Merge 3.7.1p2 to the trunk. I have absolutely no idea yet whether this will

work.
author: Colin Watson <cjwatson@debian.org> 2003-09-23 18:08:35 +0000
committer: Colin Watson <cjwatson@debian.org> 2003-09-23 18:08:35 +0000
commit: d59fd3e421aa81b8e5e118f3f806081df2aca879 (patch)
tree: 356a4e607edc979c625bb33db63c656d771478bd /openbsd-compat/port-aix.c
parent: 7505658c58e96b8d270f1928a0e1fa7f3e0c266b (diff)
parent: 45431c9b4677608680cd071768cbf156b316a7e8 (diff)
1 files changed, 88 insertions, 3 deletions
diff --git a/openbsd-compat/port-aix.c b/openbsd-compat/port-aix.c
index 4c96a3171..7a981634b 100644
--- a/openbsd-compat/port-aix.c
+++ b/openbsd-compat/port-aix.c
@@ -24,11 +24,17 @@
 *
 */
 #include "includes.h"
+#include "ssh.h"
+#include "log.h"
+#include "servconf.h"
 #ifdef _AIX
 #include <uinfo.h>
 #include <../xmalloc.h>
+#include "port-aix.h"
+extern ServerOptions options;
 /*
 * AIX has a "usrinfo" area where logname and other stuff is stored - 
@@ -41,16 +47,95 @@ void
 aix_usrinfo(struct passwd *pw)
 {
        u_int i;
+        size_t len;
        char *cp;
-        cp = xmalloc(16 + 2 * strlen(pw->pw_name));
+        len = sizeof("LOGNAME= NAME= ") + (2 * strlen(pw->pw_name));
-        i = sprintf(cp, "LOGNAME=%s%cNAME=%s%c", pw->pw_name, 0, 
+        cp = xmalloc(len);
-            pw->pw_name, 0);
+        i = snprintf(cp, len, "LOGNAME=%s%cNAME=%s%c", pw->pw_name, '\0', 
+            pw->pw_name, '\0');
        if (usrinfo(SETUINFO, cp, i) == -1)
                fatal("Couldn't set usrinfo: %s", strerror(errno));
        debug3("AIX/UsrInfo: set len %d", i);
        xfree(cp);
 }
+#ifdef WITH_AIXAUTHENTICATE
+/*
+ * Remove embedded newlines in string (if any).
+ * Used before logging messages returned by AIX authentication functions
+ * so the message is logged on one line.
+ */
+void
+aix_remove_embedded_newlines(char *p)
+{
+        if (p == NULL)
+                return;
+        for (; *p; p++) {
+                if (*p == '\n')
+                        *p = ' ';
+        }
+        /* Remove trailing whitespace */
+        if (*--p == ' ')
+                *p = '\0';
+}
+#endif /* WITH_AIXAUTHENTICATE */
+  
+# ifdef CUSTOM_FAILED_LOGIN
+/*
+ * record_failed_login: generic "login failed" interface function
+ */
+void
+record_failed_login(const char *user, const char *ttyname)
+{
+        char *hostname = get_canonical_hostname(options.use_dns);
+        if (geteuid() != 0)
+                return;
+        aix_setauthdb(user);
+#  ifdef AIX_LOGINFAILED_4ARG
+        loginfailed((char *)user, hostname, (char *)ttyname, AUDIT_FAIL_AUTH);
+#  else
+        loginfailed((char *)user, hostname, (char *)ttyname);
+#  endif
+}
+/*
+ * If we have setauthdb, retrieve the password registry for the user's
+ * account then feed it to setauthdb.  This may load registry-specific method
+ * code.  If we don't have setauthdb or have already called it this is a no-op.
+ */
+void
+aix_setauthdb(const char *user)
+{
+#  ifdef HAVE_SETAUTHDB
+        static char *registry = NULL;
+        if (registry != NULL)   /* have already done setauthdb */
+                return;
+        if (setuserdb(S_READ) == -1) {
+                debug3("%s: Could not open userdb to read", __func__);
+                return;
+        }
+        
+        if (getuserattr((char *)user, S_REGISTRY, &registry, SEC_CHAR) == 0) {
+                if (setauthdb(registry, NULL) == 0)
+                        debug3("%s: AIX/setauthdb set registry %s", __func__,
+                            registry);
+                else 
+                        debug3("%s: AIX/setauthdb set registry %s failed: %s",
+                            __func__, registry, strerror(errno));
+        } else
+                debug3("%s: Could not read S_REGISTRY for user: %s", __func__,
+                    strerror(errno));
+        enduserdb();
+#  endif
+}
+# endif /* CUSTOM_FAILED_LOGIN */
 #endif /* _AIX */
author	Colin Watson <cjwatson@debian.org>	2003-09-23 18:08:35 +0000
committer	Colin Watson <cjwatson@debian.org>	2003-09-23 18:08:35 +0000
commit	d59fd3e421aa81b8e5e118f3f806081df2aca879 (patch)
tree	356a4e607edc979c625bb33db63c656d771478bd /openbsd-compat/port-aix.c
parent	7505658c58e96b8d270f1928a0e1fa7f3e0c266b (diff)
parent	45431c9b4677608680cd071768cbf156b316a7e8 (diff)

diff --git a/openbsd-compat/port-aix.c b/openbsd-compat/port-aix.c index 4c96a3171..7a981634b 100644 --- a/openbsd-compat/port-aix.c +++ b/openbsd-compat/port-aix.c
@@ -24,11 +24,17 @@
24	*	24	*
25	*/	25	*/
26	#include "includes.h"	26	#include "includes.h"
		27	#include "ssh.h"
		28	#include "log.h"
		29	#include "servconf.h"
27		30
28	#ifdef _AIX	31	#ifdef _AIX
29		32
30	#include <uinfo.h>	33	#include <uinfo.h>
31	#include <../xmalloc.h>	34	#include <../xmalloc.h>
		35	#include "port-aix.h"
		36
		37	extern ServerOptions options;
32		38
33	/*	39	/*
34	* AIX has a "usrinfo" area where logname and other stuff is stored -	40	* AIX has a "usrinfo" area where logname and other stuff is stored -
@@ -41,16 +47,95 @@ void
41	aix_usrinfo(struct passwd *pw)	47	aix_usrinfo(struct passwd *pw)
42	{	48	{
43	u_int i;	49	u_int i;
		50	size_t len;
44	char *cp;	51	char *cp;
45		52
46	cp = xmalloc(16 + 2 * strlen(pw->pw_name));	53	len = sizeof("LOGNAME= NAME= ") + (2 * strlen(pw->pw_name));
47	i = sprintf(cp, "LOGNAME=%s%cNAME=%s%c", pw->pw_name, 0,	54	cp = xmalloc(len);
48	pw->pw_name, 0);	55
		56	i = snprintf(cp, len, "LOGNAME=%s%cNAME=%s%c", pw->pw_name, '\0',
		57	pw->pw_name, '\0');
49	if (usrinfo(SETUINFO, cp, i) == -1)	58	if (usrinfo(SETUINFO, cp, i) == -1)
50	fatal("Couldn't set usrinfo: %s", strerror(errno));	59	fatal("Couldn't set usrinfo: %s", strerror(errno));
51	debug3("AIX/UsrInfo: set len %d", i);	60	debug3("AIX/UsrInfo: set len %d", i);
		61
52	xfree(cp);	62	xfree(cp);
53	}	63	}
54		64
		65	#ifdef WITH_AIXAUTHENTICATE
		66	/*
		67	* Remove embedded newlines in string (if any).
		68	* Used before logging messages returned by AIX authentication functions
		69	* so the message is logged on one line.
		70	*/
		71	void
		72	aix_remove_embedded_newlines(char *p)
		73	{
		74	if (p == NULL)
		75	return;
		76
		77	for (; *p; p++) {
		78	if (*p == '\n')
		79	*p = ' ';
		80	}
		81	/* Remove trailing whitespace */
		82	if (*--p == ' ')
		83	*p = '\0';
		84	}
		85	#endif /* WITH_AIXAUTHENTICATE */
		86
		87	# ifdef CUSTOM_FAILED_LOGIN
		88	/*
		89	* record_failed_login: generic "login failed" interface function
		90	*/
		91	void
		92	record_failed_login(const char user, const char ttyname)
		93	{
		94	char *hostname = get_canonical_hostname(options.use_dns);
		95
		96	if (geteuid() != 0)
		97	return;
		98
		99	aix_setauthdb(user);
		100	# ifdef AIX_LOGINFAILED_4ARG
		101	loginfailed((char )user, hostname, (char )ttyname, AUDIT_FAIL_AUTH);
		102	# else
		103	loginfailed((char )user, hostname, (char )ttyname);
		104	# endif
		105	}
		106
		107	/*
		108	* If we have setauthdb, retrieve the password registry for the user's
		109	* account then feed it to setauthdb. This may load registry-specific method
		110	* code. If we don't have setauthdb or have already called it this is a no-op.
		111	*/
		112	void
		113	aix_setauthdb(const char *user)
		114	{
		115	# ifdef HAVE_SETAUTHDB
		116	static char *registry = NULL;
		117
		118	if (registry != NULL) /* have already done setauthdb */
		119	return;
		120
		121	if (setuserdb(S_READ) == -1) {
		122	debug3("%s: Could not open userdb to read", __func__);
		123	return;
		124	}
		125
		126	if (getuserattr((char *)user, S_REGISTRY, &registry, SEC_CHAR) == 0) {
		127	if (setauthdb(registry, NULL) == 0)
		128	debug3("%s: AIX/setauthdb set registry %s", __func__,
		129	registry);
		130	else
		131	debug3("%s: AIX/setauthdb set registry %s failed: %s",
		132	__func__, registry, strerror(errno));
		133	} else
		134	debug3("%s: Could not read S_REGISTRY for user: %s", __func__,
		135	strerror(errno));
		136	enduserdb();
		137	# endif
		138	}
		139	# endif /* CUSTOM_FAILED_LOGIN */
55	#endif /* _AIX */	140	#endif /* _AIX */
56		141