1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-11-15 23:50:44 +00:00
freebsd-ports/security/ssh/files/patch-af
Torsten Blum eb66565459 Add IPv6 support to ssh.
The IPv6 patch was obtained from the kame repository and has been
been writen by KIKUCHI Takahiro <kick@kyoto.wide.ad.jp>

Due to the whole mess with different patches it was necessary to include
both the IPv6 patch and patch-ssh-1.2.27-bsd.tty.chown in ${PATCHDIR}.
Since both patches modify the configure script it was also necessary
to rebuild it via autoconf from configure.in. I've decided to use
USE_AUTOCONF instead of including the re-build configure script in
${FILESDIR}

Obtained from:	KAME/WIDE
2000-01-14 19:37:39 +00:00

810 lines
27 KiB
Plaintext

*** sshd.c.orig Tue Jan 11 20:40:10 2000
--- sshd.c Tue Jan 11 20:40:07 2000
***************
*** 553,558 ****
--- 553,571 ----
/* Name of the server configuration file. */
char *config_file_name = SERVER_CONFIG_FILE;
+ /* Flag indicating whether IPv4 or IPv6. This can be set on the command line.
+ Default value is AF_UNSPEC means both IPv4 and IPv6. */
+ #ifdef ENABLE_IPV6
+ int IPv4or6 = AF_UNSPEC;
+ #else
+ int IPv4or6 = AF_INET;
+ #endif
+
+ #ifdef ENABLE_LOG_AUTH
+ char *unauthenticated_user = NULL;
+ int log_auth_flag = 0;
+ #endif /* ENABLE_LOG_AUTH */
+
/* Debug mode flag. This can be set on the command line. If debug
mode is enabled, extra debugging output will be sent to the system
log, the daemon will not go to background, and will exit after processing
***************
*** 576,582 ****
/* This is set to the socket that the server is listening; this is used in
the SIGHUP signal handler. */
! int listen_sock;
/* This is not really needed, and could be eliminated if server-specific
and client-specific code were removed from newchannels.c */
--- 589,605 ----
/* This is set to the socket that the server is listening; this is used in
the SIGHUP signal handler. */
! #define MAX_LISTEN_SOCKS 16
! int listen_socks[MAX_LISTEN_SOCKS];
! int num_listen_socks = 0;
! void close_listen_socks()
! {
! int i;
!
! for (i = 0; i < num_listen_socks; i++)
! close(listen_socks[i]);
! num_listen_socks = -1;
! }
/* This is not really needed, and could be eliminated if server-specific
and client-specific code were removed from newchannels.c */
***************
*** 666,672 ****
void sighup_restart(void)
{
log_msg("Received SIGHUP; restarting.");
! close(listen_sock);
execvp(saved_argv[0], saved_argv);
log_msg("RESTART FAILED: av[0]='%.100s', error: %.100s.",
saved_argv[0], strerror(errno));
--- 689,695 ----
void sighup_restart(void)
{
log_msg("Received SIGHUP; restarting.");
! close_listen_socks();
execvp(saved_argv[0], saved_argv);
log_msg("RESTART FAILED: av[0]='%.100s', error: %.100s.",
saved_argv[0], strerror(errno));
***************
*** 680,686 ****
RETSIGTYPE sigterm_handler(int sig)
{
log_msg("Received signal %d; terminating.", sig);
! close(listen_sock);
exit(255);
}
--- 703,709 ----
RETSIGTYPE sigterm_handler(int sig)
{
log_msg("Received signal %d; terminating.", sig);
! close_listen_socks();
exit(255);
}
***************
*** 759,765 ****
int perm_denied = 0;
int ret;
fd_set fdset;
! struct sockaddr_in sin;
char buf[100]; /* Must not be larger than remote_version. */
char remote_version[100]; /* Must be at least as big as buf. */
char *comment;
--- 782,788 ----
int perm_denied = 0;
int ret;
fd_set fdset;
! struct sockaddr_storage from;
char buf[100]; /* Must not be larger than remote_version. */
char remote_version[100]; /* Must be at least as big as buf. */
char *comment;
***************
*** 769,774 ****
--- 792,800 ----
struct linger linger;
#endif /* SO_LINGER */
int done;
+ struct addrinfo *ai;
+ char ntop[ADDRSTRLEN], strport[PORTSTRLEN];
+ int listen_sock, maxfd;
/* Save argv[0]. */
saved_argv = av;
***************
*** 787,796 ****
initialize_server_options(&options);
/* Parse command-line arguments. */
! while ((opt = getopt(ac, av, "f:p:b:k:h:g:diqV:")) != EOF)
{
switch (opt)
{
case 'f':
config_file_name = optarg;
break;
--- 813,838 ----
initialize_server_options(&options);
/* Parse command-line arguments. */
! while ((opt = getopt(ac, av, "f:p:b:k:h:g:diqV:4"
! #ifdef ENABLE_IPV6
! "6"
! #endif
! )) != EOF)
{
switch (opt)
{
+ case '4':
+ #ifdef ENABLE_IPV6
+ IPv4or6 = (IPv4or6 == AF_INET6) ? AF_UNSPEC : AF_INET;
+ #else
+ IPv4or6 = AF_INET;
+ #endif
+ break;
+ #ifdef ENABLE_IPV6
+ case '6':
+ IPv4or6 = (IPv4or6 == AF_INET) ? AF_UNSPEC : AF_INET6;
+ break;
+ #endif
case 'f':
config_file_name = optarg;
break;
***************
*** 807,813 ****
options.server_key_bits = atoi(optarg);
break;
case 'p':
! options.port = atoi(optarg);
break;
case 'g':
options.login_grace_time = atoi(optarg);
--- 849,855 ----
options.server_key_bits = atoi(optarg);
break;
case 'p':
! options.ports[options.num_ports++] = atoi(optarg);
break;
case 'g':
options.login_grace_time = atoi(optarg);
***************
*** 829,834 ****
--- 871,880 ----
fprintf(stderr, "sshd version %s [%s]\n", SSH_VERSION, HOSTTYPE);
fprintf(stderr, "Usage: %s [options]\n", av0);
fprintf(stderr, "Options:\n");
+ fprintf(stderr, " -4 Use IPv4 only\n");
+ #ifdef ENABLE_IPV6
+ fprintf(stderr, " -6 Use IPv6 only\n");
+ #endif
fprintf(stderr, " -f file Configuration file (default %s/sshd_config)\n", ETCDIR);
fprintf(stderr, " -d Debugging mode\n");
fprintf(stderr, " -i Started from inetd\n");
***************
*** 857,872 ****
fprintf(stderr, "fatal: Bad server key size.\n");
exit(1);
}
- if (options.port < 1 || options.port > 65535)
- {
- fprintf(stderr, "fatal: Bad port number.\n");
- exit(1);
- }
if (options.umask != -1)
{
umask(options.umask);
}
/* Check that there are no remaining arguments. */
if (optind < ac)
{
--- 903,917 ----
fprintf(stderr, "fatal: Bad server key size.\n");
exit(1);
}
if (options.umask != -1)
{
umask(options.umask);
}
+ #ifdef ENABLE_LOG_AUTH
+ log_auth_flag = options.log_auth;
+ #endif /* ENABLE_LOG_AUTH */
+
/* Check that there are no remaining arguments. */
if (optind < ac)
{
***************
*** 1034,1043 ****
}
else
{
/* Create socket for listening. */
! listen_sock = socket(AF_INET, SOCK_STREAM, 0);
if (listen_sock < 0)
fatal("socket: %.100s", strerror(errno));
/* Set socket options. We try to make the port reusable and have it
close as fast as possible without waiting in unnecessary wait states
--- 1079,1091 ----
}
else
{
+ for (ai = options.listen_addrs; ai; ai = ai->ai_next)
+ {
/* Create socket for listening. */
! listen_sock = socket(ai->ai_family, SOCK_STREAM, 0);
if (listen_sock < 0)
fatal("socket: %.100s", strerror(errno));
+ listen_socks[num_listen_socks] = listen_sock;
/* Set socket options. We try to make the port reusable and have it
close as fast as possible without waiting in unnecessary wait states
***************
*** 1051,1071 ****
sizeof(linger));
#endif /* SO_LINGER */
! /* Initialize the socket address. */
! memset(&sin, 0, sizeof(sin));
! sin.sin_family = AF_INET;
! sin.sin_addr = options.listen_addr;
! sin.sin_port = htons(options.port);
/* Bind the socket to the desired port. */
! if (bind(listen_sock, (struct sockaddr *)&sin, sizeof(sin)) < 0)
{
! error("bind: %.100s", strerror(errno));
! shutdown(listen_sock, 2);
close(listen_sock);
! fatal("Bind to port %d failed: %.200s.", options.port,
! strerror(errno));
}
if (!debug_flag)
{
--- 1099,1128 ----
sizeof(linger));
#endif /* SO_LINGER */
! getnameinfo(ai->ai_addr, ai->ai_addrlen,
! ntop, sizeof(ntop), strport, sizeof(strport),
! NI_NUMERICHOST|NI_NUMERICSERV);
/* Bind the socket to the desired port. */
! if (bind(listen_sock, ai->ai_addr, ai->ai_addrlen) < 0)
{
! error("Bind to port %s on %s failed: %.200s.",
! strport, ntop, strerror(errno));
close(listen_sock);
! continue;
}
+ num_listen_socks++;
+
+ /* Start listening on the port. */
+ log_msg("Server listening on %s port %s.", ntop, strport);
+ if (listen(listen_sock, 5) < 0)
+ fatal("listen: %.100s", strerror(errno));
+
+ } /* for (ai = options.listen_addrs; ai; ai = ai->ai_next) */
+ freeaddrinfo(options.listen_addrs);
+
+ if (!num_listen_socks)
+ fatal("Cannot bind all addresses.");
if (!debug_flag)
{
***************
*** 1081,1091 ****
}
}
- /* Start listening on the port. */
- log_msg("Server listening on port %d.", options.port);
- if (listen(listen_sock, 5) < 0)
- fatal("listen: %.100s", strerror(errno));
-
/* Generate an rsa key. */
log_msg("Generating %d bit RSA key.", options.server_key_bits);
rsa_generate_key(&sensitive_data.private_key, &public_key,
--- 1138,1143 ----
***************
*** 1139,1156 ****
/* Wait in select until there is a connection. */
FD_ZERO(&fdset);
! FD_SET(listen_sock, &fdset);
! ret = select(listen_sock + 1, &fdset, NULL, NULL, NULL);
! if (ret < 0 || !FD_ISSET(listen_sock, &fdset))
{
if (errno == EINTR)
continue;
error("select: %.100s", strerror(errno));
continue;
}
!
! aux = sizeof(sin);
! newsock = accept(listen_sock, (struct sockaddr *)&sin, &aux);
if (newsock < 0)
{
if (errno == EINTR)
--- 1191,1218 ----
/* Wait in select until there is a connection. */
FD_ZERO(&fdset);
! maxfd = 0;
! for (i = 0; i < num_listen_socks; i++)
! {
! FD_SET(listen_socks[i], &fdset);
! if (listen_socks[i] > maxfd)
! maxfd = listen_socks[i];
! }
! ret = select(maxfd + 1, &fdset, NULL, NULL, NULL);
! if (ret < 0)
{
if (errno == EINTR)
continue;
error("select: %.100s", strerror(errno));
continue;
}
!
! for (i = 0; i < num_listen_socks; i++)
! {
! if (!FD_ISSET(listen_socks[i], &fdset))
! continue;
! aux = sizeof(from);
! newsock = accept(listen_socks[i], (struct sockaddr *)&from, &aux);
if (newsock < 0)
{
if (errno == EINTR)
***************
*** 1166,1172 ****
/* In debugging mode. Close the listening socket, and start
processing the connection without forking. */
debug("Server will not fork when running in debugging mode.");
! close(listen_sock);
sock_in = newsock;
sock_out = newsock;
pid = getpid();
--- 1228,1234 ----
/* In debugging mode. Close the listening socket, and start
processing the connection without forking. */
debug("Server will not fork when running in debugging mode.");
! close_listen_socks();
sock_in = newsock;
sock_out = newsock;
pid = getpid();
***************
*** 1195,1201 ****
the accepted socket. Reinitialize logging (since our
pid has changed). We break out of the loop to handle
the connection. */
! close(listen_sock);
sock_in = newsock;
sock_out = newsock;
#ifdef LIBWRAP
--- 1257,1263 ----
the accepted socket. Reinitialize logging (since our
pid has changed). We break out of the loop to handle
the connection. */
! close_listen_socks();
sock_in = newsock;
sock_out = newsock;
#ifdef LIBWRAP
***************
*** 1233,1238 ****
--- 1295,1304 ----
/* Close the new socket (the child is now taking care of it). */
close(newsock);
+ } /* for (i = 0; i < num_host_socks; i++) */
+ /* child process check (or debug mode) */
+ if (num_listen_socks < 0)
+ break;
}
}
***************
*** 2205,2210 ****
--- 2271,2279 ----
krb5_parse_name(ssh_context, user, &client);
#endif /* defined(KERBEROS) && defined(KRB5) */
+ #ifdef ENABLE_LOG_AUTH
+ unauthenticated_user = user;
+ #endif /* ENABLE_LOG_AUTH */
/* Verify that the user is a valid user. We disallow usernames starting
with any characters that are commonly used to start NIS entries. */
pw = getpwnam(user);
***************
*** 2222,2228 ****
pwcopy.pw_class = xstrdup(pw->pw_class);
pwcopy.pw_change = pw->pw_change;
pwcopy.pw_expire = pw->pw_expire;
! #endif /* __bsdi__ && _BSDI_VERSION >= 199510 */
pwcopy.pw_dir = xstrdup(pw->pw_dir);
pwcopy.pw_shell = xstrdup(pw->pw_shell);
pw = &pwcopy;
--- 2291,2297 ----
pwcopy.pw_class = xstrdup(pw->pw_class);
pwcopy.pw_change = pw->pw_change;
pwcopy.pw_expire = pw->pw_expire;
! #endif /* (__bsdi__ && _BSDI_VERSION >= 199510) || (__FreeBSD__ && HAVE_LOGIN_CAP_H) */
pwcopy.pw_dir = xstrdup(pw->pw_dir);
pwcopy.pw_shell = xstrdup(pw->pw_shell);
pw = &pwcopy;
***************
*** 2260,2265 ****
--- 2329,2339 ----
{
/* Authentication with empty password succeeded. */
debug("Login for user %.100s accepted without authentication.", user);
+ #ifdef ENABLE_LOG_AUTH
+ log_auth("%.100s from %.700s (%s)",
+ user, get_canonical_hostname(),
+ "empty password accepted");
+ #endif /* ENABLE_LOG_AUTH */
authentication_type = SSH_AUTH_PASSWORD;
authenticated = 1;
/* Success packet will be sent after loop below. */
***************
*** 2334,2339 ****
--- 2408,2418 ----
/* Client has successfully authenticated to us. */
log_msg("Kerberos authentication accepted %.100s for login to account %.100s from %.200s",
tkt_user, user, get_canonical_hostname());
+ #ifdef ENABLE_LOG_AUTH
+ log_auth("%.100s from %.700s (%s)",
+ user, get_canonical_hostname(),
+ "kerberos authentication accepted");
+ #endif /* ENABLE_LOG_AUTH */
authentication_type = SSH_AUTH_KERBEROS;
authenticated = 1;
break;
***************
*** 2382,2387 ****
--- 2461,2471 ----
/* Authentication accepted. */
log_msg("Rhosts authentication accepted for %.100s, remote %.100s on %.700s.",
user, client_user, get_canonical_hostname());
+ #ifdef ENABLE_LOG_AUTH
+ log_auth("%.100s from %.100s@%.700s (%s)",
+ user, client_user, get_canonical_hostname(),
+ "rhosts authentication accepted");
+ #endif /* ENABLE_LOG_AUTH */
authentication_type = SSH_AUTH_RHOSTS;
authenticated = 1;
remote_user_name = client_user;
***************
*** 2441,2446 ****
--- 2525,2535 ----
options.strict_modes))
{
/* Authentication accepted. */
+ #ifdef ENABLE_LOG_AUTH
+ log_auth("%.100s from %.100s@%.700s (%s)",
+ user, client_user, get_canonical_hostname(),
+ "rhosts with RSA host authentication accepted");
+ #endif /* ENABLE_LOG_AUTH */
authentication_type = SSH_AUTH_RHOSTS_RSA;
authenticated = 1;
remote_user_name = client_user;
***************
*** 2474,2479 ****
--- 2563,2573 ----
/* Successful authentication. */
mpz_clear(&n);
log_msg("RSA authentication for %.100s accepted.", user);
+ #ifdef ENABLE_LOG_AUTH
+ log_auth("%.100s from %.700s (%s)",
+ user, get_canonical_hostname(),
+ "RSA user authentication accepted");
+ #endif /* ENABLE_LOG_AUTH */
authentication_type = SSH_AUTH_RSA;
authenticated = 1;
break;
***************
*** 2608,2613 ****
--- 2702,2712 ----
auth_close();
memset(password, 0, strlen(password));
xfree(password);
+ #ifdef ENABLE_LOG_AUTH
+ log_auth("%.100s from @%.700s (%s)",
+ user, get_canonical_hostname(),
+ "TIS authentication accepted");
+ #endif /* ENABLE_LOG_AUTH */
authentication_type = SSH_AUTH_TIS;
authenticated = 1;
break;
***************
*** 2668,2673 ****
--- 2767,2777 ----
memset(password, 0, strlen(password));
xfree(password);
log_msg("Password authentication for %.100s accepted.", user);
+ #ifdef ENABLE_LOG_AUTH
+ log_auth("%.100s from %.700s (%s)",
+ user, get_canonical_hostname(),
+ "password authentication accepted");
+ #endif /* ENABLE_LOG_AUTH */
authentication_type = SSH_AUTH_PASSWORD;
authenticated = 1;
break;
***************
*** 2708,2713 ****
--- 2812,2822 ----
}
/* Check if the user is logging in as root and root logins are disallowed. */
+ #ifdef ENABLE_LOG_AUTH
+ if ((pw->pw_uid == UID_ROOT && options.permit_root_login == 1) ||
+ (pw->pw_uid == UID_ROOT && options.permit_root_login == 0 && !forced_command))
+ log_auth("ROOT LOGIN REFUSED FROM %.200s", get_canonical_hostname());
+ #endif /* ENABLE_LOG_AUTH */
if (pw->pw_uid == UID_ROOT && options.permit_root_login == 1)
{
if (authentication_type == SSH_AUTH_PASSWORD)
***************
*** 2775,2780 ****
--- 2884,2892 ----
packet_start(SSH_SMSG_SUCCESS);
packet_send();
packet_write_wait();
+ #ifdef ENABLE_LOG_AUTH
+ unauthenticated_user = NULL;
+ #endif /* ENABLE_LOG_AUTH */
/* Perform session preparation. */
do_authenticated(pw);
***************
*** 3280,3294 ****
char line[256];
struct stat st;
int quiet_login;
! struct sockaddr_in from;
int fromlen;
struct pty_cleanup_context cleanup_context;
#if defined (__FreeBSD__) && defined(HAVE_LOGIN_CAP_H)
login_cap_t *lc;
#endif
! #if defined (__bsdi__) && _BSDI_VERSION >= 199510
struct timeval tp;
! #endif /* __bsdi__ && _BSDI_VERSION >= 199510 */
/* We no longer need the child running on user's privileges. */
userfile_uninit();
--- 3392,3407 ----
char line[256];
struct stat st;
int quiet_login;
! struct sockaddr_storage from;
int fromlen;
struct pty_cleanup_context cleanup_context;
#if defined (__FreeBSD__) && defined(HAVE_LOGIN_CAP_H)
login_cap_t *lc;
+ time_t warnpassword, warnexpire;
#endif
! #if defined(__FreeBSD__) || (defined (__bsdi__) && _BSDI_VERSION >= 199510)
struct timeval tp;
! #endif /* __FreeBSD__ || (__bsdi__ && _BSDI_VERSION >= 199510) */
/* We no longer need the child running on user's privileges. */
userfile_uninit();
***************
*** 3387,3393 ****
/* Record that there was a login on that terminal. */
record_login(pid, ttyname, pw->pw_name, pw->pw_uid, hostname,
! &from);
#if defined (__FreeBSD__) && defined(HAVE_LOGIN_CAP_H)
lc = login_getclass(pw->pw_class);
--- 3500,3506 ----
/* Record that there was a login on that terminal. */
record_login(pid, ttyname, pw->pw_name, pw->pw_uid, hostname,
! (struct sockaddr *)&from);
#if defined (__FreeBSD__) && defined(HAVE_LOGIN_CAP_H)
lc = login_getclass(pw->pw_class);
***************
*** 3446,3451 ****
--- 3559,3572 ----
"The Regents of the University of California. ",
"All rights reserved.");
}
+ #ifdef HAVE_LOGIN_CAP_H
+ #define DEFAULT_WARN (2L * 7L * 86400L) /* Two weeks */
+
+ warnpassword = login_getcaptime(lc, "warnpassword",
+ DEFAULT_WARN, DEFAULT_WARN);
+ warnexpire = login_getcaptime(lc, "warnexpire",
+ DEFAULT_WARN, DEFAULT_WARN);
+ #endif
#endif
/* Print /etc/motd unless a command was specified or printing it was
***************
*** 3469,3475 ****
fputs(line, stdout);
fclose(f);
}
! #if defined (__bsdi__) && _BSDI_VERSION >= 199510
if (pw->pw_change || pw->pw_expire)
(void)gettimeofday(&tp, (struct timezone *)NULL);
if (pw->pw_change)
--- 3590,3596 ----
fputs(line, stdout);
fclose(f);
}
! #if defined(__FreeBSD__) || (defined(__bsdi__) && _BSDI_VERSION >= 199510)
if (pw->pw_change || pw->pw_expire)
(void)gettimeofday(&tp, (struct timezone *)NULL);
if (pw->pw_change)
***************
*** 3876,3881 ****
--- 3997,4003 ----
char *user_shell;
char *remote_ip;
int remote_port;
+ int local_port;
#if defined (__FreeBSD__) && defined(HAVE_LOGIN_CAP_H)
login_cap_t *lc;
char *real_shell;
***************
*** 3922,3928 ****
while (fgets(buf, sizeof(buf), f))
fputs(buf, stderr);
fclose(f);
! #if defined (__bsdi__) && _BSDI_VERSION >= 199510
if (pw->pw_uid != UID_ROOT &&
!login_getcapbool(lc, "ignorenologin", 0))
exit(254);
--- 4044,4050 ----
while (fgets(buf, sizeof(buf), f))
fputs(buf, stderr);
fclose(f);
! #if (defined(__FreeBSD__) && defined(HAVE_LOGIN_CAP_H)) || (defined (__bsdi__) && _BSDI_VERSION >= 199510)
if (pw->pw_uid != UID_ROOT &&
!login_getcapbool(lc, "ignorenologin", 0))
exit(254);
***************
*** 3981,3986 ****
--- 4103,4109 ----
user_shell = xstrdup(pw->pw_shell);
remote_ip = xstrdup(get_remote_ipaddr());
remote_port = get_remote_port();
+ local_port = get_local_port();
/* Close the connection descriptors; note that this is the child, and the
server will still have the socket open, and it is important that we
***************
*** 4000,4006 ****
/* Close any extra file descriptors. Note that there may still be
descriptors left by system functions. They will be closed later. */
endpwent();
- endhostent();
/* Set dummy encryption key to clear information about the key from
memory. This key will never be used. */
--- 4123,4128 ----
***************
*** 4257,4263 ****
/* Set SSH_CLIENT. */
snprintf(buf, sizeof(buf),
! "%.50s %d %d", remote_ip, remote_port, options.port);
child_set_env(&env, &envsize, "SSH_CLIENT", buf);
/* Set SSH_TTY if we have a pty. */
--- 4379,4385 ----
/* Set SSH_CLIENT. */
snprintf(buf, sizeof(buf),
! "%.50s %d %d", remote_ip, remote_port, local_port);
child_set_env(&env, &envsize, "SSH_CLIENT", buf);
/* Set SSH_TTY if we have a pty. */
***************
*** 4426,4432 ****
int i;
char name[255], *p;
char line[256];
! struct hostent *hp;
strncpy(name, display, sizeof(name));
name[sizeof(name) - 1] = '\0';
--- 4548,4555 ----
int i;
char name[255], *p;
char line[256];
! struct addrinfo hints, *ai, *aitop;
! char ntop[ADDRSTRLEN];
strncpy(name, display, sizeof(name));
name[sizeof(name) - 1] = '\0';
***************
*** 4443,4449 ****
/* Moved this call here to avoid a nasty buf in SunOS
4.1.4 libc where gethostbyname closes an unrelated
file descriptor. */
! hp = gethostbyname(name);
snprintf(line, sizeof(line),
"%.200s -q -", options.xauth_path);
--- 4566,4575 ----
/* Moved this call here to avoid a nasty buf in SunOS
4.1.4 libc where gethostbyname closes an unrelated
file descriptor. */
! memset(&hints, 0, sizeof(hints));
! hints.ai_family = IPv4or6;
! if (getaddrinfo(name, NULL, &hints, &aitop) != 0)
! aitop = 0;
snprintf(line, sizeof(line),
"%.200s -q -", options.xauth_path);
***************
*** 4461,4481 ****
cp - display, display, cp, auth_proto,
auth_data);
#endif
! if (hp)
{
! for(i = 0; hp->h_addr_list[i]; i++)
{
if (debug_flag)
{
fprintf(stderr, "Running %s add %s%s %s %s\n",
options.xauth_path,
! inet_ntoa(*((struct in_addr *)
! hp->h_addr_list[i])),
cp, auth_proto, auth_data);
}
fprintf(f, "add %s%s %s %s\n",
! inet_ntoa(*((struct in_addr *)
! hp->h_addr_list[i])),
cp, auth_proto, auth_data);
}
}
--- 4587,4610 ----
cp - display, display, cp, auth_proto,
auth_data);
#endif
! if (aitop)
{
! for (ai = aitop; ai; ai = ai->ai_next)
{
+ getnameinfo(ai->ai_addr, ai->ai_addrlen,
+ ntop, sizeof(ntop), NULL, 0,
+ NI_NUMERICHOST);
+ if (strchr(ntop, ':'))
+ continue; /* XXX - xauth doesn't accept it */
if (debug_flag)
{
fprintf(stderr, "Running %s add %s%s %s %s\n",
options.xauth_path,
! ntop,
cp, auth_proto, auth_data);
}
fprintf(f, "add %s%s %s %s\n",
! ntop,
cp, auth_proto, auth_data);
}
}
***************
*** 4525,4531 ****
--- 4654,4664 ----
struct stat mailbuf;
if (stat(mailbox, &mailbuf) == -1 || mailbuf.st_size == 0)
+ #ifdef __FreeBSD__
+ ;
+ #else
printf("No mail.\n");
+ #endif
else if (mailbuf.st_atime > mailbuf.st_mtime)
printf("You have mail.\n");
else