Attachment #378 for bug #252

Lines 353-358 Link Here

(-)acconfig.h (+3 lines)
353	/* Define in your struct dirent expects you to allocate extra space for d_name */	353	/* Define in your struct dirent expects you to allocate extra space for d_name */
354	#undef BROKEN_ONE_BYTE_DIRENT_D_NAME	354	#undef BROKEN_ONE_BYTE_DIRENT_D_NAME
355		355
		356	/* Define if your system has /etc/default/login */
		357	#undef HAVE_ETC_DEFAULT_LOGIN
		358
356	/* Define if your getopt(3) defines and uses optreset */	359	/* Define if your getopt(3) defines and uses optreset */
357	#undef HAVE_GETOPT_OPTRESET	360	#undef HAVE_GETOPT_OPTRESET
358		361




	AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
	# Pushing STREAMS modules will cause sshd to acquire a controlling tty.
	AC_DEFINE(SSHD_ACQUIRES_CTTY)
	external_path_file=/etc/default/login
	# hardwire lastlog location (can't detect it on some versions)
	conf_lastlog_location="/var/adm/lastlog"
	AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)

	AC_DEFINE(USE_PIPES)
	AC_DEFINE(IP_TOS_IS_BROKEN)
	AC_DEFINE(SSHD_ACQUIRES_CTTY)
	external_path_file=/etc/default/login
	# /usr/ucblib/libucb.a no longer needed on ReliantUNIX
	# Attention: always take care to bind libsocket and libnsl before libc,
	# otherwise you will find lots of "SIOCGPGRP errno 22" on syslog

	)
fi

# check for /etc/default/login and use it if present.
AC_CHECK_FILE("/etc/default/login", [ external_path_file=/etc/default/login ])

if test "x$external_path_file" = "x/etc/default/login"; then
	AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN)
fi

dnl BSD systems use /etc/login.conf for path, --with-default-path= has no effect
if test $ac_cv_func_login_getcapbool = "yes" -a \
	$ac_cv_header_login_cap_h = "yes" ; then
	external_path_file=/etc/login.conf
fi

# Whether to mess with the default path
SERVER_PATH_MSG="(default)" 
AC_ARG_WITH(default-path,
	[  --with-default-path=    Specify default \$PATH environment for server],
	[
		if ! test -z "$external_path_file" ; then
			AC_MSG_WARN([
--with-default-path=PATH has no effect on this system.
Edit $external_path_file instead.])
		elif test "x$withval" != "xno" ; then	
			user_path="$withval"
			SERVER_PATH_MSG="$withval" 
		fi
	],
	[ if test ! -z "$external_path_file" ; then
	AC_MSG_WARN([Make sure the path to scp is in $external_path_file])
	else
	AC_TRY_RUN(
		[

		fi
	fi ]
)
if test ! -z "$external_path_file" ; then
	AC_DEFINE_UNQUOTED(USER_PATH, "$user_path")
	AC_SUBST(user_path)
fi

echo "                      Manual pages: $F"
echo "                          PID file: $G"
echo "  Privilege separation chroot path: $H"
if test ! -z "$external_path_file"; then
echo "   At runtime, sshd will use the path defined in $external_path_file"
echo "   Make sure the path to scp is present, otherwise scp will not work"
else
echo "            sshd default user PATH: $I"
fi

Lines 321-326 struct winsize { Link Here

(-)defines.h (+4 lines)
321	# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"	321	# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
322	#endif	322	#endif
323		323
		324	#ifndef SUPERUSER_PATH
		325	# define SUPERUSER_PATH _PATH_STDPATH
		326	#endif
		327
324	#ifndef _PATH_DEVNULL	328	#ifndef _PATH_DEVNULL
325	# define _PATH_DEVNULL "/dev/null"	329	# define _PATH_DEVNULL "/dev/null"
326	#endif	330	#endif

Lines 801-806 child_set_env(char **envp, u_int envsi Link Here

(-)session.c (-6 / +62 lines)
801	u_int i, namelen;	801	u_int i, namelen;
802	char **env;	802	char **env;
803		803
		804	if (envp == NULL && envsizep == 0) {
		805	envp = xmalloc(sizeof(char ));
		806	*envp[0] = NULL;
		807	*envsizep = 1;
		808	}
		809
804	/*	810	/*
805	* Find the slot where the value should be stored. If the variable	811	* Find the slot where the value should be stored. If the variable
806	* already exists, we reuse the slot; otherwise we append a new slot	812	* already exists, we reuse the slot; otherwise we append a new slot
Lines 877-882 read_environment_file(char ***env, u_int Link Here
877	fclose(f);	883	fclose(f);
878	}	884	}
879		885
		886	#ifdef HAVE_ETC_DEFAULT_LOGIN
		887	/*
		888	* Read /etc/default/login.
		889	* We pick up the PATH (or SUPATH for root) and UMASK.
		890	*/
		891	static void
		892	read_etc_default_login(char **env, u_int envsize, uid_t uid)
		893	{
		894	char *edf_env = NULL, edf;
		895	u_int i, edf_envsize = 0;
		896	mode_t mask;
		897
		898	/*
		899	* We don't want to copy the whole file to the childs environment,
		900	* so we use our own temporary environment here.
		901	*/
		902	read_environment_file(&edf_env, &edf_envsize, "/etc/default/login");
		903
		904	if (uid == 0)
		905	edf = child_get_env(edf_env, "SUPATH");
		906	else
		907	edf = child_get_env(edf_env, "PATH");
		908	if (edf != NULL)
		909	child_set_env(env, envsize, "PATH", edf);
		910
		911	if ((edf = child_get_env(edf_env, "UMASK")) != NULL)
		912	if (sscanf(edf, "%5lo", &mask) == 1)
		913	umask(mask);
		914
		915	for (i = 0; edf_env[i] != NULL; i++)
		916	xfree(edf_env[i]);
		917	xfree(edf_env);
		918	}
		919
		920	char *
		921	child_get_env(char *env, const char name)
		922	{
		923	int i;
		924	size_t len;
		925
		926	len = strlen(name);
		927	for (i=0; env[i] != NULL; i++)
		928	if (env[i][len] == '=' && strncmp(name, env[i], len) == 0)
		929	return(env[i] + len + 1);
		930	return NULL;
		931	}
		932	#endif /* HAVE_ETC_DEFAULT_LOGIN */
		933
880	void copy_environment(char source, char env, u_int envsize)	934	void copy_environment(char source, char env, u_int envsize)
881	{	935	{
882	char var_name, var_val;	936	char var_name, var_val;
Lines 949-960 do_setup_env(Session s, const char she Link Here
949	* needed for loading shared libraries. So the path better	1003	* needed for loading shared libraries. So the path better
950	* remains intact here.	1004	* remains intact here.
951	*/	1005	*/
952	# ifdef SUPERUSER_PATH	1006	# ifdef HAVE_ETC_DEFAULT_LOGIN
953	child_set_env(&env, &envsize, "PATH",	1007	read_etc_default_login(&env, &envsize, pw->pw_uid);
954	s->pw->pw_uid == 0 ? SUPERUSER_PATH : _PATH_STDPATH);	1008	# endif /* HAVE_ETC_DEFAULT_LOGIN */
955	# else	1009	if (child_get_env(env, "PATH") == NULL) {
956	child_set_env(&env, &envsize, "PATH", _PATH_STDPATH);	1010	child_set_env(&env, &envsize, "PATH",
957	# endif /* SUPERUSER_PATH */	1011	s->pw->pw_uid == 0 ?
		1012	SUPERUSER_PATH : _PATH_STDPATH);
		1013	}
958	# endif /* HAVE_CYGWIN */	1014	# endif /* HAVE_CYGWIN */
959	#endif /* HAVE_LOGIN_CAP */	1015	#endif /* HAVE_LOGIN_CAP */
960		1016

Lines 70-74 void session_close(Session *); Link Here

(-)session.h (+1 lines)
70	void do_setusercontext(struct passwd *);	70	void do_setusercontext(struct passwd *);
71	void child_set_env(char **envp, u_int envsizep, const char *name,	71	void child_set_env(char **envp, u_int envsizep, const char *name,
72	const char *value);	72	const char *value);
		73	char child_get_env(char , const char );
73		74
74	#endif	75	#endif

Return to bug 252

Lines 246-251 mips-sony-bsd\|mips-sony-newsos4) Link Here

(-)configure.ac (-9 / +20 lines)
246	AC_DEFINE(LOCKED_PASSWD_STRING, "LK")	246	AC_DEFINE(LOCKED_PASSWD_STRING, "LK")
247	# Pushing STREAMS modules will cause sshd to acquire a controlling tty.	247	# Pushing STREAMS modules will cause sshd to acquire a controlling tty.
248	AC_DEFINE(SSHD_ACQUIRES_CTTY)	248	AC_DEFINE(SSHD_ACQUIRES_CTTY)
		249	external_path_file=/etc/default/login
249	# hardwire lastlog location (can't detect it on some versions)	250	# hardwire lastlog location (can't detect it on some versions)
250	conf_lastlog_location="/var/adm/lastlog"	251	conf_lastlog_location="/var/adm/lastlog"
251	AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)	252	AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
Lines 282-287 mips-sony-bsd\|mips-sony-newsos4) Link Here
282	AC_DEFINE(USE_PIPES)	283	AC_DEFINE(USE_PIPES)
283	AC_DEFINE(IP_TOS_IS_BROKEN)	284	AC_DEFINE(IP_TOS_IS_BROKEN)
284	AC_DEFINE(SSHD_ACQUIRES_CTTY)	285	AC_DEFINE(SSHD_ACQUIRES_CTTY)
		286	external_path_file=/etc/default/login
285	# /usr/ucblib/libucb.a no longer needed on ReliantUNIX	287	# /usr/ucblib/libucb.a no longer needed on ReliantUNIX
286	# Attention: always take care to bind libsocket and libnsl before libc,	288	# Attention: always take care to bind libsocket and libnsl before libc,
287	# otherwise you will find lots of "SIOCGPGRP errno 22" on syslog	289	# otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
Lines 2146-2172 else Link Here
2146	)	2148	)
2147	fi	2149	fi
2148		2150
2149	dnl BSD systems use /etc/login.conf so --with-default-path= has no effect	2151	# check for /etc/default/login and use it if present.
		2152	AC_CHECK_FILE("/etc/default/login", [ external_path_file=/etc/default/login ])
		2153
		2154	if test "x$external_path_file" = "x/etc/default/login"; then
		2155	AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN)
		2156	fi
		2157
		2158	dnl BSD systems use /etc/login.conf for path, --with-default-path= has no effect
2150	if test $ac_cv_func_login_getcapbool = "yes" -a \	2159	if test $ac_cv_func_login_getcapbool = "yes" -a \
2151	$ac_cv_header_login_cap_h = "yes" ; then	2160	$ac_cv_header_login_cap_h = "yes" ; then
2152	USES_LOGIN_CONF=yes	2161	external_path_file=/etc/login.conf
2153	fi	2162	fi
		2163
2154	# Whether to mess with the default path	2164	# Whether to mess with the default path
2155	SERVER_PATH_MSG="(default)"	2165	SERVER_PATH_MSG="(default)"
2156	AC_ARG_WITH(default-path,	2166	AC_ARG_WITH(default-path,
2157	[ --with-default-path= Specify default \$PATH environment for server],	2167	[ --with-default-path= Specify default \$PATH environment for server],
2158	[	2168	[
2159	if test "$USES_LOGIN_CONF" = "yes" ; then	2169	if ! test -z "$external_path_file" ; then
2160	AC_MSG_WARN([	2170	AC_MSG_WARN([
2161	--with-default-path=PATH has no effect on this system.	2171	--with-default-path=PATH has no effect on this system.
2162	Edit /etc/login.conf instead.])	2172	Edit $external_path_file instead.])
2163	elif test "x$withval" != "xno" ; then	2173	elif test "x$withval" != "xno" ; then
2164	user_path="$withval"	2174	user_path="$withval"
2165	SERVER_PATH_MSG="$withval"	2175	SERVER_PATH_MSG="$withval"
2166	fi	2176	fi
2167	],	2177	],
2168	[ if test "$USES_LOGIN_CONF" = "yes" ; then	2178	[ if test ! -z "$external_path_file" ; then
2169	AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])	2179	AC_MSG_WARN([Make sure the path to scp is in $external_path_file])
2170	else	2180	else
2171	AC_TRY_RUN(	2181	AC_TRY_RUN(
2172	[	2182	[
Lines 2223-2229 main() Link Here
2223	fi	2233	fi
2224	fi ]	2234	fi ]
2225	)	2235	)
2226	if test "$USES_LOGIN_CONF" != "yes" ; then	2236	if test ! -z "$external_path_file" ; then
2227	AC_DEFINE_UNQUOTED(USER_PATH, "$user_path")	2237	AC_DEFINE_UNQUOTED(USER_PATH, "$user_path")
2228	AC_SUBST(user_path)	2238	AC_SUBST(user_path)
2229	fi	2239	fi
Lines 2593-2600 echo " Askpass program Link Here
2593	echo " Manual pages: $F"	2603	echo " Manual pages: $F"
2594	echo " PID file: $G"	2604	echo " PID file: $G"
2595	echo " Privilege separation chroot path: $H"	2605	echo " Privilege separation chroot path: $H"
2596	if test "$USES_LOGIN_CONF" = "yes" ; then	2606	if test ! -z "$external_path_file"; then
2597	echo " At runtime, sshd will use the path defined in /etc/login.conf"	2607	echo " At runtime, sshd will use the path defined in $external_path_file"
		2608	echo " Make sure the path to scp is present, otherwise scp will not work"
2598	else	2609	else
2599	echo " sshd default user PATH: $I"	2610	echo " sshd default user PATH: $I"
2600	fi	2611	fi