diff options
| author | Darren Tucker <dtucker@zip.com.au> | 2013-06-02 07:41:51 +1000 |
|---|---|---|
| committer | Darren Tucker <dtucker@zip.com.au> | 2013-06-02 07:41:51 +1000 |
| commit | 0acca3797d53d958d240c69a5f222f2aa8444858 (patch) | |
| tree | 0a1e1208f2d9abed88716b9a12e091864e2f8d2d /auth.h | |
| parent | 74836ae0fabcc1a76b9d9eacd1629c88a054b2d0 (diff) | |
- djm@cvs.openbsd.org 2013/05/19 02:42:42
[auth.h auth.c key.c monitor.c auth-rsa.c auth2.c auth1.c key.h]
Standardise logging of supplemental information during userauth. Keys
and ruser is now logged in the auth success/failure message alongside
the local username, remote host/port and protocol in use. Certificates
contents and CA are logged too.
Pushing all logging onto a single line simplifies log analysis as it is
no longer necessary to relate information scattered across multiple log
entries. "I like it" markus@
Diffstat (limited to 'auth.h')
| -rw-r--r-- | auth.h | 10 |
1 files changed, 7 insertions, 3 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: auth.h,v 1.73 2013/03/07 19:27:25 markus Exp $ */ | 1 | /* $OpenBSD: auth.h,v 1.74 2013/05/19 02:42:42 djm Exp $ */ |
| 2 | 2 | ||
| 3 | /* | 3 | /* |
| 4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
| @@ -60,6 +60,7 @@ struct Authctxt { | |||
| 60 | struct passwd *pw; /* set if 'valid' */ | 60 | struct passwd *pw; /* set if 'valid' */ |
| 61 | char *style; | 61 | char *style; |
| 62 | void *kbdintctxt; | 62 | void *kbdintctxt; |
| 63 | char *info; /* Extra info for next auth_log */ | ||
| 63 | void *jpake_ctx; | 64 | void *jpake_ctx; |
| 64 | #ifdef BSD_AUTH | 65 | #ifdef BSD_AUTH |
| 65 | auth_session_t *as; | 66 | auth_session_t *as; |
| @@ -121,6 +122,7 @@ int auth_rsa_key_allowed(struct passwd *, BIGNUM *, Key **); | |||
| 121 | int auth_rhosts_rsa_key_allowed(struct passwd *, char *, char *, Key *); | 122 | int auth_rhosts_rsa_key_allowed(struct passwd *, char *, char *, Key *); |
| 122 | int hostbased_key_allowed(struct passwd *, const char *, char *, Key *); | 123 | int hostbased_key_allowed(struct passwd *, const char *, char *, Key *); |
| 123 | int user_key_allowed(struct passwd *, Key *); | 124 | int user_key_allowed(struct passwd *, Key *); |
| 125 | void pubkey_auth_info(Authctxt *, const Key *); | ||
| 124 | 126 | ||
| 125 | struct stat; | 127 | struct stat; |
| 126 | int auth_secure_path(const char *, struct stat *, const char *, uid_t, | 128 | int auth_secure_path(const char *, struct stat *, const char *, uid_t, |
| @@ -148,8 +150,10 @@ void disable_forwarding(void); | |||
| 148 | void do_authentication(Authctxt *); | 150 | void do_authentication(Authctxt *); |
| 149 | void do_authentication2(Authctxt *); | 151 | void do_authentication2(Authctxt *); |
| 150 | 152 | ||
| 151 | void auth_log(Authctxt *, int, int, const char *, const char *, | 153 | void auth_info(Authctxt *authctxt, const char *, ...) |
| 152 | const char *); | 154 | __attribute__((__format__ (printf, 2, 3))) |
| 155 | __attribute__((__nonnull__ (2))); | ||
| 156 | void auth_log(Authctxt *, int, int, const char *, const char *); | ||
| 153 | void userauth_finish(Authctxt *, int, const char *, const char *); | 157 | void userauth_finish(Authctxt *, int, const char *, const char *); |
| 154 | int auth_root_allowed(const char *); | 158 | int auth_root_allowed(const char *); |
| 155 | 159 | ||