aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDag-Erling Smørgrav <des@FreeBSD.org>2018-10-09 19:27:42 +0000
committerDag-Erling Smørgrav <des@FreeBSD.org>2018-10-09 19:27:42 +0000
commitbd393de91cc39fc04033caa53ada48aa34df9607 (patch)
tree6578a09c4eee04b267b0cdb8b0fa42a85ca1a863
parent6f1f1a6395c91c5a845727d7313921a6fe3d297b (diff)
downloadsrc-bd393de91cc39fc04033caa53ada48aa34df9607.tar.gz
src-bd393de91cc39fc04033caa53ada48aa34df9607.zip
Notes
-rw-r--r--crypto/openssh/monitor.c6
-rw-r--r--crypto/openssh/monitor_wrap.c4
-rw-r--r--crypto/openssh/monitor_wrap.h8
-rw-r--r--crypto/openssh/sshbuf-getput-basic.c18
-rw-r--r--crypto/openssh/sshbuf.h9
5 files changed, 35 insertions, 10 deletions
diff --git a/crypto/openssh/monitor.c b/crypto/openssh/monitor.c
index 3c0c23393945..1913b1f8a1e9 100644
--- a/crypto/openssh/monitor.c
+++ b/crypto/openssh/monitor.c
@@ -114,7 +114,9 @@ static struct sshbuf *child_state;
int mm_answer_moduli(int, struct sshbuf *);
int mm_answer_sign(int, struct sshbuf *);
+#ifdef HAVE_LOGIN_CAP
int mm_answer_login_getpwclass(int, struct sshbuf *);
+#endif
int mm_answer_pwnamallow(int, struct sshbuf *);
int mm_answer_auth2_read_banner(int, struct sshbuf *);
int mm_answer_authserv(int, struct sshbuf *);
@@ -190,7 +192,9 @@ struct mon_table mon_dispatch_proto20[] = {
{MONITOR_REQ_MODULI, MON_ONCE, mm_answer_moduli},
#endif
{MONITOR_REQ_SIGN, MON_ONCE, mm_answer_sign},
+#ifdef HAVE_LOGIN_CAP
{MONITOR_REQ_GETPWCLASS, MON_AUTH, mm_answer_login_getpwclass},
+#endif
{MONITOR_REQ_PWNAM, MON_ONCE, mm_answer_pwnamallow},
{MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv},
{MONITOR_REQ_AUTH2_READ_BANNER, MON_ONCE, mm_answer_auth2_read_banner},
@@ -709,6 +713,7 @@ mm_answer_sign(int sock, struct sshbuf *m)
return (0);
}
+#ifdef HAVE_LOGIN_CAP
int
mm_answer_login_getpwclass(int sock, struct sshbuf *m)
{
@@ -748,6 +753,7 @@ mm_answer_login_getpwclass(int sock, struct sshbuf *m)
return (0);
}
+#endif
/* Retrieves the password entry and also checks if the user is permitted */
diff --git a/crypto/openssh/monitor_wrap.c b/crypto/openssh/monitor_wrap.c
index 7cd20089d9ca..bb458f131483 100644
--- a/crypto/openssh/monitor_wrap.c
+++ b/crypto/openssh/monitor_wrap.c
@@ -247,6 +247,7 @@ mm_sshkey_sign(struct sshkey *key, u_char **sigp, size_t *lenp,
return (0);
}
+#ifdef HAVE_LOGIN_CAP
login_cap_t *
mm_login_getpwclass(const struct passwd *pwent)
{
@@ -286,7 +287,9 @@ mm_login_getpwclass(const struct passwd *pwent)
return (lc);
}
+#endif
+#ifdef HAVE_LOGIN_CAP
void
mm_login_close(login_cap_t *lc)
{
@@ -297,6 +300,7 @@ mm_login_close(login_cap_t *lc)
free(lc->lc_cap);
free(lc);
}
+#endif
struct passwd *
mm_getpwnamallow(const char *username)
diff --git a/crypto/openssh/monitor_wrap.h b/crypto/openssh/monitor_wrap.h
index 248dac5c3bb8..5b5dea1ed828 100644
--- a/crypto/openssh/monitor_wrap.h
+++ b/crypto/openssh/monitor_wrap.h
@@ -28,8 +28,6 @@
#ifndef _MM_WRAP_H_
#define _MM_WRAP_H_
-#include <login_cap.h>
-
extern int use_privsep;
#define PRIVSEP(x) (use_privsep ? mm_##x : x)
@@ -46,9 +44,11 @@ DH *mm_choose_dh(int, int, int);
int mm_sshkey_sign(struct sshkey *, u_char **, size_t *, const u_char *, size_t,
const char *, u_int compat);
void mm_inform_authserv(char *, char *);
+#ifdef HAVE_LOGIN_CAP
+struct login_cap *mm_login_getpwclass(const struct passwd *pwd);
+void mm_login_close(struct login_cap *lc);
+#endif
struct passwd *mm_getpwnamallow(const char *);
-login_cap_t *mm_login_getpwclass(const struct passwd *pwd);
-void mm_login_close(login_cap_t *lc);
char *mm_auth2_read_banner(void);
int mm_auth_password(struct ssh *, char *);
int mm_key_allowed(enum mm_keytype, const char *, const char *, struct sshkey *,
diff --git a/crypto/openssh/sshbuf-getput-basic.c b/crypto/openssh/sshbuf-getput-basic.c
index ef56931d522e..70ee303a23e4 100644
--- a/crypto/openssh/sshbuf-getput-basic.c
+++ b/crypto/openssh/sshbuf-getput-basic.c
@@ -482,7 +482,9 @@ sshbuf_put_passwd(struct sshbuf *buf, const struct passwd *pwent)
(r = sshbuf_put_cstring(buf, "*")) != 0 ||
(r = sshbuf_put_u32(buf, pwent->pw_uid)) != 0 ||
(r = sshbuf_put_u32(buf, pwent->pw_gid)) != 0 ||
- (r = sshbuf_put_u64(buf, pwent->pw_change)) != 0 ||
+#ifdef HAVE_STRUCT_PASSWD_PW_CHANGE
+ (r = sshbuf_put_time(buf, pwent->pw_change)) != 0 ||
+#endif
#ifdef HAVE_STRUCT_PASSWD_PW_GECOS
(r = sshbuf_put_cstring(buf, pwent->pw_gecos)) != 0 ||
#endif
@@ -491,7 +493,9 @@ sshbuf_put_passwd(struct sshbuf *buf, const struct passwd *pwent)
#endif
(r = sshbuf_put_cstring(buf, pwent->pw_dir)) != 0 ||
(r = sshbuf_put_cstring(buf, pwent->pw_shell)) != 0 ||
- (r = sshbuf_put_u64(buf, pwent->pw_expire)) != 0 ||
+#ifdef HAVE_STRUCT_PASSWD_PW_EXPIRE
+ (r = sshbuf_put_time(buf, pwent->pw_expire)) != 0 ||
+#endif
(r = sshbuf_put_u32(buf, pwent->pw_fields)) != 0) {
return r;
}
@@ -505,8 +509,8 @@ struct passwd *
sshbuf_get_passwd(struct sshbuf *buf)
{
struct passwd *pw;
+ u_int64_t len;
int r;
- size_t len;
/* check if size of struct passwd is as same as sender's size */
r = sshbuf_get_u64(buf, &len);
@@ -518,7 +522,9 @@ sshbuf_get_passwd(struct sshbuf *buf)
sshbuf_get_cstring(buf, &pw->pw_passwd, NULL) != 0 ||
sshbuf_get_u32(buf, &pw->pw_uid) != 0 ||
sshbuf_get_u32(buf, &pw->pw_gid) != 0 ||
- sshbuf_get_u64(buf, &pw->pw_change) != 0 ||
+#ifdef HAVE_STRUCT_PASSWD_PW_CHANGE
+ sshbuf_get_time(buf, &pw->pw_change) != 0 ||
+#endif
#ifdef HAVE_STRUCT_PASSWD_PW_GECOS
sshbuf_get_cstring(buf, &pw->pw_gecos, NULL) != 0 ||
#endif
@@ -527,7 +533,9 @@ sshbuf_get_passwd(struct sshbuf *buf)
#endif
sshbuf_get_cstring(buf, &pw->pw_dir, NULL) != 0 ||
sshbuf_get_cstring(buf, &pw->pw_shell, NULL) != 0 ||
- sshbuf_get_u64(buf, &pw->pw_expire) != 0 ||
+#ifdef HAVE_STRUCT_PASSWD_PW_EXPIRE
+ sshbuf_get_time(buf, &pw->pw_expire) != 0 ||
+#endif
sshbuf_get_u32(buf, &pw->pw_fields) != 0) {
sshbuf_free_passwd(pw);
return NULL;
diff --git a/crypto/openssh/sshbuf.h b/crypto/openssh/sshbuf.h
index 1f6f5ead213f..aba18d2aa922 100644
--- a/crypto/openssh/sshbuf.h
+++ b/crypto/openssh/sshbuf.h
@@ -21,7 +21,6 @@
#include <sys/types.h>
#include <stdarg.h>
#include <stdio.h>
-#include <pwd.h>
#ifdef WITH_OPENSSL
# include <openssl/bn.h>
# ifdef OPENSSL_HAS_ECC
@@ -177,6 +176,14 @@ int sshbuf_put_u32(struct sshbuf *buf, u_int32_t val);
int sshbuf_put_u16(struct sshbuf *buf, u_int16_t val);
int sshbuf_put_u8(struct sshbuf *buf, u_char val);
+#if defined(__FreeBSD__) && defined(__i386__)
+#define sshbuf_get_time(b, vp) sshbuf_get_u32((b), (u_int32_t *)(vp))
+#define sshbuf_put_time(b, v) sshbuf_put_u32((b), (u_int32_t)(v))
+#else
+#define sshbuf_get_time(b, vp) sshbuf_get_u64((b), (u_int64_t *)(vp))
+#define sshbuf_put_time(b, v) sshbuf_put_u64((b), (u_int64_t)(v))
+#endif
+
/*
* Functions to extract or store SSH wire encoded strings (u32 len || data)
* The "cstring" variants admit no \0 characters in the string contents.