- (dtucker) [loginrec.c openbsd-compat/port-aix.c openbsd-compat/port-aix.h]

   Plug AIX login recording into login_write so logins will be recorded for
   all auth types.

4 files changed, 33 insertions, 13 deletions

diff --git a/ChangeLog b/ChangeLog
index ddf0aaa1..00f38b46 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,6 +3,9 @@
    Explicitly set umask for mkstemp; ok djm@
  - (dtucker) [includes.h] Undef _INCLUDE__STDC__ on HP-UX, otherwise
    prot.h and shadow.h provide conflicting declarations of getspnam.  ok djm@
+ - (dtucker) [loginrec.c openbsd-compat/port-aix.c openbsd-compat/port-aix.h]
+   Plug AIX login recording into login_write so logins will be recorded for
+   all auth types.
 
 20040813
  - (dtucker) [openbsd-compat/bsd-misc.c] Typo in #ifdef; from vinschen at
@@ -1628,4 +1631,4 @@
    - (djm) Trim deprecated options from INSTALL. Mention UsePAM
    - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
 
-$Id: ChangeLog,v 1.3507 2004/08/14 14:01:48 dtucker Exp $
+$Id: ChangeLog,v 1.3508 2004/08/14 14:09:11 dtucker Exp $
diff --git a/loginrec.c b/loginrec.c
index b74d412e..af32b186 100644
--- a/loginrec.c
+++ b/loginrec.c
@@ -158,7 +158,7 @@
 #include "log.h"
 #include "atomicio.h"
 
-RCSID("$Id: loginrec.c,v 1.56 2004/04/08 06:16:06 dtucker Exp $");
+RCSID("$Id: loginrec.c,v 1.57 2004/08/14 14:09:11 dtucker Exp $");
 
 #ifdef HAVE_UTIL_H
 #  include <util.h>
@@ -435,6 +435,11 @@ login_write (struct logininfo *li)
 #ifdef USE_WTMPX
 	wtmpx_write_entry(li);
 #endif
+#ifdef CUSTOM_SYS_AUTH_RECORD_LOGIN
+	if (li->type == LTYPE_LOGIN && 
+	   !sys_auth_record_login(li->username,li->hostname,li->line))
+		logit("Writing login record failed for %s", li->username);
+#endif
 	return 0;
 }
 
diff --git a/openbsd-compat/port-aix.c b/openbsd-compat/port-aix.c
index d0c9a49e..78f4faea 100644
--- a/openbsd-compat/port-aix.c
+++ b/openbsd-compat/port-aix.c
@@ -101,7 +101,7 @@ aix_remove_embedded_newlines(char *p)
 int
 sys_auth_passwd(Authctxt *ctxt, const char *password)
 {
-	char *authmsg = NULL, *host, *msg, *name = ctxt->pw->pw_name;
+	char *authmsg = NULL, *msg, *name = ctxt->pw->pw_name;
 	int authsuccess = 0, expired, reenter, result;
 
 	do {
@@ -115,20 +115,11 @@ sys_auth_passwd(Authctxt *ctxt, const char *password)
 	if (result == 0) {
 		authsuccess = 1;
 
-		host = (char *)get_canonical_hostname(options.use_dns);
-
 	       	/*
 		 * Record successful login.  We don't have a pty yet, so just
 		 * label the line as "ssh"
 		 */
 		aix_setauthdb(name);
-	       	if (loginsuccess((char *)name, (char *)host, "ssh", &msg) == 0) {
-			if (msg != NULL) {
-				debug("%s: msg %s", __func__, msg);
-				buffer_append(&loginmsg, msg, strlen(msg));
-				xfree(msg);
-			}
-		}
 
 		/*
 		 * Check if the user's password is expired.
@@ -208,6 +199,25 @@ sys_auth_allowed_user(struct passwd *pw)
 	return permitted;
 }
 
+int
+sys_auth_record_login(const char *user, const char *host, const char *ttynm)
+{
+	char *msg;
+	int success = 0;
+
+	aix_setauthdb(user);
+	if (loginsuccess((char *)user, host, ttynm, &msg) == 0) {
+		success = 1;
+		if (msg != NULL) {
+			debug("AIX/loginsuccess: msg %s", __func__, msg);
+			buffer_append(&loginmsg, msg, strlen(msg));
+			xfree(msg);
+		}
+	}
+	aix_restoreauthdb();
+	return (success);
+}
+
 #  ifdef CUSTOM_FAILED_LOGIN
 /*
  * record_failed_login: generic "login failed" interface function
diff --git a/openbsd-compat/port-aix.h b/openbsd-compat/port-aix.h
index 3b82652d..29e9751c 100644
--- a/openbsd-compat/port-aix.h
+++ b/openbsd-compat/port-aix.h
@@ -1,4 +1,4 @@
-/* $Id: port-aix.h,v 1.20 2004/06/23 03:45:24 dtucker Exp $ */
+/* $Id: port-aix.h,v 1.21 2004/08/14 14:09:12 dtucker Exp $ */
 
 /*
  *
@@ -65,6 +65,8 @@ void aix_usrinfo(struct passwd *);
 # define CUSTOM_SYS_AUTH_PASSWD 1
 # define CUSTOM_SYS_AUTH_ALLOWED_USER 1
 int sys_auth_allowed_user(struct passwd *);
+# define CUSTOM_SYS_AUTH_RECORD_LOGIN 1
+int sys_auth_record_login(const char *, const char *, const char *);
 # define CUSTOM_FAILED_LOGIN 1
 void record_failed_login(const char *, const char *);
 #endif