4 files changed, 12 insertions, 3 deletions

diff --git a/ChangeLog b/ChangeLog
index a79ddda70..eba53b36e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -12,6 +12,9 @@
    - jmc@cvs.openbsd.org 2005/03/18 17:05:00
      [sshd_config.5]
      typo;
+ - (dtucker) [auth.h sshd.c openbsd-compat/port-aix.c] Bug #1006: fix bug in
+   handling of password expiry messages returned by AIX's authentication
+   routines, originally reported by robvdwal at sara.nl.
 
 20050329
  - (dtucker) [contrib/aix/buildbff.sh] Bug #1005: Look up only the user we're
@@ -2402,4 +2405,4 @@
    - (djm) Trim deprecated options from INSTALL. Mention UsePAM
    - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
 
-$Id: ChangeLog,v 1.3731 2005/03/31 11:33:50 dtucker Exp $
+$Id: ChangeLog,v 1.3732 2005/03/31 11:39:25 dtucker Exp $
diff --git a/auth.h b/auth.h
index 8d1f93403..471404e4e 100644
--- a/auth.h
+++ b/auth.h
@@ -30,6 +30,7 @@
 
 #include "key.h"
 #include "hostfile.h"
+#include "buffer.h"
 #include <openssl/rsa.h>
 
 #ifdef HAVE_LOGIN_CAP
@@ -68,6 +69,7 @@ struct Authctxt {
         char            *krb5_ticket_file;
         char            *krb5_ccname;
 #endif
+        Buffer          *loginmsg;
         void            *methoddata;
 };
 /*
@@ -185,6 +187,8 @@ void	 auth_debug_reset(void);
 
 struct passwd *fakepw(void);
 
+int      sys_auth_passwd(Authctxt *, const char *);
+
 #define AUTH_FAIL_MSG "Too many authentication failures for %.100s"
 
 #define SKEY_PROMPT "\nS/Key Password: "
diff --git a/openbsd-compat/port-aix.c b/openbsd-compat/port-aix.c
index fa6a4ff7b..cf5d4b9a3 100644
--- a/openbsd-compat/port-aix.c
+++ b/openbsd-compat/port-aix.c
@@ -151,7 +151,7 @@ aix_valid_authentications(const char *user)
  * returns 0.
  */
 int
-sys_auth_passwd(Authctxt *ctxt, const char *password, Buffer *loginmsg)
+sys_auth_passwd(Authctxt *ctxt, const char *password)
 {
         char *authmsg = NULL, *msg, *name = ctxt->pw->pw_name;
         int authsuccess = 0, expired, reenter, result;
@@ -181,7 +181,7 @@ sys_auth_passwd(Authctxt *ctxt, const char *password, Buffer *loginmsg)
                  */
                 expired = passwdexpired(name, &msg);
                 if (msg && *msg) {
-                        buffer_append(loginmsg, msg, strlen(msg));
+                        buffer_append(ctxt->loginmsg, msg, strlen(msg));
                         aix_remove_embedded_newlines(msg);
                 }
                 debug3("AIX/passwdexpired returned %d msg %.100s", expired, msg);
diff --git a/sshd.c b/sshd.c
index 11d618d11..b3fcc6964 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1673,6 +1673,8 @@ main(int ac, char **av)
         authctxt = xmalloc(sizeof(*authctxt));
         memset(authctxt, 0, sizeof(*authctxt));
 
+        authctxt->loginmsg = &loginmsg;
+
         /* XXX global for cleanup, access from other modules */
         the_authctxt = authctxt;