Attachment #398 for bug #252

Lines 359-364 Link Here

(-)acconfig.h (+3 lines)
359	/* Define in your struct dirent expects you to allocate extra space for d_name */	359	/* Define in your struct dirent expects you to allocate extra space for d_name */
360	#undef BROKEN_ONE_BYTE_DIRENT_D_NAME	360	#undef BROKEN_ONE_BYTE_DIRENT_D_NAME
361		361
		362	/* Define if your system has /etc/default/login */
		363	#undef HAVE_ETC_DEFAULT_LOGIN
		364
362	/* Define if your getopt(3) defines and uses optreset */	365	/* Define if your getopt(3) defines and uses optreset */
363	#undef HAVE_GETOPT_OPTRESET	366	#undef HAVE_GETOPT_OPTRESET
364		367

Lines 250-255 mips-sony-bsd\|mips-sony-newsos4) Link Here

(-)configure.ac (-9 / +34 lines)
250	AC_DEFINE(LOCKED_PASSWD_STRING, "LK")	250	AC_DEFINE(LOCKED_PASSWD_STRING, "LK")
251	# Pushing STREAMS modules will cause sshd to acquire a controlling tty.	251	# Pushing STREAMS modules will cause sshd to acquire a controlling tty.
252	AC_DEFINE(SSHD_ACQUIRES_CTTY)	252	AC_DEFINE(SSHD_ACQUIRES_CTTY)
		253	external_path_file=/etc/default/login
253	# hardwire lastlog location (can't detect it on some versions)	254	# hardwire lastlog location (can't detect it on some versions)
254	conf_lastlog_location="/var/adm/lastlog"	255	conf_lastlog_location="/var/adm/lastlog"
255	AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)	256	AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
Lines 286-291 mips-sony-bsd\|mips-sony-newsos4) Link Here
286	AC_DEFINE(USE_PIPES)	287	AC_DEFINE(USE_PIPES)
287	AC_DEFINE(IP_TOS_IS_BROKEN)	288	AC_DEFINE(IP_TOS_IS_BROKEN)
288	AC_DEFINE(SSHD_ACQUIRES_CTTY)	289	AC_DEFINE(SSHD_ACQUIRES_CTTY)
		290	external_path_file=/etc/default/login
289	# /usr/ucblib/libucb.a no longer needed on ReliantUNIX	291	# /usr/ucblib/libucb.a no longer needed on ReliantUNIX
290	# Attention: always take care to bind libsocket and libnsl before libc,	292	# Attention: always take care to bind libsocket and libnsl before libc,
291	# otherwise you will find lots of "SIOCGPGRP errno 22" on syslog	293	# otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
Lines 2180-2209 else Link Here
2180	)	2182	)
2181	fi	2183	fi
2182		2184
		2185	# check for /etc/default/login and use it if present.
		2186	AC_CHECK_FILE("/etc/default/login", [ external_path_file=/etc/default/login ])
		2187
		2188	if test "x$external_path_file" = "x/etc/default/login"; then
		2189	AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN)
		2190	fi
		2191
2183	dnl BSD systems use /etc/login.conf so --with-default-path= has no effect	2192	dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
2184	if test $ac_cv_func_login_getcapbool = "yes" -a \	2193	if test $ac_cv_func_login_getcapbool = "yes" -a \
2185	$ac_cv_header_login_cap_h = "yes" ; then	2194	$ac_cv_header_login_cap_h = "yes" ; then
2186	USES_LOGIN_CONF=yes	2195	external_path_file=/etc/login.conf
2187	fi	2196	fi
		2197
2188	# Whether to mess with the default path	2198	# Whether to mess with the default path
2189	SERVER_PATH_MSG="(default)"	2199	SERVER_PATH_MSG="(default)"
2190	AC_ARG_WITH(default-path,	2200	AC_ARG_WITH(default-path,
2191	[ --with-default-path= Specify default \$PATH environment for server],	2201	[ --with-default-path= Specify default \$PATH environment for server],
2192	[	2202	[
2193	if test "$USES_LOGIN_CONF" = "yes" ; then	2203	if test "x$external_path_file" = "x/etc/login.conf" ; then
2194	AC_MSG_WARN([	2204	AC_MSG_WARN([
2195	--with-default-path=PATH has no effect on this system.	2205	--with-default-path=PATH has no effect on this system.
2196	Edit /etc/login.conf instead.])	2206	Edit /etc/login.conf instead.])
2197	elif test "x$withval" != "xno" ; then	2207	elif test "x$withval" != "xno" ; then
		2208	if ! test -z "$external_path_file" ; then
		2209	AC_MSG_WARN([
		2210	--with-default-path=PATH will only be used if PATH is not defined in
		2211	$external_path_file .])
		2212	fi
2198	user_path="$withval"	2213	user_path="$withval"
2199	SERVER_PATH_MSG="$withval"	2214	SERVER_PATH_MSG="$withval"
2200	fi	2215	fi
2201	],	2216	],
2202	[ if test "$USES_LOGIN_CONF" = "yes" ; then	2217	[ if test "x$external_path_file" = "x/etc/login.conf" ; then
2203	AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])	2218	AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
2204	else	2219	else
2205	AC_TRY_RUN(	2220	if ! test -z "$external_path_file" ; then
2206	[	2221	AC_MSG_WARN([
		2222	If PATH is defined in $external_path_file, ensure the path to scp is included,
		2223	otherwise scp will not work.])
		2224	fi
		2225	AC_TRY_RUN(
		2226	[
2207	/* find out what STDPATH is */	2227	/* find out what STDPATH is */
2208	#include <stdio.h>	2228	#include <stdio.h>
2209	#ifdef HAVE_PATHS_H	2229	#ifdef HAVE_PATHS_H
Lines 2257-2263 main() Link Here
2257	fi	2277	fi
2258	fi ]	2278	fi ]
2259	)	2279	)
2260	if test "$USES_LOGIN_CONF" != "yes" ; then	2280	if test "x$external_path_file" != "x/etc/login.conf" ; then
2261	AC_DEFINE_UNQUOTED(USER_PATH, "$user_path")	2281	AC_DEFINE_UNQUOTED(USER_PATH, "$user_path")
2262	AC_SUBST(user_path)	2282	AC_SUBST(user_path)
2263	fi	2283	fi
Lines 2627-2636 echo " Askpass program Link Here
2627	echo " Manual pages: $F"	2647	echo " Manual pages: $F"
2628	echo " PID file: $G"	2648	echo " PID file: $G"
2629	echo " Privilege separation chroot path: $H"	2649	echo " Privilege separation chroot path: $H"
2630	if test "$USES_LOGIN_CONF" = "yes" ; then	2650	if test "x$external_path_file" = "x/etc/login.conf" ; then
2631	echo " At runtime, sshd will use the path defined in /etc/login.conf"	2651	echo " At runtime, sshd will use the path defined in $external_path_file"
		2652	echo " Make sure the path to scp is present, otherwise scp will not work"
2632	else	2653	else
2633	echo " sshd default user PATH: $I"	2654	echo " sshd default user PATH: $I"
		2655	if ! test -z "$external_path_file"; then
		2656	echo " (If PATH is set in $external_path_file it will be used instead. If"
		2657	echo " used, ensure the path to scp is present, otherwise scp will not work.)"
		2658	fi
2634	fi	2659	fi
2635	if test ! -z "$superuser_path" ; then	2660	if test ! -z "$superuser_path" ; then
2636	echo " sshd superuser user PATH: $J"	2661	echo " sshd superuser user PATH: $J"

Lines 321-326 struct winsize { Link Here

(-)defines.h (+4 lines)
321	# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"	321	# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
322	#endif	322	#endif
323		323
		324	#ifndef SUPERUSER_PATH
		325	# define SUPERUSER_PATH _PATH_STDPATH
		326	#endif
		327
324	#ifndef _PATH_DEVNULL	328	#ifndef _PATH_DEVNULL
325	# define _PATH_DEVNULL "/dev/null"	329	# define _PATH_DEVNULL "/dev/null"
326	#endif	330	#endif

Lines 802-807 child_set_env(char **envp, u_int envsi Link Here

(-)session.c (-7 / +70 lines)
802	char **env;	802	char **env;
803		803
804	/*	804	/*
		805	* If we're passed an uninitialized list, allocate a single null
		806	* entry before continuing.
		807	*/
		808	if (envp == NULL && envsizep == 0) {
		809	envp = xmalloc(sizeof(char ));
		810	*envp[0] = NULL;
		811	*envsizep = 1;
		812	}
		813
		814	/*
805	* Find the slot where the value should be stored. If the variable	815	* Find the slot where the value should be stored. If the variable
806	* already exists, we reuse the slot; otherwise we append a new slot	816	* already exists, we reuse the slot; otherwise we append a new slot
807	* at the end of the array, expanding if necessary.	817	* at the end of the array, expanding if necessary.
Lines 877-882 read_environment_file(char ***env, u_int Link Here
877	fclose(f);	887	fclose(f);
878	}	888	}
879		889
		890	#ifdef HAVE_ETC_DEFAULT_LOGIN
		891	/*
		892	* Read /etc/default/login.
		893	* We pick up the PATH (or SUPATH for root) and UMASK.
		894	*/
		895	void
		896	read_etc_default_login(char **env, u_int envsize, uid_t uid)
		897	{
		898	char *tmpenv = NULL, var;
		899	u_int i;
		900	size_t tmpenvsize = 0;
		901	mode_t mask;
		902
		903	/*
		904	* We don't want to copy the whole file to the child's environment,
		905	* so we use a temporary environment and copy the variables we're
		906	* interested in.
		907	*/
		908	read_environment_file(&tmpenv, &tmpenvsize, "/etc/default/login");
		909
		910	if (uid == 0)
		911	var = child_get_env(tmpenv, "SUPATH");
		912	else
		913	var = child_get_env(tmpenv, "PATH");
		914	if (var != NULL)
		915	child_set_env(env, envsize, "PATH", var);
		916
		917	if ((var = child_get_env(tmpenv, "UMASK")) != NULL)
		918	if (sscanf(var, "%5lo", &mask) == 1)
		919	umask(mask);
		920
		921	for (i = 0; tmpenv[i] != NULL; i++)
		922	xfree(tmpenv[i]);
		923	xfree(tmpenv);
		924	}
		925
		926	char *
		927	child_get_env(char *env, const char name)
		928	{
		929	int i;
		930	size_t len;
		931
		932	len = strlen(name);
		933	for (i=0; env[i] != NULL; i++)
		934	if (strncmp(name, env[i], len) == 0 && env[i][len] == '=')
		935	return(env[i] + len + 1);
		936	return NULL;
		937	}
		938	#endif /* HAVE_ETC_DEFAULT_LOGIN */
		939
880	void copy_environment(char source, char env, u_int envsize)	940	void copy_environment(char source, char env, u_int envsize)
881	{	941	{
882	char var_name, var_val;	942	char var_name, var_val;
Lines 905-911 do_setup_env(Session s, const char she Link Here
905	{	965	{
906	char buf[256];	966	char buf[256];
907	u_int i, envsize;	967	u_int i, envsize;
908	char *env, laddr;	968	char *env, laddr, *path = NULL;
909	struct passwd *pw = s->pw;	969	struct passwd *pw = s->pw;
910		970
911	/* Initialize the environment. */	971	/* Initialize the environment. */
Lines 949-960 do_setup_env(Session s, const char she Link Here
949	* needed for loading shared libraries. So the path better	1009	* needed for loading shared libraries. So the path better
950	* remains intact here.	1010	* remains intact here.
951	*/	1011	*/
952	# ifdef SUPERUSER_PATH	1012	# ifdef HAVE_ETC_DEFAULT_LOGIN
953	child_set_env(&env, &envsize, "PATH",	1013	read_etc_default_login(&env, &envsize, pw->pw_uid);
954	s->pw->pw_uid == 0 ? SUPERUSER_PATH : _PATH_STDPATH);	1014	path = child_get_env(env, "PATH");
955	# else	1015	# endif /* HAVE_ETC_DEFAULT_LOGIN */
956	child_set_env(&env, &envsize, "PATH", _PATH_STDPATH);	1016	if (path == NULL \|\| *path == '\0') {
957	# endif /* SUPERUSER_PATH */	1017	child_set_env(&env, &envsize, "PATH",
		1018	s->pw->pw_uid == 0 ?
		1019	SUPERUSER_PATH : _PATH_STDPATH);
		1020	}
958	# endif /* HAVE_CYGWIN */	1021	# endif /* HAVE_CYGWIN */
959	#endif /* HAVE_LOGIN_CAP */	1022	#endif /* HAVE_LOGIN_CAP */
960		1023

Lines 71-74 void do_setusercontext(struct passwd *) Link Here

(-)session.h (+5 lines)
71	void child_set_env(char **envp, u_int envsizep, const char *name,	71	void child_set_env(char **envp, u_int envsizep, const char *name,
72	const char *value);	72	const char *value);
73		73
		74	#ifdef HAVE_ETC_DEFAULT_LOGIN
		75	void read_etc_default_login(char **, u_int , uid_t);
		76	char child_get_env(char , const char );
		77	#endif
		78
74	#endif	79	#endif

Return to bug 252