Explicitly set umask for mkstemp; ok djm@
- (dtucker) [includes.h] Undef _INCLUDE__STDC__ on HP-UX, otherwise
prot.h and shadow.h provide conflicting declarations of getspnam. ok djm@
+ - (dtucker) [loginrec.c openbsd-compat/port-aix.c openbsd-compat/port-aix.h]
+ Plug AIX login recording into login_write so logins will be recorded for
+ all auth types.
20040813
- (dtucker) [openbsd-compat/bsd-misc.c] Typo in #ifdef; from vinschen at
#endif
#ifdef USE_WTMPX
wtmpx_write_entry(li);
+#endif
+#ifdef CUSTOM_SYS_AUTH_RECORD_LOGIN
+ if (li->type == LTYPE_LOGIN &&
+ !sys_auth_record_login(li->username,li->hostname,li->line))
+ logit("Writing login record failed for %s", li->username);
#endif
return 0;
}
int
sys_auth_passwd(Authctxt *ctxt, const char *password)
{
- char *authmsg = NULL, *host, *msg, *name = ctxt->pw->pw_name;
+ char *authmsg = NULL, *msg, *name = ctxt->pw->pw_name;
int authsuccess = 0, expired, reenter, result;
do {
if (result == 0) {
authsuccess = 1;
- host = (char *)get_canonical_hostname(options.use_dns);
-
/*
* Record successful login. We don't have a pty yet, so just
* label the line as "ssh"
*/
aix_setauthdb(name);
- if (loginsuccess((char *)name, (char *)host, "ssh", &msg) == 0) {
- if (msg != NULL) {
- debug("%s: msg %s", __func__, msg);
- buffer_append(&loginmsg, msg, strlen(msg));
- xfree(msg);
- }
- }
/*
* Check if the user's password is expired.
return permitted;
}
+int
+sys_auth_record_login(const char *user, const char *host, const char *ttynm)
+{
+ char *msg;
+ int success = 0;
+
+ aix_setauthdb(user);
+ if (loginsuccess((char *)user, host, ttynm, &msg) == 0) {
+ success = 1;
+ if (msg != NULL) {
+ debug("AIX/loginsuccess: msg %s", __func__, msg);
+ buffer_append(&loginmsg, msg, strlen(msg));
+ xfree(msg);
+ }
+ }
+ aix_restoreauthdb();
+ return (success);
+}
+
# ifdef CUSTOM_FAILED_LOGIN
/*
* record_failed_login: generic "login failed" interface function
# define CUSTOM_SYS_AUTH_PASSWD 1
# define CUSTOM_SYS_AUTH_ALLOWED_USER 1
int sys_auth_allowed_user(struct passwd *);
+# define CUSTOM_SYS_AUTH_RECORD_LOGIN 1
+int sys_auth_record_login(const char *, const char *, const char *);
# define CUSTOM_FAILED_LOGIN 1
void record_failed_login(const char *, const char *);
#endif