more culling

8 files changed, 7 insertions, 489 deletions

diff --git a/usr.bin/ssh/auth-passwd.c b/usr.bin/ssh/auth-passwd.c
index 25e23f239c6..b4873f7f085 100644
--- a/usr.bin/ssh/auth-passwd.c
+++ b/usr.bin/ssh/auth-passwd.c
@@ -15,40 +15,13 @@ the password is valid for the user.
 */
 
 #include "includes.h"
-RCSID("$Id: auth-passwd.c,v 1.4 1999/09/29 22:22:16 dugsong Exp $");
+RCSID("$Id: auth-passwd.c,v 1.5 1999/09/30 04:30:03 deraadt Exp $");
 
-#ifdef HAVE_SCO_ETC_SHADOW
-# include <sys/security.h>
-# include <sys/audit.h>
-# include <prot.h>
-#else /* HAVE_SCO_ETC_SHADOW */
-#ifdef HAVE_ETC_SHADOW
-#include <shadow.h>
-#endif /* HAVE_ETC_SHADOW */
-#endif /* HAVE_SCO_ETC_SHADOW */
-#ifdef HAVE_ETC_SECURITY_PASSWD_ADJUNCT
-#include <sys/label.h>
-#include <sys/audit.h>
-#include <pwdadj.h>
-#endif /* HAVE_ETC_SECURITY_PASSWD_ADJUNCT */
 #include "packet.h"
 #include "ssh.h"
 #include "servconf.h"
 #include "xmalloc.h"
 
-#ifdef HAVE_SECURID
-/* Support for Security Dynamics SecurID card.
-   Contributed by Donald McKillican <dmckilli@qc.bell.ca>. */
-#define SECURID_USERS "/etc/securid.users"
-#include "sdi_athd.h"
-#include "sdi_size.h"
-#include "sdi_type.h"
-#include "sdacmvls.h"
-#include "sdconf.h"
-union config_record configure;
-static int securid_initialized = 0;
-#endif /* HAVE_SECURID */
-
 #ifdef KRB4
 extern char *ticket;
 #endif /* KRB4 */
@@ -170,141 +143,9 @@ int auth_password(const char *server_user, const char *password)
     }
 #endif /* KRB4 */
 
-#ifdef HAVE_SECURID
-  /* Support for Security Dynamics SecurId card.
-     Contributed by Donald McKillican <dmckilli@qc.bell.ca>. */
-  {
-    /*
-     * the way we decide if this user is a securid user or not is
-     * to check to see if they are included in /etc/securid.users
-     */
-    int found = 0;
-    FILE *securid_users = fopen(SECURID_USERS, "r");
-    char *c;
-    char su_user[257];
-    
-    if (securid_users)
-      {
-	while (fgets(su_user, sizeof(su_user), securid_users))
-	  {
-	    if (c = strchr(su_user, '\n')) 
-	      *c = '\0';
-	    if (strcmp(su_user, server_user) == 0) 
-	      { 
-		found = 1; 
-		break; 
-	      }
-	  }
-      }
-    fclose(securid_users);
-
-    if (found)
-      {
-	/* The user has a SecurID card. */
-	struct SD_CLIENT sd_dat, *sd;
-	log("SecurID authentication for %.100s required.", server_user);
-
-	/*
-	 * if no pass code has been supplied, fail immediately: passing
-	 * a null pass code to sd_check causes a core dump
-	 */
-	if (*password == '\0') 
-	  {
-	    log("No pass code given, authentication rejected.");
-	    return 0;
-	  }
-
-	sd = &sd_dat;
-	if (!securid_initialized)
-	  {
-	    memset(&sd_dat, 0, sizeof(sd_dat));   /* clear struct */
-	    creadcfg();		/*  accesses sdconf.rec  */
-	    if (sd_init(sd)) 
-	      packet_disconnect("Cannot contact securid server.");
-	    securid_initialized = 1;
-	  }
-	return sd_check(password, server_user, sd) == ACM_OK;
-      }
-  }
-  /* If the user has no SecurID card specified, we fall to normal 
-     password code. */
-#endif /* HAVE_SECURID */
-
   /* Save the encrypted password. */
   strlcpy(correct_passwd, saved_pw_passwd, sizeof(correct_passwd));
 
-#ifdef HAVE_OSF1_C2_SECURITY
-    osf1c2_getprpwent(correct_passwd, saved_pw_name, sizeof(correct_passwd));
-#else /* HAVE_OSF1_C2_SECURITY */
-  /* If we have shadow passwords, lookup the real encrypted password from
-     the shadow file, and replace the saved encrypted password with the
-     real encrypted password. */
-#ifdef HAVE_SCO_ETC_SHADOW
-  {
-    struct pr_passwd *pr = getprpwnam(saved_pw_name);
-    pr = getprpwnam(saved_pw_name);
-    if (pr)
-      strlcpy(correct_passwd, pr->ufld.fd_encrypt, sizeof(correct_passwd));
-    endprpwent();
-  }
-#else /* HAVE_SCO_ETC_SHADOW */
-#ifdef HAVE_ETC_SHADOW
-  {
-    struct spwd *sp = getspnam(saved_pw_name);
-    if (sp)
-      strlcpy(correct_passwd, sp->sp_pwdp, sizeof(correct_passwd));
-    endspent();
-  }
-#else /* HAVE_ETC_SHADOW */
-#ifdef HAVE_ETC_SECURITY_PASSWD_ADJUNCT
-  {
-    struct passwd_adjunct *sp = getpwanam(saved_pw_name);
-    if (sp)
-      strnlpy(correct_passwd, sp->pwa_passwd, sizeof(correct_passwd));
-    endpwaent();
-  }
-#else /* HAVE_ETC_SECURITY_PASSWD_ADJUNCT */
-#ifdef HAVE_ETC_SECURITY_PASSWD
-  {
-    FILE *f;
-    char line[1024], looking_for_user[200], *cp;
-    int found_user = 0;
-    f = fopen("/etc/security/passwd", "r");
-    if (f)
-      {
-	snprintf(looking_for_user, sizeof looking_for_user, "%.190s:",
-	  server_user);
-	while (fgets(line, sizeof(line), f))
-	  {
-	    if (strchr(line, '\n'))
-	      *strchr(line, '\n') = 0;
-	    if (strcmp(line, looking_for_user) == 0)
-	      found_user = 1;
-	    else
-	      if (line[0] != '\t' && line[0] != ' ')
-		found_user = 0;
-	      else
-		if (found_user)
-		  {
-		    for (cp = line; *cp == ' ' || *cp == '\t'; cp++)
-		      ;
-		    if (strncmp(cp, "password = ", strlen("password = ")) == 0)
-		      {
-			strlcpy(correct_passwd, cp + strlen("password = "), 
-				sizeof(correct_passwd));
-			break;
-		      }
-		  }
-	  }
-	fclose(f);
-      }
-  }
-#endif /* HAVE_ETC_SECURITY_PASSWD */
-#endif /* HAVE_ETC_SECURITY_PASSWD_ADJUNCT */
-#endif /* HAVE_ETC_SHADOW */
-#endif /* HAVE_SCO_ETC_SHADOW */
-#endif /* HAVE_OSF1_C2_SECURITY */
-
   /* Check for users with no password. */
   if (strcmp(password, "") == 0 && strcmp(correct_passwd, "") == 0)
     {
@@ -316,21 +157,9 @@ int auth_password(const char *server_user, const char *password)
   xfree(saved_pw_passwd);
   
   /* Encrypt the candidate password using the proper salt. */
-#ifdef HAVE_OSF1_C2_SECURITY
-  encrypted_password = (char *)osf1c2crypt(password,
-                                   (correct_passwd[0] && correct_passwd[1]) ?
-                                   correct_passwd : "xx");
-#else /* HAVE_OSF1_C2_SECURITY */
-#ifdef HAVE_SCO_ETC_SHADOW
-  encrypted_password = bigcrypt(password, 
-			     (correct_passwd[0] && correct_passwd[1]) ?
-			     correct_passwd : "xx");
-#else /* HAVE_SCO_ETC_SHADOW */
   encrypted_password = crypt(password, 
 			     (correct_passwd[0] && correct_passwd[1]) ?
 			     correct_passwd : "xx");
-#endif /* HAVE_SCO_ETC_SHADOW */
-#endif /* HAVE_OSF1_C2_SECURITY */
 
   /* Authentication is accepted if the encrypted passwords are identical. */
   return (strcmp(encrypted_password, correct_passwd) == 0);
diff --git a/usr.bin/ssh/config.h b/usr.bin/ssh/config.h
index a31e7e0052b..e0cf9136505 100644
--- a/usr.bin/ssh/config.h
+++ b/usr.bin/ssh/config.h
@@ -135,9 +135,6 @@ static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg }
 /* Location of system mail spool directory. */
 #define MAIL_SPOOL_DIRECTORY "/var/mail"
 
-/* Defined if mail goes to $HOME/newmail instead of a global mail spool. */
-/* #undef HAVE_TILDE_NEWMAIL */
-
 /* Define this if O_NONBLOCK does not work on your system (e.g., Ultrix). */
 /* #undef O_NONBLOCK_BROKEN */
 
diff --git a/usr.bin/ssh/includes.h b/usr.bin/ssh/includes.h
index bf125e2430e..bb573dbc797 100644
--- a/usr.bin/ssh/includes.h
+++ b/usr.bin/ssh/includes.h
@@ -13,7 +13,7 @@ This file includes most of the needed system headers.
 
 */
 
-/* RCSID("$Id: includes.h,v 1.3 1999/09/29 18:16:19 dugsong Exp $"); */
+/* RCSID("$Id: includes.h,v 1.4 1999/09/30 04:30:03 deraadt Exp $"); */
 
 #ifndef INCLUDES_H
 #define INCLUDES_H
@@ -39,28 +39,9 @@ YOU_LOSE
 #endif
 #endif
 
-#ifdef SCO
-/* this is defined so that winsize gets ifdef'd in termio.h */
-#define _IBCS2
-#endif
-
-#if defined(__mips)
-/* Mach3 on MIPS defines conflicting garbage. */
-#define uint32 hidden_uint32
-#endif /* __mips */
-#include <sys/types.h>
-#if defined(__mips)
-#undef uint32
-#endif /* __mips */
-
-#if defined(bsd_44) || defined(__FreeBSD__) || defined(__NetBSD__) || defined(__PARAGON__)
 #include <sys/param.h>
 #include <machine/endian.h>
 #include <netgroup.h>
-#endif
-#if defined(linux)
-#include <endian.h>
-#endif
 
 #include <stdio.h>
 #include <ctype.h>
@@ -70,124 +51,37 @@ YOU_LOSE
 #include <assert.h>
 #include <signal.h>
 
-#ifdef HAVE_SYS_IOCTL_H
 #include <sys/ioctl.h>
-#endif /* HAVE_SYS_IOCTL_H */
 
-#ifdef HAVE_TERMIOS_H
 #include <termios.h>
 #define USING_TERMIOS
-#endif /* HAVE_TERMIOS_H */
-
-#if defined(HAVE_SGTTY_H) && !defined(USING_TERMIOS)
-#include <sgtty.h>
-#define USING_SGTTY
-#endif
 
-#if !defined(USING_SGTTY) && !defined(USING_TERMIOS)
-  ERROR_NO_TERMIOS_OR_SGTTY
-#endif
-
-#ifdef STDC_HEADERS
 #include <stdlib.h>
 #include <string.h>
 #include <stdarg.h>
-#else /* STDC_HEADERS */
-/* stdarg.h is present almost everywhere, and comes with gcc; I am too lazy
-   to make things work with both it and varargs. */
-#include <stdarg.h>
-#ifndef HAVE_STRCHR
-#define strchr index
-#define strrchr rindex
-#endif
-char *strchr(), *strrchr();
-#ifndef HAVE_MEMCPY
-#define memcpy(d, s, n) bcopy((s), (d), (n))
-#define memmove(d, s, n) bcopy((s), (d), (n))
-#define memset(d, ch, n) bzero((d), (n)) /* We only memset to 0. */
-#define memcmp(a, b, n) bcmp((a), (b), (n))
-#endif
-#endif /* STDC_HEADERS */
 
 #include <sys/socket.h>
 #include <netinet/in.h>
-#ifdef HAVE_NETINET_IN_SYSTM_H
 #include <netinet/in_systm.h>
-#else /* Some old linux systems at least have in_system.h instead. */
-#include <netinet/in_system.h>
-#endif /* HAVE_NETINET_IN_SYSTM_H */
-#ifdef SCO
-/* SCO does not have a un.h and there is no appropriate substitute. */
-/* Latest news: it doesn't have AF_UNIX at all, but this allows
-   it to compile, and outgoing forwarded connections appear to work. */
-struct	sockaddr_un {
-	short	sun_family;		/* AF_UNIX */
-	char	sun_path[108];		/* path name (gag) */
-};
-/* SCO needs sys/stream.h and sys/ptem.h */
-#include <sys/stream.h>
-#include <sys/ptem.h>
-#else /* SCO */
 #include <sys/un.h>
-#endif /* SCO */
-#if !defined(__PARAGON__)
-#include <netinet/ip.h>
-#endif /* !__PARAGON__ */
 #include <netinet/tcp.h>
 #include <arpa/inet.h>
 #include <netdb.h>
-#ifdef HAVE_SYS_SELECT_H
 #include <sys/select.h>
-#endif /* HAVE_SYS_SELECT_H */
 
 #include <pwd.h>
 #include <grp.h>
-#ifdef HAVE_GETSPNAM
-#include <shadow.h>
-#endif /* HAVE_GETSPNAM */
 
-#ifdef HAVE_SYS_WAIT_H
 #include <sys/wait.h>
-#else /* HAVE_SYS_WAIT_H */
-#if !defined(WNOHANG) /* && (defined(bsd43) || defined(vax)) */
-#define WNOHANG 1
-#endif
-#ifndef WEXITSTATUS
-#define WEXITSTATUS(X) ((unsigned)(X) >> 8)
-#endif
-#ifndef WIFEXITED
-#define WIFEXITED(X) (((X) & 255) == 0)
-#endif
-#ifndef WIFSIGNALED
-#define WIFSIGNALED(X) ((((X) & 255) != 0x255 && ((X) & 255) != 0))
-#endif
-#ifndef WTERMSIG
-#define WTERMSIG(X) ((X) & 255)
-#endif
-#endif /* HAVE_SYS_WAIT_H */
 
 #ifdef HAVE_UNISTD_H
 #include <unistd.h>
 #endif /* HAVE_UNISTD_H */
 
-#ifdef TIME_WITH_SYS_TIME
-#ifndef SCO
-/* I excluded <sys/time.h> to avoid redefinition of timeval 
-   which SCO puts in both <sys/select.h> and <sys/time.h> */
 #include <sys/time.h>
-#endif /* SCO */
 #include <time.h>
-#else /* TIME_WITH_SYS_TIME */
-#ifdef HAVE_SYS_TIME_H
-#include <sys/time.h>
-#else /* HAVE_SYS_TIME_H */
-#include <time.h>
-#endif /* HAVE_SYS_TIME_H */
-#endif /* TIME_WITH_SYS_TIME */
 
-#ifdef HAVE_PATHS_H
 #include <paths.h>
-#endif
 
 #if HAVE_DIRENT_H
 #include <dirent.h>
@@ -206,45 +100,7 @@ struct	sockaddr_un {
 #endif
 #endif
 
-#ifdef HAVE_SETRLIMIT
 #include <sys/resource.h>
-#endif
-
-/* These POSIX macros are not defined in every system. */
-
-#ifndef S_IRWXU
-#define S_IRWXU 00700		/* read, write, execute: owner */
-#define S_IRUSR 00400		/* read permission: owner */
-#define S_IWUSR 00200		/* write permission: owner */
-#define S_IXUSR 00100		/* execute permission: owner */
-#define S_IRWXG 00070		/* read, write, execute: group */
-#define S_IRGRP 00040		/* read permission: group */
-#define S_IWGRP 00020		/* write permission: group */
-#define S_IXGRP 00010		/* execute permission: group */
-#define S_IRWXO 00007		/* read, write, execute: other */
-#define S_IROTH 00004		/* read permission: other */
-#define S_IWOTH 00002		/* write permission: other */
-#define S_IXOTH 00001		/* execute permission: other */
-#endif /* S_IRWXU */
-
-#ifndef S_ISUID
-#define S_ISUID 0x800
-#endif /* S_ISUID */
-#ifndef S_ISGID
-#define S_ISGID 0x400
-#endif /* S_ISGID */
-
-#ifndef S_ISDIR
-/* NextStep apparently fails to define this. */
-#define S_ISDIR(mode)   (((mode)&(_S_IFMT))==(_S_IFDIR))
-#endif
-
-#ifdef STAT_MACROS_BROKEN
-/* Some systems have broken S_ISDIR etc. macros in sys/stat.h.  Please ask
-   your vendor to fix them.  You can then remove the line below, but only
-   after you have sent a complaint to your vendor. */
-WARNING_MACROS_IN_SYS_STAT_H_ARE_BROKEN_ON_YOUR_SYSTEM_READ_INCLUDES_H
-#endif /* STAT_MACROS_BROKEN */
 
 #if USE_STRLEN_FOR_AF_UNIX
 #define AF_UNIX_SIZE(unaddr) \
diff --git a/usr.bin/ssh/login.c b/usr.bin/ssh/login.c
index 29d98bc5d6c..dc6e8e7ca17 100644
--- a/usr.bin/ssh/login.c
+++ b/usr.bin/ssh/login.c
@@ -18,7 +18,7 @@ on a tty.
 */
 
 #include "includes.h"
-RCSID("$Id: login.c,v 1.4 1999/09/30 04:10:28 deraadt Exp $");
+RCSID("$Id: login.c,v 1.5 1999/09/30 04:30:03 deraadt Exp $");
 
 #ifdef HAVE_LIBUTIL_LOGIN
 #include <util.h>
@@ -177,14 +177,10 @@ void record_login(int pid, const char *ttyname, const char *user, uid_t uid,
   u.ut_pid = pid;
 #endif /* PID_IN_UTMP */
 #ifdef HAVE_ID_IN_UTMP
-#ifdef __sgi
-    strncpy(u.ut_id, ttyname + 8, sizeof(u.ut_id)); /* /dev/ttyq99 -> q99 */
-#else /* __sgi */
     if (sizeof(u.ut_id) > 4)
       strncpy(u.ut_id, ttyname + 5, sizeof(u.ut_id));
     else
       strncpy(u.ut_id, ttyname + strlen(ttyname) - 2, sizeof(u.ut_id));
-#endif /* __sgi */
 #endif /* HAVE_ID_IN_UTMP */
   strncpy(u.ut_line, ttyname + 5, sizeof(u.ut_line));
   u.ut_time = time(NULL);
@@ -258,14 +254,10 @@ void record_login(int pid, const char *ttyname, const char *user, uid_t uid,
     if (uxp)
       ux = *uxp;
     strncpy(ux.ut_user, user, sizeof(ux.ut_user));
-#ifdef __sgi
-    strncpy(ux.ut_id, ttyname + 8, sizeof(ux.ut_id)); /* /dev/ttyq99 -> q99 */
-#else /* __sgi */
     if (sizeof(ux.ut_id) > 4)
       strncpy(ux.ut_id, ttyname + 5, sizeof(ux.ut_id));
     else
       strncpy(ux.ut_id, ttyname + strlen(ttyname) - 2, sizeof(ux.ut_id));
-#endif /* __sgi */
     ux.ut_pid = pid;
     if (strcmp(user, "") == 0)
       ux.ut_type = DEAD_PROCESS;
diff --git a/usr.bin/ssh/ssh.c b/usr.bin/ssh/ssh.c
index 65a9a3e1af2..346da57d5dc 100644
--- a/usr.bin/ssh/ssh.c
+++ b/usr.bin/ssh/ssh.c
@@ -18,7 +18,7 @@ Modified to work with SSL by Niels Provos <provos@citi.umich.edu> in Canada.
 */
 
 #include "includes.h"
-RCSID("$Id: ssh.c,v 1.13 1999/09/30 04:10:28 deraadt Exp $");
+RCSID("$Id: ssh.c,v 1.14 1999/09/30 04:30:03 deraadt Exp $");
 
 #include "xmalloc.h"
 #include "ssh.h"
@@ -218,11 +218,6 @@ main(int ac, char **av)
   /* Save our own name. */
   av0 = av[0];
 
-#ifdef SOCKS
-  /* Initialize SOCKS (the firewall traversal library). */
-  SOCKSinit(av0);
-#endif /* SOCKS */
-
   /* Initialize option structure to indicate that no values have been set. */
   initialize_options(&options);
 
diff --git a/usr.bin/ssh/sshconnect.c b/usr.bin/ssh/sshconnect.c
index e1ee8b2455a..4c40a21d4f2 100644
--- a/usr.bin/ssh/sshconnect.c
+++ b/usr.bin/ssh/sshconnect.c
@@ -15,7 +15,7 @@ login (authentication) dialog.
 */
 
 #include "includes.h"
-RCSID("$Id: sshconnect.c,v 1.6 1999/09/29 21:14:16 deraadt Exp $");
+RCSID("$Id: sshconnect.c,v 1.7 1999/09/30 04:30:03 deraadt Exp $");
 
 #include <ssl/bn.h>
 #include "xmalloc.h"
@@ -221,11 +221,7 @@ int ssh_connect(const char *host, int port, int connection_attempts,
       memset(&hostaddr, 0, sizeof(hostaddr));
       hostaddr.sin_family = AF_INET;
       hostaddr.sin_port = htons(port);
-#ifdef BROKEN_INET_ADDR
-      hostaddr.sin_addr.s_addr = inet_network(host);
-#else /* BROKEN_INET_ADDR */
       hostaddr.sin_addr.s_addr = inet_addr(host);
-#endif /* BROKEN_INET_ADDR */
       if ((hostaddr.sin_addr.s_addr & 0xffffffff) != 0xffffffff)
 	{ 
 	  /* Valid numeric IP address */
diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c
index 600c4879fb0..7d1b9dce27c 100644
--- a/usr.bin/ssh/sshd.c
+++ b/usr.bin/ssh/sshd.c
@@ -18,7 +18,7 @@ agent connections.
 */
 
 #include "includes.h"
-RCSID("$Id: sshd.c,v 1.9 1999/09/30 04:10:29 deraadt Exp $");
+RCSID("$Id: sshd.c,v 1.10 1999/09/30 04:30:03 deraadt Exp $");
 
 #include "xmalloc.h"
 #include "rsa.h"
@@ -30,19 +30,11 @@ RCSID("$Id: sshd.c,v 1.9 1999/09/30 04:10:29 deraadt Exp $");
 #include "mpaux.h"
 #include "servconf.h"
 #include "uidswap.h"
-#ifdef HAVE_USERSEC_H
-#include <usersec.h>
-#endif /* HAVE_USERSEC_H */
-#ifdef HAVE_ULIMIT_H
-#include <ulimit.h>
-#endif /* HAVE_ULIMIT_H */
 
 #ifdef LIBWRAP
 #include <tcpd.h>
 #include <syslog.h>
-#ifdef NEED_SYS_SYSLOG_H
 #include <sys/syslog.h>
-#endif /* NEED_SYS_SYSLOG_H */
 int allow_severity = LOG_INFO;
 int deny_severity = LOG_WARNING;
 #endif /* LIBWRAP */
@@ -361,14 +353,6 @@ main(int ac, char **av)
     }
   xfree(comment);
 
-#ifdef SCO
-  (void) set_auth_parameters(ac, av);
-#endif
-
-#ifdef HAVE_OSF1_C2_SECURITY
-  initialize_osf_security(ac, av);
-#endif /* HAVE_OSF1_C2_SECURITY */
-
   /* If not in debugging mode, and not started from inetd, disconnect from
      the controlling terminal, and fork.  The original process exits. */
   if (!debug_flag && !inetd_flag)
@@ -1938,100 +1922,6 @@ void read_environment_file(char ***env, unsigned int *envsize,
   fclose(f);
 }
 
-
-#ifdef HAVE_ETC_DEFAULT_LOGIN
-
-/* Gets the value of the given variable in the environment.  If the
-   variable does not exist, returns NULL. */
-
-char *child_get_env(char **env, const char *name)
-{
-  unsigned int i, namelen;
-
-  namelen = strlen(name);
-
-  for (i = 0; env[i]; i++)
-    if (strncmp(env[i], name, namelen) == 0 && env[i][namelen] == '=')
-      break;
-  if (env[i])
-    return &env[i][namelen + 1];
-  else
-    return NULL;
-}
-
-/* Processes /etc/default/login; this involves things like environment
-   settings, ulimit, etc.  This file exists at least on Solaris 2.x. */
-
-void read_etc_default_login(char ***env, unsigned int *envsize,
-			    struct passwd *pw)
-{
-  unsigned int defenvsize;
-  char **defenv, *def;
-  int i;
-
-  /* Read /etc/default/login into a separate temporary environment. */
-  defenvsize = 10;
-  defenv = xmalloc(defenvsize * sizeof(char *));
-  defenv[0] = NULL;
-  read_environment_file(&defenv, &defenvsize, "/etc/default/login");
-
-  /* Set SHELL if ALTSHELL is YES. */
-  def = child_get_env(defenv, "ALTSHELL");
-  if (def != NULL && strcmp(def, "YES") == 0)
-    child_set_env(env, envsize, "SHELL", pw->pw_shell);
-
-  /* Set PATH from SUPATH if we are logging in as root, and PATH
-     otherwise.  If neither of these exists, we use the default ssh
-     path. */
-  if (pw->pw_uid == 0)
-    def = child_get_env(defenv, "SUPATH");
-  else
-    def = child_get_env(defenv, "PATH");
-  if (def != NULL)
-    child_set_env(env, envsize, "PATH", def);
-  else
-    child_set_env(env, envsize, "PATH", _PATH_STDPATH);
-
-  /* Set TZ if TIMEZONE is defined and we haven't inherited a value
-     for TZ. */
-  def = getenv("TZ");
-  if (def == NULL)
-    def = child_get_env(defenv, "TIMEZONE");
-  if (def != NULL)
-    child_set_env(env, envsize, "TZ", def);
-
-  /* Set HZ if defined. */
-  def = child_get_env(defenv, "HZ");
-  if (def != NULL)
-    child_set_env(env, envsize, "HZ", def);
-
-  /* Set up the default umask if UMASK is defined. */
-  def = child_get_env(defenv, "UMASK");
-  if (def != NULL)
-    {
-      int i, value;
-
-      for (value = i = 0; 
-	   def[i] && isdigit(def[i]) && def[i] != '8' && def[i] != '9'; 
-	   i++)
-	value = value * 8 + def[i] - '0';
-
-      umask(value);
-    }
-
-  /* Set up the file size ulimit if ULIMIT is set. */
-  def = child_get_env(defenv, "ULIMIT");
-  if (def != NULL && atoi(def) > 0)
-    ulimit(UL_SETFSIZE, atoi(def));
-
-  /* Free the temporary environment. */
-  for (i = 0; defenv[i]; i++)
-    xfree(defenv[i]);
-  xfree(defenv);
-}
-
-#endif /* HAVE_ETC_DEFAULT_LOGIN */
-
 /* Performs common processing for the child, such as setting up the 
    environment, closing extra file descriptors, setting the user and group 
    ids, and executing the command or shell. */
@@ -2065,14 +1955,6 @@ void do_child(const char *command, struct passwd *pw, const char *term,
   setlogin(pw->pw_name);
 #endif /* HAVE_SETLOGIN */
 
-#ifdef HAVE_USERSEC_H
-  /* On AIX, this "sets process credentials".  I am not sure what this
-     includes, but it seems to be important.  This also does setuid
-     (but we do it below as well just in case). */
-  if (setpcred((char *)pw->pw_name, NULL))
-    log("setpcred %.100s: %.100s", strerror(errno));
-#endif /* HAVE_USERSEC_H */
-
   /* Set uid, gid, and groups. */
   if (getuid() == 0 || geteuid() == 0)
     { 
@@ -2081,25 +1963,14 @@ void do_child(const char *command, struct passwd *pw, const char *term,
 	  perror("setgid");
 	  exit(1);
 	}
-#ifdef HAVE_INITGROUPS
       /* Initialize the group list. */
       if (initgroups(pw->pw_name, pw->pw_gid) < 0)
 	{
 	  perror("initgroups");
 	  exit(1);
 	}
-#endif /* HAVE_INITGROUPS */
       endgrent();
 
-#ifdef HAVE_SETLUID
-      /* Initialize login UID. */
-      if (setluid(user_uid) < 0)
-	{
-	  perror("setluid");
-	  exit(1);
-	}
-#endif /* HAVE_SETLUID */
-
       /* Permanently switch to the desired uid. */
       permanently_set_uid(pw->pw_uid);
     }
@@ -2139,24 +2010,12 @@ void do_child(const char *command, struct passwd *pw, const char *term,
   if (getenv("TZ"))
     child_set_env(&env, &envsize, "TZ", getenv("TZ"));
 
-#ifdef MAIL_SPOOL_DIRECTORY
   snprintf(buf, sizeof buf, "%.200s/%.50s",
     MAIL_SPOOL_DIRECTORY, pw->pw_name);
   child_set_env(&env, &envsize, "MAIL", buf);
-#else /* MAIL_SPOOL_DIRECTORY */
-#ifdef HAVE_TILDE_NEWMAIL
-  snprintf(buf, sizeof buf, "%.200s/newmail", pw->pw_dir);
-  child_set_env(&env, &envsize, "MAIL", buf);
-#endif /* HAVE_TILDE_NEWMAIL */
-#endif /* MAIL_SPOOL_DIRECTORY */
 
-#ifdef HAVE_ETC_DEFAULT_LOGIN
-  /* Read /etc/default/login; this exists at least on Solaris 2.x. */
-  read_etc_default_login(&env, &envsize, pw);
-#else /* HAVE_ETC_DEFAULT_LOGIN */
   /* Normal systems set SHELL by default. */
   child_set_env(&env, &envsize, "SHELL", shell);
-#endif /* HAVE_ETC_DEFAULT_LOGIN */
 
   /* Set custom environment options from RSA authentication. */
   while (custom_environment) 
diff --git a/usr.bin/ssh/xmalloc.c b/usr.bin/ssh/xmalloc.c
index 0203843c6ee..a74c19ff026 100644
--- a/usr.bin/ssh/xmalloc.c
+++ b/usr.bin/ssh/xmalloc.c
@@ -15,16 +15,10 @@ failure (they call fatal if they encounter an error).
 */
 
 #include "includes.h"
-RCSID("$Id: xmalloc.c,v 1.2 1999/09/29 21:14:16 deraadt Exp $");
+RCSID("$Id: xmalloc.c,v 1.3 1999/09/30 04:30:03 deraadt Exp $");
 
 #include "ssh.h"
 
-#if 0
-void *malloc(size_t size);
-void *realloc(void *ptr, size_t size);
-void free(void *ptr);
-#endif
-
 void *xmalloc(size_t size)
 {
   void *ptr = malloc(size);