4 files changed, 11 insertions, 14 deletions
diff --git a/ChangeLog b/ChangeLog
index 1e5ce7adf..e9021d452 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -56,7 +56,8 @@
     /etc/ssh/ssh_config and exit if HostbasedAuthentication is disabled 
     globally. based on discussions with deraadt, itojun and sommerfeld; 
     ok itojun@
+ - (bal) Failed password attempts don't increment counter on AIX. Bug #145
+  
 20020702
 - (djm) Use PAM_MSG_MEMBER for PAM_TEXT_INFO messages, use xmalloc & 
   friends consistently. Spotted by Solar Designer <solar@openwall.com>
@@ -1264,4 +1265,4 @@
 - (stevesk) entropy.c: typo in debug message
 - (djm) ssh-keygen -i needs seeded RNG; report from markus@
-$Id: ChangeLog,v 1.2329 2002/07/04 00:19:40 mouring Exp $
+$Id: ChangeLog,v 1.2330 2002/07/04 00:27:21 mouring Exp $
diff --git a/auth.c b/auth.c
index 066b50d6b..693826a93 100644
--- a/auth.c
+++ b/auth.c
@@ -256,6 +256,14 @@ auth_log(Authctxt *authctxt, int authenticated, char *method, char *info)
            get_remote_ipaddr(),
            get_remote_port(),
            info);
+#ifdef WITH_AIXAUTHENTICATE
+        if (authenticated == 0 && strcmp(method, "password") == 0)
+            loginfailed(authctxt->user,
+                get_canonical_hostname(options.verify_reverse_mapping),
+                "ssh");
+#endif /* WITH_AIXAUTHENTICATE */
 }
 /*
diff --git a/auth1.c b/auth1.c
index 2ebc8d039..769fa306f 100644
--- a/auth1.c
+++ b/auth1.c
@@ -323,12 +323,6 @@ do_authloop(Authctxt *authctxt)
                        return;
                if (authctxt->failures++ > AUTH_FAIL_MAX) {
-#ifdef WITH_AIXAUTHENTICATE
-                        /* XXX: privsep */
-                        loginfailed(authctxt->user,
-                            get_canonical_hostname(options.verify_reverse_mapping),
-                            "ssh");
-#endif /* WITH_AIXAUTHENTICATE */
                        packet_disconnect(AUTH_FAIL_MSG, authctxt->user);
                }
diff --git a/auth2.c b/auth2.c
index eea381d95..3b47a6d0a 100644
--- a/auth2.c
+++ b/auth2.c
@@ -232,12 +232,6 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method)
                authctxt->success = 1;
        } else {
                if (authctxt->failures++ > AUTH_FAIL_MAX) {
-#ifdef WITH_AIXAUTHENTICATE
-                        /* XXX: privsep */
-                        loginfailed(authctxt->user,
-                            get_canonical_hostname(options.verify_reverse_mapping),
-                            "ssh");
-#endif /* WITH_AIXAUTHENTICATE */
                        packet_disconnect(AUTH_FAIL_MSG, authctxt->user);
                }
                methods = authmethods_get();

diff --git a/ChangeLog b/ChangeLog index 1e5ce7adf..e9021d452 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -56,7 +56,8 @@
56	/etc/ssh/ssh_config and exit if HostbasedAuthentication is disabled	56	/etc/ssh/ssh_config and exit if HostbasedAuthentication is disabled
57	globally. based on discussions with deraadt, itojun and sommerfeld;	57	globally. based on discussions with deraadt, itojun and sommerfeld;
58	ok itojun@	58	ok itojun@
59		59	- (bal) Failed password attempts don't increment counter on AIX. Bug #145
		60
60	20020702	61	20020702
61	- (djm) Use PAM_MSG_MEMBER for PAM_TEXT_INFO messages, use xmalloc &	62	- (djm) Use PAM_MSG_MEMBER for PAM_TEXT_INFO messages, use xmalloc &
62	friends consistently. Spotted by Solar Designer <solar@openwall.com>	63	friends consistently. Spotted by Solar Designer <solar@openwall.com>
@@ -1264,4 +1265,4 @@
1264	- (stevesk) entropy.c: typo in debug message	1265	- (stevesk) entropy.c: typo in debug message
1265	- (djm) ssh-keygen -i needs seeded RNG; report from markus@	1266	- (djm) ssh-keygen -i needs seeded RNG; report from markus@
1266		1267
1267	$Id: ChangeLog,v 1.2329 2002/07/04 00:19:40 mouring Exp $	1268	$Id: ChangeLog,v 1.2330 2002/07/04 00:27:21 mouring Exp $


diff --git a/auth.c b/auth.c index 066b50d6b..693826a93 100644 --- a/auth.c +++ b/auth.c
@@ -256,6 +256,14 @@ auth_log(Authctxt authctxt, int authenticated, char method, char *info)
256	get_remote_ipaddr(),	256	get_remote_ipaddr(),
257	get_remote_port(),	257	get_remote_port(),
258	info);	258	info);
		259
		260	#ifdef WITH_AIXAUTHENTICATE
		261	if (authenticated == 0 && strcmp(method, "password") == 0)
		262	loginfailed(authctxt->user,
		263	get_canonical_hostname(options.verify_reverse_mapping),
		264	"ssh");
		265	#endif /* WITH_AIXAUTHENTICATE */
		266
259	}	267	}
260		268
261	/*	269	/*


diff --git a/auth1.c b/auth1.c index 2ebc8d039..769fa306f 100644 --- a/auth1.c +++ b/auth1.c
@@ -323,12 +323,6 @@ do_authloop(Authctxt *authctxt)
323	return;	323	return;
324		324
325	if (authctxt->failures++ > AUTH_FAIL_MAX) {	325	if (authctxt->failures++ > AUTH_FAIL_MAX) {
326	#ifdef WITH_AIXAUTHENTICATE
327	/* XXX: privsep */
328	loginfailed(authctxt->user,
329	get_canonical_hostname(options.verify_reverse_mapping),
330	"ssh");
331	#endif /* WITH_AIXAUTHENTICATE */
332	packet_disconnect(AUTH_FAIL_MSG, authctxt->user);	326	packet_disconnect(AUTH_FAIL_MSG, authctxt->user);
333	}	327	}
334		328


diff --git a/auth2.c b/auth2.c index eea381d95..3b47a6d0a 100644 --- a/auth2.c +++ b/auth2.c
@@ -232,12 +232,6 @@ userauth_finish(Authctxt authctxt, int authenticated, char method)
232	authctxt->success = 1;	232	authctxt->success = 1;
233	} else {	233	} else {
234	if (authctxt->failures++ > AUTH_FAIL_MAX) {	234	if (authctxt->failures++ > AUTH_FAIL_MAX) {
235	#ifdef WITH_AIXAUTHENTICATE
236	/* XXX: privsep */
237	loginfailed(authctxt->user,
238	get_canonical_hostname(options.verify_reverse_mapping),
239	"ssh");
240	#endif /* WITH_AIXAUTHENTICATE */
241	packet_disconnect(AUTH_FAIL_MSG, authctxt->user);	235	packet_disconnect(AUTH_FAIL_MSG, authctxt->user);
242	}	236	}
243	methods = authmethods_get();	237	methods = authmethods_get();