diff options
author | Ben Lindstrom <mouring@eviladmin.org> | 2002-07-04 00:27:21 +0000 |
---|---|---|
committer | Ben Lindstrom <mouring@eviladmin.org> | 2002-07-04 00:27:21 +0000 |
commit | e06eb68226061e1b6e369f4aebe3b3c07ce1f2c7 (patch) | |
tree | 6366f8c536813f07ac876ab0edc644ef7ae293e7 | |
parent | 5d35a2f5828cfb0a8579228d80e8bec60c8f8c64 (diff) |
- (bal) Failed password attempts don't increment counter on AIX. Bug #145
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | auth.c | 8 | ||||
-rw-r--r-- | auth1.c | 6 | ||||
-rw-r--r-- | auth2.c | 6 |
4 files changed, 11 insertions, 14 deletions
@@ -56,7 +56,8 @@ /etc/ssh/ssh_config and exit if HostbasedAuthentication is disabled globally. based on discussions with deraadt, itojun and sommerfeld; ok itojun@ - + - (bal) Failed password attempts don't increment counter on AIX. Bug #145 + 20020702 - (djm) Use PAM_MSG_MEMBER for PAM_TEXT_INFO messages, use xmalloc & friends consistently. Spotted by Solar Designer <solar@openwall.com> @@ -1264,4 +1265,4 @@ - (stevesk) entropy.c: typo in debug message - (djm) ssh-keygen -i needs seeded RNG; report from markus@ -$Id: ChangeLog,v 1.2329 2002/07/04 00:19:40 mouring Exp $ +$Id: ChangeLog,v 1.2330 2002/07/04 00:27:21 mouring Exp $ @@ -256,6 +256,14 @@ auth_log(Authctxt *authctxt, int authenticated, char *method, char *info) get_remote_ipaddr(), get_remote_port(), info); + +#ifdef WITH_AIXAUTHENTICATE + if (authenticated == 0 && strcmp(method, "password") == 0) + loginfailed(authctxt->user, + get_canonical_hostname(options.verify_reverse_mapping), + "ssh"); +#endif /* WITH_AIXAUTHENTICATE */ + } /* @@ -323,12 +323,6 @@ do_authloop(Authctxt *authctxt) return; if (authctxt->failures++ > AUTH_FAIL_MAX) { -#ifdef WITH_AIXAUTHENTICATE - /* XXX: privsep */ - loginfailed(authctxt->user, - get_canonical_hostname(options.verify_reverse_mapping), - "ssh"); -#endif /* WITH_AIXAUTHENTICATE */ packet_disconnect(AUTH_FAIL_MSG, authctxt->user); } @@ -232,12 +232,6 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method) authctxt->success = 1; } else { if (authctxt->failures++ > AUTH_FAIL_MAX) { -#ifdef WITH_AIXAUTHENTICATE - /* XXX: privsep */ - loginfailed(authctxt->user, - get_canonical_hostname(options.verify_reverse_mapping), - "ssh"); -#endif /* WITH_AIXAUTHENTICATE */ packet_disconnect(AUTH_FAIL_MSG, authctxt->user); } methods = authmethods_get(); |