diff options
Diffstat (limited to 'auth2.c')
-rw-r--r-- | auth2.c | 18 |
1 files changed, 15 insertions, 3 deletions
@@ -154,9 +154,9 @@ input_userauth_request(int type, int plen) | |||
154 | int authenticated = 0; | 154 | int authenticated = 0; |
155 | char *raw, *user, *service, *method, *authmsg = NULL; | 155 | char *raw, *user, *service, *method, *authmsg = NULL; |
156 | struct passwd *pw; | 156 | struct passwd *pw; |
157 | 157 | #ifdef WITH_AIXAUTHENTICATE | |
158 | if (++attempt == AUTH_FAIL_MAX) | 158 | extern char *aixloginmsg; |
159 | packet_disconnect("too many failed userauth_requests"); | 159 | #endif /* WITH_AIXAUTHENTICATE */ |
160 | 160 | ||
161 | raw = packet_get_raw(&rlen); | 161 | raw = packet_get_raw(&rlen); |
162 | if (plen != rlen) | 162 | if (plen != rlen) |
@@ -164,6 +164,12 @@ input_userauth_request(int type, int plen) | |||
164 | user = packet_get_string(&len); | 164 | user = packet_get_string(&len); |
165 | service = packet_get_string(&len); | 165 | service = packet_get_string(&len); |
166 | method = packet_get_string(&len); | 166 | method = packet_get_string(&len); |
167 | if (++attempt == AUTH_FAIL_MAX) { | ||
168 | #ifdef WITH_AIXAUTHENTICATE | ||
169 | loginfailed(user,get_canonical_hostname(),"ssh"); | ||
170 | #endif /* WITH_AIXAUTHENTICATE */ | ||
171 | packet_disconnect("too many failed userauth_requests"); | ||
172 | } | ||
167 | debug("userauth-request for user %s service %s method %s", user, service, method); | 173 | debug("userauth-request for user %s service %s method %s", user, service, method); |
168 | 174 | ||
169 | /* XXX we only allow the ssh-connection service */ | 175 | /* XXX we only allow the ssh-connection service */ |
@@ -211,6 +217,12 @@ input_userauth_request(int type, int plen) | |||
211 | 217 | ||
212 | /* XXX todo: check if multiple auth methods are needed */ | 218 | /* XXX todo: check if multiple auth methods are needed */ |
213 | if (authenticated == 1) { | 219 | if (authenticated == 1) { |
220 | #ifdef WITH_AIXAUTHENTICATE | ||
221 | /* We don't have a pty yet, so just label the line as "ssh" */ | ||
222 | if (loginsuccess(user,get_canonical_hostname(),"ssh", | ||
223 | &aixloginmsg) < 0) | ||
224 | aixloginmsg = NULL; | ||
225 | #endif /* WITH_AIXAUTHENTICATE */ | ||
214 | /* turn off userauth */ | 226 | /* turn off userauth */ |
215 | dispatch_set(SSH2_MSG_USERAUTH_REQUEST, &protocol_error); | 227 | dispatch_set(SSH2_MSG_USERAUTH_REQUEST, &protocol_error); |
216 | packet_start(SSH2_MSG_USERAUTH_SUCCESS); | 228 | packet_start(SSH2_MSG_USERAUTH_SUCCESS); |