From owner-freebsd-bugs Sun Apr 2 12: 0:16 2000 Delivered-To: freebsd-bugs@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (Postfix) with ESMTP id 5FD1B37BE9E for ; Sun, 2 Apr 2000 12:00:09 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.9.3/8.9.2) id MAA16711; Sun, 2 Apr 2000 12:00:08 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from mail.wzrd.com (mail.wzrd.com [206.99.165.3]) by hub.freebsd.org (Postfix) with ESMTP id C3E7637B5D4 for ; Sun, 2 Apr 2000 11:59:38 -0700 (PDT) (envelope-from danh@wzrd.com) Received: by mail.wzrd.com (Postfix, from userid 91) id AF75D5D06F; Sun, 2 Apr 2000 14:59:08 -0400 (EDT) Message-Id: <20000402185908.AF75D5D06F@mail.wzrd.com> Date: Sun, 2 Apr 2000 14:59:08 -0400 (EDT) From: danh@wzrd.com Reply-To: danh@wzrd.com To: FreeBSD-gnats-submit@freebsd.org X-Send-Pr-Version: 3.2 Subject: bin/17756: sshd ignores .hushlogin Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Number: 17756 >Category: bin >Synopsis: sshd ignores .hushlogin >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sun Apr 2 12:00:03 PDT 2000 >Closed-Date: >Last-Modified: >Originator: Dan Harnett >Release: FreeBSD 4.0-RELEASE >Organization: >Environment: FreeBSD 4.0-RELEASE i386 >Description: sshd ignores the existence of a .hushlogin file in a users home directory for a quiet login. Setting the capability in /etc/login.conf works great however. >How-To-Repeat: Create a .hushlogin file in your home directory. Make sure the hushlogin capability for your login class does not exist. Use a secure shell client to login. Appropriate behavior would be to not print the copyright, last login, and message of the day. >Fix: Apply the following patch. It would appear the third argument to login_getcapbool(3) does not affect the return value if the capability is not found. It only has an affect when the first or second arguments are NULL. --- sshd.c.orig Sun Apr 2 13:57:22 2000 +++ sshd.c Sun Apr 2 14:20:33 2000 @@ -2289,12 +2289,12 @@ /* Check if .hushlogin exists. */ snprintf(line, sizeof line, "%.200s/.hushlogin", pw->pw_dir); - quiet_login = stat(line, &st) >= 0; #ifdef LOGIN_CAP lc = login_getpwclass(pw); - if (lc == NULL) - lc = login_getclassbyname(NULL, pw); - quiet_login = login_getcapbool(lc, "hushlogin", quiet_login); + quiet_login = (stat(line, &st) >= 0) + || login_getcapbool(lc, "hushlogin", 0); +#else + quiet_login = stat(line, &st) >= 0; #endif /* LOGIN_CAP */ #ifdef __FreeBSD__ >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message