -m644 ssh_config $(sysconfdir)/ssh_config; \
-		$(INSTALL) -m644 sshd_config $(sysconfdir)/sshd_config; \
+		$(INSTALL) -m 644 ssh_config $(sysconfdir)/ssh_config; \
+		$(INSTALL) -m 644 sshd_config $(sysconfdir)/sshd_config; \
 	fi
 
 uninstallall:	uninstall
@@ -130,7 +132,6 @@ uninstall:
 	-rm -f $(mandir)/man8/sshd.8
 	-rm -f $(bindir)/slogin
 	-rm -f $(mandir)/man1/slogin.1
-	-rm -f $(mandir)/man1/slogin.1
 	-rm -f ${ASKPASS_PROGRAM}
 	-rmdir $(libexecdir)/ssh ;
 

acconfig.h

@@ -73,6 +73,9 @@
 /* Define if you have /dev/ptc */
 #undef HAVE_DEV_PTS_AND_PTC
 
+/* Path to xauth binary */
+#undef XAUTH_PATH
+
 @BOTTOM@
 
 /* ******************* Shouldn't need to edit below this line ************** */
@@ -258,3 +261,14 @@ enum
 # define __P(x) x
 #endif
 
+#ifdef __GNUC__
+#  if __GNUC__ < 2
+#    define INLINE inline
+#    define __attribute__(x)
+#  else
+#    define INLINE __inline__
+#  endif /* __GNUC__ < 2 */
+#else
+#  define __attribute__(x)
+#  define INLINE
+#endif /* __GNUC__ */

bsd-login.c

@@ -52,6 +52,7 @@ static char *rcsid = "$OpenBSD: login.c,v 1.5 1998/07/13 02:11:12 millert Exp $"
 # include <utmp.h>
 #endif
 #include <stdio.h>
+#include <string.h>
 
 void
 login(utp)
@@ -78,7 +79,7 @@ login(utp)
 
 	tty = ttyslot();
 	if (tty > 0 && (fd = open(_PATH_UTMP, O_RDWR|O_CREAT, 0644)) >= 0) {
-#ifdef HAVE_HOST_IN_UTMP || HAVE_HOST_IN_UTMPX
+#if defined(HAVE_HOST_IN_UTMP) || defined(HAVE_HOST_IN_UTMPX)
 		(void)lseek(fd, (off_t)(tty * sizeof(struct UTMP_STR)), SEEK_SET);
 		/*
 		 * Prevent luser from zero'ing out ut_host.
@@ -91,7 +92,7 @@ login(utp)
 		    strncmp(old_ut.ut_line, utp->ut_line, UT_LINESIZE) == 0 &&
 		    strncmp(old_ut.ut_name, utp->ut_name, UT_NAMESIZE) == 0)
 			(void)memcpy(utp->ut_host, old_ut.ut_host, UT_HOSTSIZE);
-#endif /* HAVE_HOST_IN_UTMP || HAVE_HOST_IN_UTMPX */
+#endif /* defined(HAVE_HOST_IN_UTMP) || defined(HAVE_HOST_IN_UTMPX) */
 		(void)lseek(fd, (off_t)(tty * sizeof(struct UTMP_STR)), SEEK_SET);
 		(void)write(fd, utp, sizeof(struct UTMP_STR));
 		(void)close(fd);

bsd-snprintf.c

@@ -101,30 +101,6 @@ mcleanup(str, n, p)
 	free(curobj);
 }
 
-#if !defined(HAVE_SNPRINTF)
-int
-#if __STDC__
-snprintf(char *str, size_t n, char const *fmt, ...)
-#else
-snprintf(str, n, fmt, va_alist)
-	char *str;
-	size_t n;
-	char *fmt;
-	va_dcl
-#endif
-{
-	va_list ap;
-#if __STDC__
-	va_start(ap, fmt);
-#else
-	va_start(ap);
-#endif
-
-	return (vsnprintf(str, n, fmt, ap));
-	va_end(ap);
-}
-#endif /* !defined(HAVE_SNPRINTF) */
-
 #if !defined(HAVE_VSNPRINTF)
 int
 vsnprintf(str, n, fmt, ap)
@@ -159,4 +135,28 @@ vsnprintf(str, n, fmt, ap)
 }
 #endif /* !defined(HAVE_VSNPRINTF) */
 
+#if !defined(HAVE_SNPRINTF)
+int
+#if __STDC__
+snprintf(char *str, size_t n, char const *fmt, ...)
+#else
+snprintf(str, n, fmt, va_alist)
+	char *str;
+	size_t n;
+	char *fmt;
+	va_dcl
+#endif
+{
+	va_list ap;
+#if __STDC__
+	va_start(ap, fmt);
+#else
+	va_start(ap);
+#endif
+
+	return (vsnprintf(str, n, fmt, ap));
+	va_end(ap);
+}
+#endif /* !defined(HAVE_SNPRINTF) */
+
 #endif /* !defined(HAVE_SNPRINTF) || !defined(HAVE_VSNPRINTF) */

cipher.c

@@ -12,7 +12,7 @@
  */
 
 #include "includes.h"
-RCSID("$Id: cipher.c,v 1.8 1999/11/25 00:54:58 damien Exp $");
+RCSID("$Id: cipher.c,v 1.9 1999/12/12 21:27:33 damien Exp $");
 
 #include "ssh.h"
 #include "cipher.h"
@@ -111,7 +111,7 @@ swap_bytes(const unsigned char *src, unsigned char *dst_, int n)
 
 void (*cipher_attack_detected) (const char *fmt,...) = fatal;
 
-static inline void
+static INLINE void
 detect_cbc_attack(const unsigned char *src,
 		  unsigned int len)
 {

configure.in

@@ -287,4 +287,8 @@ AC_ARG_WITH(md5-passwords,
 	[AC_DEFINE(HAVE_MD5_PASSWORDS)]
 )
 
+dnl Check for the path to xauth
+AC_PATH_PROG(xauth_path, xauth)
+AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path")
+
 AC_OUTPUT(Makefile)

includes.h

@@ -77,6 +77,7 @@ static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg }
 #include "bsd-strlcat.h"
 #include "bsd-mktemp.h"
 #include "bsd-snprintf.h"
+#include "bsd-daemon.h"
 
 /* Define this to be the path of the xauth program. */
 #ifndef XAUTH_PATH

packages/redhat/sshd.pam

@@ -5,3 +5,4 @@ account    required     /lib/security/pam_pwdb.so
 password   required     /lib/security/pam_cracklib.so
 password   required     /lib/security/pam_pwdb.so shadow nullok use_authtok
 session    required     /lib/security/pam_pwdb.so
+session    required     /lib/security/pam_limits.so

sshd.pam.generic

@@ -5,3 +5,4 @@ account    required     /lib/security/pam_unix.so
 password   required     /lib/security/pam_cracklib.so
 password   required     /lib/security/pam_unix.so shadow nullok use_authtok
 session    required     /lib/security/pam_unix.so
+session    required     /lib/security/pam_limits.so