Attachment #356 for bug #543

Lines 93-98 Link Here

(-)configure.ac (+1 lines)
93	AC_DEFINE(AIX_LOGINFAILED_3ARG)],	93	AC_DEFINE(AIX_LOGINFAILED_3ARG)],
94	[AC_MSG_RESULT(no)]	94	[AC_MSG_RESULT(no)]
95	)	95	)
		96	AC_CHECK_FUNCS(setauthdb)
96	fi	97	fi
97	AC_DEFINE(BROKEN_GETADDRINFO)	98	AC_DEFINE(BROKEN_GETADDRINFO)
98	AC_DEFINE(BROKEN_REALPATH)	99	AC_DEFINE(BROKEN_REALPATH)

Lines 32-37 Link Here

(-)openbsd-compat/port-aix.c (+38 lines)
32		32
33	#include <uinfo.h>	33	#include <uinfo.h>
34	#include <../xmalloc.h>	34	#include <../xmalloc.h>
		35	#include "port-aix.h"
35		36
36	extern ServerOptions options;	37	extern ServerOptions options;
37		38
Lines 92-101 Link Here
92	{	93	{
93	char *hostname = get_canonical_hostname(options.use_dns);	94	char *hostname = get_canonical_hostname(options.use_dns);
94		95
		96	if (geteuid() != 0)
		97	return;
		98
		99	aix_setauthdb(user);
95	# ifdef AIX_LOGINFAILED_3ARG	100	# ifdef AIX_LOGINFAILED_3ARG
96	loginfailed((char )user, hostname, (char )ttyname);	101	loginfailed((char )user, hostname, (char )ttyname);
97	# else	102	# else
98	loginfailed((char )user, hostname, (char )ttyname, AUDIT_FAIL_AUTH);	103	loginfailed((char )user, hostname, (char )ttyname, AUDIT_FAIL_AUTH);
		104	# endif
		105	}
		106
		107	/*
		108	* If we have setauthdb, retrieve the password registry for the user's
		109	* account then feed it to setauthdb. This may load registry-specific method
		110	* code. If we don't have setauthdb or have already called it this is a no-op.
		111	*/
		112	void
		113	aix_setauthdb(const char *user)
		114	{
		115	# ifdef HAVE_SETAUTHDB
		116	static char *registry = NULL;
		117
		118	if (registry != NULL) /* have already done setauthdb */
		119	return;
		120
		121	if (setuserdb(S_READ) == -1) {
		122	debug3("%s: Could not open userdb to read", __func__);
		123	return;
		124	}
		125
		126	if (getuserattr((char *)user, S_REGISTRY, &registry, SEC_CHAR) == 0) {
		127	if (setauthdb(registry, NULL) == 0)
		128	debug3("%s: AIX/setauthdb set registry %s", __func__,
		129	registry);
		130	else
		131	debug3("%s: AIX/setauthdb set registry %s failed: %s",
		132	__func__, registry, strerror(errno));
		133	} else
		134	debug3("%s: Could not read S_REGISTRY for user: %s", __func__,
		135	strerror(errno));
		136	enduserdb();
99	# endif	137	# endif
100	}	138	}
101	# endif /* CUSTOM_FAILED_LOGIN */	139	# endif /* CUSTOM_FAILED_LOGIN */

Lines 47-55 Link Here

(-)openbsd-compat/port-aix.h (-2 / +3 lines)
47		47
48	#ifdef WITH_AIXAUTHENTICATE	48	#ifdef WITH_AIXAUTHENTICATE
49	# define CUSTOM_FAILED_LOGIN 1	49	# define CUSTOM_FAILED_LOGIN 1
50	void record_failed_login(const char user, const char ttyname);	50	void record_failed_login(const char , const char );
		51	void aix_setauthdb(const char *);
51	#endif	52	#endif
52		53
53	void aix_usrinfo(struct passwd *pw);	54	void aix_usrinfo(struct passwd *);
54	void aix_remove_embedded_newlines(char *);	55	void aix_remove_embedded_newlines(char *);
55	#endif /* _AIX */	56	#endif /* _AIX */

Return to bug 543