diff options
author | Damien Miller <djm@mindrot.org> | 2012-12-03 09:53:20 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2012-12-03 09:53:20 +1100 |
commit | 15b05cfa17592da7470d7bd4b2de063188697471 (patch) | |
tree | 50686085795dc25237f6aabe4c2a5963f38a6e06 /monitor.h | |
parent | aa5b3f831417bac9538d2b6f21d55fef278e8926 (diff) |
- djm@cvs.openbsd.org 2012/12/02 20:34:10
[auth.c auth.h auth1.c auth2-chall.c auth2-gss.c auth2-jpake.c auth2.c]
[monitor.c monitor.h]
Fixes logging of partial authentication when privsep is enabled
Previously, we recorded "Failed xxx" since we reset authenticated before
calling auth_log() in auth2.c. This adds an explcit "Partial" state.
Add a "submethod" to auth_log() to report which submethod is used
for keyboard-interactive.
Fix multiple authentication when one of the methods is
keyboard-interactive.
ok markus@
Diffstat (limited to 'monitor.h')
-rw-r--r-- | monitor.h | 80 |
1 files changed, 42 insertions, 38 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: monitor.h,v 1.16 2011/06/17 21:44:31 djm Exp $ */ | 1 | /* $OpenBSD: monitor.h,v 1.17 2012/12/02 20:34:10 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> | 4 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> |
@@ -28,44 +28,48 @@ | |||
28 | #ifndef _MONITOR_H_ | 28 | #ifndef _MONITOR_H_ |
29 | #define _MONITOR_H_ | 29 | #define _MONITOR_H_ |
30 | 30 | ||
31 | /* Please keep *_REQ_* values on even numbers and *_ANS_* on odd numbers */ | ||
31 | enum monitor_reqtype { | 32 | enum monitor_reqtype { |
32 | MONITOR_REQ_MODULI, MONITOR_ANS_MODULI, | 33 | MONITOR_REQ_MODULI = 0, MONITOR_ANS_MODULI = 1, |
33 | MONITOR_REQ_FREE, MONITOR_REQ_AUTHSERV, | 34 | MONITOR_REQ_FREE = 2, |
34 | MONITOR_REQ_SIGN, MONITOR_ANS_SIGN, | 35 | MONITOR_REQ_AUTHSERV = 4, |
35 | MONITOR_REQ_PWNAM, MONITOR_ANS_PWNAM, | 36 | MONITOR_REQ_SIGN = 6, MONITOR_ANS_SIGN = 7, |
36 | MONITOR_REQ_AUTH2_READ_BANNER, MONITOR_ANS_AUTH2_READ_BANNER, | 37 | MONITOR_REQ_PWNAM = 8, MONITOR_ANS_PWNAM = 9, |
37 | MONITOR_REQ_AUTHPASSWORD, MONITOR_ANS_AUTHPASSWORD, | 38 | MONITOR_REQ_AUTH2_READ_BANNER = 10, MONITOR_ANS_AUTH2_READ_BANNER = 11, |
38 | MONITOR_REQ_BSDAUTHQUERY, MONITOR_ANS_BSDAUTHQUERY, | 39 | MONITOR_REQ_AUTHPASSWORD = 12, MONITOR_ANS_AUTHPASSWORD = 13, |
39 | MONITOR_REQ_BSDAUTHRESPOND, MONITOR_ANS_BSDAUTHRESPOND, | 40 | MONITOR_REQ_BSDAUTHQUERY = 14, MONITOR_ANS_BSDAUTHQUERY = 15, |
40 | MONITOR_REQ_SKEYQUERY, MONITOR_ANS_SKEYQUERY, | 41 | MONITOR_REQ_BSDAUTHRESPOND = 16, MONITOR_ANS_BSDAUTHRESPOND = 17, |
41 | MONITOR_REQ_SKEYRESPOND, MONITOR_ANS_SKEYRESPOND, | 42 | MONITOR_REQ_SKEYQUERY = 18, MONITOR_ANS_SKEYQUERY = 19, |
42 | MONITOR_REQ_KEYALLOWED, MONITOR_ANS_KEYALLOWED, | 43 | MONITOR_REQ_SKEYRESPOND = 20, MONITOR_ANS_SKEYRESPOND = 21, |
43 | MONITOR_REQ_KEYVERIFY, MONITOR_ANS_KEYVERIFY, | 44 | MONITOR_REQ_KEYALLOWED = 22, MONITOR_ANS_KEYALLOWED = 23, |
44 | MONITOR_REQ_KEYEXPORT, | 45 | MONITOR_REQ_KEYVERIFY = 24, MONITOR_ANS_KEYVERIFY = 25, |
45 | MONITOR_REQ_PTY, MONITOR_ANS_PTY, | 46 | MONITOR_REQ_KEYEXPORT = 26, |
46 | MONITOR_REQ_PTYCLEANUP, | 47 | MONITOR_REQ_PTY = 28, MONITOR_ANS_PTY = 29, |
47 | MONITOR_REQ_SESSKEY, MONITOR_ANS_SESSKEY, | 48 | MONITOR_REQ_PTYCLEANUP = 30, |
48 | MONITOR_REQ_SESSID, | 49 | MONITOR_REQ_SESSKEY = 32, MONITOR_ANS_SESSKEY = 33, |
49 | MONITOR_REQ_RSAKEYALLOWED, MONITOR_ANS_RSAKEYALLOWED, | 50 | MONITOR_REQ_SESSID = 34, |
50 | MONITOR_REQ_RSACHALLENGE, MONITOR_ANS_RSACHALLENGE, | 51 | MONITOR_REQ_RSAKEYALLOWED = 36, MONITOR_ANS_RSAKEYALLOWED = 37, |
51 | MONITOR_REQ_RSARESPONSE, MONITOR_ANS_RSARESPONSE, | 52 | MONITOR_REQ_RSACHALLENGE = 38, MONITOR_ANS_RSACHALLENGE = 39, |
52 | MONITOR_REQ_GSSSETUP, MONITOR_ANS_GSSSETUP, | 53 | MONITOR_REQ_RSARESPONSE = 40, MONITOR_ANS_RSARESPONSE = 41, |
53 | MONITOR_REQ_GSSSTEP, MONITOR_ANS_GSSSTEP, | 54 | MONITOR_REQ_GSSSETUP = 42, MONITOR_ANS_GSSSETUP = 43, |
54 | MONITOR_REQ_GSSUSEROK, MONITOR_ANS_GSSUSEROK, | 55 | MONITOR_REQ_GSSSTEP = 44, MONITOR_ANS_GSSSTEP = 45, |
55 | MONITOR_REQ_GSSCHECKMIC, MONITOR_ANS_GSSCHECKMIC, | 56 | MONITOR_REQ_GSSUSEROK = 46, MONITOR_ANS_GSSUSEROK = 47, |
56 | MONITOR_REQ_PAM_START, | 57 | MONITOR_REQ_GSSCHECKMIC = 48, MONITOR_ANS_GSSCHECKMIC = 49, |
57 | MONITOR_REQ_PAM_ACCOUNT, MONITOR_ANS_PAM_ACCOUNT, | 58 | MONITOR_REQ_TERM = 50, |
58 | MONITOR_REQ_PAM_INIT_CTX, MONITOR_ANS_PAM_INIT_CTX, | 59 | MONITOR_REQ_JPAKE_STEP1 = 52, MONITOR_ANS_JPAKE_STEP1 = 53, |
59 | MONITOR_REQ_PAM_QUERY, MONITOR_ANS_PAM_QUERY, | 60 | MONITOR_REQ_JPAKE_GET_PWDATA = 54, MONITOR_ANS_JPAKE_GET_PWDATA = 55, |
60 | MONITOR_REQ_PAM_RESPOND, MONITOR_ANS_PAM_RESPOND, | 61 | MONITOR_REQ_JPAKE_STEP2 = 56, MONITOR_ANS_JPAKE_STEP2 = 57, |
61 | MONITOR_REQ_PAM_FREE_CTX, MONITOR_ANS_PAM_FREE_CTX, | 62 | MONITOR_REQ_JPAKE_KEY_CONFIRM = 58, MONITOR_ANS_JPAKE_KEY_CONFIRM = 59, |
62 | MONITOR_REQ_AUDIT_EVENT, MONITOR_REQ_AUDIT_COMMAND, | 63 | MONITOR_REQ_JPAKE_CHECK_CONFIRM = 60, MONITOR_ANS_JPAKE_CHECK_CONFIRM = 61, |
63 | MONITOR_REQ_TERM, | 64 | |
64 | MONITOR_REQ_JPAKE_STEP1, MONITOR_ANS_JPAKE_STEP1, | 65 | MONITOR_REQ_PAM_START = 100, |
65 | MONITOR_REQ_JPAKE_GET_PWDATA, MONITOR_ANS_JPAKE_GET_PWDATA, | 66 | MONITOR_REQ_PAM_ACCOUNT = 102, MONITOR_ANS_PAM_ACCOUNT = 103, |
66 | MONITOR_REQ_JPAKE_STEP2, MONITOR_ANS_JPAKE_STEP2, | 67 | MONITOR_REQ_PAM_INIT_CTX = 104, MONITOR_ANS_PAM_INIT_CTX = 105, |
67 | MONITOR_REQ_JPAKE_KEY_CONFIRM, MONITOR_ANS_JPAKE_KEY_CONFIRM, | 68 | MONITOR_REQ_PAM_QUERY = 106, MONITOR_ANS_PAM_QUERY = 107, |
68 | MONITOR_REQ_JPAKE_CHECK_CONFIRM, MONITOR_ANS_JPAKE_CHECK_CONFIRM, | 69 | MONITOR_REQ_PAM_RESPOND = 108, MONITOR_ANS_PAM_RESPOND = 109, |
70 | MONITOR_REQ_PAM_FREE_CTX = 110, MONITOR_ANS_PAM_FREE_CTX = 111, | ||
71 | MONITOR_REQ_AUDIT_EVENT = 112, MONITOR_REQ_AUDIT_COMMAND = 113, | ||
72 | |||
69 | }; | 73 | }; |
70 | 74 | ||
71 | struct mm_master; | 75 | struct mm_master; |