Project

General

Profile

Bug #3152 » ssh.patch

Darren Reed, 2012-09-05 11:57 AM

View differences:

new/usr/src/cmd/ssh/etc/ssh.xml Wed Sep 5 21:42:38 2012
21 21
	CDDL HEADER END
22 22

  
23 23
	Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
24
	Copyright 2012 Darren Reed.  All rights reserved.
24 25
	Use is subject to license terms.
25 26

  
26 27
	NOTE:  This service manifest is not editable; its contents will
......
151 152
			value='solaris.smf.value.firewall.config' />
152 153
	</property_group>
153 154

  
155
	<property_group name='config' type='application'>
156
		<propval name='options'
157
			type='astring' value='' />
158
		<propval name='config_file'
159
			type='astring' value='' />
160
        </property_group>
161

  
154 162
	<stability value='Unstable' />
155 163

  
156 164
	<template>
157
-- old/usr/src/cmd/ssh/etc/sshd	Wed Sep  5 21:42:39 2012
165
++ new/usr/src/cmd/ssh/etc/sshd	Wed Sep  5 21:42:38 2012
......
1 1
#!/sbin/sh
2 2
#
3 3
# Copyright 2010 Sun Microsystems, Inc.  All rights reserved.
4
# Copyright 2012 Darren Reed. All rights reserved.
4 5
# Use is subject to license terms.
5 6
#
6 7

  
7 8
. /lib/svc/share/ipf_include.sh
8 9
. /lib/svc/share/smf_include.sh
9 10

  
10
SSHDIR=/etc/ssh
11 11
KEYGEN="/usr/bin/ssh-keygen -q"
12
PIDFILE=/var/run/sshd.pid
12
INSTANCE=`expr ${SMF_FMRI} : '.*:\([^:/]*\)'`
13
PIDFILE=/var/run/sshd-${INSTANCE}.pid
14
_CONFIG=`svcprop -c -p config/config_file ${SMF_FMRI} 2>/dev/null`
15
#
16
# svcprop returns "" to represent an empty string which is incompatible
17
# with how shells scripts usually test for an empty string (with -n/-z).
18
# Thus the quotes are removed from the start and end of the string if
19
# they are present.
20
#
21
CONFIG=`expr "$_CONFIG" : '^\"*\(.*\)\"*$'`
22
if [ -n "$CONFIG" ] ; then
23
	#
24
	# The returned string will typically be a URI that strats with
25
	# "file://localhost/", meaning that it is not immediately suitable
26
	# for use as a path so remove the URI header section of the string.
27
	#
28
	SSHDCONFIG=`expr "${CONFIG}" : '[^/]*/[^/]*/[^/]*\(.*\)'`
29
else
30
	SSHDCONFIG=/etc/ssh/sshd_config
31
fi
32
SSHDIR=`dirname "$SSHDCONFIG"`
33
_OPTIONS=`svcprop -c -p config/options "${SMF_FMRI}" 2>/dev/null`
34
OPTIONS=`expr "$_OPTIONS" : '\"?\(.*\)\"?'`
13 35

  
14 36
# Checks to see if RSA, and DSA host keys are available
15 37
# if any of these keys are not present, the respective keys are created.
......
32 54
		# space and one literal tab.
33 55
		#
34 56
		grep -i "^[ 	]*HostKey[ 	]*=\{0,1\}[ 	]*$keypath" \
35
		    $SSHDIR/sshd_config | grep "$keypath" > /dev/null 2>&1
57
		    "$SSHDCONFIG" | grep "$keypath" > /dev/null 2>&1
36 58

  
37 59
		if [ $? -eq 0 ]; then
38 60
			echo Creating new $keytype public/private host key pair
......
63 85
	done
64 86
}
65 87

  
88
check_keys()
89
{
90
	for keyfile in `awk '/^HostKey/ { print $2; } ' "$SSHDCONFIG"`; do
91
		type=`expr "$keyfile" : '.*_\([rd]sa\)_.*'`
92
		create_key "$keyfile" "$type"
93
	done
94
}
95

  
66 96
# This script is being used for two purposes: as part of an SMF
67 97
# start/stop/refresh method, and as a sysidconfig(1M)/sys-unconfig(1M)
68 98
# application.
......
73 103
case $1 in 
74 104
	# sysidconfig/sys-unconfig arguments (-c and -u)
75 105
'-c')
76
	create_key $SSHDIR/ssh_host_rsa_key rsa
77
	create_key $SSHDIR/ssh_host_dsa_key dsa
106
	check_keys
78 107
	;;
79 108

  
80 109
'-u')
......
91 120

  
92 121
'start')
93 122
	#
94
	# If host keys don't exist when the service is started, create
95
	# them; sysidconfig is not run in every situation (such as on
96
	# the install media).
97
	# 
98
	create_key $SSHDIR/ssh_host_rsa_key rsa
99
	create_key $SSHDIR/ssh_host_dsa_key dsa
100

  
101
	/usr/lib/ssh/sshd
123
	# This check for the presence of $SSHDCONFIG is not required for
124
	# the default instance as there is an explicit dependency
125
	#
126
	if [ ! -f "$SSHDCONFIG" ] ; then
127
		exit $SMF_EXIT_ERR_CONFIG
128
	fi
129
	#
130
	# With multiple instances supported, it is necessary to always check
131
	# to see if the ssh host keys need to be created for non-default
132
	# instances.
133
	#
134
	if [ "$INSTANCE" != "default" ] ; then
135
		check_keys
136
	fi
137
	if [ -n "$OPTIONS" ] ; then
138
		/usr/lib/ssh/sshd -f "$SSHDCONFIG" -o "$OPTIONS"
139
	else
140
		/usr/lib/ssh/sshd -f "$SSHDCONFIG"
141
	fi
102 142
	;;
103 143

  
104 144
'restart')
105 145
	if [ -f "$PIDFILE" ]; then
106
		/usr/bin/kill -HUP `/usr/bin/cat $PIDFILE`
146
		/usr/bin/kill -HUP `/usr/bin/cat "$PIDFILE"`
107 147
	fi
108 148
	;;
109 149

  
(1-1/2)