- (dtucker) [auth.c loginrec.h openbsd-compat/{bsd-cray,port-aix}.{c,h}]

Make record_failed_login() call provide hostname rather than having the implementations having to do lookups themselves. Only affects AIX and UNICOS (the latter only uses the "user" parameter anyway). ok djm@
2005-02-02 17:10:11 +11:00 · 2005-02-02 17:10:11 +11:00 · 42d9dc75ed
parent ad7646a59a
commit 42d9dc75ed
7 changed files with 20 additions and 17 deletions
--- a/6
+++ b/6
@ -1,6 +1,10 @@
 20050202
 - (dtucker) [configure.ac openbsd-compat/realpath.c] Sync up with realpath
   rev 1.11 from OpenBSD and make it use fchdir if available.  ok djm@
+ - (dtucker) [auth.c loginrec.h openbsd-compat/{bsd-cray,port-aix}.{c,h}]
+   Make record_failed_login() call provide hostname rather than having the
+   implementations having to do lookups themselves.  Only affects AIX and
+   UNICOS (the latter only uses the "user" parameter anyway).  ok djm@

 20050201
 - (dtucker) [log.c] Bug #973: force log_init() to open syslog, since on some
@ -2055,4 +2059,4 @@
   - (djm) Trim deprecated options from INSTALL. Mention UsePAM
   - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu

-$Id: ChangeLog,v 1.3629 2005/02/01 23:43:59 dtucker Exp $
+$Id: ChangeLog,v 1.3630 2005/02/02 06:10:11 dtucker Exp $
--- a/auth.c
+++ b/auth.c
@ -50,6 +50,7 @@ RCSID("$OpenBSD: auth.c,v 1.57 2005/01/22 08:17:59 dtucker Exp $");
 #include "misc.h"
 #include "bufaux.h"
 #include "packet.h"
+#include "loginrec.h"

 /* import */
 extern ServerOptions options;
@ -244,7 +245,8 @@ auth_log(Authctxt *authctxt, int authenticated, char *method, char *info)

 #ifdef CUSTOM_FAILED_LOGIN
 	if (authenticated == 0 && strcmp(method, "password") == 0)
-		record_failed_login(authctxt->user, "ssh");
+		record_failed_login(authctxt->user,
+		    get_canonical_hostname(options.use_dns), "ssh");
 #endif
 }

@ -468,7 +470,8 @@ getpwnamallow(const char *user)
 		logit("Invalid user %.100s from %.100s",
 		    user, get_remote_ipaddr());
 #ifdef CUSTOM_FAILED_LOGIN
-		record_failed_login(user, "ssh");
+		record_failed_login(user,
+		    get_canonical_hostname(options.use_dns), "ssh");
 #endif
 		return (NULL);
 	}
--- a/loginrec.h
+++ b/loginrec.h
@ -35,7 +35,7 @@
 #include <netinet/in.h>
 #include <sys/socket.h>

-/* RCSID("$Id: loginrec.h,v 1.8 2005/01/20 11:07:30 dtucker Exp $"); */
+/* RCSID("$Id: loginrec.h,v 1.9 2005/02/02 06:10:11 dtucker Exp $"); */

 /**
 ** you should use the login_* calls to work around platform dependencies
@ -132,4 +132,6 @@ char *line_fullname(char *dst, const char *src, int dstsize);
 char *line_stripname(char *dst, const char *src, int dstsize);
 char *line_abbrevname(char *dst, const char *src, int dstsize);

+void record_failed_login(const char *, const char *, const char *);
+
 #endif /* _HAVE_LOGINREC_H_ */
--- a/openbsd-compat/bsd-cray.c
+++ b/openbsd-compat/bsd-cray.c
@ -1,5 +1,5 @@
 /* 
- * $Id: bsd-cray.c,v 1.13 2004/01/30 03:34:22 dtucker Exp $
+ * $Id: bsd-cray.c,v 1.14 2005/02/02 06:10:11 dtucker Exp $
 *
 * bsd-cray.c
 *
@ -171,7 +171,7 @@ cray_access_denied(char *username)
 * record_failed_login: generic "login failed" interface function
 */
 void
-record_failed_login(const char *user, const char *ttyname)
+record_failed_login(const char *user, const char *hostname, const char *ttyname)
 {
 	cray_login_failure((char *)user, IA_UDBERR);
 }
--- a/openbsd-compat/bsd-cray.h
+++ b/openbsd-compat/bsd-cray.h
@ -1,4 +1,4 @@
-/* $Id: bsd-cray.h,v 1.11 2004/01/30 03:34:22 dtucker Exp $ */
+/* $Id: bsd-cray.h,v 1.12 2005/02/02 06:10:11 dtucker Exp $ */

 /*
 * Copyright (c) 2002, Cray Inc.  (Wendy Palm <wendyp@cray.com>)
@ -42,10 +42,10 @@ void cray_init_job(struct passwd *);
 void cray_job_termination_handler(int);
 void cray_login_failure(char *, int );
 int cray_access_denied(char *);
-#define CUSTOM_FAILED_LOGIN 1
-void record_failed_login(const char *, const char *);
 extern char cray_tmpdir[];

+#define CUSTOM_FAILED_LOGIN 1
+
 #ifndef IA_SSHD
 # define IA_SSHD IA_LOGIN
 #endif
--- a/openbsd-compat/port-aix.c
+++ b/openbsd-compat/port-aix.c
@ -28,8 +28,6 @@
 #include "auth.h"
 #include "ssh.h"
 #include "log.h"
-#include "servconf.h"
-#include "canohost.h"
 #include "xmalloc.h"
 #include "buffer.h"

@ -38,7 +36,6 @@
 #include <uinfo.h>
 #include "port-aix.h"

-extern ServerOptions options;
 extern Buffer loginmsg;

 # ifdef HAVE_SETAUTHDB
@ -280,10 +277,8 @@ sys_auth_record_login(const char *user, const char *host, const char *ttynm)
 * record_failed_login: generic "login failed" interface function
 */
 void
-record_failed_login(const char *user, const char *ttyname)
+record_failed_login(const char *user, const char *hostname, const char *ttyname)
 {
-	char *hostname = (char *)get_canonical_hostname(options.use_dns);
-
 	if (geteuid() != 0)
 		return;

--- a/openbsd-compat/port-aix.h
+++ b/openbsd-compat/port-aix.h
@ -1,4 +1,4 @@
-/* $Id: port-aix.h,v 1.21 2004/08/14 14:09:12 dtucker Exp $ */
+/* $Id: port-aix.h,v 1.22 2005/02/02 06:10:11 dtucker Exp $ */

 /*
 *
@ -68,7 +68,6 @@ int sys_auth_allowed_user(struct passwd *);
 # define CUSTOM_SYS_AUTH_RECORD_LOGIN 1
 int sys_auth_record_login(const char *, const char *, const char *);
 # define CUSTOM_FAILED_LOGIN 1
-void record_failed_login(const char *, const char *);
 #endif

 void aix_setauthdb(const char *);