From danh@wzrd.com  Sun Apr  2 11:59:40 2000
Return-Path: <danh@wzrd.com>
Received: from mail.wzrd.com (mail.wzrd.com [206.99.165.3])
	by hub.freebsd.org (Postfix) with ESMTP id C3E7637B5D4
	for <FreeBSD-gnats-submit@freebsd.org>; Sun,  2 Apr 2000 11:59:38 -0700 (PDT)
	(envelope-from danh@wzrd.com)
Received: by mail.wzrd.com (Postfix, from userid 91)
	id AF75D5D06F; Sun,  2 Apr 2000 14:59:08 -0400 (EDT)
Message-Id: <20000402185908.AF75D5D06F@mail.wzrd.com>
Date: Sun,  2 Apr 2000 14:59:08 -0400 (EDT)
From: danh@wzrd.com
Reply-To: danh@wzrd.com
To: FreeBSD-gnats-submit@freebsd.org
Subject: sshd ignores .hushlogin
X-Send-Pr-Version: 3.2

>Number:         17756
>Category:       bin
>Synopsis:       sshd ignores .hushlogin
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    green
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Apr  2 12:00:03 PDT 2000
>Closed-Date:    Sun Nov 12 19:49:04 PST 2000
>Last-Modified:  Sat Feb 15 11:12:24 PST 2003
>Originator:     Dan Harnett
>Release:        FreeBSD 4.0-RELEASE
>Organization:
>Environment:

	FreeBSD 4.0-RELEASE i386

>Description:

	sshd ignores the existence of a .hushlogin file in a users home
	directory for a quiet login.  Setting the capability in /etc/login.conf
	works great however.

>How-To-Repeat:

	Create a .hushlogin file in your home directory.  Make sure the
	hushlogin capability for your login class does not exist.  Use a
	secure shell client to login.  Appropriate behavior would be to not
	print the copyright, last login, and message of the day.

>Fix:
	
	Apply the following patch.  It would appear the third argument to
	login_getcapbool(3) does not affect the return value if the capability
	is not found.  It only has an affect when the first or second arguments
	are NULL.

--- sshd.c.orig	Sun Apr  2 13:57:22 2000
+++ sshd.c	Sun Apr  2 14:20:33 2000
@@ -2289,12 +2289,12 @@
 
 		/* Check if .hushlogin exists. */
 		snprintf(line, sizeof line, "%.200s/.hushlogin", pw->pw_dir);
-		quiet_login = stat(line, &st) >= 0;
 #ifdef LOGIN_CAP
 		lc = login_getpwclass(pw);
-		if (lc == NULL)
-			lc = login_getclassbyname(NULL, pw);
-		quiet_login = login_getcapbool(lc, "hushlogin", quiet_login);
+		quiet_login = (stat(line, &st) >= 0) 
+			|| login_getcapbool(lc, "hushlogin", 0);
+#else
+		quiet_login = stat(line, &st) >= 0;
 #endif /* LOGIN_CAP */
 
 #ifdef __FreeBSD__

>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->kris 
Responsible-Changed-By: sheldonh 
Responsible-Changed-When: Mon Aug 7 07:07:41 PDT 2000 
Responsible-Changed-Why:  
Johan Karlsson says that this one contains a patch. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=17756 
Responsible-Changed-From-To: kris->green 
Responsible-Changed-By: kris 
Responsible-Changed-When: Sun Nov 12 18:30:38 PST 2000 
Responsible-Changed-Why:  
Green is taking over OpenSSH 

http://www.freebsd.org/cgi/query-pr.cgi?pr=17756 
State-Changed-From-To: open->closed
State-Changed-By: green 
State-Changed-When: Sun Nov 12 19:37:36 PST 2000 
State-Changed-Why:  
This bug doesn't come close to applying anymore (happily :) 

http://www.freebsd.org/cgi/query-pr.cgi?pr=17756 
State-Changed-From-To: open->closed 
State-Changed-By: green 
State-Changed-When: Sun Nov 12 19:49:04 PST 2000 
State-Changed-Why:  
This should be "closed". 

http://www.freebsd.org/cgi/query-pr.cgi?pr=17756 
>Unformatted:
