- (dtucker) [loginrec.c openbsd-compat/port-aix.c openbsd-compat/port-aix.h]

   Plug AIX login recording into login_write so logins will be recorded for
   all auth types.

1 files changed, 20 insertions, 10 deletions

diff --git a/openbsd-compat/port-aix.c b/openbsd-compat/port-aix.c
index d0c9a49e..78f4faea 100644
--- a/openbsd-compat/port-aix.c
+++ b/openbsd-compat/port-aix.c
@@ -101,7 +101,7 @@ aix_remove_embedded_newlines(char *p)
 int
 sys_auth_passwd(Authctxt *ctxt, const char *password)
 {
-	char *authmsg = NULL, *host, *msg, *name = ctxt->pw->pw_name;
+	char *authmsg = NULL, *msg, *name = ctxt->pw->pw_name;
 	int authsuccess = 0, expired, reenter, result;
 
 	do {
@@ -115,20 +115,11 @@ sys_auth_passwd(Authctxt *ctxt, const char *password)
 	if (result == 0) {
 		authsuccess = 1;
 
-		host = (char *)get_canonical_hostname(options.use_dns);
-
 	       	/*
 		 * Record successful login.  We don't have a pty yet, so just
 		 * label the line as "ssh"
 		 */
 		aix_setauthdb(name);
-	       	if (loginsuccess((char *)name, (char *)host, "ssh", &msg) == 0) {
-			if (msg != NULL) {
-				debug("%s: msg %s", __func__, msg);
-				buffer_append(&loginmsg, msg, strlen(msg));
-				xfree(msg);
-			}
-		}
 
 		/*
 		 * Check if the user's password is expired.
@@ -208,6 +199,25 @@ sys_auth_allowed_user(struct passwd *pw)
 	return permitted;
 }
 
+int
+sys_auth_record_login(const char *user, const char *host, const char *ttynm)
+{
+	char *msg;
+	int success = 0;
+
+	aix_setauthdb(user);
+	if (loginsuccess((char *)user, host, ttynm, &msg) == 0) {
+		success = 1;
+		if (msg != NULL) {
+			debug("AIX/loginsuccess: msg %s", __func__, msg);
+			buffer_append(&loginmsg, msg, strlen(msg));
+			xfree(msg);
+		}
+	}
+	aix_restoreauthdb();
+	return (success);
+}
+
 #  ifdef CUSTOM_FAILED_LOGIN
 /*
  * record_failed_login: generic "login failed" interface function