- (dtucker) [auth.c openbsd-compat/port-aix.c openbsd-compat/port-aix.h]

Move loginrestrictions test to port-aix.c, replace with a generic hook.
author: Darren Tucker <dtucker@zip.com.au> 2004-06-23 13:45:24 +1000
committer: Darren Tucker <dtucker@zip.com.au> 2004-06-23 13:45:24 +1000
commit: 0a9d43d7264ff0a74c4f9493be238e35ef04c952 (patch)
tree: 5734ef5253ba9f4dac817c7987a00671c77d9fc6 /auth.c
parent: ef8f8af86c3df4d769892baeca5d18a7a8599908 (diff)
1 files changed, 4 insertions, 25 deletions
diff --git a/auth.c b/auth.c
index ef3cdba3c..d9ee0362f 100644
--- a/auth.c
+++ b/auth.c
@@ -203,31 +203,10 @@ allowed_user(struct passwd * pw)
                ga_free();
        }
-#ifdef WITH_AIXAUTHENTICATE
+#ifdef CUSTOM_SYS_AUTH_ALLOWED_USER
-        /*
+        if (!sys_auth_allowed_user(pw))
-         * Don't check loginrestrictions() for root account (use
+                return 0;
-         * PermitRootLogin to control logins via ssh), or if running as
+#endif
-         * non-root user (since loginrestrictions will always fail).
-         */
-        if ((pw->pw_uid != 0) && (geteuid() == 0)) {
-                char *msg;
-                if (loginrestrictions(pw->pw_name, S_RLOGIN, NULL, &msg) != 0) {
-                        int loginrestrict_errno = errno;
-                        if (msg && *msg) {
-                                buffer_append(&loginmsg, msg, strlen(msg));
-                                aix_remove_embedded_newlines(msg);
-                                logit("Login restricted for %s: %.100s",
-                                    pw->pw_name, msg);
-                        }
-                        /* Don't fail if /etc/nologin  set */
-                        if (!(loginrestrict_errno == EPERM &&
-                            stat(_PATH_NOLOGIN, &st) == 0))
-                                return 0;
-                }
-        }
-#endif /* WITH_AIXAUTHENTICATE */
        /* We found no reason not to let this user try to log on... */
        return 1;
author	Darren Tucker <dtucker@zip.com.au>	2004-06-23 13:45:24 +1000
committer	Darren Tucker <dtucker@zip.com.au>	2004-06-23 13:45:24 +1000
commit	0a9d43d7264ff0a74c4f9493be238e35ef04c952 (patch)
tree	5734ef5253ba9f4dac817c7987a00671c77d9fc6 /auth.c
parent	ef8f8af86c3df4d769892baeca5d18a7a8599908 (diff)

diff --git a/auth.c b/auth.c index ef3cdba3c..d9ee0362f 100644 --- a/auth.c +++ b/auth.c
@@ -203,31 +203,10 @@ allowed_user(struct passwd * pw)
203	ga_free();	203	ga_free();
204	}	204	}
205		205
206	#ifdef WITH_AIXAUTHENTICATE	206	#ifdef CUSTOM_SYS_AUTH_ALLOWED_USER
207	/*	207	if (!sys_auth_allowed_user(pw))
208	* Don't check loginrestrictions() for root account (use	208	return 0;
209	* PermitRootLogin to control logins via ssh), or if running as	209	#endif
210	* non-root user (since loginrestrictions will always fail).
211	*/
212	if ((pw->pw_uid != 0) && (geteuid() == 0)) {
213	char *msg;
214
215	if (loginrestrictions(pw->pw_name, S_RLOGIN, NULL, &msg) != 0) {
216	int loginrestrict_errno = errno;
217
218	if (msg && *msg) {
219	buffer_append(&loginmsg, msg, strlen(msg));
220	aix_remove_embedded_newlines(msg);
221	logit("Login restricted for %s: %.100s",
222	pw->pw_name, msg);
223	}
224	/* Don't fail if /etc/nologin set */
225	if (!(loginrestrict_errno == EPERM &&
226	stat(_PATH_NOLOGIN, &st) == 0))
227	return 0;
228	}
229	}
230	#endif /* WITH_AIXAUTHENTICATE */
231		210
232	/* We found no reason not to let this user try to log on... */	211	/* We found no reason not to let this user try to log on... */
233	return 1;	212	return 1;