diff options
author | Damien Miller <djm@mindrot.org> | 2000-01-23 10:32:03 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2000-01-23 10:32:03 +1100 |
commit | 1fa154bb1e06bfb4f8d6b95f09a6352d38577c57 (patch) | |
tree | 62678a152fab75d8062dff6eb85e72db6fb27acc /sshd.c | |
parent | 6fe375dee4f0c5b81026d7eb9dc00cf75645b241 (diff) |
- AIX patch from Matt Richards <v2matt@btv.ibm.com> and David Rankin
<drankin@bohemians.lexington.ky.us>
Diffstat (limited to 'sshd.c')
-rw-r--r-- | sshd.c | 38 |
1 files changed, 36 insertions, 2 deletions
@@ -1099,6 +1099,9 @@ allowed_user(struct passwd * pw) | |||
1099 | { | 1099 | { |
1100 | struct group *grp; | 1100 | struct group *grp; |
1101 | int i; | 1101 | int i; |
1102 | #ifdef WITH_AIXAUTHENTICATE | ||
1103 | char *loginmsg; | ||
1104 | #endif /* WITH_AIXAUTHENTICATE */ | ||
1102 | 1105 | ||
1103 | /* Shouldn't be called if pw is NULL, but better safe than sorry... */ | 1106 | /* Shouldn't be called if pw is NULL, but better safe than sorry... */ |
1104 | if (!pw) | 1107 | if (!pw) |
@@ -1155,6 +1158,12 @@ allowed_user(struct passwd * pw) | |||
1155 | return 0; | 1158 | return 0; |
1156 | } | 1159 | } |
1157 | } | 1160 | } |
1161 | |||
1162 | #ifdef WITH_AIXAUTHENTICATE | ||
1163 | if (loginrestrictions(pw->pw_name,S_LOGIN,NULL,&loginmsg) != 0) | ||
1164 | return 0; | ||
1165 | #endif /* WITH_AIXAUTHENTICATE */ | ||
1166 | |||
1158 | /* We found no reason not to let this user try to log on... */ | 1167 | /* We found no reason not to let this user try to log on... */ |
1159 | return 1; | 1168 | return 1; |
1160 | } | 1169 | } |
@@ -1179,6 +1188,10 @@ do_authentication() | |||
1179 | 1188 | ||
1180 | setproctitle("%s", user); | 1189 | setproctitle("%s", user); |
1181 | 1190 | ||
1191 | #ifdef WITH_AIXAUTHENTICATE | ||
1192 | char *loginmsg; | ||
1193 | #endif /* WITH_AIXAUTHENTICATE */ | ||
1194 | |||
1182 | #ifdef AFS | 1195 | #ifdef AFS |
1183 | /* If machine has AFS, set process authentication group. */ | 1196 | /* If machine has AFS, set process authentication group. */ |
1184 | if (k_hasafs()) { | 1197 | if (k_hasafs()) { |
@@ -1244,6 +1257,9 @@ do_authentication() | |||
1244 | get_canonical_hostname()); | 1257 | get_canonical_hostname()); |
1245 | } | 1258 | } |
1246 | /* The user has been authenticated and accepted. */ | 1259 | /* The user has been authenticated and accepted. */ |
1260 | #ifdef WITH_AIXAUTHENTICATE | ||
1261 | loginsuccess(user,get_canonical_hostname(),"ssh",&loginmsg); | ||
1262 | #endif /* WITH_AIXAUTHENTICATE */ | ||
1247 | packet_start(SSH_SMSG_SUCCESS); | 1263 | packet_start(SSH_SMSG_SUCCESS); |
1248 | packet_send(); | 1264 | packet_send(); |
1249 | packet_write_wait(); | 1265 | packet_write_wait(); |
@@ -1498,8 +1514,7 @@ do_authloop(struct passwd * pw) | |||
1498 | 1514 | ||
1499 | if (authenticated) { | 1515 | if (authenticated) { |
1500 | #ifdef USE_PAM | 1516 | #ifdef USE_PAM |
1501 | if (!do_pam_account(pw->pw_name, client_user)) | 1517 | if (!do_pam_account(pw->pw_name, client_user)) { |
1502 | { | ||
1503 | if (client_user != NULL) | 1518 | if (client_user != NULL) |
1504 | xfree(client_user); | 1519 | xfree(client_user); |
1505 | 1520 | ||
@@ -1582,6 +1597,11 @@ do_fake_authloop(char *user) | |||
1582 | packet_start(SSH_SMSG_FAILURE); | 1597 | packet_start(SSH_SMSG_FAILURE); |
1583 | packet_send(); | 1598 | packet_send(); |
1584 | packet_write_wait(); | 1599 | packet_write_wait(); |
1600 | #ifdef WITH_AIXAUTHENTICATE | ||
1601 | if (strncmp(get_authname(type),"password", | ||
1602 | strlen(get_authname(type))) == 0) | ||
1603 | loginfailed(pw->pw_name,get_canonical_hostname(),"ssh"); | ||
1604 | #endif /* WITH_AIXAUTHENTICATE */ | ||
1585 | } | 1605 | } |
1586 | /* NOTREACHED */ | 1606 | /* NOTREACHED */ |
1587 | abort(); | 1607 | abort(); |
@@ -2423,6 +2443,18 @@ do_child(const char *command, struct passwd * pw, const char *term, | |||
2423 | if (display) | 2443 | if (display) |
2424 | child_set_env(&env, &envsize, "DISPLAY", display); | 2444 | child_set_env(&env, &envsize, "DISPLAY", display); |
2425 | 2445 | ||
2446 | #ifdef _AIX | ||
2447 | { | ||
2448 | char *authstate,*krb5cc; | ||
2449 | |||
2450 | if ((authstate = getenv("AUTHSTATE")) != NULL) | ||
2451 | child_set_env(&env,&envsize,"AUTHSTATE",authstate); | ||
2452 | |||
2453 | if ((krb5cc = getenv("KRB5CCNAME")) != NULL) | ||
2454 | child_set_env(&env,&envsize,"KRB5CCNAME",krb5cc); | ||
2455 | } | ||
2456 | #endif | ||
2457 | |||
2426 | #ifdef KRB4 | 2458 | #ifdef KRB4 |
2427 | { | 2459 | { |
2428 | extern char *ticket; | 2460 | extern char *ticket; |
@@ -2444,6 +2476,8 @@ do_child(const char *command, struct passwd * pw, const char *term, | |||
2444 | child_set_env(&env, &envsize, SSH_AUTHSOCKET_ENV_NAME, | 2476 | child_set_env(&env, &envsize, SSH_AUTHSOCKET_ENV_NAME, |
2445 | auth_get_socket_name()); | 2477 | auth_get_socket_name()); |
2446 | 2478 | ||
2479 | read_environment_file(&env,&envsize,"/etc/environment"); | ||
2480 | |||
2447 | /* read $HOME/.ssh/environment. */ | 2481 | /* read $HOME/.ssh/environment. */ |
2448 | if (!options.use_login) { | 2482 | if (!options.use_login) { |
2449 | snprintf(buf, sizeof buf, "%.200s/.ssh/environment", pw->pw_dir); | 2483 | snprintf(buf, sizeof buf, "%.200s/.ssh/environment", pw->pw_dir); |