diff options
| author | Damien Miller <djm@mindrot.org> | 2019-01-20 09:58:45 +1100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2019-01-20 09:58:45 +1100 |
| commit | 08f66d9f17e12c1140d1f1cf5c4dce67e915d3cc (patch) | |
| tree | 70cb70df407096b8ff095d683b4f202f5e18653e | |
| parent | c327813ea1d740e3e367109c17873815aba1328e (diff) | |
remove vestiges of old packet API from loginrec.c
| -rw-r--r-- | auth.c | 6 | ||||
| -rw-r--r-- | auth2.c | 5 | ||||
| -rw-r--r-- | loginrec.c | 6 | ||||
| -rw-r--r-- | loginrec.h | 5 | ||||
| -rw-r--r-- | openbsd-compat/port-aix.c | 4 | ||||
| -rw-r--r-- | openbsd-compat/port-aix.h | 3 |
6 files changed, 18 insertions, 11 deletions
| @@ -356,11 +356,11 @@ auth_log(struct ssh *ssh, int authenticated, int partial, | |||
| 356 | (strcmp(method, "password") == 0 || | 356 | (strcmp(method, "password") == 0 || |
| 357 | strncmp(method, "keyboard-interactive", 20) == 0 || | 357 | strncmp(method, "keyboard-interactive", 20) == 0 || |
| 358 | strcmp(method, "challenge-response") == 0)) | 358 | strcmp(method, "challenge-response") == 0)) |
| 359 | record_failed_login(authctxt->user, | 359 | record_failed_login(ssh, authctxt->user, |
| 360 | auth_get_canonical_hostname(ssh, options.use_dns), "ssh"); | 360 | auth_get_canonical_hostname(ssh, options.use_dns), "ssh"); |
| 361 | # ifdef WITH_AIXAUTHENTICATE | 361 | # ifdef WITH_AIXAUTHENTICATE |
| 362 | if (authenticated) | 362 | if (authenticated) |
| 363 | sys_auth_record_login(authctxt->user, | 363 | sys_auth_record_login(ssh, authctxt->user, |
| 364 | auth_get_canonical_hostname(ssh, options.use_dns), "ssh", | 364 | auth_get_canonical_hostname(ssh, options.use_dns), "ssh", |
| 365 | loginmsg); | 365 | loginmsg); |
| 366 | # endif | 366 | # endif |
| @@ -601,7 +601,7 @@ getpwnamallow(struct ssh *ssh, const char *user) | |||
| 601 | logit("Invalid user %.100s from %.100s port %d", | 601 | logit("Invalid user %.100s from %.100s port %d", |
| 602 | user, ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); | 602 | user, ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); |
| 603 | #ifdef CUSTOM_FAILED_LOGIN | 603 | #ifdef CUSTOM_FAILED_LOGIN |
| 604 | record_failed_login(user, | 604 | record_failed_login(ssh, user, |
| 605 | auth_get_canonical_hostname(ssh, options.use_dns), "ssh"); | 605 | auth_get_canonical_hostname(ssh, options.use_dns), "ssh"); |
| 606 | #endif | 606 | #endif |
| 607 | #ifdef SSH_AUDIT_EVENTS | 607 | #ifdef SSH_AUDIT_EVENTS |
| @@ -401,7 +401,10 @@ userauth_finish(struct ssh *ssh, int authenticated, const char *method, | |||
| 401 | fatal("%s: buffer error: %s", | 401 | fatal("%s: buffer error: %s", |
| 402 | __func__, ssh_err(r)); | 402 | __func__, ssh_err(r)); |
| 403 | userauth_send_banner(ssh, sshbuf_ptr(loginmsg)); | 403 | userauth_send_banner(ssh, sshbuf_ptr(loginmsg)); |
| 404 | packet_write_wait(); | 404 | if ((r = ssh_packet_write_wait(ssh)) != 0) { |
| 405 | sshpkt_fatal(ssh, r, | ||
| 406 | "%s: send PAM banner", __func__); | ||
| 407 | } | ||
| 405 | } | 408 | } |
| 406 | fatal("Access denied for user %s by PAM account " | 409 | fatal("Access denied for user %s by PAM account " |
| 407 | "configuration", authctxt->user); | 410 | "configuration", authctxt->user); |
diff --git a/loginrec.c b/loginrec.c index 08fc73758..5f2a47797 100644 --- a/loginrec.c +++ b/loginrec.c | |||
| @@ -1653,7 +1653,7 @@ utmpx_get_entry(struct logininfo *li) | |||
| 1653 | */ | 1653 | */ |
| 1654 | 1654 | ||
| 1655 | void | 1655 | void |
| 1656 | record_failed_login(const char *username, const char *hostname, | 1656 | record_failed_login(struct ssh *ssh, const char *username, const char *hostname, |
| 1657 | const char *ttyn) | 1657 | const char *ttyn) |
| 1658 | { | 1658 | { |
| 1659 | int fd; | 1659 | int fd; |
| @@ -1696,8 +1696,8 @@ record_failed_login(const char *username, const char *hostname, | |||
| 1696 | /* strncpy because we don't necessarily want nul termination */ | 1696 | /* strncpy because we don't necessarily want nul termination */ |
| 1697 | strncpy(ut.ut_host, hostname, sizeof(ut.ut_host)); | 1697 | strncpy(ut.ut_host, hostname, sizeof(ut.ut_host)); |
| 1698 | 1698 | ||
| 1699 | if (packet_connection_is_on_socket() && | 1699 | if (ssh_packet_connection_is_on_socket(ssh) && |
| 1700 | getpeername(packet_get_connection_in(), | 1700 | getpeername(ssh_packet_get_connection_in(ssh), |
| 1701 | (struct sockaddr *)&from, &fromlen) == 0) { | 1701 | (struct sockaddr *)&from, &fromlen) == 0) { |
| 1702 | ipv64_normalise_mapped(&from, &fromlen); | 1702 | ipv64_normalise_mapped(&from, &fromlen); |
| 1703 | if (from.ss_family == AF_INET) { | 1703 | if (from.ss_family == AF_INET) { |
diff --git a/loginrec.h b/loginrec.h index 28923e781..62cc0e78c 100644 --- a/loginrec.h +++ b/loginrec.h | |||
| @@ -31,6 +31,8 @@ | |||
| 31 | 31 | ||
| 32 | #include "includes.h" | 32 | #include "includes.h" |
| 33 | 33 | ||
| 34 | struct ssh; | ||
| 35 | |||
| 34 | /** | 36 | /** |
| 35 | ** you should use the login_* calls to work around platform dependencies | 37 | ** you should use the login_* calls to work around platform dependencies |
| 36 | **/ | 38 | **/ |
| @@ -126,6 +128,7 @@ char *line_fullname(char *dst, const char *src, u_int dstsize); | |||
| 126 | char *line_stripname(char *dst, const char *src, int dstsize); | 128 | char *line_stripname(char *dst, const char *src, int dstsize); |
| 127 | char *line_abbrevname(char *dst, const char *src, int dstsize); | 129 | char *line_abbrevname(char *dst, const char *src, int dstsize); |
| 128 | 130 | ||
| 129 | void record_failed_login(const char *, const char *, const char *); | 131 | void record_failed_login(struct ssh *, const char *, const char *, |
| 132 | const char *); | ||
| 130 | 133 | ||
| 131 | #endif /* _HAVE_LOGINREC_H_ */ | 134 | #endif /* _HAVE_LOGINREC_H_ */ |
diff --git a/openbsd-compat/port-aix.c b/openbsd-compat/port-aix.c index 943177c70..52698050c 100644 --- a/openbsd-compat/port-aix.c +++ b/openbsd-compat/port-aix.c | |||
| @@ -280,8 +280,8 @@ sys_auth_allowed_user(struct passwd *pw, struct sshbuf *loginmsg) | |||
| 280 | } | 280 | } |
| 281 | 281 | ||
| 282 | int | 282 | int |
| 283 | sys_auth_record_login(const char *user, const char *host, const char *ttynm, | 283 | sys_auth_record_login(struct ssh *ssh, const char *user, const char *host, |
| 284 | struct sshbuf *loginmsg) | 284 | const char *ttynm, struct sshbuf *loginmsg) |
| 285 | { | 285 | { |
| 286 | char *msg = NULL; | 286 | char *msg = NULL; |
| 287 | int success = 0; | 287 | int success = 0; |
diff --git a/openbsd-compat/port-aix.h b/openbsd-compat/port-aix.h index 748c0e4e3..4702e3bf1 100644 --- a/openbsd-compat/port-aix.h +++ b/openbsd-compat/port-aix.h | |||
| @@ -30,6 +30,7 @@ | |||
| 30 | # include <sys/socket.h> | 30 | # include <sys/socket.h> |
| 31 | #endif | 31 | #endif |
| 32 | 32 | ||
| 33 | struct ssh; | ||
| 33 | struct sshbuf; | 34 | struct sshbuf; |
| 34 | 35 | ||
| 35 | /* These should be in the system headers but are not. */ | 36 | /* These should be in the system headers but are not. */ |
| @@ -89,7 +90,7 @@ void aix_usrinfo(struct passwd *); | |||
| 89 | # define CUSTOM_SYS_AUTH_ALLOWED_USER 1 | 90 | # define CUSTOM_SYS_AUTH_ALLOWED_USER 1 |
| 90 | int sys_auth_allowed_user(struct passwd *, struct sshbuf *); | 91 | int sys_auth_allowed_user(struct passwd *, struct sshbuf *); |
| 91 | # define CUSTOM_SYS_AUTH_RECORD_LOGIN 1 | 92 | # define CUSTOM_SYS_AUTH_RECORD_LOGIN 1 |
| 92 | int sys_auth_record_login(const char *, const char *, | 93 | int sys_auth_record_login(struct ssh *, const char *, const char *, |
| 93 | const char *, struct sshbuf *); | 94 | const char *, struct sshbuf *); |
| 94 | # define CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG | 95 | # define CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG |
| 95 | char *sys_auth_get_lastlogin_msg(const char *, uid_t); | 96 | char *sys_auth_get_lastlogin_msg(const char *, uid_t); |