merged OpenSSH 5.3p1 to trunk

[gssapi-openssh.git] / openssh / openbsd-compat / port-aix.c

diff --git a/openssh/openbsd-compat/port-aix.c b/openssh/openbsd-compat/port-aix.c
index 81d8124e08246d26ed17fa36371959025b044210..ebf62d316b3688bd8ca6ff954e1f57daef32bc55 100644 (file)
--- a/openssh/openbsd-compat/port-aix.c
+++ b/openssh/openbsd-compat/port-aix.c
@@ -1,7 +1,7 @@
 /*
  *
  * Copyright (c) 2001 Gert Doering.  All rights reserved.
- * Copyright (c) 2003,2004,2005 Darren Tucker.  All rights reserved.
+ * Copyright (c) 2003,2004,2005,2006 Darren Tucker.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -25,18 +25,41 @@
  *
  */
 #include "includes.h"
+
+#include "xmalloc.h"
+#include "buffer.h"
+#include "key.h"
+#include "hostfile.h"
 #include "auth.h"
 #include "ssh.h"
 #include "log.h"
-#include "xmalloc.h"
-#include "buffer.h"
 
 #ifdef _AIX
 
+#include <errno.h>
+#if defined(HAVE_NETDB_H)
+# include <netdb.h>
+#endif
 #include <uinfo.h>
+#include <stdarg.h>
+#include <string.h>
+#include <unistd.h>
 #include <sys/socket.h>
+
+#ifdef WITH_AIXAUTHENTICATE
+# include <login.h>
+# include <userpw.h>
+# if defined(HAVE_SYS_AUDIT_H) && defined(AIX_LOGINFAILED_4ARG)
+#  undef T_NULL
+#  include <sys/audit.h>
+# endif
+# include <usersec.h>
+#endif
+
 #include "port-aix.h"
 
+static char *lastlogin_msg = NULL;
+
 # ifdef HAVE_SETAUTHDB
 static char old_registry[REGISTRY_SIZE] = "";
 # endif
@@ -220,7 +243,7 @@ sys_auth_allowed_user(struct passwd *pw, Buffer *loginmsg)
 
        /*
         * Don't perform checks for root account (PermitRootLogin controls
-        * logins via * ssh) or if running as non-root user (since
+        * logins via ssh) or if running as non-root user (since
         * loginrestrictions will always fail due to insufficient privilege).
         */
        if (pw->pw_uid == 0 || geteuid() != 0) {
@@ -263,14 +286,23 @@ sys_auth_record_login(const char *user, const char *host, const char *ttynm,
                success = 1;
                if (msg != NULL) {
                        debug("AIX/loginsuccess: msg %s", msg);
-                       buffer_append(loginmsg, msg, strlen(msg));
-                       xfree(msg);
+                       if (lastlogin_msg == NULL)
+                               lastlogin_msg = msg;
                }
        }
        aix_restoreauthdb();
        return (success);
 }
 
+char *
+sys_auth_get_lastlogin_msg(const char *user, uid_t uid)
+{
+       char *msg = lastlogin_msg;
+
+       lastlogin_msg = NULL;
+       return msg;
+}
+
 #  ifdef CUSTOM_FAILED_LOGIN
 /*
  * record_failed_login: generic "login failed" interface function
@@ -372,4 +404,47 @@ sshaix_getnameinfo(const struct sockaddr *sa, size_t salen, char *host,
 }
 # endif /* AIX_GETNAMEINFO_HACK */
 
+# if defined(USE_GETGRSET)
+#  include <stdlib.h>
+int
+getgrouplist(const char *user, gid_t pgid, gid_t *groups, int *grpcnt)
+{
+       char *cp, *grplist, *grp;
+       gid_t gid;
+       int ret = 0, ngroups = 0, maxgroups;
+       long l;
+
+       maxgroups = *grpcnt;
+
+       if ((cp = grplist = getgrset(user)) == NULL)
+               return -1;
+
+       /* handle zero-length case */
+       if (maxgroups <= 0) {
+               *grpcnt = 0;
+               return -1;
+       }
+
+       /* copy primary group */
+       groups[ngroups++] = pgid;
+
+       /* copy each entry from getgrset into group list */
+       while ((grp = strsep(&grplist, ",")) != NULL) {
+               l = strtol(grp, NULL, 10);
+               if (ngroups >= maxgroups || l == LONG_MIN || l == LONG_MAX) {
+                       ret = -1;
+                       goto out;
+               }
+               gid = (gid_t)l;
+               if (gid == pgid)
+                       continue;       /* we have already added primary gid */
+               groups[ngroups++] = gid;
+       }
+out:
+       free(cp);
+       *grpcnt = ngroups;
+       return ret;
+}
+# endif        /* USE_GETGRSET */
+
 #endif /* _AIX */