summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDarren Tucker <dtucker@zip.com.au>2004-08-15 00:09:11 +1000
committerDarren Tucker <dtucker@zip.com.au>2004-08-15 00:09:11 +1000
commit397a2f2612901785d8290a90ae9aa59efb422c92 (patch)
treef198523b224e4cb58a70755b26304f54fda3e010
parent3d50c9bda6b7eb63325e577c243e1a59a130c3ad (diff)
- (dtucker) [loginrec.c openbsd-compat/port-aix.c openbsd-compat/port-aix.h]
Plug AIX login recording into login_write so logins will be recorded for all auth types.
Diffstat
-rw-r--r--ChangeLog5
-rw-r--r--loginrec.c7
-rw-r--r--openbsd-compat/port-aix.c30
-rw-r--r--openbsd-compat/port-aix.h4
4 files changed, 33 insertions, 13 deletions
diff --git a/ChangeLog b/ChangeLog
index ddf0aaa19..00f38b465 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,6 +3,9 @@
3 Explicitly set umask for mkstemp; ok djm@ 3 Explicitly set umask for mkstemp; ok djm@
4 - (dtucker) [includes.h] Undef _INCLUDE__STDC__ on HP-UX, otherwise 4 - (dtucker) [includes.h] Undef _INCLUDE__STDC__ on HP-UX, otherwise
5 prot.h and shadow.h provide conflicting declarations of getspnam. ok djm@ 5 prot.h and shadow.h provide conflicting declarations of getspnam. ok djm@
6 - (dtucker) [loginrec.c openbsd-compat/port-aix.c openbsd-compat/port-aix.h]
7 Plug AIX login recording into login_write so logins will be recorded for
8 all auth types.
6 9
720040813 1020040813
8 - (dtucker) [openbsd-compat/bsd-misc.c] Typo in #ifdef; from vinschen at 11 - (dtucker) [openbsd-compat/bsd-misc.c] Typo in #ifdef; from vinschen at
@@ -1628,4 +1631,4 @@
1628 - (djm) Trim deprecated options from INSTALL. Mention UsePAM 1631 - (djm) Trim deprecated options from INSTALL. Mention UsePAM
1629 - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu 1632 - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
1630 1633
1631$Id: ChangeLog,v 1.3507 2004/08/14 14:01:48 dtucker Exp $ 1634$Id: ChangeLog,v 1.3508 2004/08/14 14:09:11 dtucker Exp $
diff --git a/loginrec.c b/loginrec.c
index b74d412e6..af32b1867 100644
--- a/loginrec.c
+++ b/loginrec.c
@@ -158,7 +158,7 @@
158#include "log.h" 158#include "log.h"
159#include "atomicio.h" 159#include "atomicio.h"
160 160
161RCSID("$Id: loginrec.c,v 1.56 2004/04/08 06:16:06 dtucker Exp $"); 161RCSID("$Id: loginrec.c,v 1.57 2004/08/14 14:09:11 dtucker Exp $");
162 162
163#ifdef HAVE_UTIL_H 163#ifdef HAVE_UTIL_H
164# include <util.h> 164# include <util.h>
@@ -435,6 +435,11 @@ login_write (struct logininfo *li)
435#ifdef USE_WTMPX 435#ifdef USE_WTMPX
436 wtmpx_write_entry(li); 436 wtmpx_write_entry(li);
437#endif 437#endif
438#ifdef CUSTOM_SYS_AUTH_RECORD_LOGIN
439 if (li->type == LTYPE_LOGIN &&
440 !sys_auth_record_login(li->username,li->hostname,li->line))
441 logit("Writing login record failed for %s", li->username);
442#endif
438 return 0; 443 return 0;
439} 444}
440 445
diff --git a/openbsd-compat/port-aix.c b/openbsd-compat/port-aix.c
index d0c9a49e8..78f4faea3 100644
--- a/openbsd-compat/port-aix.c
+++ b/openbsd-compat/port-aix.c
@@ -101,7 +101,7 @@ aix_remove_embedded_newlines(char *p)
101int 101int
102sys_auth_passwd(Authctxt *ctxt, const char *password) 102sys_auth_passwd(Authctxt *ctxt, const char *password)
103{ 103{
104 char *authmsg = NULL, *host, *msg, *name = ctxt->pw->pw_name; 104 char *authmsg = NULL, *msg, *name = ctxt->pw->pw_name;
105 int authsuccess = 0, expired, reenter, result; 105 int authsuccess = 0, expired, reenter, result;
106 106
107 do { 107 do {
@@ -115,20 +115,11 @@ sys_auth_passwd(Authctxt *ctxt, const char *password)
115 if (result == 0) { 115 if (result == 0) {
116 authsuccess = 1; 116 authsuccess = 1;
117 117
118 host = (char *)get_canonical_hostname(options.use_dns);
119
120 /* 118 /*
121 * Record successful login. We don't have a pty yet, so just 119 * Record successful login. We don't have a pty yet, so just
122 * label the line as "ssh" 120 * label the line as "ssh"
123 */ 121 */
124 aix_setauthdb(name); 122 aix_setauthdb(name);
125 if (loginsuccess((char *)name, (char *)host, "ssh", &msg) == 0) {
126 if (msg != NULL) {
127 debug("%s: msg %s", __func__, msg);
128 buffer_append(&loginmsg, msg, strlen(msg));
129 xfree(msg);
130 }
131 }
132 123
133 /* 124 /*
134 * Check if the user's password is expired. 125 * Check if the user's password is expired.
@@ -208,6 +199,25 @@ sys_auth_allowed_user(struct passwd *pw)
208 return permitted; 199 return permitted;
209} 200}
210 201
202int
203sys_auth_record_login(const char *user, const char *host, const char *ttynm)
204{
205 char *msg;
206 int success = 0;
207
208 aix_setauthdb(user);
209 if (loginsuccess((char *)user, host, ttynm, &msg) == 0) {
210 success = 1;
211 if (msg != NULL) {
212 debug("AIX/loginsuccess: msg %s", __func__, msg);
213 buffer_append(&loginmsg, msg, strlen(msg));
214 xfree(msg);
215 }
216 }
217 aix_restoreauthdb();
218 return (success);
219}
220
211# ifdef CUSTOM_FAILED_LOGIN 221# ifdef CUSTOM_FAILED_LOGIN
212/* 222/*
213 * record_failed_login: generic "login failed" interface function 223 * record_failed_login: generic "login failed" interface function
diff --git a/openbsd-compat/port-aix.h b/openbsd-compat/port-aix.h
index 3b82652db..29e9751ce 100644
--- a/openbsd-compat/port-aix.h
+++ b/openbsd-compat/port-aix.h
@@ -1,4 +1,4 @@
1/* $Id: port-aix.h,v 1.20 2004/06/23 03:45:24 dtucker Exp $ */ 1/* $Id: port-aix.h,v 1.21 2004/08/14 14:09:12 dtucker Exp $ */
2 2
3/* 3/*
4 * 4 *
@@ -65,6 +65,8 @@ void aix_usrinfo(struct passwd *);
65# define CUSTOM_SYS_AUTH_PASSWD 1 65# define CUSTOM_SYS_AUTH_PASSWD 1
66# define CUSTOM_SYS_AUTH_ALLOWED_USER 1 66# define CUSTOM_SYS_AUTH_ALLOWED_USER 1
67int sys_auth_allowed_user(struct passwd *); 67int sys_auth_allowed_user(struct passwd *);
68# define CUSTOM_SYS_AUTH_RECORD_LOGIN 1
69int sys_auth_record_login(const char *, const char *, const char *);
68# define CUSTOM_FAILED_LOGIN 1 70# define CUSTOM_FAILED_LOGIN 1
69void record_failed_login(const char *, const char *); 71void record_failed_login(const char *, const char *);
70#endif 72#endif
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-05 19:56:42 +0000