Attachment #1144 for bug #1081

Lines 305-310 Link Here

(-)openssh-4.3p2/config.h.in (+3 lines)
305	/* Define to 1 if you have the `getgrouplist' function. */	305	/* Define to 1 if you have the `getgrouplist' function. */
306	#undef HAVE_GETGROUPLIST	306	#undef HAVE_GETGROUPLIST
307		307
		308	/* Define to 1 if you have the `getgrset' function. */
		309	#undef HAVE_GETGRSET
		310
308	/* Define to 1 if you have the `getluid' function. */	311	/* Define to 1 if you have the `getluid' function. */
309	#undef HAVE_GETLUID	312	#undef HAVE_GETLUID
310		313








for ac_func in getgrset setauthdb
do
as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
echo "$as_me:$LINENO: checking for $ac_func" >&5

exec 5>>config.log
{
  echo
  sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX
## Running $as_me. ##
_ASBOX
} >&5
cat >&5 <<_CSEOF


Lines 174-180 Link Here

(-)openssh-4.3p2/configure.ac (-1 / +1 lines)
174	[],	174	[],
175	[#include <usersec.h>]	175	[#include <usersec.h>]
176	)	176	)
177	AC_CHECK_FUNCS(setauthdb)	177	AC_CHECK_FUNCS(getgrset setauthdb)
178	check_for_aix_broken_getaddrinfo=1	178	check_for_aix_broken_getaddrinfo=1
179	AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])	179	AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
180	AC_DEFINE(SETEUID_BREAKS_SETUID, 1,	180	AC_DEFINE(SETEUID_BREAKS_SETUID, 1,




/*
 *
 * Copyright (c) 2001 Gert Doering.  All rights reserved.
 * Copyright (c) 2003,2004,2005,2006 Darren Tucker.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions

}
# endif /* AIX_GETNAMEINFO_HACK */

# if defined(USE_GETGRSET)
#  include <stdlib.h>
int
getgrouplist(const char *user, gid_t pgid, gid_t *groups, int *grpcnt)
{
	char *cp, *grplist, *grp;
	gid_t gid;
	int ret = 0, ngroups = 0, maxgroups;
	long l;

	maxgroups = *grpcnt;

	if ((cp = grplist = getgrset(user)) == NULL)
		return -1;

	/* handle zero-length case */
	if (maxgroups <= 0) {
		*grpcnt = 0;
		return -1;
	}

	/* copy primary group */
	groups[ngroups++] = pgid;

	/* copy each entry from getgrset into group list */
	while ((grp = strsep(&grplist, ",")) != NULL) {
		l = strtol(grp, NULL, 10);
		if (ngroups >= maxgroups || l == LONG_MIN || l == LONG_MAX) {
			ret = -1;
			goto out;
		}
		gid = (gid_t)l;
		if (gid == pgid)
			continue;	/* we have already added primary gid */
		groups[ngroups++] = gid;
	}
out:
	free(cp);
	*grpcnt = ngroups;
	return ret;
}

int
ssh_initgroups(const char *user, gid_t group)
{
	gid_t grps[NGROUPS_MAX];
	int grpcnt = NGROUPS_MAX;

	if (getgrouplist(user, group, grps, &grpcnt) == -1)
		return -1;
	return setgroups(grpcnt, grps);
}
# endif	/* USE_GETGRSET */

#endif /* _AIX */

Lines 3-9 Link Here

(-)openssh-4.3p2/openbsd-compat/port-aix.h (-1 / +10 lines)
3	/*	3	/*
4	*	4	*
5	* Copyright (c) 2001 Gert Doering. All rights reserved.	5	* Copyright (c) 2001 Gert Doering. All rights reserved.
6	* Copyright (c) 2004, 2005 Darren Tucker. All rights reserved.	6	* Copyright (c) 2004,2005,2006 Darren Tucker. All rights reserved.
7	*	7	*
8	* Redistribution and use in source and binary forms, with or without	8	* Redistribution and use in source and binary forms, with or without
9	* modification, are permitted provided that the following conditions	9	* modification, are permitted provided that the following conditions
Lines 115-118 Link Here
115	# define getnameinfo(a,b,c,d,e,f,g) (sshaix_getnameinfo(a,b,c,d,e,f,g))	115	# define getnameinfo(a,b,c,d,e,f,g) (sshaix_getnameinfo(a,b,c,d,e,f,g))
116	#endif	116	#endif
117		117
		118	/* We use getgrset in preference to multiple getgrent calls for efficiency */
		119	#if !defined(HAVE_GETGRENT) && defined(HAVE_GETGRSET)
		120	# define HAVE_GETGRENT
		121	# define USE_GETGRSET
		122	int getgrouplist(const char , gid_t, gid_t , int *);
		123	int ssh_initgroups(const char *, gid_t);
		124	# define initgroups(a, b) ssh_initgroups((a), (b))
		125	#endif
		126
118	#endif /* _AIX */	127	#endif /* _AIX */

Return to bug 1081

Lines 5019-5025 Link Here

(-)openssh-4.3p2/configure (-3 / +4 lines)
5019		5019
5020		5020
5021		5021
5022	for ac_func in setauthdb	5022
		5023	for ac_func in getgrset setauthdb
5023	do	5024	do
5024	as_ac_var=`echo "ac_cv_func_$ac_func" \| $as_tr_sh`	5025	as_ac_var=`echo "ac_cv_func_$ac_func" \| $as_tr_sh`
5025	echo "$as_me:$LINENO: checking for $ac_func" >&5	5026	echo "$as_me:$LINENO: checking for $ac_func" >&5
Lines 27224-27232 Link Here
27224	exec 5>>config.log	27225	exec 5>>config.log
27225	{	27226	{
27226	echo	27227	echo
27227	sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<BOXI_EOF	27228	sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX
27228	## Running $as_me. ##	27229	## Running $as_me. ##
27229	BOXI_EOF	27230	_ASBOX
27230	} >&5	27231	} >&5
27231	cat >&5 <<_CSEOF	27232	cat >&5 <<_CSEOF
27232		27233

Lines 1-7 Link Here

(-)openssh-4.3p2/openbsd-compat/port-aix.c (-1 / +55 lines)
1	/*	1	/*
2	*	2	*
3	* Copyright (c) 2001 Gert Doering. All rights reserved.	3	* Copyright (c) 2001 Gert Doering. All rights reserved.
4	* Copyright (c) 2003,2004,2005 Darren Tucker. All rights reserved.	4	* Copyright (c) 2003,2004,2005,2006 Darren Tucker. All rights reserved.
5	*	5	*
6	* Redistribution and use in source and binary forms, with or without	6	* Redistribution and use in source and binary forms, with or without
7	* modification, are permitted provided that the following conditions	7	* modification, are permitted provided that the following conditions
Lines 372-375 Link Here
372	}	372	}
373	# endif /* AIX_GETNAMEINFO_HACK */	373	# endif /* AIX_GETNAMEINFO_HACK */
374		374
		375	# if defined(USE_GETGRSET)
		376	# include <stdlib.h>
		377	int
		378	getgrouplist(const char user, gid_t pgid, gid_t groups, int *grpcnt)
		379	{
		380	char cp, grplist, *grp;
		381	gid_t gid;
		382	int ret = 0, ngroups = 0, maxgroups;
		383	long l;
		384
		385	maxgroups = *grpcnt;
		386
		387	if ((cp = grplist = getgrset(user)) == NULL)
		388	return -1;
		389
		390	/* handle zero-length case */
		391	if (maxgroups <= 0) {
		392	*grpcnt = 0;
		393	return -1;
		394	}
		395
		396	/* copy primary group */
		397	groups[ngroups++] = pgid;
		398
		399	/* copy each entry from getgrset into group list */
		400	while ((grp = strsep(&grplist, ",")) != NULL) {
		401	l = strtol(grp, NULL, 10);
		402	if (ngroups >= maxgroups \|\| l == LONG_MIN \|\| l == LONG_MAX) {
		403	ret = -1;
		404	goto out;
		405	}
		406	gid = (gid_t)l;
		407	if (gid == pgid)
		408	continue; /* we have already added primary gid */
		409	groups[ngroups++] = gid;
		410	}
		411	out:
		412	free(cp);
		413	*grpcnt = ngroups;
		414	return ret;
		415	}
		416
		417	int
		418	ssh_initgroups(const char *user, gid_t group)
		419	{
		420	gid_t grps[NGROUPS_MAX];
		421	int grpcnt = NGROUPS_MAX;
		422
		423	if (getgrouplist(user, group, grps, &grpcnt) == -1)
		424	return -1;
		425	return setgroups(grpcnt, grps);
		426	}
		427	# endif /* USE_GETGRSET */
		428
375	#endif /* _AIX */	429	#endif /* _AIX */