Bugzilla – Attachment 397 Details for
Bug 252
Patch for use of /etc/default/login
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Fix bugs found in testing
openssh-deflogin.patch (text/plain), 7.92 KB, created by
Darren Tucker
on 2003-09-15 15:49:42 AEST
(
hide
)
Description:
Fix bugs found in testing
Filename:
MIME Type:
Creator:
Darren Tucker
Created:
2003-09-15 15:49:42 AEST
Size:
7.92 KB
patch
obsolete
>Index: acconfig.h >=================================================================== >RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/acconfig.h,v >retrieving revision 1.165 >diff -u -p -r1.165 acconfig.h >--- acconfig.h 8 Sep 2003 21:35:17 -0000 1.165 >+++ acconfig.h 13 Sep 2003 08:05:53 -0000 >@@ -359,6 +359,9 @@ > /* Define in your struct dirent expects you to allocate extra space for d_name */ > #undef BROKEN_ONE_BYTE_DIRENT_D_NAME > >+/* Define if your system has /etc/default/login */ >+#undef HAVE_ETC_DEFAULT_LOGIN >+ > /* Define if your getopt(3) defines and uses optreset */ > #undef HAVE_GETOPT_OPTRESET > >Index: configure.ac >=================================================================== >RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/configure.ac,v >retrieving revision 1.153 >diff -u -p -r1.153 configure.ac >--- configure.ac 13 Sep 2003 01:15:15 -0000 1.153 >+++ configure.ac 15 Sep 2003 04:36:01 -0000 >@@ -250,6 +250,7 @@ mips-sony-bsd|mips-sony-newsos4) > AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") > # Pushing STREAMS modules will cause sshd to acquire a controlling tty. > AC_DEFINE(SSHD_ACQUIRES_CTTY) >+ external_path_file=/etc/default/login > # hardwire lastlog location (can't detect it on some versions) > conf_lastlog_location="/var/adm/lastlog" > AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x) >@@ -286,6 +287,7 @@ mips-sony-bsd|mips-sony-newsos4) > AC_DEFINE(USE_PIPES) > AC_DEFINE(IP_TOS_IS_BROKEN) > AC_DEFINE(SSHD_ACQUIRES_CTTY) >+ external_path_file=/etc/default/login > # /usr/ucblib/libucb.a no longer needed on ReliantUNIX > # Attention: always take care to bind libsocket and libnsl before libc, > # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog >@@ -2180,27 +2182,35 @@ else > ) > fi > >-dnl BSD systems use /etc/login.conf so --with-default-path= has no effect >+# check for /etc/default/login and use it if present. >+AC_CHECK_FILE("/etc/default/login", [ external_path_file=/etc/default/login ]) >+ >+if test "x$external_path_file" = "x/etc/default/login"; then >+ AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN) >+fi >+ >+dnl BSD systems use /etc/login.conf for path, --with-default-path= has no effect > if test $ac_cv_func_login_getcapbool = "yes" -a \ > $ac_cv_header_login_cap_h = "yes" ; then >- USES_LOGIN_CONF=yes >+ external_path_file=/etc/login.conf > fi >+ > # Whether to mess with the default path > SERVER_PATH_MSG="(default)" > AC_ARG_WITH(default-path, > [ --with-default-path= Specify default \$PATH environment for server], > [ >- if test "$USES_LOGIN_CONF" = "yes" ; then >+ if ! test -z "$external_path_file" ; then > AC_MSG_WARN([ > --with-default-path=PATH has no effect on this system. >-Edit /etc/login.conf instead.]) >+Edit $external_path_file instead.]) > elif test "x$withval" != "xno" ; then > user_path="$withval" > SERVER_PATH_MSG="$withval" > fi > ], >- [ if test "$USES_LOGIN_CONF" = "yes" ; then >- AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf]) >+ [ if test ! -z "$external_path_file" ; then >+ AC_MSG_WARN([Make sure the path to scp is in $external_path_file]) > else > AC_TRY_RUN( > [ >@@ -2257,7 +2267,7 @@ main() > fi > fi ] > ) >-if test "$USES_LOGIN_CONF" != "yes" ; then >+if test -z "$external_path_file" ; then > AC_DEFINE_UNQUOTED(USER_PATH, "$user_path") > AC_SUBST(user_path) > fi >@@ -2627,8 +2637,9 @@ echo " Askpass program > echo " Manual pages: $F" > echo " PID file: $G" > echo " Privilege separation chroot path: $H" >-if test "$USES_LOGIN_CONF" = "yes" ; then >-echo " At runtime, sshd will use the path defined in /etc/login.conf" >+if test ! -z "$external_path_file"; then >+echo " At runtime, sshd will use the path defined in $external_path_file" >+echo " Make sure the path to scp is present, otherwise scp will not work" > else > echo " sshd default user PATH: $I" > fi >Index: defines.h >=================================================================== >RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/defines.h,v >retrieving revision 1.102 >diff -u -p -r1.102 defines.h >--- defines.h 26 Aug 2003 01:58:16 -0000 1.102 >+++ defines.h 4 Sep 2003 13:40:10 -0000 >@@ -321,6 +321,10 @@ struct winsize { > # define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin" > #endif > >+#ifndef SUPERUSER_PATH >+# define SUPERUSER_PATH _PATH_STDPATH >+#endif >+ > #ifndef _PATH_DEVNULL > # define _PATH_DEVNULL "/dev/null" > #endif >Index: session.c >=================================================================== >RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/session.c,v >retrieving revision 1.252 >diff -u -p -r1.252 session.c >--- session.c 2 Sep 2003 13:18:53 -0000 1.252 >+++ session.c 15 Sep 2003 05:48:00 -0000 >@@ -801,6 +801,14 @@ child_set_env(char ***envp, u_int *envsi > u_int i, namelen; > char **env; > >+ /* If we're passed an uninitialized list, allocate a single null >+ * entry before continuing */ >+ if (*envp == NULL && *envsizep == 0) { >+ *envp = xmalloc(sizeof(char *)); >+ *envp[0] = NULL; >+ *envsizep = 1; >+ } >+ > /* > * Find the slot where the value should be stored. If the variable > * already exists, we reuse the slot; otherwise we append a new slot >@@ -877,6 +885,56 @@ read_environment_file(char ***env, u_int > fclose(f); > } > >+#ifdef HAVE_ETC_DEFAULT_LOGIN >+/* >+ * Read /etc/default/login. >+ * We pick up the PATH (or SUPATH for root) and UMASK. >+ */ >+void >+read_etc_default_login(char ***env, u_int *envsize, uid_t uid) >+{ >+ char **tmpenv = NULL, *var; >+ u_int i; >+ size_t tmpenvsize = 0; >+ mode_t mask; >+ >+ /* >+ * We don't want to copy the whole file to the child's environment, >+ * so we use a temporary environment and copy the variables we're >+ * interested in. >+ */ >+ read_environment_file(&tmpenv, &tmpenvsize, "/etc/default/login"); >+ >+ if (uid == 0) >+ var = child_get_env(tmpenv, "SUPATH"); >+ else >+ var = child_get_env(tmpenv, "PATH"); >+ if (var != NULL) >+ child_set_env(env, envsize, "PATH", var); >+ >+ if ((var = child_get_env(tmpenv, "UMASK")) != NULL) >+ if (sscanf(var, "%5lo", &mask) == 1) >+ umask(mask); >+ >+ for (i = 0; tmpenv[i] != NULL; i++) >+ xfree(tmpenv[i]); >+ xfree(tmpenv); >+} >+ >+char * >+child_get_env(char **env, const char *name) >+{ >+ int i; >+ size_t len; >+ >+ len = strlen(name); >+ for (i=0; env[i] != NULL; i++) >+ if (strncmp(name, env[i], len) == 0 && env[i][len] == '=') >+ return(env[i] + len + 1); >+ return NULL; >+} >+#endif /* HAVE_ETC_DEFAULT_LOGIN */ >+ > void copy_environment(char **source, char ***env, u_int *envsize) > { > char *var_name, *var_val; >@@ -905,7 +963,7 @@ do_setup_env(Session *s, const char *she > { > char buf[256]; > u_int i, envsize; >- char **env, *laddr; >+ char **env, *laddr, *path = NULL; > struct passwd *pw = s->pw; > > /* Initialize the environment. */ >@@ -949,12 +1007,15 @@ do_setup_env(Session *s, const char *she > * needed for loading shared libraries. So the path better > * remains intact here. > */ >-# ifdef SUPERUSER_PATH >- child_set_env(&env, &envsize, "PATH", >- s->pw->pw_uid == 0 ? SUPERUSER_PATH : _PATH_STDPATH); >-# else >- child_set_env(&env, &envsize, "PATH", _PATH_STDPATH); >-# endif /* SUPERUSER_PATH */ >+# ifdef HAVE_ETC_DEFAULT_LOGIN >+ read_etc_default_login(&env, &envsize, pw->pw_uid); >+ path = child_get_env(env, "PATH"); >+# endif /* HAVE_ETC_DEFAULT_LOGIN */ >+ if (path == NULL || *path == '\0') { >+ child_set_env(&env, &envsize, "PATH", >+ s->pw->pw_uid == 0 ? >+ SUPERUSER_PATH : _PATH_STDPATH); >+ } > # endif /* HAVE_CYGWIN */ > #endif /* HAVE_LOGIN_CAP */ > >Index: session.h >=================================================================== >RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/session.h,v >retrieving revision 1.24 >diff -u -p -r1.24 session.h >--- session.h 26 Aug 2003 01:49:56 -0000 1.24 >+++ session.h 15 Sep 2003 04:05:32 -0000 >@@ -71,4 +71,9 @@ void do_setusercontext(struct passwd *) > void child_set_env(char ***envp, u_int *envsizep, const char *name, > const char *value); > >+#ifdef HAVE_ETC_DEFAULT_LOGIN >+void read_etc_default_login(char ***, u_int *, uid_t); >+char *child_get_env(char **, const char *); >+#endif >+ > #endif
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=397">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 252
:
98
|
212
|
367
|
378
| 397 |
398