|
Lines 39-44
Link Here
|
| 39 |
extern ServerOptions options; |
39 |
extern ServerOptions options; |
| 40 |
extern Buffer loginmsg; |
40 |
extern Buffer loginmsg; |
| 41 |
|
41 |
|
|
|
42 |
# ifdef HAVE_SETAUTHDB |
| 43 |
static char old_registry[REGISTRY_SIZE] = ""; |
| 44 |
# endif |
| 45 |
|
| 42 |
/* |
46 |
/* |
| 43 |
* AIX has a "usrinfo" area where logname and other stuff is stored - |
47 |
* AIX has a "usrinfo" area where logname and other stuff is stored - |
| 44 |
* a few applications actually use this and die if it's not set |
48 |
* a few applications actually use this and die if it's not set |
|
Lines 119-124
aix_authenticate(const char *name, const
Link Here
|
| 119 |
xfree(msg); |
123 |
xfree(msg); |
| 120 |
} |
124 |
} |
| 121 |
} |
125 |
} |
|
|
126 |
aix_restoreauthdb(); |
| 122 |
} |
127 |
} |
| 123 |
|
128 |
|
| 124 |
if (authmsg != NULL) |
129 |
if (authmsg != NULL) |
|
Lines 145-166
record_failed_login(const char *user, co
Link Here
|
| 145 |
# else |
150 |
# else |
| 146 |
loginfailed((char *)user, hostname, (char *)ttyname); |
151 |
loginfailed((char *)user, hostname, (char *)ttyname); |
| 147 |
# endif |
152 |
# endif |
|
|
153 |
aix_restoreauthdb(); |
| 148 |
} |
154 |
} |
| 149 |
# endif /* CUSTOM_FAILED_LOGIN */ |
155 |
# endif /* CUSTOM_FAILED_LOGIN */ |
| 150 |
|
156 |
|
| 151 |
/* |
157 |
/* |
| 152 |
* If we have setauthdb, retrieve the password registry for the user's |
158 |
* If we have setauthdb, retrieve the password registry for the user's |
| 153 |
* account then feed it to setauthdb. This may load registry-specific method |
159 |
* account then feed it to setauthdb. This will mean that subsequent AIX auth |
| 154 |
* code. If we don't have setauthdb or have already called it this is a no-op. |
160 |
* functions will only use the specified loadable module. If we don't have |
|
|
161 |
* setauthdb this is a no-op. |
| 155 |
*/ |
162 |
*/ |
| 156 |
void |
163 |
void |
| 157 |
aix_setauthdb(const char *user) |
164 |
aix_setauthdb(const char *user) |
| 158 |
{ |
165 |
{ |
| 159 |
# ifdef HAVE_SETAUTHDB |
166 |
# ifdef HAVE_SETAUTHDB |
| 160 |
static char *registry = NULL; |
167 |
char *registry; |
| 161 |
|
|
|
| 162 |
if (registry != NULL) /* have already done setauthdb */ |
| 163 |
return; |
| 164 |
|
168 |
|
| 165 |
if (setuserdb(S_READ) == -1) { |
169 |
if (setuserdb(S_READ) == -1) { |
| 166 |
debug3("%s: Could not open userdb to read", __func__); |
170 |
debug3("%s: Could not open userdb to read", __func__); |
|
Lines 168-183
aix_setauthdb(const char *user)
Link Here
|
| 168 |
} |
172 |
} |
| 169 |
|
173 |
|
| 170 |
if (getuserattr((char *)user, S_REGISTRY, ®istry, SEC_CHAR) == 0) { |
174 |
if (getuserattr((char *)user, S_REGISTRY, ®istry, SEC_CHAR) == 0) { |
| 171 |
if (setauthdb(registry, NULL) == 0) |
175 |
if (setauthdb(registry, old_registry) == 0) |
| 172 |
debug3("%s: AIX/setauthdb set registry %s", __func__, |
176 |
debug3("AIX/setauthdb set registry '%s'", registry); |
| 173 |
registry); |
|
|
| 174 |
else |
177 |
else |
| 175 |
debug3("%s: AIX/setauthdb set registry %s failed: %s", |
178 |
debug3("AIX/setauthdb set registry '%s' failed: %s", |
| 176 |
__func__, registry, strerror(errno)); |
179 |
registry, strerror(errno)); |
| 177 |
} else |
180 |
} else |
| 178 |
debug3("%s: Could not read S_REGISTRY for user: %s", __func__, |
181 |
debug3("%s: Could not read S_REGISTRY for user: %s", __func__, |
| 179 |
strerror(errno)); |
182 |
strerror(errno)); |
| 180 |
enduserdb(); |
183 |
enduserdb(); |
|
|
184 |
# endif /* HAVE_SETAUTHDB */ |
| 185 |
} |
| 186 |
|
| 187 |
/* |
| 188 |
* Restore the user's registry settings from old_registry. |
| 189 |
* Note that if the first aix_setauthdb fails, setauthdb("") is still safe |
| 190 |
* (it restores the system default behaviour). If we don't have setauthdb, |
| 191 |
* this is a no-op. |
| 192 |
*/ |
| 193 |
void |
| 194 |
aix_restoreauthdb(void) |
| 195 |
{ |
| 196 |
# ifdef HAVE_SETAUTHDB |
| 197 |
if (setauthdb(old_registry, NULL) == 0) |
| 198 |
debug3("%s: restoring old registry '%s'", __func__, |
| 199 |
old_registry); |
| 200 |
else |
| 201 |
debug3("%s: failed to restore old registry %s", __func__, |
| 202 |
old_registry); |
| 181 |
# endif /* HAVE_SETAUTHDB */ |
203 |
# endif /* HAVE_SETAUTHDB */ |
| 182 |
} |
204 |
} |
| 183 |
|
205 |
|