summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTim Rice <tim@multitalents.net>2002-05-13 17:07:18 -0700
committerTim Rice <tim@multitalents.net>2002-05-13 17:07:18 -0700
commit1e28c9e6bad1bd601606b6a6a3d6aa4ca441d21d (patch)
tree57a9a87316afb218a5a630bdd5174b24088ae34a
parentf8defa2327a1ff265e7b4229e3adc97fc9f82594 (diff)
downloadopenssh-git-1e28c9e6bad1bd601606b6a6a3d6aa4ca441d21d.tar.gz
20020514
[sshpty.c] set tty modes when allocating old style bsd ptys to match what newer style ptys have when allocated. Based on a patch by Roger Cornelius <rac@tenzing.org> [README.privsep] UnixWare 7 and OpenUNIX 8 work.
Diffstat
-rw-r--r--ChangeLog6
-rw-r--r--README.privsep6
-rw-r--r--sshpty.c14
3 files changed, 24 insertions, 2 deletions
diff --git a/ChangeLog b/ChangeLog
index 0c59cec0..da6a352c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,9 @@
20020514
- (stevesk) [README.privsep] PAM+privsep works with Solaris 8.
+ - (tim) [sshpty.c] set tty modes when allocating old style bsd ptys to
+ match what newer style ptys have when allocated. Based on a patch by
+ Roger Cornelius <rac@tenzing.org>
+ [README.privsep] UnixWare 7 and OpenUNIX 8 work.
20020513
- (stevesk) add initial README.privsep
@@ -582,4 +586,4 @@
- (stevesk) entropy.c: typo in debug message
- (djm) ssh-keygen -i needs seeded RNG; report from markus@
-$Id: ChangeLog,v 1.2115 2002/05/13 23:31:09 stevesk Exp $
+$Id: ChangeLog,v 1.2116 2002/05/14 00:07:18 tim Exp $
diff --git a/README.privsep b/README.privsep
index 51a4e3f6..aed43acd 100644
--- a/README.privsep
+++ b/README.privsep
@@ -20,6 +20,9 @@ prepare the privsep preauth environment:
# groupadd sshd
# useradd -g sshd sshd
+If you are on UnixWare 7 or OpenUNIX 8 do this additional step.
+ # ln /usr/lib/.ns.so /usr/lib/ns.so.1
+
/var/empty should not contain any files.
configure supports the following options to change the default
@@ -31,6 +34,7 @@ privsep user and chroot directory:
Privsep requires operating system support for file descriptor passing
and mmap(MAP_ANON).
+OpenSSH is known to function with privsep on UnixWare 7 and OpenUNIX 8
PAM-enabled OpenSSH is known to function with privsep on Linux and
Solaris 8. It does not function on HP-UX with a trusted system
configuration. PAMAuthenticationViaKbdInt does not function with
@@ -51,4 +55,4 @@ process 1005 is the sshd process listening for new connections.
process 6917 is the privileged monitor process, 6919 is the user owned
sshd process and 6921 is the shell process.
-$Id: README.privsep,v 1.2 2002/05/13 23:31:10 stevesk Exp $
+$Id: README.privsep,v 1.3 2002/05/14 00:07:18 tim Exp $
diff --git a/sshpty.c b/sshpty.c
index 71c48b57..91de7593 100644
--- a/sshpty.c
+++ b/sshpty.c
@@ -199,6 +199,7 @@ pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen)
const char *ptyminors = "0123456789abcdef";
int num_minors = strlen(ptyminors);
int num_ptys = strlen(ptymajors) * num_minors;
+ struct termios tio;
for (i = 0; i < num_ptys; i++) {
snprintf(buf, sizeof buf, "/dev/pty%c%c", ptymajors[i / num_minors],
@@ -223,6 +224,19 @@ pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen)
close(*ptyfd);
return 0;
}
+ /* set tty modes to a sane state for broken clients */
+ if (tcgetattr(*ptyfd, &tio) < 0)
+ log("Getting tty modes for pty failed: %.100s", strerror(errno));
+ else {
+ tio.c_lflag |= (ECHO | ISIG | ICANON);
+ tio.c_oflag |= (OPOST | ONLCR);
+ tio.c_iflag |= ICRNL;
+
+ /* Set the new modes for the terminal. */
+ if (tcsetattr(*ptyfd, TCSANOW, &tio) < 0)
+ log("Setting tty modes for pty failed: %.100s", strerror(errno));
+ }
+
return 1;
}
return 0;
View Lorry Controller Status