From: dtucker Date: Sat, 14 Aug 2004 14:09:11 +0000 (+0000) Subject: - (dtucker) [loginrec.c openbsd-compat/port-aix.c openbsd-compat/port-aix.h] X-Git-Tag: V_3_9_P1~9 X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/commitdiff_plain/f5ed3301e1e3dac00346ed34e0ccbb7a6b73b25e - (dtucker) [loginrec.c openbsd-compat/port-aix.c openbsd-compat/port-aix.h] Plug AIX login recording into login_write so logins will be recorded for all auth types. --- diff --git a/ChangeLog b/ChangeLog index ffe0d027..50b003bb 100644 --- a/ChangeLog +++ b/ChangeLog @@ -3,6 +3,9 @@ Explicitly set umask for mkstemp; ok djm@ - (dtucker) [includes.h] Undef _INCLUDE__STDC__ on HP-UX, otherwise prot.h and shadow.h provide conflicting declarations of getspnam. ok djm@ + - (dtucker) [loginrec.c openbsd-compat/port-aix.c openbsd-compat/port-aix.h] + Plug AIX login recording into login_write so logins will be recorded for + all auth types. 20040813 - (dtucker) [openbsd-compat/bsd-misc.c] Typo in #ifdef; from vinschen at diff --git a/loginrec.c b/loginrec.c index 897921c6..ef525fb5 100644 --- a/loginrec.c +++ b/loginrec.c @@ -434,6 +434,11 @@ login_write (struct logininfo *li) #endif #ifdef USE_WTMPX wtmpx_write_entry(li); +#endif +#ifdef CUSTOM_SYS_AUTH_RECORD_LOGIN + if (li->type == LTYPE_LOGIN && + !sys_auth_record_login(li->username,li->hostname,li->line)) + logit("Writing login record failed for %s", li->username); #endif return 0; } diff --git a/openbsd-compat/port-aix.c b/openbsd-compat/port-aix.c index d0c9a49e..78f4faea 100644 --- a/openbsd-compat/port-aix.c +++ b/openbsd-compat/port-aix.c @@ -101,7 +101,7 @@ aix_remove_embedded_newlines(char *p) int sys_auth_passwd(Authctxt *ctxt, const char *password) { - char *authmsg = NULL, *host, *msg, *name = ctxt->pw->pw_name; + char *authmsg = NULL, *msg, *name = ctxt->pw->pw_name; int authsuccess = 0, expired, reenter, result; do { @@ -115,20 +115,11 @@ sys_auth_passwd(Authctxt *ctxt, const char *password) if (result == 0) { authsuccess = 1; - host = (char *)get_canonical_hostname(options.use_dns); - /* * Record successful login. We don't have a pty yet, so just * label the line as "ssh" */ aix_setauthdb(name); - if (loginsuccess((char *)name, (char *)host, "ssh", &msg) == 0) { - if (msg != NULL) { - debug("%s: msg %s", __func__, msg); - buffer_append(&loginmsg, msg, strlen(msg)); - xfree(msg); - } - } /* * Check if the user's password is expired. @@ -208,6 +199,25 @@ sys_auth_allowed_user(struct passwd *pw) return permitted; } +int +sys_auth_record_login(const char *user, const char *host, const char *ttynm) +{ + char *msg; + int success = 0; + + aix_setauthdb(user); + if (loginsuccess((char *)user, host, ttynm, &msg) == 0) { + success = 1; + if (msg != NULL) { + debug("AIX/loginsuccess: msg %s", __func__, msg); + buffer_append(&loginmsg, msg, strlen(msg)); + xfree(msg); + } + } + aix_restoreauthdb(); + return (success); +} + # ifdef CUSTOM_FAILED_LOGIN /* * record_failed_login: generic "login failed" interface function diff --git a/openbsd-compat/port-aix.h b/openbsd-compat/port-aix.h index 6d9716dd..891fa8aa 100644 --- a/openbsd-compat/port-aix.h +++ b/openbsd-compat/port-aix.h @@ -65,6 +65,8 @@ void aix_usrinfo(struct passwd *); # define CUSTOM_SYS_AUTH_PASSWD 1 # define CUSTOM_SYS_AUTH_ALLOWED_USER 1 int sys_auth_allowed_user(struct passwd *); +# define CUSTOM_SYS_AUTH_RECORD_LOGIN 1 +int sys_auth_record_login(const char *, const char *, const char *); # define CUSTOM_FAILED_LOGIN 1 void record_failed_login(const char *, const char *); #endif