diff options
author | Dag-Erling Smørgrav <des@FreeBSD.org> | 2018-10-09 19:27:42 +0000 |
---|---|---|
committer | Dag-Erling Smørgrav <des@FreeBSD.org> | 2018-10-09 19:27:42 +0000 |
commit | bd393de91cc39fc04033caa53ada48aa34df9607 (patch) | |
tree | 6578a09c4eee04b267b0cdb8b0fa42a85ca1a863 | |
parent | 6f1f1a6395c91c5a845727d7313921a6fe3d297b (diff) | |
download | src-bd393de91cc39fc04033caa53ada48aa34df9607.tar.gz src-bd393de91cc39fc04033caa53ada48aa34df9607.zip |
Notes
-rw-r--r-- | crypto/openssh/monitor.c | 6 | ||||
-rw-r--r-- | crypto/openssh/monitor_wrap.c | 4 | ||||
-rw-r--r-- | crypto/openssh/monitor_wrap.h | 8 | ||||
-rw-r--r-- | crypto/openssh/sshbuf-getput-basic.c | 18 | ||||
-rw-r--r-- | crypto/openssh/sshbuf.h | 9 |
5 files changed, 35 insertions, 10 deletions
diff --git a/crypto/openssh/monitor.c b/crypto/openssh/monitor.c index 3c0c23393945..1913b1f8a1e9 100644 --- a/crypto/openssh/monitor.c +++ b/crypto/openssh/monitor.c @@ -114,7 +114,9 @@ static struct sshbuf *child_state; int mm_answer_moduli(int, struct sshbuf *); int mm_answer_sign(int, struct sshbuf *); +#ifdef HAVE_LOGIN_CAP int mm_answer_login_getpwclass(int, struct sshbuf *); +#endif int mm_answer_pwnamallow(int, struct sshbuf *); int mm_answer_auth2_read_banner(int, struct sshbuf *); int mm_answer_authserv(int, struct sshbuf *); @@ -190,7 +192,9 @@ struct mon_table mon_dispatch_proto20[] = { {MONITOR_REQ_MODULI, MON_ONCE, mm_answer_moduli}, #endif {MONITOR_REQ_SIGN, MON_ONCE, mm_answer_sign}, +#ifdef HAVE_LOGIN_CAP {MONITOR_REQ_GETPWCLASS, MON_AUTH, mm_answer_login_getpwclass}, +#endif {MONITOR_REQ_PWNAM, MON_ONCE, mm_answer_pwnamallow}, {MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv}, {MONITOR_REQ_AUTH2_READ_BANNER, MON_ONCE, mm_answer_auth2_read_banner}, @@ -709,6 +713,7 @@ mm_answer_sign(int sock, struct sshbuf *m) return (0); } +#ifdef HAVE_LOGIN_CAP int mm_answer_login_getpwclass(int sock, struct sshbuf *m) { @@ -748,6 +753,7 @@ mm_answer_login_getpwclass(int sock, struct sshbuf *m) return (0); } +#endif /* Retrieves the password entry and also checks if the user is permitted */ diff --git a/crypto/openssh/monitor_wrap.c b/crypto/openssh/monitor_wrap.c index 7cd20089d9ca..bb458f131483 100644 --- a/crypto/openssh/monitor_wrap.c +++ b/crypto/openssh/monitor_wrap.c @@ -247,6 +247,7 @@ mm_sshkey_sign(struct sshkey *key, u_char **sigp, size_t *lenp, return (0); } +#ifdef HAVE_LOGIN_CAP login_cap_t * mm_login_getpwclass(const struct passwd *pwent) { @@ -286,7 +287,9 @@ mm_login_getpwclass(const struct passwd *pwent) return (lc); } +#endif +#ifdef HAVE_LOGIN_CAP void mm_login_close(login_cap_t *lc) { @@ -297,6 +300,7 @@ mm_login_close(login_cap_t *lc) free(lc->lc_cap); free(lc); } +#endif struct passwd * mm_getpwnamallow(const char *username) diff --git a/crypto/openssh/monitor_wrap.h b/crypto/openssh/monitor_wrap.h index 248dac5c3bb8..5b5dea1ed828 100644 --- a/crypto/openssh/monitor_wrap.h +++ b/crypto/openssh/monitor_wrap.h @@ -28,8 +28,6 @@ #ifndef _MM_WRAP_H_ #define _MM_WRAP_H_ -#include <login_cap.h> - extern int use_privsep; #define PRIVSEP(x) (use_privsep ? mm_##x : x) @@ -46,9 +44,11 @@ DH *mm_choose_dh(int, int, int); int mm_sshkey_sign(struct sshkey *, u_char **, size_t *, const u_char *, size_t, const char *, u_int compat); void mm_inform_authserv(char *, char *); +#ifdef HAVE_LOGIN_CAP +struct login_cap *mm_login_getpwclass(const struct passwd *pwd); +void mm_login_close(struct login_cap *lc); +#endif struct passwd *mm_getpwnamallow(const char *); -login_cap_t *mm_login_getpwclass(const struct passwd *pwd); -void mm_login_close(login_cap_t *lc); char *mm_auth2_read_banner(void); int mm_auth_password(struct ssh *, char *); int mm_key_allowed(enum mm_keytype, const char *, const char *, struct sshkey *, diff --git a/crypto/openssh/sshbuf-getput-basic.c b/crypto/openssh/sshbuf-getput-basic.c index ef56931d522e..70ee303a23e4 100644 --- a/crypto/openssh/sshbuf-getput-basic.c +++ b/crypto/openssh/sshbuf-getput-basic.c @@ -482,7 +482,9 @@ sshbuf_put_passwd(struct sshbuf *buf, const struct passwd *pwent) (r = sshbuf_put_cstring(buf, "*")) != 0 || (r = sshbuf_put_u32(buf, pwent->pw_uid)) != 0 || (r = sshbuf_put_u32(buf, pwent->pw_gid)) != 0 || - (r = sshbuf_put_u64(buf, pwent->pw_change)) != 0 || +#ifdef HAVE_STRUCT_PASSWD_PW_CHANGE + (r = sshbuf_put_time(buf, pwent->pw_change)) != 0 || +#endif #ifdef HAVE_STRUCT_PASSWD_PW_GECOS (r = sshbuf_put_cstring(buf, pwent->pw_gecos)) != 0 || #endif @@ -491,7 +493,9 @@ sshbuf_put_passwd(struct sshbuf *buf, const struct passwd *pwent) #endif (r = sshbuf_put_cstring(buf, pwent->pw_dir)) != 0 || (r = sshbuf_put_cstring(buf, pwent->pw_shell)) != 0 || - (r = sshbuf_put_u64(buf, pwent->pw_expire)) != 0 || +#ifdef HAVE_STRUCT_PASSWD_PW_EXPIRE + (r = sshbuf_put_time(buf, pwent->pw_expire)) != 0 || +#endif (r = sshbuf_put_u32(buf, pwent->pw_fields)) != 0) { return r; } @@ -505,8 +509,8 @@ struct passwd * sshbuf_get_passwd(struct sshbuf *buf) { struct passwd *pw; + u_int64_t len; int r; - size_t len; /* check if size of struct passwd is as same as sender's size */ r = sshbuf_get_u64(buf, &len); @@ -518,7 +522,9 @@ sshbuf_get_passwd(struct sshbuf *buf) sshbuf_get_cstring(buf, &pw->pw_passwd, NULL) != 0 || sshbuf_get_u32(buf, &pw->pw_uid) != 0 || sshbuf_get_u32(buf, &pw->pw_gid) != 0 || - sshbuf_get_u64(buf, &pw->pw_change) != 0 || +#ifdef HAVE_STRUCT_PASSWD_PW_CHANGE + sshbuf_get_time(buf, &pw->pw_change) != 0 || +#endif #ifdef HAVE_STRUCT_PASSWD_PW_GECOS sshbuf_get_cstring(buf, &pw->pw_gecos, NULL) != 0 || #endif @@ -527,7 +533,9 @@ sshbuf_get_passwd(struct sshbuf *buf) #endif sshbuf_get_cstring(buf, &pw->pw_dir, NULL) != 0 || sshbuf_get_cstring(buf, &pw->pw_shell, NULL) != 0 || - sshbuf_get_u64(buf, &pw->pw_expire) != 0 || +#ifdef HAVE_STRUCT_PASSWD_PW_EXPIRE + sshbuf_get_time(buf, &pw->pw_expire) != 0 || +#endif sshbuf_get_u32(buf, &pw->pw_fields) != 0) { sshbuf_free_passwd(pw); return NULL; diff --git a/crypto/openssh/sshbuf.h b/crypto/openssh/sshbuf.h index 1f6f5ead213f..aba18d2aa922 100644 --- a/crypto/openssh/sshbuf.h +++ b/crypto/openssh/sshbuf.h @@ -21,7 +21,6 @@ #include <sys/types.h> #include <stdarg.h> #include <stdio.h> -#include <pwd.h> #ifdef WITH_OPENSSL # include <openssl/bn.h> # ifdef OPENSSL_HAS_ECC @@ -177,6 +176,14 @@ int sshbuf_put_u32(struct sshbuf *buf, u_int32_t val); int sshbuf_put_u16(struct sshbuf *buf, u_int16_t val); int sshbuf_put_u8(struct sshbuf *buf, u_char val); +#if defined(__FreeBSD__) && defined(__i386__) +#define sshbuf_get_time(b, vp) sshbuf_get_u32((b), (u_int32_t *)(vp)) +#define sshbuf_put_time(b, v) sshbuf_put_u32((b), (u_int32_t)(v)) +#else +#define sshbuf_get_time(b, vp) sshbuf_get_u64((b), (u_int64_t *)(vp)) +#define sshbuf_put_time(b, v) sshbuf_put_u64((b), (u_int64_t)(v)) +#endif + /* * Functions to extract or store SSH wire encoded strings (u32 len || data) * The "cstring" variants admit no \0 characters in the string contents. |