From e49d0966b5e8e4ff4eb993f1b8511932dfcf7bf8 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Tue, 13 Nov 2001 23:46:18 +1100 Subject: - (djm) AIX login{success,failed} changes. Move loginsuccess call to do_authenticated. Call loginfailed for protocol 2 failures > MAX like we do for protocol 1. Reports from Ralf Wenk , K.Wolkersdorfer@fz-juelich.de and others --- ChangeLog | 6 +++++- auth1.c | 12 ------------ auth2.c | 12 +++++++----- session.c | 9 ++++++++- 4 files changed, 20 insertions(+), 19 deletions(-) diff --git a/ChangeLog b/ChangeLog index ea5372b5e..e1b17aaea 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,10 @@ 20011113 - (djm) Fix early (and double) free of remote user when using Kerberos. Patch from Simon Wilkinson + - (djm) AIX login{success,failed} changes. Move loginsuccess call to + do_authenticated. Call loginfailed for protocol 2 failures > MAX like + we do for protocol 1. Reports from Ralf Wenk , + K.Wolkersdorfer@fz-juelich.de and others 20011112 - (djm) Makefile correctness fix from Mark D. Baushke @@ -6891,4 +6895,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.1658 2001/11/13 00:20:07 djm Exp $ +$Id: ChangeLog,v 1.1659 2001/11/13 12:46:18 djm Exp $ diff --git a/auth1.c b/auth1.c index 6d40219be..1fbfad90a 100644 --- a/auth1.c +++ b/auth1.c @@ -29,10 +29,6 @@ RCSID("$OpenBSD: auth1.c,v 1.25 2001/06/26 16:15:23 dugsong Exp $"); /* import */ extern ServerOptions options; -#ifdef WITH_AIXAUTHENTICATE -extern char *aixloginmsg; -#endif /* WITH_AIXAUTHENTICATE */ - /* * convert ssh auth msg type into description */ @@ -428,14 +424,6 @@ do_authentication() packet_send(); packet_write_wait(); -#ifdef WITH_AIXAUTHENTICATE - /* We don't have a pty yet, so just label the line as "ssh" */ - if (loginsuccess(authctxt->user, - get_canonical_hostname(options.reverse_mapping_check), - "ssh", &aixloginmsg) < 0) - aixloginmsg = NULL; -#endif /* WITH_AIXAUTHENTICATE */ - /* Perform session preparation. */ do_authenticated(authctxt); } diff --git a/auth2.c b/auth2.c index eb04ae75b..1920eb32e 100644 --- a/auth2.c +++ b/auth2.c @@ -57,10 +57,6 @@ extern ServerOptions options; extern u_char *session_id2; extern int session_id2_len; -#ifdef WITH_AIXAUTHENTICATE -extern char *aixloginmsg; -#endif - static Authctxt *x_authctxt = NULL; static int one = 1; @@ -282,8 +278,14 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method) /* now we can break out */ authctxt->success = 1; } else { - if (authctxt->failures++ > AUTH_FAIL_MAX) + if (authctxt->failures++ > AUTH_FAIL_MAX) { +#ifdef WITH_AIXAUTHENTICATE + loginfailed(authctxt->user, + get_canonical_hostname(options.reverse_mapping_check), + "ssh"); +#endif /* WITH_AIXAUTHENTICATE */ packet_disconnect(AUTH_FAIL_MSG, authctxt->user); + } methods = authmethods_get(); packet_start(SSH2_MSG_USERAUTH_FAILURE); packet_put_cstring(methods); diff --git a/session.c b/session.c index 10cefdb44..d0f9072f3 100644 --- a/session.c +++ b/session.c @@ -159,7 +159,6 @@ const char *original_command = NULL; Session sessions[MAX_SESSIONS]; #ifdef WITH_AIXAUTHENTICATE -/* AIX's lastlogin message, set in auth1.c */ char *aixloginmsg; #endif /* WITH_AIXAUTHENTICATE */ @@ -191,6 +190,14 @@ do_authenticated(Authctxt *authctxt) } #endif #endif +#ifdef WITH_AIXAUTHENTICATE + /* We don't have a pty yet, so just label the line as "ssh" */ + if (loginsuccess(authctxt->user, + get_canonical_hostname(options.reverse_mapping_check), + "ssh", &aixloginmsg) < 0) + aixloginmsg = NULL; +#endif /* WITH_AIXAUTHENTICATE */ + /* setup the channel layer */ if (!no_port_forwarding_flag && options.allow_tcp_forwarding) channel_permit_all_opens(); -- cgit v1.2.3