diff options
Diffstat (limited to 'openbsd-compat/port-aix.c')
-rw-r--r-- | openbsd-compat/port-aix.c | 39 |
1 files changed, 35 insertions, 4 deletions
diff --git a/openbsd-compat/port-aix.c b/openbsd-compat/port-aix.c index 6fc2ef771..a5511bbef 100644 --- a/openbsd-compat/port-aix.c +++ b/openbsd-compat/port-aix.c | |||
@@ -98,10 +98,10 @@ aix_remove_embedded_newlines(char *p) | |||
98 | * returns 0. | 98 | * returns 0. |
99 | */ | 99 | */ |
100 | int | 100 | int |
101 | aix_authenticate(const char *name, const char *password, const char *host) | 101 | sys_auth_passwd(Authctxt *ctxt, const char *password) |
102 | { | 102 | { |
103 | char *authmsg = NULL, *msg; | 103 | char *authmsg = NULL, *host, *msg, *name = ctxt->pw->pw_name; |
104 | int authsuccess = 0, reenter, result; | 104 | int authsuccess = 0, expired, reenter, result; |
105 | 105 | ||
106 | do { | 106 | do { |
107 | result = authenticate((char *)name, (char *)password, &reenter, | 107 | result = authenticate((char *)name, (char *)password, &reenter, |
@@ -114,7 +114,12 @@ aix_authenticate(const char *name, const char *password, const char *host) | |||
114 | if (result == 0) { | 114 | if (result == 0) { |
115 | authsuccess = 1; | 115 | authsuccess = 1; |
116 | 116 | ||
117 | /* No pty yet, so just label the line as "ssh" */ | 117 | host = (char *)get_canonical_hostname(options.use_dns); |
118 | |||
119 | /* | ||
120 | * Record successful login. We don't have a pty yet, so just | ||
121 | * label the line as "ssh" | ||
122 | */ | ||
118 | aix_setauthdb(name); | 123 | aix_setauthdb(name); |
119 | if (loginsuccess((char *)name, (char *)host, "ssh", &msg) == 0) { | 124 | if (loginsuccess((char *)name, (char *)host, "ssh", &msg) == 0) { |
120 | if (msg != NULL) { | 125 | if (msg != NULL) { |
@@ -123,6 +128,32 @@ aix_authenticate(const char *name, const char *password, const char *host) | |||
123 | xfree(msg); | 128 | xfree(msg); |
124 | } | 129 | } |
125 | } | 130 | } |
131 | |||
132 | /* | ||
133 | * Check if the user's password is expired. | ||
134 | */ | ||
135 | expired = passwdexpired(name, &msg); | ||
136 | if (msg && *msg) { | ||
137 | buffer_append(&loginmsg, msg, strlen(msg)); | ||
138 | aix_remove_embedded_newlines(msg); | ||
139 | } | ||
140 | debug3("AIX/passwdexpired returned %d msg %.100s", expired, msg); | ||
141 | |||
142 | switch (expired) { | ||
143 | case 0: /* password not expired */ | ||
144 | break; | ||
145 | case 1: /* expired, password change required */ | ||
146 | ctxt->force_pwchange = 1; | ||
147 | disable_forwarding(); | ||
148 | break; | ||
149 | default: /* user can't change(2) or other error (-1) */ | ||
150 | logit("Password can't be changed for user %s: %.100s", | ||
151 | name, msg); | ||
152 | if (msg) | ||
153 | xfree(msg); | ||
154 | authsuccess = 0; | ||
155 | } | ||
156 | |||
126 | aix_restoreauthdb(); | 157 | aix_restoreauthdb(); |
127 | } | 158 | } |
128 | 159 | ||