diff options
author | Darren Tucker <dtucker@zip.com.au> | 2013-06-02 07:41:51 +1000 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2013-06-02 07:41:51 +1000 |
commit | 0acca3797d53d958d240c69a5f222f2aa8444858 (patch) | |
tree | 0a1e1208f2d9abed88716b9a12e091864e2f8d2d /auth.h | |
parent | 74836ae0fabcc1a76b9d9eacd1629c88a054b2d0 (diff) |
- djm@cvs.openbsd.org 2013/05/19 02:42:42
[auth.h auth.c key.c monitor.c auth-rsa.c auth2.c auth1.c key.h]
Standardise logging of supplemental information during userauth. Keys
and ruser is now logged in the auth success/failure message alongside
the local username, remote host/port and protocol in use. Certificates
contents and CA are logged too.
Pushing all logging onto a single line simplifies log analysis as it is
no longer necessary to relate information scattered across multiple log
entries. "I like it" markus@
Diffstat (limited to 'auth.h')
-rw-r--r-- | auth.h | 10 |
1 files changed, 7 insertions, 3 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth.h,v 1.73 2013/03/07 19:27:25 markus Exp $ */ | 1 | /* $OpenBSD: auth.h,v 1.74 2013/05/19 02:42:42 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
@@ -60,6 +60,7 @@ struct Authctxt { | |||
60 | struct passwd *pw; /* set if 'valid' */ | 60 | struct passwd *pw; /* set if 'valid' */ |
61 | char *style; | 61 | char *style; |
62 | void *kbdintctxt; | 62 | void *kbdintctxt; |
63 | char *info; /* Extra info for next auth_log */ | ||
63 | void *jpake_ctx; | 64 | void *jpake_ctx; |
64 | #ifdef BSD_AUTH | 65 | #ifdef BSD_AUTH |
65 | auth_session_t *as; | 66 | auth_session_t *as; |
@@ -121,6 +122,7 @@ int auth_rsa_key_allowed(struct passwd *, BIGNUM *, Key **); | |||
121 | int auth_rhosts_rsa_key_allowed(struct passwd *, char *, char *, Key *); | 122 | int auth_rhosts_rsa_key_allowed(struct passwd *, char *, char *, Key *); |
122 | int hostbased_key_allowed(struct passwd *, const char *, char *, Key *); | 123 | int hostbased_key_allowed(struct passwd *, const char *, char *, Key *); |
123 | int user_key_allowed(struct passwd *, Key *); | 124 | int user_key_allowed(struct passwd *, Key *); |
125 | void pubkey_auth_info(Authctxt *, const Key *); | ||
124 | 126 | ||
125 | struct stat; | 127 | struct stat; |
126 | int auth_secure_path(const char *, struct stat *, const char *, uid_t, | 128 | int auth_secure_path(const char *, struct stat *, const char *, uid_t, |
@@ -148,8 +150,10 @@ void disable_forwarding(void); | |||
148 | void do_authentication(Authctxt *); | 150 | void do_authentication(Authctxt *); |
149 | void do_authentication2(Authctxt *); | 151 | void do_authentication2(Authctxt *); |
150 | 152 | ||
151 | void auth_log(Authctxt *, int, int, const char *, const char *, | 153 | void auth_info(Authctxt *authctxt, const char *, ...) |
152 | const char *); | 154 | __attribute__((__format__ (printf, 2, 3))) |
155 | __attribute__((__nonnull__ (2))); | ||
156 | void auth_log(Authctxt *, int, int, const char *, const char *); | ||
153 | void userauth_finish(Authctxt *, int, const char *, const char *); | 157 | void userauth_finish(Authctxt *, int, const char *, const char *); |
154 | int auth_root_allowed(const char *); | 158 | int auth_root_allowed(const char *); |
155 | 159 | ||