summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDarren Tucker <dtucker@zip.com.au>2005-03-31 21:39:25 +1000
committerDarren Tucker <dtucker@zip.com.au>2005-03-31 21:39:25 +1000
commitf3bb4341777eb44df1ca7db0d574f849821a186c (patch)
tree5d7a6d62d1c9095d09f8213ed1667ef850ec9bc7
parent83d5a9866d590844ed78c92fe09bc862424a8c55 (diff)
- (dtucker) [auth.h sshd.c openbsd-compat/port-aix.c] Bug #1006: fix bug in
handling of password expiry messages returned by AIX's authentication routines, originally reported by robvdwal at sara.nl.
-rw-r--r--ChangeLog5
-rw-r--r--auth.h4
-rw-r--r--openbsd-compat/port-aix.c4
-rw-r--r--sshd.c2
4 files changed, 12 insertions, 3 deletions
diff --git a/ChangeLog b/ChangeLog
index a79ddda70..eba53b36e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -12,6 +12,9 @@
12 - jmc@cvs.openbsd.org 2005/03/18 17:05:00 12 - jmc@cvs.openbsd.org 2005/03/18 17:05:00
13 [sshd_config.5] 13 [sshd_config.5]
14 typo; 14 typo;
15 - (dtucker) [auth.h sshd.c openbsd-compat/port-aix.c] Bug #1006: fix bug in
16 handling of password expiry messages returned by AIX's authentication
17 routines, originally reported by robvdwal at sara.nl.
15 18
1620050329 1920050329
17 - (dtucker) [contrib/aix/buildbff.sh] Bug #1005: Look up only the user we're 20 - (dtucker) [contrib/aix/buildbff.sh] Bug #1005: Look up only the user we're
@@ -2402,4 +2405,4 @@
2402 - (djm) Trim deprecated options from INSTALL. Mention UsePAM 2405 - (djm) Trim deprecated options from INSTALL. Mention UsePAM
2403 - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu 2406 - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
2404 2407
2405$Id: ChangeLog,v 1.3731 2005/03/31 11:33:50 dtucker Exp $ 2408$Id: ChangeLog,v 1.3732 2005/03/31 11:39:25 dtucker Exp $
diff --git a/auth.h b/auth.h
index 8d1f93403..471404e4e 100644
--- a/auth.h
+++ b/auth.h
@@ -30,6 +30,7 @@
30 30
31#include "key.h" 31#include "key.h"
32#include "hostfile.h" 32#include "hostfile.h"
33#include "buffer.h"
33#include <openssl/rsa.h> 34#include <openssl/rsa.h>
34 35
35#ifdef HAVE_LOGIN_CAP 36#ifdef HAVE_LOGIN_CAP
@@ -68,6 +69,7 @@ struct Authctxt {
68 char *krb5_ticket_file; 69 char *krb5_ticket_file;
69 char *krb5_ccname; 70 char *krb5_ccname;
70#endif 71#endif
72 Buffer *loginmsg;
71 void *methoddata; 73 void *methoddata;
72}; 74};
73/* 75/*
@@ -185,6 +187,8 @@ void auth_debug_reset(void);
185 187
186struct passwd *fakepw(void); 188struct passwd *fakepw(void);
187 189
190int sys_auth_passwd(Authctxt *, const char *);
191
188#define AUTH_FAIL_MSG "Too many authentication failures for %.100s" 192#define AUTH_FAIL_MSG "Too many authentication failures for %.100s"
189 193
190#define SKEY_PROMPT "\nS/Key Password: " 194#define SKEY_PROMPT "\nS/Key Password: "
diff --git a/openbsd-compat/port-aix.c b/openbsd-compat/port-aix.c
index fa6a4ff7b..cf5d4b9a3 100644
--- a/openbsd-compat/port-aix.c
+++ b/openbsd-compat/port-aix.c
@@ -151,7 +151,7 @@ aix_valid_authentications(const char *user)
151 * returns 0. 151 * returns 0.
152 */ 152 */
153int 153int
154sys_auth_passwd(Authctxt *ctxt, const char *password, Buffer *loginmsg) 154sys_auth_passwd(Authctxt *ctxt, const char *password)
155{ 155{
156 char *authmsg = NULL, *msg, *name = ctxt->pw->pw_name; 156 char *authmsg = NULL, *msg, *name = ctxt->pw->pw_name;
157 int authsuccess = 0, expired, reenter, result; 157 int authsuccess = 0, expired, reenter, result;
@@ -181,7 +181,7 @@ sys_auth_passwd(Authctxt *ctxt, const char *password, Buffer *loginmsg)
181 */ 181 */
182 expired = passwdexpired(name, &msg); 182 expired = passwdexpired(name, &msg);
183 if (msg && *msg) { 183 if (msg && *msg) {
184 buffer_append(loginmsg, msg, strlen(msg)); 184 buffer_append(ctxt->loginmsg, msg, strlen(msg));
185 aix_remove_embedded_newlines(msg); 185 aix_remove_embedded_newlines(msg);
186 } 186 }
187 debug3("AIX/passwdexpired returned %d msg %.100s", expired, msg); 187 debug3("AIX/passwdexpired returned %d msg %.100s", expired, msg);
diff --git a/sshd.c b/sshd.c
index 11d618d11..b3fcc6964 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1673,6 +1673,8 @@ main(int ac, char **av)
1673 authctxt = xmalloc(sizeof(*authctxt)); 1673 authctxt = xmalloc(sizeof(*authctxt));
1674 memset(authctxt, 0, sizeof(*authctxt)); 1674 memset(authctxt, 0, sizeof(*authctxt));
1675 1675
1676 authctxt->loginmsg = &loginmsg;
1677
1676 /* XXX global for cleanup, access from other modules */ 1678 /* XXX global for cleanup, access from other modules */
1677 the_authctxt = authctxt; 1679 the_authctxt = authctxt;
1678 1680