Commit Graph

39 Commits

Author SHA1 Message Date
Damien Miller ded319cca2 - (djm) [audit-bsm.c audit.c auth-bsdauth.c auth-chall.c auth-pam.c]
[auth-rsa.c auth-shadow.c auth-sia.c auth1.c auth2-chall.c]
   [auth2-gss.c auth2-kbdint.c auth2-none.c authfd.c authfile.c]
   [cipher-3des1.c cipher-aes.c cipher-bf1.c cipher-ctr.c clientloop.c]
   [dh.c dns.c entropy.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
   [kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c loginrec.c mac.c]
   [md5crypt.c monitor.c monitor_wrap.c readconf.c rsa.c]
   [scard-opensc.c scard.c session.c ssh-add.c ssh-agent.c ssh-dss.c]
   [ssh-keygen.c ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c]
   [sshconnect1.c sshconnect2.c sshd.c rc4.diff]
   [openbsd-compat/bsd-cray.c openbsd-compat/port-aix.c]
   [openbsd-compat/port-linux.c openbsd-compat/port-solaris.c]
   [openbsd-compat/port-uw.c]
   Lots of headers for SCO OSR6, mainly adding stdarg.h for log.h;
   compile problems reported by rac AT tenzing.org
2006-09-01 15:38:36 +10:00
Darren Tucker 26d4e19caa - (dtucker) [auth.c openbsd-compat/port-aix.c] Bug #1207: always call
loginsuccess on AIX immediately after authentication to clear the failed
   login count.  Previously this would only happen when an interactive
   session starts (ie when a pty is allocated) but this means that accounts
   that have primarily non-interactive sessions (eg scp's) may gradually
   accumulate enough failures to lock out an account.  This change may have
   a side effect of creating two audit records, one with a tty of "ssh"
   corresponding to the authentication and one with the allocated pty per
   interactive session.
2006-08-30 22:33:09 +10:00
Damien Miller d783435315 - deraadt@cvs.openbsd.org 2006/08/03 03:34:42
[OVERVIEW atomicio.c atomicio.h auth-bsdauth.c auth-chall.c auth-krb5.c]
     [auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
     [auth-rsa.c auth-skey.c auth.c auth.h auth1.c auth2-chall.c auth2-gss.c]
     [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c ]
     [auth2-pubkey.c auth2.c authfd.c authfd.h authfile.c bufaux.c bufbn.c]
     [buffer.c buffer.h canohost.c channels.c channels.h cipher-3des1.c]
     [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
     [compress.c deattack.c dh.c dispatch.c dns.c dns.h fatal.c groupaccess.c]
     [groupaccess.h gss-genr.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
     [kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c]
     [key.h log.c log.h mac.c match.c md-sha256.c misc.c misc.h moduli.c]
     [monitor.c monitor_fdpass.c monitor_mm.c monitor_mm.h monitor_wrap.c]
     [monitor_wrap.h msg.c nchan.c packet.c progressmeter.c readconf.c]
     [readconf.h readpass.c rsa.c scard.c scard.h scp.c servconf.c servconf.h]
     [serverloop.c session.c session.h sftp-client.c sftp-common.c]
     [sftp-common.h sftp-glob.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
     [ssh-dss.c ssh-gss.h ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rsa.c]
     [ssh.c ssh.h sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c]
     [sshd.c sshlogin.c sshlogin.h sshpty.c sshpty.h sshtty.c ttymodes.c]
     [uidswap.c uidswap.h uuencode.c uuencode.h xmalloc.c xmalloc.h]
     [loginrec.c loginrec.h openbsd-compat/port-aix.c openbsd-compat/port-tun.h]
     almost entirely get rid of the culture of ".h files that include .h files"
     ok djm, sort of ok stevesk
     makes the pain stop in one easy step
     NB. portable commit contains everything *except* removing includes.h, as
     that will take a fair bit more work as we move headers that are required
     for portability workarounds to defines.h. (also, this step wasn't "easy")
2006-08-05 12:39:39 +10:00
Damien Miller 62da44f064 - (djm) [openbsd-compat/basename.c openbsd-compat/bsd-closefrom.c]
[openbsd-compat/bsd-cray.c openbsd-compat/bsd-openpty.c]
   [openbsd-compat/bsd-snprintf.c openbsd-compat/fake-rfc2553.c]
   [openbsd-compat/port-aix.c openbsd-compat/port-irix.c]
   [openbsd-compat/rresvport.c]
   These look to need string.h and/or unistd.h (based on a grep for function
   names)
2006-07-24 15:08:35 +10:00
Damien Miller be43ebf975 - stevesk@cvs.openbsd.org 2006/07/12 22:28:52
[auth-options.c canohost.c channels.c includes.h readconf.c servconf.c ssh-keyscan.c ssh.c sshconnect.c sshd.c]
     move #include <netdb.h> out of includes.h; ok djm@
2006-07-24 13:51:51 +10:00
Darren Tucker 2eaea99054 - (dtucker) [openbsd-compat/bsd-asprintf.c openbsd-compat/port-aix.c
openbsd-compat/rresvport.c] More errno.h.
2006-07-12 23:41:33 +10:00
Darren Tucker f9fea65ba9 - (dtucker) [openbsd-compat/port-aix.c] Minor correction to debug message,
spotted by tim@.
2005-05-29 10:54:27 +10:00
Darren Tucker 6b2fe31def - (dtucker) [openbsd-compat/port-aix.c] Whitespace cleanups while there. 2005-05-29 10:32:47 +10:00
Darren Tucker 782727ac61 20050529
- (dtucker) [openbsd-compat/port-aix.c] Bug #1046: AIX 5.3 expects the
   argument to passwdexpired to be initialized to NULL.  Suggested by tim@
   While at it, initialize the other arguments to auth functions in case they
   ever acquire this behaviour.
2005-05-29 10:28:48 +10:00
Darren Tucker f3bb434177 - (dtucker) [auth.h sshd.c openbsd-compat/port-aix.c] Bug #1006: fix bug in
handling of password expiry messages returned by AIX's authentication
   routines, originally reported by robvdwal at sara.nl.
2005-03-31 21:39:25 +10:00
Darren Tucker 3c774c52f3 - (dtucker) [configure.ac openbsd-compat/port-aix.{c,h}] Silence some more
compiler warnings on AIX.
2005-02-16 22:49:31 +11:00
Darren Tucker 691d5235ca - (dtucker) [README.platform auth.c configure.ac loginrec.c
openbsd-compat/port-aix.c openbsd-compat/port-aix.h] Bug #835: enable IPv6
   on AIX where possible (see README.platform for details) and work around
   a misfeature of AIX's getnameinfo.  ok djm@
2005-02-15 21:45:57 +11:00
Darren Tucker 92170a8626 - (dtucker) [auth-passwd.c openbsd-compat/port-aix.c] Don't call
disable_forwarding() from compat library. Prevent linker errrors trying
   to resolve it for binaries other than sshd.  ok djm@
2005-02-09 17:08:23 +11:00
Darren Tucker b4d3012d2e - (dtucker) [openbsd-compat/port-aix.c] Silence compiler warnings. 2005-02-08 21:06:55 +11:00
Darren Tucker 42d9dc75ed - (dtucker) [auth.c loginrec.h openbsd-compat/{bsd-cray,port-aix}.{c,h}]
Make record_failed_login() call provide hostname rather than having the
   implementations having to do lookups themselves.  Only affects AIX and
   UNICOS (the latter only uses the "user" parameter anyway).  ok djm@
2005-02-02 17:10:11 +11:00
Darren Tucker 5a88d00349 - (dtucker) [openbsd-compat/port-aix.c] Bug #712: Explicitly check for
accounts with authentication configs that sshd can't support (ie
   SYSTEM=NONE and AUTH1=something).
2004-08-29 21:43:33 +10:00
Darren Tucker 397a2f2612 - (dtucker) [loginrec.c openbsd-compat/port-aix.c openbsd-compat/port-aix.h]
Plug AIX login recording into login_write so logins will be recorded for
   all auth types.
2004-08-15 00:09:11 +10:00
Darren Tucker 5288cb242a - (dtucker) [openbsd-compat/port-aix.c] Missing __func__. 2004-06-28 18:11:19 +10:00
Darren Tucker 0a9d43d726 - (dtucker) [auth.c openbsd-compat/port-aix.c openbsd-compat/port-aix.h]
Move loginrestrictions test to port-aix.c, replace with a generic hook.
2004-06-23 13:45:24 +10:00
Darren Tucker a7ea546f1b - (dtucker) [openbsd-compat/port-aix.c] Expand whitespace -> tabs. No
code changes.
2004-06-16 12:01:15 +10:00
Darren Tucker cfea2063e5 - (dtucker) [openbsd-compat/port-aix.c openbsd-compat/port-aix.h] Move
include from port-aix.h to port-aix.c and remove unnecessary function
   definition.  Fixes build errors on AIX.

#include'ing auth.h in port-aix.h causes conflicting definitions of Authctxt
in sshconnect2.c.  Sigh.
2004-02-10 15:27:34 +11:00
Darren Tucker e3dba82dd4 - (dtucker) [auth-passwd.c auth.h openbsd-compat/port-aix.c
openbsd-compat/port-aix.h] Bug #14: Use do_pwchange to support AIX's
    native password expiry.
2004-02-10 12:50:19 +11:00
Darren Tucker e45674ae80 - (dtucker) [openbsd-compat/port-aix.c openbsd-compat/port-aix.h] Restore
previous authdb setting after auth calls.  Fixes problems with setpcred
   failing on accounts that use AFS or NIS password registries.
2004-02-06 16:17:51 +11:00
Darren Tucker d76341616d - (dtucker) [auth-passwd.c openbsd-compat/port-aix.c openbsd-compat/port-aix.h]
Move AIX specific password authentication code to port-aix.c, call
   authenticate() until reenter flag is clear.
2003-11-22 14:16:56 +11:00
Darren Tucker 051c270f88 - (dtucker) [openbsd-compat/port-aix.c] Use correct include for xmalloc.h,
add canohost.h to stop warning.  Based on patch from openssh-unix-dev at
   thewrittenword.com
2003-09-22 13:05:26 +10:00
Darren Tucker fc3454ee67 - (dtucker) Bug #543: [configure.ac port-aix.c port-aix.h]
Call setauthdb() before loginfailed(), which may load password registry-
   specific functions.  Based on patch by cawlfiel@us.ibm.com.
2003-07-14 16:41:55 +10:00
Darren Tucker 5c6a91a39d - (dtucker) [acconfig.h configure.ac port-aix.c] Older AIXes don't declare
loginfailed at all, so assume 3-arg loginfailed if not declared.
2003-07-14 16:21:44 +10:00
Darren Tucker b9aa0a0baa - (dtucker) [auth-passwd.c auth.c session.c sshd.c port-aix.c port-aix.h]
Convert aixloginmsg into platform-independant Buffer loginmsg.
2003-07-08 22:59:59 +10:00
Darren Tucker a0c0b63112 - (dtucker) [acconfig.h auth-passwd.c configure.ac session.c port-aix.[ch]]
Include AIX headers for authentication functions and make calls match
   prototypes.  Test for and handle 3-args and 4-arg variants of loginfailed.
2003-07-08 20:52:12 +10:00
Darren Tucker eb28cbc399 - (dtucker) [port-aix.c bsd-cray.c] Fix uses of verify_reverse_mapping. 2003-06-03 12:45:27 +10:00
Damien Miller 3867bf3e7a unfuck 2003-05-19 09:33:15 +10:00
Damien Miller 317412502b - (djm) Big KNF on openbsd-compat/ 2003-05-19 00:13:38 +10:00
Darren Tucker 97363a8b24 - (dtucker) Move handling of bad password authentications into a platform
specific record_failed_login() function (affects AIX & Unicos).
2003-05-02 23:42:25 +10:00
Ben Lindstrom 024f08f3f6 Added author to ports-aix.[ch]. 2002-07-07 02:17:36 +00:00
Ben Lindstrom d00a1a1a03 - (bal) One too many nulls in ports-aix.c 2002-07-04 19:33:49 +00:00
Ben Lindstrom 51b2488aad - (bal) Clean up aix_usrinfo(). Ignore TTY= period I guess. 2002-07-04 03:08:40 +00:00
Ben Lindstrom f0bfa839bd - (bal) Fixed AIX environment handling, use setpcred() instead of existing
code.  (Bugzilla Bug 261)
2002-06-21 00:01:18 +00:00
Ben Lindstrom 127398c6ec - (bal) Drop Session *s usage in ports-aix.[ch] and pass just what we
need to do the jobs (AIX still does not fully compile, but that is
   coming).
2002-02-24 20:25:46 +00:00
Ben Lindstrom a9c039cf04 - (bal) Migrated AIX getuserattr and usrinfo code to
openbsd-compat/port-aix.[c] to improve readilbity of do_child() and
   simplify our diffs against upstream source.
2002-02-19 20:27:55 +00:00