diff options
author | Darren Tucker <dtucker@zip.com.au> | 2005-03-31 21:39:25 +1000 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2005-03-31 21:39:25 +1000 |
commit | f3bb4341777eb44df1ca7db0d574f849821a186c (patch) | |
tree | 5d7a6d62d1c9095d09f8213ed1667ef850ec9bc7 | |
parent | 83d5a9866d590844ed78c92fe09bc862424a8c55 (diff) |
- (dtucker) [auth.h sshd.c openbsd-compat/port-aix.c] Bug #1006: fix bug in
handling of password expiry messages returned by AIX's authentication
routines, originally reported by robvdwal at sara.nl.
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | auth.h | 4 | ||||
-rw-r--r-- | openbsd-compat/port-aix.c | 4 | ||||
-rw-r--r-- | sshd.c | 2 |
4 files changed, 12 insertions, 3 deletions
@@ -12,6 +12,9 @@ | |||
12 | - jmc@cvs.openbsd.org 2005/03/18 17:05:00 | 12 | - jmc@cvs.openbsd.org 2005/03/18 17:05:00 |
13 | [sshd_config.5] | 13 | [sshd_config.5] |
14 | typo; | 14 | typo; |
15 | - (dtucker) [auth.h sshd.c openbsd-compat/port-aix.c] Bug #1006: fix bug in | ||
16 | handling of password expiry messages returned by AIX's authentication | ||
17 | routines, originally reported by robvdwal at sara.nl. | ||
15 | 18 | ||
16 | 20050329 | 19 | 20050329 |
17 | - (dtucker) [contrib/aix/buildbff.sh] Bug #1005: Look up only the user we're | 20 | - (dtucker) [contrib/aix/buildbff.sh] Bug #1005: Look up only the user we're |
@@ -2402,4 +2405,4 @@ | |||
2402 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM | 2405 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM |
2403 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu | 2406 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu |
2404 | 2407 | ||
2405 | $Id: ChangeLog,v 1.3731 2005/03/31 11:33:50 dtucker Exp $ | 2408 | $Id: ChangeLog,v 1.3732 2005/03/31 11:39:25 dtucker Exp $ |
@@ -30,6 +30,7 @@ | |||
30 | 30 | ||
31 | #include "key.h" | 31 | #include "key.h" |
32 | #include "hostfile.h" | 32 | #include "hostfile.h" |
33 | #include "buffer.h" | ||
33 | #include <openssl/rsa.h> | 34 | #include <openssl/rsa.h> |
34 | 35 | ||
35 | #ifdef HAVE_LOGIN_CAP | 36 | #ifdef HAVE_LOGIN_CAP |
@@ -68,6 +69,7 @@ struct Authctxt { | |||
68 | char *krb5_ticket_file; | 69 | char *krb5_ticket_file; |
69 | char *krb5_ccname; | 70 | char *krb5_ccname; |
70 | #endif | 71 | #endif |
72 | Buffer *loginmsg; | ||
71 | void *methoddata; | 73 | void *methoddata; |
72 | }; | 74 | }; |
73 | /* | 75 | /* |
@@ -185,6 +187,8 @@ void auth_debug_reset(void); | |||
185 | 187 | ||
186 | struct passwd *fakepw(void); | 188 | struct passwd *fakepw(void); |
187 | 189 | ||
190 | int sys_auth_passwd(Authctxt *, const char *); | ||
191 | |||
188 | #define AUTH_FAIL_MSG "Too many authentication failures for %.100s" | 192 | #define AUTH_FAIL_MSG "Too many authentication failures for %.100s" |
189 | 193 | ||
190 | #define SKEY_PROMPT "\nS/Key Password: " | 194 | #define SKEY_PROMPT "\nS/Key Password: " |
diff --git a/openbsd-compat/port-aix.c b/openbsd-compat/port-aix.c index fa6a4ff7b..cf5d4b9a3 100644 --- a/openbsd-compat/port-aix.c +++ b/openbsd-compat/port-aix.c | |||
@@ -151,7 +151,7 @@ aix_valid_authentications(const char *user) | |||
151 | * returns 0. | 151 | * returns 0. |
152 | */ | 152 | */ |
153 | int | 153 | int |
154 | sys_auth_passwd(Authctxt *ctxt, const char *password, Buffer *loginmsg) | 154 | sys_auth_passwd(Authctxt *ctxt, const char *password) |
155 | { | 155 | { |
156 | char *authmsg = NULL, *msg, *name = ctxt->pw->pw_name; | 156 | char *authmsg = NULL, *msg, *name = ctxt->pw->pw_name; |
157 | int authsuccess = 0, expired, reenter, result; | 157 | int authsuccess = 0, expired, reenter, result; |
@@ -181,7 +181,7 @@ sys_auth_passwd(Authctxt *ctxt, const char *password, Buffer *loginmsg) | |||
181 | */ | 181 | */ |
182 | expired = passwdexpired(name, &msg); | 182 | expired = passwdexpired(name, &msg); |
183 | if (msg && *msg) { | 183 | if (msg && *msg) { |
184 | buffer_append(loginmsg, msg, strlen(msg)); | 184 | buffer_append(ctxt->loginmsg, msg, strlen(msg)); |
185 | aix_remove_embedded_newlines(msg); | 185 | aix_remove_embedded_newlines(msg); |
186 | } | 186 | } |
187 | debug3("AIX/passwdexpired returned %d msg %.100s", expired, msg); | 187 | debug3("AIX/passwdexpired returned %d msg %.100s", expired, msg); |
@@ -1673,6 +1673,8 @@ main(int ac, char **av) | |||
1673 | authctxt = xmalloc(sizeof(*authctxt)); | 1673 | authctxt = xmalloc(sizeof(*authctxt)); |
1674 | memset(authctxt, 0, sizeof(*authctxt)); | 1674 | memset(authctxt, 0, sizeof(*authctxt)); |
1675 | 1675 | ||
1676 | authctxt->loginmsg = &loginmsg; | ||
1677 | |||
1676 | /* XXX global for cleanup, access from other modules */ | 1678 | /* XXX global for cleanup, access from other modules */ |
1677 | the_authctxt = authctxt; | 1679 | the_authctxt = authctxt; |
1678 | 1680 | ||