|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Chris Jones (chris
cjones.org)Date: Tue Feb 13 2001 - 21:04:54 CST
So, with the latest round of ssh security problems, it would seem
important that openssh install and run flawlessly on a 1.5 system.
Unfortunately, given the lack of /etc/login.conf in 1.5, it dies after
authentication with "unable to get login class." Apparently, openssh
calls login_getclass(3), which returns NULL, and openssh takes this to
be an error status.
1. What's the right thing to do here? Should login_getclass
synthesize a default entry if there's no login.conf? There's no
mention in login_cap(3) about what return value constitutes an
error, and whether errno gets set. So maybe it's reasonable for
openssh to consider a NULL return to be an error.
2. For the time being, it looks like we should patch openssh's
session.c to ignore a NULL return from login_getclass(3), so that
people don't have to follow -release in order to keep up with
openssh versions. If nobody else does, I'll generate a patch for
this tomorrow evening and post it to this list before committing.
Chris
-- ---------------------------------------------------- chris
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]