Make AIX login message handling consistent.

Darren Tucker dtucker at zip.com.au
Wed Jun 16 14:03:15 EST 2004 

Hi.
	There's a couple of minor problems with the way port-aix.c handles the 
messages returned by AIX's authentication routines.  I think we handle 
the native ones OK, but third-party modules might behave differently. 
It tests OK for me, I would appreciate testing by anyone using AIX (esp. 
anyone using something other than the standard password auth modules).

a) The message from a successful authenticate() is not sent to the user. 
  (The native password modules don't return anything).

b) There is one code path where the message is not free()ed.  (It only 
leaks a few bytes on a successful authentication if passwordexpired() 
returns a warning message, but it should be fixed.)

c) The auth routines *may* return a NULL pointer rather than a pointer 
to a message.  Most don't, and I think we handle all of the ones that 
might, but we should handle all of them.

d) The debug message from loginsuccess() was inconsistent with the rest.

e) There were some spaces instead of tabs.  I've already commited that 
change since I didn't want to mix code and whitespace changes.

To fix a)-c), I used the following construct:

	result = function(...);
	if (msg != NULL)
		buffer_append(&loginmsg, msg, strlen(msg));
	else
		msg = xstrdup("(none)");
	aix_remove_embedded_newlines(msg);
	debug("AIX/function returned %d msg %s", result, msg);
	xfree(msg);

The message needs to be appended to loginmsg before we trash the 
newlines, otherwise they'll look funny.  It seemed simpler to xstrdup 
the "none" message for the NULL case and then print and free it 
unconditionally.  I think this is tidier (but marginally less efficient) 
than my first attempt which looked roughly like:

	debug("AIX/function returned %d msg %s", result,
	    msg != NULL ? msg : "(none)");
	if (msg != NULL)
		xfree(msg)

The loginrestrictions() code in auth.c should probably get similar 
treatment (and be moved to port-aix.c too).

	Comments?

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
     Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: openssh-aixmsg.patch
Url: http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20040616/dd3e62e0/attachment.ksh

More information about the openssh-unix-dev mailing list