diff options
| author | Darren Tucker <dtucker@zip.com.au> | 2004-04-18 11:00:26 +1000 |
|---|---|---|
| committer | Darren Tucker <dtucker@zip.com.au> | 2004-04-18 11:00:26 +1000 |
| commit | 2a9bf4b3d3fd0dfef74eed568152b71348fbbda6 (patch) | |
| tree | 6bb98f9f4d3b555612efe0a01c3796f28566ea6b | |
| parent | fe6d5aa54b8c832b6c0f06c94a21a2b48c34cc06 (diff) | |
- (dtucker) [auth-pam.c] Log username and source host for failed PAM
authentication attempts. With & ok djm@
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | auth-pam.c | 9 |
2 files changed, 11 insertions, 4 deletions
| @@ -1,3 +1,7 @@ | |||
| 1 | 20040418 | ||
| 2 | - (dtucker) [auth-pam.c] Log username and source host for failed PAM | ||
| 3 | authentication attempts. With & ok djm@ | ||
| 4 | |||
| 1 | 20040416 | 5 | 20040416 |
| 2 | - (dtucker) [regress/sftp-cmds.sh] Skip quoting test on Cygwin, since | 6 | - (dtucker) [regress/sftp-cmds.sh] Skip quoting test on Cygwin, since |
| 3 | FAT/NTFS does not permit quotes in filenames. From vinschen at redhat.com | 7 | FAT/NTFS does not permit quotes in filenames. From vinschen at redhat.com |
| @@ -975,4 +979,4 @@ | |||
| 975 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM | 979 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM |
| 976 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu | 980 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu |
| 977 | 981 | ||
| 978 | $Id: ChangeLog,v 1.3314 2004/04/17 03:03:07 tim Exp $ | 982 | $Id: ChangeLog,v 1.3315 2004/04/18 01:00:26 dtucker Exp $ |
diff --git a/auth-pam.c b/auth-pam.c index 13ada737c..36dbb7e15 100644 --- a/auth-pam.c +++ b/auth-pam.c | |||
| @@ -31,7 +31,7 @@ | |||
| 31 | 31 | ||
| 32 | /* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */ | 32 | /* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */ |
| 33 | #include "includes.h" | 33 | #include "includes.h" |
| 34 | RCSID("$Id: auth-pam.c,v 1.99 2004/03/30 10:57:57 dtucker Exp $"); | 34 | RCSID("$Id: auth-pam.c,v 1.100 2004/04/18 01:00:26 dtucker Exp $"); |
| 35 | 35 | ||
| 36 | #ifdef USE_PAM | 36 | #ifdef USE_PAM |
| 37 | #if defined(HAVE_SECURITY_PAM_APPL_H) | 37 | #if defined(HAVE_SECURITY_PAM_APPL_H) |
| @@ -58,6 +58,7 @@ RCSID("$Id: auth-pam.c,v 1.99 2004/03/30 10:57:57 dtucker Exp $"); | |||
| 58 | extern ServerOptions options; | 58 | extern ServerOptions options; |
| 59 | extern Buffer loginmsg; | 59 | extern Buffer loginmsg; |
| 60 | extern int compat20; | 60 | extern int compat20; |
| 61 | extern u_int utmp_len; | ||
| 61 | 62 | ||
| 62 | #ifdef USE_POSIX_THREADS | 63 | #ifdef USE_POSIX_THREADS |
| 63 | #include <pthread.h> | 64 | #include <pthread.h> |
| @@ -453,7 +454,6 @@ sshpam_cleanup(void) | |||
| 453 | static int | 454 | static int |
| 454 | sshpam_init(Authctxt *authctxt) | 455 | sshpam_init(Authctxt *authctxt) |
| 455 | { | 456 | { |
| 456 | extern u_int utmp_len; | ||
| 457 | extern char *__progname; | 457 | extern char *__progname; |
| 458 | const char *pam_rhost, *pam_user, *user = authctxt->user; | 458 | const char *pam_rhost, *pam_user, *user = authctxt->user; |
| 459 | 459 | ||
| @@ -599,7 +599,10 @@ sshpam_query(void *ctx, char **name, char **info, | |||
| 599 | xfree(msg); | 599 | xfree(msg); |
| 600 | return (0); | 600 | return (0); |
| 601 | } | 601 | } |
| 602 | error("PAM: %s", msg); | 602 | error("PAM: %s for %s%.100s from %.100s", msg, |
| 603 | sshpam_authctxt->valid ? "" : "illegal user ", | ||
| 604 | sshpam_authctxt->user, | ||
| 605 | get_remote_name_or_ip(utmp_len, options.use_dns)); | ||
| 603 | /* FALLTHROUGH */ | 606 | /* FALLTHROUGH */ |
| 604 | default: | 607 | default: |
| 605 | *num = 0; | 608 | *num = 0; |