diff -ru openssh-2.5.2p1/ChangeLog openssh-2.5.2p2/ChangeLog --- openssh-2.5.2p1/ChangeLog 2001-03-20 09:30:50.000000000 +1100 +++ openssh-2.5.2p2/ChangeLog 2001-03-22 16:04:12.000000000 +1100 @@ -1,3 +1,18 @@ +20010322 + - (djm) Better AIX no tty fix, spotted by Gert Doering + - (djm) Released 2.5.2p2 + +20010321 + - (djm) Fix ttyname breakage for AIX and Tru64. Patch from Steve + VanDevender + - (djm) Make sure pam_retval is initialised on call to pam_end. Patch + from Solar Designer + - (djm) Don't loop forever when changing password via PAM. Patch + from Solar Designer + - (djm) Generate config files before build + - (djm) Correctly handle SIA and AIX when no tty present. Spotted and + suggested fix from Mike Battersby + 20010320 - (bal) glob.c update to added GLOB_LIMITS (OpenBSD CVS). - (bal) glob.c update to set gl_pathv to NULL (OpenBSD CVS). @@ -11,6 +26,10 @@ version 2.5.2 - (djm) Update RPM spec version - (djm) Release 2.5.2p1 +- tim@mindrot.org 2001/03/19 18:33:47 [defines.h] + change S_ISLNK macro to work for UnixWare 2.03 +- tim@mindrot.org 2001/03/19 20:45:11 [openbsd-compat/glob.c] + add get_arg_max(). Use sysconf() if ARG_MAX is not defined 20010319 - (djm) Seed PRNG at startup, rather than waiting for arc4random calls to @@ -4641,4 +4660,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.991 2001/03/19 22:30:50 djm Exp $ +$Id: ChangeLog,v 1.991.2.6 2001/03/22 05:04:12 djm Exp $ diff -ru openssh-2.5.2p1/Makefile.in openssh-2.5.2p2/Makefile.in --- openssh-2.5.2p1/Makefile.in 2001-03-14 11:39:46.000000000 +1100 +++ openssh-2.5.2p2/Makefile.in 2001-03-21 13:12:12.000000000 +1100 @@ -1,4 +1,4 @@ -# $Id: Makefile.in,v 1.161 2001/03/14 00:39:46 djm Exp $ +# $Id: Makefile.in,v 1.161.2.1 2001/03/21 02:12:12 djm Exp $ prefix=@prefix@ exec_prefix=@exec_prefix@ @@ -73,7 +73,7 @@ FIXPATHSCMD = $(PERL) $(srcdir)/fixpaths $(PATHSUBS) -all: $(TARGETS) $(CONFIGFILES) +all: $(CONFIGFILES) $(TARGETS) manpages: $(MANPAGES) diff -ru openssh-2.5.2p1/TODO openssh-2.5.2p2/TODO --- openssh-2.5.2p1/TODO 2001-03-20 01:58:47.000000000 +1100 +++ openssh-2.5.2p2/TODO 2001-03-21 13:12:12.000000000 +1100 @@ -1,6 +1,9 @@ Programming: - Grep for 'XXX' comments and fix +- Link order is incorrect for some systems using Kerberos 4 and AFS. Result +is multiple inclusion of DES symbols. + - Integrate contrib/mdoc2man.pl so platforms which only have the troff 'an' macros can have readable manpages. @@ -79,4 +82,4 @@ - HP-UX: Provide DEPOT package scripts. (gilbert.r.loomis@saic.com) -$Id: TODO,v 1.38 2001/03/19 14:58:47 stevesk Exp $ +$Id: TODO,v 1.38.2.1 2001/03/21 02:12:12 djm Exp $ diff -ru openssh-2.5.2p1/auth-pam.c openssh-2.5.2p2/auth-pam.c --- openssh-2.5.2p1/auth-pam.c 2001-03-01 09:18:58.000000000 +1100 +++ openssh-2.5.2p2/auth-pam.c 2001-03-21 13:12:13.000000000 +1100 @@ -33,7 +33,7 @@ #include "canohost.h" #include "readpass.h" -RCSID("$Id: auth-pam.c,v 1.31 2001/02/28 22:18:58 djm Exp $"); +RCSID("$Id: auth-pam.c,v 1.31.2.1 2001/03/21 02:12:13 djm Exp $"); #define NEW_AUTHTOK_MSG \ "Warning: Your password has expired, please change it now" @@ -172,7 +172,7 @@ /* Called at exit to cleanly shutdown PAM */ void do_pam_cleanup_proc(void *context) { - int pam_retval; + int pam_retval = PAM_SUCCESS; if (__pamh && session_opened) { pam_retval = pam_close_session(__pamh, 0); @@ -326,14 +326,10 @@ if (password_change_required) { pamstate = OTHER; - /* XXX: should we really loop forever? */ - do { - pam_retval = pam_chauthtok(__pamh, - PAM_CHANGE_EXPIRED_AUTHTOK); - if (pam_retval != PAM_SUCCESS) - log("PAM pam_chauthtok failed[%d]: %.200s", - pam_retval, PAM_STRERROR(__pamh, pam_retval)); - } while (pam_retval != PAM_SUCCESS); + pam_retval = pam_chauthtok(__pamh, PAM_CHANGE_EXPIRED_AUTHTOK); + if (pam_retval != PAM_SUCCESS) + fatal("PAM pam_chauthtok failed[%d]: %.200s", + pam_retval, PAM_STRERROR(__pamh, pam_retval)); } } diff -ru openssh-2.5.2p1/contrib/caldera/openssh.spec openssh-2.5.2p2/contrib/caldera/openssh.spec --- openssh-2.5.2p1/contrib/caldera/openssh.spec 2001-03-20 09:30:51.000000000 +1100 +++ openssh-2.5.2p2/contrib/caldera/openssh.spec 2001-03-21 13:13:21.000000000 +1100 @@ -1,5 +1,5 @@ # Version of OpenSSH -%define oversion 2.5.2p1 +%define oversion 2.5.2p2 # Version of ssh-askpass %define aversion 1.2.0 diff -ru openssh-2.5.2p1/contrib/redhat/openssh.spec openssh-2.5.2p2/contrib/redhat/openssh.spec --- openssh-2.5.2p1/contrib/redhat/openssh.spec 2001-03-20 09:30:51.000000000 +1100 +++ openssh-2.5.2p2/contrib/redhat/openssh.spec 2001-03-21 13:13:21.000000000 +1100 @@ -1,5 +1,5 @@ # Version of OpenSSH -%define oversion 2.5.2p1 +%define oversion 2.5.2p2 # Version of ssh-askpass %define aversion 1.2.0 diff -ru openssh-2.5.2p1/contrib/suse/openssh.spec openssh-2.5.2p2/contrib/suse/openssh.spec --- openssh-2.5.2p1/contrib/suse/openssh.spec 2001-03-20 09:30:51.000000000 +1100 +++ openssh-2.5.2p2/contrib/suse/openssh.spec 2001-03-21 13:13:21.000000000 +1100 @@ -1,6 +1,6 @@ Summary: OpenSSH, a free Secure Shell (SSH) implementation Name: openssh -Version: 2.5.2p1 +Version: 2.5.2p2 URL: http://www.openssh.com/ Release: 1 Source0: openssh-%{version}.tar.gz diff -ru openssh-2.5.2p1/defines.h openssh-2.5.2p2/defines.h --- openssh-2.5.2p1/defines.h 2001-03-19 14:12:26.000000000 +1100 +++ openssh-2.5.2p2/defines.h 2001-03-20 13:49:22.000000000 +1100 @@ -1,7 +1,7 @@ #ifndef _DEFINES_H #define _DEFINES_H -/* $Id: defines.h,v 1.60 2001/03/19 03:12:26 mouring Exp $ */ +/* $Id: defines.h,v 1.60.2.1 2001/03/20 02:49:22 tim Exp $ */ /* Some platforms need this for the _r() functions */ #if !defined(_REENTRANT) && !defined(SNI) @@ -108,7 +108,7 @@ #endif /* S_ISREG */ #ifndef S_ISLNK -# define S_ISLNK(mode) (((mode) & (_S_IFMT)) == (_S_IFLNK)) +# define S_ISLNK(mode) (((mode) & S_IFMT) == S_IFLNK) #endif /* S_ISLNK */ #ifndef S_IXUSR diff -ru openssh-2.5.2p1/openbsd-compat/glob.c openssh-2.5.2p2/openbsd-compat/glob.c --- openssh-2.5.2p1/openbsd-compat/glob.c 2001-03-20 06:00:10.000000000 +1100 +++ openssh-2.5.2p2/openbsd-compat/glob.c 2001-03-20 15:49:47.000000000 +1100 @@ -37,6 +37,18 @@ #include "includes.h" #include +long +get_arg_max() +{ +#ifdef ARG_MAX + return(ARG_MAX); +#elif defined(HAVE_SYSCONF) && defined(_SC_ARG_MAX) + return(sysconf(_SC_ARG_MAX)); +#else + return(256); /* XXX: arbitrary */ +#endif +} + #if !defined(HAVE_GLOB) || !defined(GLOB_HAS_ALTDIRFUNC) || \ !defined(GLOB_HAS_GL_MATCHC) @@ -689,7 +701,7 @@ pathv[pglob->gl_offs + pglob->gl_pathc] = NULL; if ((pglob->gl_flags & GLOB_LIMIT) && - newsize + *limitp >= ARG_MAX) { + newsize + *limitp >= (u_int) get_arg_max()) { errno = 0; return(GLOB_NOSPACE); } diff -ru openssh-2.5.2p1/session.c openssh-2.5.2p2/session.c --- openssh-2.5.2p1/session.c 2001-03-17 11:47:55.000000000 +1100 +++ openssh-2.5.2p2/session.c 2001-03-22 11:58:27.000000000 +1100 @@ -1053,7 +1053,7 @@ switch, so we let login(1) to this for us. */ if (!options.use_login) { #ifdef HAVE_OSF_SIA - session_setup_sia(pw->pw_name, ttyname); + session_setup_sia(pw->pw_name, s->ttyfd == -1 ? NULL : s->tty); #else /* HAVE_OSF_SIA */ #ifdef HAVE_CYGWIN if (is_winnt) { @@ -1134,10 +1134,12 @@ * other stuff is stored - a few applications * actually use this and die if it's not set */ - cp = xmalloc(22 + strlen(ttyname) + + if (s->ttyfd == -1) + s->tty[0] = '\0'; + cp = xmalloc(22 + strlen(s->tty) + 2 * strlen(pw->pw_name)); i = sprintf(cp, "LOGNAME=%s%cNAME=%s%cTTY=%s%c%c", - pw->pw_name, 0, pw->pw_name, 0, ttyname, 0,0); + pw->pw_name, 0, pw->pw_name, 0, s->tty, 0, 0); if (usrinfo(SETUINFO, cp, i) == -1) fatal("Couldn't set usrinfo: %s", strerror(errno)); diff -ru openssh-2.5.2p1/version.h openssh-2.5.2p2/version.h --- openssh-2.5.2p1/version.h 2001-03-20 09:16:34.000000000 +1100 +++ openssh-2.5.2p2/version.h 2001-03-21 13:13:21.000000000 +1100 @@ -1,3 +1,3 @@ /* $OpenBSD: version.h,v 1.19 2001/02/19 10:35:23 markus Exp $ */ -#define SSH_VERSION "OpenSSH_2.5.2p1" +#define SSH_VERSION "OpenSSH_2.5.2p2"