Bugzilla – Attachment 356 Details for
Bug 543
sshd does not use AIX's setauthdb
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Put setauthdb in its own function.
openssh-aixauthdb3.patch (text/plain), 2.95 KB, created by
Darren Tucker
on 2003-07-13 23:36:18 AEST
(
hide
)
Description:
Put setauthdb in its own function.
Filename:
MIME Type:
Creator:
Darren Tucker
Created:
2003-07-13 23:36:18 AEST
Size:
2.95 KB
patch
obsolete
>Index: configure.ac >=================================================================== >RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/configure.ac,v >retrieving revision 1.132 >diff -u -r1.132 configure.ac >--- configure.ac 8 Jul 2003 10:52:13 -0000 1.132 >+++ configure.ac 8 Jul 2003 13:04:42 -0000 >@@ -93,6 +93,7 @@ > AC_DEFINE(AIX_LOGINFAILED_3ARG)], > [AC_MSG_RESULT(no)] > ) >+ AC_CHECK_FUNCS(setauthdb) > fi > AC_DEFINE(BROKEN_GETADDRINFO) > AC_DEFINE(BROKEN_REALPATH) >Index: openbsd-compat/port-aix.c >=================================================================== >RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/openbsd-compat/port-aix.c,v >retrieving revision 1.12 >diff -u -r1.12 port-aix.c >--- openbsd-compat/port-aix.c 8 Jul 2003 12:59:59 -0000 1.12 >+++ openbsd-compat/port-aix.c 11 Jul 2003 13:58:17 -0000 >@@ -32,6 +32,7 @@ > > #include <uinfo.h> > #include <../xmalloc.h> >+#include "port-aix.h" > > extern ServerOptions options; > >@@ -92,10 +93,47 @@ > { > char *hostname = get_canonical_hostname(options.use_dns); > >+ if (geteuid() != 0) >+ return; >+ >+ aix_setauthdb(user); > # ifdef AIX_LOGINFAILED_3ARG > loginfailed((char *)user, hostname, (char *)ttyname); > # else > loginfailed((char *)user, hostname, (char *)ttyname, AUDIT_FAIL_AUTH); >+# endif >+} >+ >+/* >+ * If we have setauthdb, retrieve the password registry for the user's >+ * account then feed it to setauthdb. This may load registry-specific method >+ * code. If we don't have setauthdb or have already called it this is a no-op. >+ */ >+void >+aix_setauthdb(const char *user) >+{ >+# ifdef HAVE_SETAUTHDB >+ static char *registry = NULL; >+ >+ if (registry != NULL) /* have already done setauthdb */ >+ return; >+ >+ if (setuserdb(S_READ) == -1) { >+ debug3("%s: Could not open userdb to read", __func__); >+ return; >+ } >+ >+ if (getuserattr((char *)user, S_REGISTRY, ®istry, SEC_CHAR) == 0) { >+ if (setauthdb(registry, NULL) == 0) >+ debug3("%s: AIX/setauthdb set registry %s", __func__, >+ registry); >+ else >+ debug3("%s: AIX/setauthdb set registry %s failed: %s", >+ __func__, registry, strerror(errno)); >+ } else >+ debug3("%s: Could not read S_REGISTRY for user: %s", __func__, >+ strerror(errno)); >+ enduserdb(); > # endif > } > # endif /* CUSTOM_FAILED_LOGIN */ >Index: openbsd-compat/port-aix.h >=================================================================== >RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/openbsd-compat/port-aix.h,v >retrieving revision 1.10 >diff -u -r1.10 port-aix.h >--- openbsd-compat/port-aix.h 8 Jul 2003 12:59:59 -0000 1.10 >+++ openbsd-compat/port-aix.h 11 Jul 2003 14:00:42 -0000 >@@ -47,9 +47,10 @@ > > #ifdef WITH_AIXAUTHENTICATE > # define CUSTOM_FAILED_LOGIN 1 >-void record_failed_login(const char *user, const char *ttyname); >+void record_failed_login(const char *, const char *); >+void aix_setauthdb(const char *); > #endif > >-void aix_usrinfo(struct passwd *pw); >+void aix_usrinfo(struct passwd *); > void aix_remove_embedded_newlines(char *); > #endif /* _AIX */
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=356">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 543
:
269
|
270
|
280
| 356