AIX patch for openssh-3.7.1p2

[Darren Tucker]

Matt Richards wrote:
> 
> >It looks like the AFS registry module doesn't support setpcred (along
> >with loginsucess(), sigh).
> 
> The AFS registry does support the loginsuccess and loginfailure (I have
> done it in other applications), however there seems to be a bug in
> setpcred/setauthdb which does not play nice with DCE.

Interesting.  We've had reports that when using the AFS registry,
loginsuccess() does not return a "last logged in at [time]" message.  I
don't know if AFS supports such a concept (I've never used it), or if the
AFS module just doesn't return it, or if it only happens in a specific
configuration (eg DCE as you suggest).

> >The loginfailed() test in configure is just there to figure out how many
> >arguments it takes.  It's still used (as long as WITH_AIXAUTHENTICATE is
> >defined, see below) if the test fails.
> 
> I understand this part, put there are two loginfailed tests in configure.
> One is to test the existence of loginfailed and another to test how
> many arguments it takes. The test for the arguments is never executed if
> the loginfailed test fails.

That's right.  If there is no function prototype for loginfailed, then the
test program will link OK regardless of how many arguments it should
really be given.  (Whether or not it would do anything sane if run is
another matter).

If loginfailed isn't defined in usersec.h then you are running an older
AIX and your loginfailed takes 3 arguments.  Trying the test program will
*incorrectly* identify it as taking 4 arguments, so we don't.

[snip]
> I still believe that
>        conf_wtmp_location=/var/adm/wtmp
> should still be added to the configure script. It is done that way for
> Next.

Why?  What problem does this solve?

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.