PERFORCE change 81717 for review
soc-bushman
soc-bushman at FreeBSD.org
Tue Aug 9 10:10:24 GMT 2005
http://perforce.freebsd.org/chv.cgi?CH=81717
Change 81717 by soc-bushman at soc-bushman_stinger on 2005/08/09 10:09:25
openssh NIS support added, /var/yp/Makefile patch done
Affected files ...
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/auth-rh-rsa.c#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/auth.c#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/auth.h#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/auth2-hostbased.c#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/auth2.c#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/config.h.in#3 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/configure.ac#3 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/hostfile.c#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/hostfile.h#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/initial_copy.sh#3 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/key.h#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/make.sh#3 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/patches/patch-auth-rh.rsa.c#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/patches/patch-auth.c#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/patches/patch-auth.h#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/patches/patch-auth2-hostbased.c#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/patches/patch-config.h.in#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/patches/patch-configure.ac#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/patches/patch-hostfile.c#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/patches/patch-hostfile.h#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/patches/patch-sshconnect.c#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/patches/var_yp_makefile.patch#1 add
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/Makefile#6 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/distinfo#3 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/batch.patch#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/gss-serv.c.patch#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-auth-pam.c#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-auth-rh.rsa.c#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-auth.c#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-auth.h#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-auth1.c#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-auth2-hostbased.c#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-auth2.c#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-clientloop.c#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-config.h.in#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-configure.ac#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-fake-rfc2553.h#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-hostfile.c#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-hostfile.h#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-loginrec.c#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-regress-test-exec.sh#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-session.c#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-sshconnect.c#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-sshd.c#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-sshd_config#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-sshpty.c#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/servconf.c.patch#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/sshd.sh#4 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/pkg-descr#3 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/pkg-message#3 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/pkg-plist#3 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/result_copy.sh#3 edit
.. //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/sshconnect.c#4 edit
Differences ...
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/auth-rh-rsa.c#4 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/auth.c#4 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/auth.h#4 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/auth2-hostbased.c#4 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/auth2.c#4 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/config.h.in#3 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/configure.ac#3 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/hostfile.c#4 (text+ko) ====
@@ -59,12 +59,10 @@
#if defined (HAVE_NSDISPATCH) && defined (USE_NSSWITCH)
-#ifdef YP
+#ifndef WITHOUT_NIS
#include <rpcsvc/ypclnt.h>
#include <rpcsvc/yp.h>
-#include <sys/param.h>
-#include <unistd.h>
-#endif
+#endif /* WITHOUT_NIS */
#ifndef NSDB_SSH_HOSTKEYS
#define NSDB_SSH_HOSTKEYS "ssh_hostkeys"
@@ -87,12 +85,13 @@
nsswitch_files_conf.system_hostfile2 = system_hostfile2;
}
+static int hostfile_check_key(int, const Key *, const char *, const char *, int);
static HostStatus check_host_in_hostfile_by_key_or_type(const char *,
const char *, const Key *, int, Key *, int *);
-#ifdef YP
+#ifndef WITHOUT_NIS
static HostStatus check_host_in_nis_by_key_or_type(const char *,
const Key *, int, Key *, int *);
-#endif
+#endif /* WITHOUT_NIS */
enum constants {
CHECK_HOST,
@@ -101,16 +100,16 @@
static const ns_src defaultsrc[] = {
{ NSSRC_FILES, NS_SUCCESS },
-#ifdef YP
+#ifndef WITHOUT_NIS
{ NSSRC_NIS, NS_SUCCESS },
-#endif
+#endif /* WITHOUT_NIS */
{ NULL, 0 }
};
static int files_check_host_by_key_or_type(void *, void *, va_list);
-#ifdef YP
+#ifndef WITHOUT_NIS
static int nis_check_host_by_key_or_type(void *, void *, va_list);
-#endif
+#endif /* WITHOUT_NIS */
/* files backend implementation */
static int
@@ -152,10 +151,10 @@
found, &numret);
}
- debug3("files_check_host_by_key_or_type: CHECK_HOST - %d", rv);
+ debug3("files_check_host_by_key_or_type: check_host result %d", rv);
if (result != NULL)
*((int *)result) = rv;
- return ((rv == HOST_NEW) ? NS_NOTFOUND : NS_SUCCESS);
+ return ((rv != HOST_OK) ? NS_NOTFOUND : NS_SUCCESS);
case LOOKUP_KEY_BY_TYPE:
filename = nsswitch_files_conf.system_hostfile;
@@ -167,7 +166,7 @@
keytype, found, &numret) == HOST_FOUND);
}
- debug3("files_check_host_by_key_or_type: LOOKUP_KEY_BY_TYPE - %d", rv);
+ debug3("files_check_host_by_key_or_type: lookup_key_by_type result %d", rv);
if (result != NULL)
*((int *)result) = rv;
return ((rv == 0) ? NS_NOTFOUND : NS_SUCCESS);
@@ -176,10 +175,10 @@
return (NS_NOTFOUND);
}
-#ifdef YP
+#ifndef WITHOUT_NIS
/* NIS backend implementation */
static HostStatus
-check_host_in_hostfile_by_key_or_type(const char *host, const Key *key,
+check_host_in_nis_by_key_or_type(const char *host, const Key *key,
int keytype, Key *found, int *numret)
{
u_int kbits;
@@ -187,20 +186,20 @@
char *cp, *cp2, *hashed_host;
HostStatus end_return;
- char buf[YPMAXRECORD];
- char domain[MAXHOSTNAMELEN];
-
+ char *domain;
char *lastkey;
char *current;
int current_len;
char *resultbuf;
- int resultbuf_len;
+ int resultbuf_len;
+ int rv;
- int rv;
- if (getdomainname(domain, sizeof(domain)) != 0)
+ if (yp_get_default_domain(&domain) != 0) {
+ debug3("check_host_in_nis: can't get the NIS domain");
return (HOST_NEW);
+ }
current = NULL;
current_len = 0;
@@ -210,9 +209,8 @@
rv = yp_first(domain, "ssh_hostkeys", ¤t, ¤t_len,
&resultbuf, &resultbuf_len);
-
end_return = HOST_NEW;
- while (rv) {
+ while (rv == 0) {
cp = resultbuf;
/* comments, trailing spaces and tabs should be deleted during
@@ -281,7 +279,7 @@
next_iter:
lastkey = current;
rv = yp_next(domain, "ssh_hostkeys", current, current_len,
- resultbuf, resultbuf_len);
+ ¤t, ¤t_len, &resultbuf, &resultbuf_len);
free(lastkey);
++linenum;
@@ -323,16 +321,16 @@
case CHECK_HOST:
rv = check_host_in_nis_by_key_or_type(host, key, 0, found, &numret);
- debug3("nis_check_host_by_key_or_type: CHECK_HOST - %d", rv);
+ debug3("nis_check_host_by_key_or_type: check_host result %d", rv);
if (result != NULL)
*((int *)result) = rv;
- return ((rv == HOST_NEW) ? NS_NOTFOUND : NS_SUCCESS);
+ return ((rv != HOST_OK) ? NS_NOTFOUND : NS_SUCCESS);
case LOOKUP_KEY_BY_TYPE:
rv = (check_host_in_nis_by_key_or_type(host, NULL, keytype, found,
&numret) == HOST_FOUND);
- debug3("nis_check_host_by_key_or_type: LOOKUP_KEY_BY_TYPE - %d", rv);
+ debug3("nis_check_host_by_key_or_type: lookup_key_by_type result %d", rv);
if (result != NULL)
*((int *)result) = rv;
return ((rv == 0) ? NS_NOTFOUND : NS_SUCCESS);
@@ -340,7 +338,7 @@
return (NS_NOTFOUND);
}
-#endif
+#endif /* WITHOUT_NIS */
/* nsswitch interface functions implementation */
HostStatus
@@ -348,9 +346,9 @@
{
static const ns_dtab dtab[] = {
{ NSSRC_FILES, files_check_host_by_key_or_type, (void *)CHECK_HOST },
-#ifdef YP
+#ifndef WITHOUT_NIS
{ NSSRC_NIS, nis_check_host_by_key_or_type, (void *)CHECK_HOST },
-#endif
+#endif /* WITHOUT_NIS */
{ NULL, NULL, NULL }
};
@@ -375,9 +373,9 @@
{
static const ns_dtab dtab[] = {
{ NSSRC_FILES, files_check_host_by_key_or_type, (void *)LOOKUP_KEY_BY_TYPE },
-#ifdef YP
+#ifndef WITHOUT_NIS
{ NSSRC_NIS, nis_check_host_by_key_or_type, (void *)LOOKUP_KEY_BY_TYPE },
-#endif
+#endif /* WITHOUT_NIS */
{ NULL, NULL, NULL }
};
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/hostfile.h#4 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/initial_copy.sh#3 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/key.h#4 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/make.sh#3 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/patches/patch-auth-rh.rsa.c#4 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/patches/patch-auth.c#4 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/patches/patch-auth.h#4 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/patches/patch-auth2-hostbased.c#4 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/patches/patch-config.h.in#4 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/patches/patch-configure.ac#4 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/patches/patch-hostfile.c#4 (text+ko) ====
@@ -1,6 +1,6 @@
---- hostfile.c.orig Mon Mar 14 15:08:12 2005
-+++ hostfile.c Mon Jul 18 15:27:23 2005
-@@ -38,16 +38,172 @@
+--- /tmp2/usr/ports/security/openssh-portable/work/openssh-4.1p1/hostfile.c Mon Mar 14 15:08:12 2005
++++ hostfile.c Tue Aug 9 13:13:17 2005
+@@ -38,16 +38,359 @@
#include "includes.h"
RCSID("$OpenBSD: hostfile.c,v 1.34 2005/03/10 22:01:05 deraadt Exp $");
@@ -25,6 +25,11 @@
+
+#if defined (HAVE_NSDISPATCH) && defined (USE_NSSWITCH)
+
++#ifndef WITHOUT_NIS
++#include <rpcsvc/ypclnt.h>
++#include <rpcsvc/yp.h>
++#endif /* WITHOUT_NIS */
++
+#ifndef NSDB_SSH_HOSTKEYS
+#define NSDB_SSH_HOSTKEYS "ssh_hostkeys"
+#endif /* NSDB_SSH_HOSTKEYS */
@@ -46,8 +51,13 @@
+ nsswitch_files_conf.system_hostfile2 = system_hostfile2;
+}
+
++static int hostfile_check_key(int, const Key *, const char *, const char *, int);
+static HostStatus check_host_in_hostfile_by_key_or_type(const char *,
+ const char *, const Key *, int, Key *, int *);
++#ifndef WITHOUT_NIS
++static HostStatus check_host_in_nis_by_key_or_type(const char *,
++ const Key *, int, Key *, int *);
++#endif /* WITHOUT_NIS */
+
+enum constants {
+ CHECK_HOST,
@@ -56,10 +66,16 @@
+
+static const ns_src defaultsrc[] = {
+ { NSSRC_FILES, NS_SUCCESS },
++#ifndef WITHOUT_NIS
++ { NSSRC_NIS, NS_SUCCESS },
++#endif /* WITHOUT_NIS */
+ { NULL, 0 }
+};
+
+static int files_check_host_by_key_or_type(void *, void *, va_list);
++#ifndef WITHOUT_NIS
++static int nis_check_host_by_key_or_type(void *, void *, va_list);
++#endif /* WITHOUT_NIS */
+
+/* files backend implementation */
+static int
@@ -101,10 +117,10 @@
+ found, &numret);
+ }
+
-+ debug3("files_check_host_by_key_or_type: CHECK_HOST - %d", rv);
++ debug3("files_check_host_by_key_or_type: check_host result %d", rv);
+ if (result != NULL)
+ *((int *)result) = rv;
-+ return ((rv == HOST_NEW) ? NS_NOTFOUND : NS_SUCCESS);
++ return ((rv != HOST_OK) ? NS_NOTFOUND : NS_SUCCESS);
+
+ case LOOKUP_KEY_BY_TYPE:
+ filename = nsswitch_files_conf.system_hostfile;
@@ -116,7 +132,171 @@
+ keytype, found, &numret) == HOST_FOUND);
+ }
+
-+ debug3("files_check_host_by_key_or_type: LOOKUP_KEY_BY_TYPE - %d", rv);
++ debug3("files_check_host_by_key_or_type: lookup_key_by_type result %d", rv);
++ if (result != NULL)
++ *((int *)result) = rv;
++ return ((rv == 0) ? NS_NOTFOUND : NS_SUCCESS);
++ }
++
++ return (NS_NOTFOUND);
++}
++
++#ifndef WITHOUT_NIS
++/* NIS backend implementation */
++static HostStatus
++check_host_in_nis_by_key_or_type(const char *host, const Key *key,
++ int keytype, Key *found, int *numret)
++{
++ u_int kbits;
++ int linenum;
++ char *cp, *cp2, *hashed_host;
++ HostStatus end_return;
++
++ char *domain;
++ char *lastkey;
++ char *current;
++ int current_len;
++
++ char *resultbuf;
++ int resultbuf_len;
++ int rv;
++
++
++ if (yp_get_default_domain(&domain) != 0) {
++ debug3("check_host_in_nis: can't get the NIS domain");
++ return (HOST_NEW);
++ }
++
++ current = NULL;
++ current_len = 0;
++ resultbuf = NULL;
++ resultbuf_len = 0;
++ linenum = 0;
++
++ rv = yp_first(domain, "ssh_hostkeys", ¤t, ¤t_len,
++ &resultbuf, &resultbuf_len);
++ end_return = HOST_NEW;
++ while (rv == 0) {
++ cp = resultbuf;
++
++ /* comments, trailing spaces and tabs should be deleted during
++ NIS map making, but we still should check for them - just in case */
++ for (; *cp == ' ' || *cp == '\t'; cp++)
++ ;
++ if (!*cp || *cp == '#' || *cp == '\n')
++ goto next_iter;
++
++ /* Find the end of the host name portion. */
++ for (cp2 = cp; *cp2 && *cp2 != ' ' && *cp2 != '\t'; cp2++)
++ ;
++
++ if (match_hostname(host, cp, (u_int) (cp2 - cp)) != 1) {
++ if (*cp != HASH_DELIM)
++ goto next_iter;
++ hashed_host = host_hash(host, cp, (u_int) (cp2 - cp));
++ if (hashed_host == NULL) {
++ debug("Invalid hashed host line %d of NIS source",
++ linenum);
++ goto next_iter;
++ }
++ if (strncmp(hashed_host, cp, (u_int) (cp2 - cp)) != 0)
++ goto next_iter;
++ }
++
++ /* Got a match. Skip host name. */
++ cp = cp2;
++
++ /*
++ * Extract the key from the line. This will skip any leading
++ * whitespace. Ignore badly formatted lines.
++ */
++ if (!hostfile_read_key(&cp, &kbits, found))
++ goto next_iter;
++
++ if (numret != NULL)
++ *numret = linenum;
++
++ if (key == NULL) {
++ /* we found a key of the requested type */
++ if (found->type == keytype) {
++ end_return = HOST_FOUND;
++ goto fin;
++ }
++ goto next_iter;
++ }
++
++ if (!hostfile_check_key(kbits, found, host, "NIS source", linenum))
++ goto next_iter;
++
++ /* Check if the current key is the same as the given key. */
++ if (key_equal(key, found)) {
++ /* Ok, they match. */
++ debug3("check_host_in_nis: match line %d", linenum);
++ end_return = HOST_OK;
++ goto fin;
++ }
++ /*
++ * They do not match. We will continue to go through the
++ * file; however, we note that we will not return that it is
++ * new.
++ */
++ end_return = HOST_CHANGED;
++
++next_iter:
++ lastkey = current;
++ rv = yp_next(domain, "ssh_hostkeys", current, current_len,
++ ¤t, ¤t_len, &resultbuf, &resultbuf_len);
++ free(lastkey);
++
++ ++linenum;
++ }
++
++fin:
++ free(resultbuf);
++ return (end_return);
++}
++
++static int
++nis_check_host_by_key_or_type(void *result, void *mdata, va_list ap)
++{
++ const char *host;
++ const Key *key;
++ Key *found;
++ int keytype;
++
++ int rv, numret;
++ enum constants how;
++
++ how = (enum constants)mdata;
++ switch (how) {
++ case CHECK_HOST:
++ host = va_arg(ap, const char *);
++ key = va_arg(ap, const Key *);
++ found = va_arg(ap, Key *);
++ break;
++ case LOOKUP_KEY_BY_TYPE:
++ host = va_arg(ap, const char *);
++ keytype = va_arg(ap, int);
++ found = va_arg(ap, Key *);
++ break;
++ default:
++ return NS_NOTFOUND;
++ }
++
++ switch (how) {
++ case CHECK_HOST:
++ rv = check_host_in_nis_by_key_or_type(host, key, 0, found, &numret);
++
++ debug3("nis_check_host_by_key_or_type: check_host result %d", rv);
++ if (result != NULL)
++ *((int *)result) = rv;
++ return ((rv != HOST_OK) ? NS_NOTFOUND : NS_SUCCESS);
++
++ case LOOKUP_KEY_BY_TYPE:
++ rv = (check_host_in_nis_by_key_or_type(host, NULL, keytype, found,
++ &numret) == HOST_FOUND);
++
++ debug3("nis_check_host_by_key_or_type: lookup_key_by_type result %d", rv);
+ if (result != NULL)
+ *((int *)result) = rv;
+ return ((rv == 0) ? NS_NOTFOUND : NS_SUCCESS);
@@ -124,6 +304,7 @@
+
+ return (NS_NOTFOUND);
+}
++#endif /* WITHOUT_NIS */
+
+/* nsswitch interface functions implementation */
+HostStatus
@@ -131,6 +312,9 @@
+{
+ static const ns_dtab dtab[] = {
+ { NSSRC_FILES, files_check_host_by_key_or_type, (void *)CHECK_HOST },
++#ifndef WITHOUT_NIS
++ { NSSRC_NIS, nis_check_host_by_key_or_type, (void *)CHECK_HOST },
++#endif /* WITHOUT_NIS */
+ { NULL, NULL, NULL }
+ };
+
@@ -155,6 +339,9 @@
+{
+ static const ns_dtab dtab[] = {
+ { NSSRC_FILES, files_check_host_by_key_or_type, (void *)LOOKUP_KEY_BY_TYPE },
++#ifndef WITHOUT_NIS
++ { NSSRC_NIS, nis_check_host_by_key_or_type, (void *)LOOKUP_KEY_BY_TYPE },
++#endif /* WITHOUT_NIS */
+ { NULL, NULL, NULL }
+ };
+
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/patches/patch-hostfile.h#4 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/patches/patch-sshconnect.c#4 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/Makefile#6 (text+ko) ====
@@ -53,11 +53,17 @@
PORTABLE_SUFFIX= -portable
USE_NSSWITCH= yes
+# Uncomment the next line to omit the nsswitch NIS support (NIS source)
+# WITHOUT_NIS= yes
.if defined(USE_NSSWITCH)
CFLAGS+= -DUSE_NSSWITCH
.endif
+.if defined(WITHOUT_NIS)
+CFLAGS+= -DWITHOUT_NIS
+.endif
+
USE_AUTOCONF_VER= 253
AUTOCONF_ARGS+= -o configure configure.ac
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/distinfo#3 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/batch.patch#4 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/gss-serv.c.patch#4 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-auth-pam.c#4 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-auth-rh.rsa.c#4 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-auth.c#4 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-auth.h#4 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-auth1.c#4 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-auth2-hostbased.c#4 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-auth2.c#4 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-clientloop.c#4 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-config.h.in#4 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-configure.ac#4 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-fake-rfc2553.h#4 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-hostfile.c#4 (text+ko) ====
@@ -1,6 +1,6 @@
---- hostfile.c.orig Mon Mar 14 15:08:12 2005
-+++ hostfile.c Mon Jul 18 15:27:23 2005
-@@ -38,16 +38,172 @@
+--- /tmp2/usr/ports/security/openssh-portable/work/openssh-4.1p1/hostfile.c Mon Mar 14 15:08:12 2005
++++ hostfile.c Tue Aug 9 13:13:17 2005
+@@ -38,16 +38,359 @@
#include "includes.h"
RCSID("$OpenBSD: hostfile.c,v 1.34 2005/03/10 22:01:05 deraadt Exp $");
@@ -25,6 +25,11 @@
+
+#if defined (HAVE_NSDISPATCH) && defined (USE_NSSWITCH)
+
++#ifndef WITHOUT_NIS
++#include <rpcsvc/ypclnt.h>
++#include <rpcsvc/yp.h>
++#endif /* WITHOUT_NIS */
++
+#ifndef NSDB_SSH_HOSTKEYS
+#define NSDB_SSH_HOSTKEYS "ssh_hostkeys"
+#endif /* NSDB_SSH_HOSTKEYS */
@@ -46,8 +51,13 @@
+ nsswitch_files_conf.system_hostfile2 = system_hostfile2;
+}
+
++static int hostfile_check_key(int, const Key *, const char *, const char *, int);
+static HostStatus check_host_in_hostfile_by_key_or_type(const char *,
+ const char *, const Key *, int, Key *, int *);
++#ifndef WITHOUT_NIS
++static HostStatus check_host_in_nis_by_key_or_type(const char *,
++ const Key *, int, Key *, int *);
++#endif /* WITHOUT_NIS */
+
+enum constants {
+ CHECK_HOST,
@@ -56,10 +66,16 @@
+
+static const ns_src defaultsrc[] = {
+ { NSSRC_FILES, NS_SUCCESS },
++#ifndef WITHOUT_NIS
++ { NSSRC_NIS, NS_SUCCESS },
++#endif /* WITHOUT_NIS */
+ { NULL, 0 }
+};
+
+static int files_check_host_by_key_or_type(void *, void *, va_list);
++#ifndef WITHOUT_NIS
++static int nis_check_host_by_key_or_type(void *, void *, va_list);
++#endif /* WITHOUT_NIS */
+
+/* files backend implementation */
+static int
@@ -101,10 +117,10 @@
+ found, &numret);
+ }
+
-+ debug3("files_check_host_by_key_or_type: CHECK_HOST - %d", rv);
++ debug3("files_check_host_by_key_or_type: check_host result %d", rv);
+ if (result != NULL)
+ *((int *)result) = rv;
-+ return ((rv == HOST_NEW) ? NS_NOTFOUND : NS_SUCCESS);
++ return ((rv != HOST_OK) ? NS_NOTFOUND : NS_SUCCESS);
+
+ case LOOKUP_KEY_BY_TYPE:
+ filename = nsswitch_files_conf.system_hostfile;
@@ -116,7 +132,171 @@
+ keytype, found, &numret) == HOST_FOUND);
+ }
+
-+ debug3("files_check_host_by_key_or_type: LOOKUP_KEY_BY_TYPE - %d", rv);
++ debug3("files_check_host_by_key_or_type: lookup_key_by_type result %d", rv);
++ if (result != NULL)
++ *((int *)result) = rv;
++ return ((rv == 0) ? NS_NOTFOUND : NS_SUCCESS);
++ }
++
++ return (NS_NOTFOUND);
++}
++
++#ifndef WITHOUT_NIS
++/* NIS backend implementation */
++static HostStatus
++check_host_in_nis_by_key_or_type(const char *host, const Key *key,
++ int keytype, Key *found, int *numret)
++{
++ u_int kbits;
++ int linenum;
++ char *cp, *cp2, *hashed_host;
++ HostStatus end_return;
++
++ char *domain;
++ char *lastkey;
++ char *current;
++ int current_len;
++
++ char *resultbuf;
++ int resultbuf_len;
++ int rv;
++
++
++ if (yp_get_default_domain(&domain) != 0) {
++ debug3("check_host_in_nis: can't get the NIS domain");
++ return (HOST_NEW);
++ }
++
++ current = NULL;
++ current_len = 0;
++ resultbuf = NULL;
++ resultbuf_len = 0;
++ linenum = 0;
++
++ rv = yp_first(domain, "ssh_hostkeys", ¤t, ¤t_len,
++ &resultbuf, &resultbuf_len);
++ end_return = HOST_NEW;
++ while (rv == 0) {
++ cp = resultbuf;
++
++ /* comments, trailing spaces and tabs should be deleted during
++ NIS map making, but we still should check for them - just in case */
++ for (; *cp == ' ' || *cp == '\t'; cp++)
++ ;
++ if (!*cp || *cp == '#' || *cp == '\n')
++ goto next_iter;
++
++ /* Find the end of the host name portion. */
++ for (cp2 = cp; *cp2 && *cp2 != ' ' && *cp2 != '\t'; cp2++)
++ ;
++
++ if (match_hostname(host, cp, (u_int) (cp2 - cp)) != 1) {
++ if (*cp != HASH_DELIM)
++ goto next_iter;
++ hashed_host = host_hash(host, cp, (u_int) (cp2 - cp));
++ if (hashed_host == NULL) {
++ debug("Invalid hashed host line %d of NIS source",
++ linenum);
++ goto next_iter;
++ }
++ if (strncmp(hashed_host, cp, (u_int) (cp2 - cp)) != 0)
++ goto next_iter;
++ }
++
++ /* Got a match. Skip host name. */
++ cp = cp2;
++
++ /*
++ * Extract the key from the line. This will skip any leading
++ * whitespace. Ignore badly formatted lines.
++ */
++ if (!hostfile_read_key(&cp, &kbits, found))
++ goto next_iter;
++
++ if (numret != NULL)
++ *numret = linenum;
++
++ if (key == NULL) {
++ /* we found a key of the requested type */
++ if (found->type == keytype) {
++ end_return = HOST_FOUND;
++ goto fin;
++ }
++ goto next_iter;
++ }
++
++ if (!hostfile_check_key(kbits, found, host, "NIS source", linenum))
++ goto next_iter;
++
++ /* Check if the current key is the same as the given key. */
++ if (key_equal(key, found)) {
++ /* Ok, they match. */
++ debug3("check_host_in_nis: match line %d", linenum);
++ end_return = HOST_OK;
++ goto fin;
++ }
++ /*
++ * They do not match. We will continue to go through the
++ * file; however, we note that we will not return that it is
++ * new.
++ */
++ end_return = HOST_CHANGED;
++
++next_iter:
++ lastkey = current;
++ rv = yp_next(domain, "ssh_hostkeys", current, current_len,
++ ¤t, ¤t_len, &resultbuf, &resultbuf_len);
++ free(lastkey);
++
++ ++linenum;
++ }
++
++fin:
++ free(resultbuf);
++ return (end_return);
++}
++
++static int
++nis_check_host_by_key_or_type(void *result, void *mdata, va_list ap)
++{
++ const char *host;
++ const Key *key;
++ Key *found;
++ int keytype;
++
++ int rv, numret;
++ enum constants how;
++
++ how = (enum constants)mdata;
++ switch (how) {
++ case CHECK_HOST:
++ host = va_arg(ap, const char *);
++ key = va_arg(ap, const Key *);
++ found = va_arg(ap, Key *);
++ break;
++ case LOOKUP_KEY_BY_TYPE:
++ host = va_arg(ap, const char *);
++ keytype = va_arg(ap, int);
++ found = va_arg(ap, Key *);
++ break;
++ default:
++ return NS_NOTFOUND;
++ }
++
++ switch (how) {
++ case CHECK_HOST:
++ rv = check_host_in_nis_by_key_or_type(host, key, 0, found, &numret);
++
++ debug3("nis_check_host_by_key_or_type: check_host result %d", rv);
++ if (result != NULL)
++ *((int *)result) = rv;
++ return ((rv != HOST_OK) ? NS_NOTFOUND : NS_SUCCESS);
++
++ case LOOKUP_KEY_BY_TYPE:
++ rv = (check_host_in_nis_by_key_or_type(host, NULL, keytype, found,
++ &numret) == HOST_FOUND);
++
++ debug3("nis_check_host_by_key_or_type: lookup_key_by_type result %d", rv);
+ if (result != NULL)
+ *((int *)result) = rv;
+ return ((rv == 0) ? NS_NOTFOUND : NS_SUCCESS);
@@ -124,6 +304,7 @@
+
+ return (NS_NOTFOUND);
+}
++#endif /* WITHOUT_NIS */
+
+/* nsswitch interface functions implementation */
+HostStatus
@@ -131,6 +312,9 @@
+{
+ static const ns_dtab dtab[] = {
+ { NSSRC_FILES, files_check_host_by_key_or_type, (void *)CHECK_HOST },
++#ifndef WITHOUT_NIS
++ { NSSRC_NIS, nis_check_host_by_key_or_type, (void *)CHECK_HOST },
++#endif /* WITHOUT_NIS */
+ { NULL, NULL, NULL }
+ };
+
@@ -155,6 +339,9 @@
+{
+ static const ns_dtab dtab[] = {
+ { NSSRC_FILES, files_check_host_by_key_or_type, (void *)LOOKUP_KEY_BY_TYPE },
++#ifndef WITHOUT_NIS
++ { NSSRC_NIS, nis_check_host_by_key_or_type, (void *)LOOKUP_KEY_BY_TYPE },
++#endif /* WITHOUT_NIS */
+ { NULL, NULL, NULL }
+ };
+
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-hostfile.h#4 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-loginrec.c#4 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-regress-test-exec.sh#4 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-session.c#4 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-sshconnect.c#4 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-sshd.c#4 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-sshd_config#4 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/patch-sshpty.c#4 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/servconf.c.patch#4 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/files/sshd.sh#4 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/pkg-descr#3 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/pkg-message#3 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/port/pkg-plist#3 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/result_copy.sh#3 (text+ko) ====
==== //depot/projects/soc2005/nsswitch_cached/tests/ssh_hostkeys_test/sshconnect.c#4 (text+ko) ====
More information about the p4-projects
mailing list