Attachment 378 Details for Bug 252 – Rework based on comments.

[patch] Rework based on comments.

openssh-deflogin4.patch (text/plain), 7.48 KB, created by Darren Tucker on 2003-09-05 10:21:37 AEST

(hide)

Description:

Filename:

MIME Type:

Creator: Darren Tucker

Created: 2003-09-05 10:21:37 AEST

Size: 7.48 KB

patch

obsolete

>Index: acconfig.h
>===================================================================
>RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/acconfig.h,v
>retrieving revision 1.162
>diff -u -p -r1.162 acconfig.h
>--- acconfig.h	26 Aug 2003 01:58:16 -0000	1.162
>+++ acconfig.h	26 Aug 2003 03:49:50 -0000
>@@ -353,6 +353,9 @@
> /* Define in your struct dirent expects you to allocate extra space for d_name */
> #undef BROKEN_ONE_BYTE_DIRENT_D_NAME
> 
>+/* Define if your system has /etc/default/login */
>+#undef HAVE_ETC_DEFAULT_LOGIN
>+
> /* Define if your getopt(3) defines and uses optreset */
> #undef HAVE_GETOPT_OPTRESET
> 
>Index: configure.ac
>===================================================================
>RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/configure.ac,v
>retrieving revision 1.143
>diff -u -p -r1.143 configure.ac
>--- configure.ac	26 Aug 2003 01:58:16 -0000	1.143
>+++ configure.ac	4 Sep 2003 12:41:27 -0000
>@@ -246,6 +246,7 @@ mips-sony-bsd|mips-sony-newsos4)
> 	AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
> 	# Pushing STREAMS modules will cause sshd to acquire a controlling tty.
> 	AC_DEFINE(SSHD_ACQUIRES_CTTY)
>+	external_path_file=/etc/default/login
> 	# hardwire lastlog location (can't detect it on some versions)
> 	conf_lastlog_location="/var/adm/lastlog"
> 	AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
>@@ -282,6 +283,7 @@ mips-sony-bsd|mips-sony-newsos4)
> 	AC_DEFINE(USE_PIPES)
> 	AC_DEFINE(IP_TOS_IS_BROKEN)
> 	AC_DEFINE(SSHD_ACQUIRES_CTTY)
>+	external_path_file=/etc/default/login
> 	# /usr/ucblib/libucb.a no longer needed on ReliantUNIX
> 	# Attention: always take care to bind libsocket and libnsl before libc,
> 	# otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
>@@ -2146,27 +2148,35 @@ else
> 	)
> fi
> 
>-dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
>+# check for /etc/default/login and use it if present.
>+AC_CHECK_FILE("/etc/default/login", [ external_path_file=/etc/default/login ])
>+
>+if test "x$external_path_file" = "x/etc/default/login"; then
>+	AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN)
>+fi
>+
>+dnl BSD systems use /etc/login.conf for path, --with-default-path= has no effect
> if test $ac_cv_func_login_getcapbool = "yes" -a \
> 	$ac_cv_header_login_cap_h = "yes" ; then
>-	USES_LOGIN_CONF=yes
>+	external_path_file=/etc/login.conf
> fi
>+
> # Whether to mess with the default path
> SERVER_PATH_MSG="(default)" 
> AC_ARG_WITH(default-path,
> 	[  --with-default-path=    Specify default \$PATH environment for server],
> 	[
>-		if test "$USES_LOGIN_CONF" = "yes" ; then
>+		if ! test -z "$external_path_file" ; then
> 			AC_MSG_WARN([
> --with-default-path=PATH has no effect on this system.
>-Edit /etc/login.conf instead.])
>+Edit $external_path_file instead.])
> 		elif test "x$withval" != "xno" ; then	
> 			user_path="$withval"
> 			SERVER_PATH_MSG="$withval" 
> 		fi
> 	],
>-	[ if test "$USES_LOGIN_CONF" = "yes" ; then
>-	AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
>+	[ if test ! -z "$external_path_file" ; then
>+	AC_MSG_WARN([Make sure the path to scp is in $external_path_file])
> 	else
> 	AC_TRY_RUN(
> 		[
>@@ -2223,7 +2233,7 @@ main()
> 		fi
> 	fi ]
> )
>-if test "$USES_LOGIN_CONF" != "yes" ; then
>+if test ! -z "$external_path_file" ; then
> 	AC_DEFINE_UNQUOTED(USER_PATH, "$user_path")
> 	AC_SUBST(user_path)
> fi
>@@ -2593,8 +2603,9 @@ echo "                   Askpass program
> echo "                      Manual pages: $F"
> echo "                          PID file: $G"
> echo "  Privilege separation chroot path: $H"
>-if test "$USES_LOGIN_CONF" = "yes" ; then
>-echo "   At runtime, sshd will use the path defined in /etc/login.conf"
>+if test ! -z "$external_path_file"; then
>+echo "   At runtime, sshd will use the path defined in $external_path_file"
>+echo "   Make sure the path to scp is present, otherwise scp will not work"
> else
> echo "            sshd default user PATH: $I"
> fi
>Index: defines.h
>===================================================================
>RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/defines.h,v
>retrieving revision 1.102
>diff -u -p -r1.102 defines.h
>--- defines.h	26 Aug 2003 01:58:16 -0000	1.102
>+++ defines.h	4 Sep 2003 13:40:10 -0000
>@@ -321,6 +321,10 @@ struct winsize {
> # define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
> #endif
> 
>+#ifndef SUPERUSER_PATH
>+# define SUPERUSER_PATH	_PATH_STDPATH
>+#endif
>+
> #ifndef _PATH_DEVNULL
> # define _PATH_DEVNULL "/dev/null"
> #endif
>Index: session.c
>===================================================================
>RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/session.c,v
>retrieving revision 1.252
>diff -u -p -r1.252 session.c
>--- session.c	2 Sep 2003 13:18:53 -0000	1.252
>+++ session.c	5 Sep 2003 00:02:55 -0000
>@@ -801,6 +801,12 @@ child_set_env(char ***envp, u_int *envsi
> 	u_int i, namelen;
> 	char **env;
> 
>+	if (*envp == NULL && *envsizep == 0) {
>+		*envp = xmalloc(sizeof(char *));
>+		*envp[0] = NULL;
>+		*envsizep = 1;
>+	}
>+
> 	/*
> 	 * Find the slot where the value should be stored.  If the variable
> 	 * already exists, we reuse the slot; otherwise we append a new slot
>@@ -877,6 +883,54 @@ read_environment_file(char ***env, u_int
> 	fclose(f);
> }
> 
>+#ifdef HAVE_ETC_DEFAULT_LOGIN
>+/*
>+ * Read /etc/default/login.
>+ * We pick up the PATH (or SUPATH for root) and UMASK.
>+ */
>+static void
>+read_etc_default_login(char ***env, u_int *envsize, uid_t uid)
>+{
>+	char **edf_env = NULL, *edf;
>+	u_int i, edf_envsize = 0;
>+	mode_t mask;
>+
>+	/*
>+	 * We don't want to copy the whole file to the childs environment,
>+	 * so we use our own temporary environment here.
>+	 */
>+	read_environment_file(&edf_env, &edf_envsize, "/etc/default/login");
>+
>+	if (uid == 0)
>+		edf = child_get_env(edf_env, "SUPATH");
>+	else
>+		edf = child_get_env(edf_env, "PATH");
>+	if (edf != NULL)
>+		child_set_env(env, envsize, "PATH", edf);
>+	
>+	if ((edf = child_get_env(edf_env, "UMASK")) != NULL)
>+		if (sscanf(edf, "%5lo", &mask) == 1)
>+			umask(mask);
>+	
>+	for (i = 0; edf_env[i] != NULL; i++)
>+		xfree(edf_env[i]);
>+	xfree(edf_env);
>+}
>+
>+char *
>+child_get_env(char **env, const char *name)
>+{
>+	int i;
>+	size_t len;
>+
>+	len = strlen(name);
>+	for (i=0; env[i] != NULL; i++)
>+		if (env[i][len] == '=' && strncmp(name, env[i], len) == 0)
>+			return(env[i] + len + 1);
>+	return NULL;
>+}
>+#endif /* HAVE_ETC_DEFAULT_LOGIN */
>+
> void copy_environment(char **source, char ***env, u_int *envsize)
> {
> 	char *var_name, *var_val;
>@@ -949,12 +1003,14 @@ do_setup_env(Session *s, const char *she
> 		 * needed for loading shared libraries. So the path better
> 		 * remains intact here.
> 		 */
>-#  ifdef SUPERUSER_PATH
>-		child_set_env(&env, &envsize, "PATH", 
>-		    s->pw->pw_uid == 0 ? SUPERUSER_PATH : _PATH_STDPATH);
>-#  else 
>-		child_set_env(&env, &envsize, "PATH", _PATH_STDPATH);
>-#  endif /* SUPERUSER_PATH */
>+#  ifdef HAVE_ETC_DEFAULT_LOGIN
>+		read_etc_default_login(&env, &envsize, pw->pw_uid);
>+#  endif /* HAVE_ETC_DEFAULT_LOGIN */
>+		if (child_get_env(env, "PATH") == NULL) {
>+			child_set_env(&env, &envsize, "PATH", 
>+			    s->pw->pw_uid == 0 ?
>+				SUPERUSER_PATH : _PATH_STDPATH);
>+		}
> # endif /* HAVE_CYGWIN */
> #endif /* HAVE_LOGIN_CAP */
> 
>Index: session.h
>===================================================================
>RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/session.h,v
>retrieving revision 1.24
>diff -u -p -r1.24 session.h
>--- session.h	26 Aug 2003 01:49:56 -0000	1.24
>+++ session.h	4 Sep 2003 13:32:56 -0000
>@@ -70,5 +70,6 @@ void	 session_close(Session *);
> void	 do_setusercontext(struct passwd *);
> void	 child_set_env(char ***envp, u_int *envsizep, const char *name,
> 		       const char *value);
>+char	*child_get_env(char **, const char *);
> 
> #endif

Actions: View | Diff

Attachments on bug 252: 98 | 212 | 367 | 378 | 397 | 398