From 19e810f6d1c89e151b3d6ea48c3c8edd23d59079 Mon Sep 17 00:00:00 2001 From: djm Date: Tue, 13 Nov 2001 12:46:18 +0000 Subject: [PATCH] - (djm) AIX login{success,failed} changes. Move loginsuccess call to do_authenticated. Call loginfailed for protocol 2 failures > MAX like we do for protocol 1. Reports from Ralf Wenk , K.Wolkersdorfer@fz-juelich.de and others --- ChangeLog | 4 ++++ auth1.c | 12 ------------ auth2.c | 12 +++++++----- session.c | 9 ++++++++- 4 files changed, 19 insertions(+), 18 deletions(-) diff --git a/ChangeLog b/ChangeLog index 803a911b..8c4c0c46 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,10 @@ 20011113 - (djm) Fix early (and double) free of remote user when using Kerberos. Patch from Simon Wilkinson + - (djm) AIX login{success,failed} changes. Move loginsuccess call to + do_authenticated. Call loginfailed for protocol 2 failures > MAX like + we do for protocol 1. Reports from Ralf Wenk , + K.Wolkersdorfer@fz-juelich.de and others 20011112 - (djm) Makefile correctness fix from Mark D. Baushke diff --git a/auth1.c b/auth1.c index 6d40219b..1fbfad90 100644 --- a/auth1.c +++ b/auth1.c @@ -29,10 +29,6 @@ RCSID("$OpenBSD: auth1.c,v 1.25 2001/06/26 16:15:23 dugsong Exp $"); /* import */ extern ServerOptions options; -#ifdef WITH_AIXAUTHENTICATE -extern char *aixloginmsg; -#endif /* WITH_AIXAUTHENTICATE */ - /* * convert ssh auth msg type into description */ @@ -428,14 +424,6 @@ do_authentication() packet_send(); packet_write_wait(); -#ifdef WITH_AIXAUTHENTICATE - /* We don't have a pty yet, so just label the line as "ssh" */ - if (loginsuccess(authctxt->user, - get_canonical_hostname(options.reverse_mapping_check), - "ssh", &aixloginmsg) < 0) - aixloginmsg = NULL; -#endif /* WITH_AIXAUTHENTICATE */ - /* Perform session preparation. */ do_authenticated(authctxt); } diff --git a/auth2.c b/auth2.c index eb04ae75..1920eb32 100644 --- a/auth2.c +++ b/auth2.c @@ -57,10 +57,6 @@ extern ServerOptions options; extern u_char *session_id2; extern int session_id2_len; -#ifdef WITH_AIXAUTHENTICATE -extern char *aixloginmsg; -#endif - static Authctxt *x_authctxt = NULL; static int one = 1; @@ -282,8 +278,14 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method) /* now we can break out */ authctxt->success = 1; } else { - if (authctxt->failures++ > AUTH_FAIL_MAX) + if (authctxt->failures++ > AUTH_FAIL_MAX) { +#ifdef WITH_AIXAUTHENTICATE + loginfailed(authctxt->user, + get_canonical_hostname(options.reverse_mapping_check), + "ssh"); +#endif /* WITH_AIXAUTHENTICATE */ packet_disconnect(AUTH_FAIL_MSG, authctxt->user); + } methods = authmethods_get(); packet_start(SSH2_MSG_USERAUTH_FAILURE); packet_put_cstring(methods); diff --git a/session.c b/session.c index 10cefdb4..d0f9072f 100644 --- a/session.c +++ b/session.c @@ -159,7 +159,6 @@ const char *original_command = NULL; Session sessions[MAX_SESSIONS]; #ifdef WITH_AIXAUTHENTICATE -/* AIX's lastlogin message, set in auth1.c */ char *aixloginmsg; #endif /* WITH_AIXAUTHENTICATE */ @@ -191,6 +190,14 @@ do_authenticated(Authctxt *authctxt) } #endif #endif +#ifdef WITH_AIXAUTHENTICATE + /* We don't have a pty yet, so just label the line as "ssh" */ + if (loginsuccess(authctxt->user, + get_canonical_hostname(options.reverse_mapping_check), + "ssh", &aixloginmsg) < 0) + aixloginmsg = NULL; +#endif /* WITH_AIXAUTHENTICATE */ + /* setup the channel layer */ if (!no_port_forwarding_flag && options.allow_tcp_forwarding) channel_permit_all_opens(); -- 2.45.2