15 files changed, 18 insertions, 58 deletions

diff --git a/audit-bsm.c b/audit-bsm.c
index 1409f69ae..0ba16c72c 100644
--- a/audit-bsm.c
+++ b/audit-bsm.c
@@ -391,7 +391,7 @@ audit_session_close(struct logininfo *li)
 }
 
 void
-audit_event(ssh_audit_event_t event)
+audit_event(struct ssh *ssh, ssh_audit_event_t event)
 {
         char    textbuf[BSM_TEXTBUFSZ];
         static int logged_in = 0;
diff --git a/audit-linux.c b/audit-linux.c
index 136ed76bb..3fcbe5c53 100644
--- a/audit-linux.c
+++ b/audit-linux.c
@@ -97,10 +97,8 @@ audit_session_close(struct logininfo *li)
 }
 
 void
-audit_event(ssh_audit_event_t event)
+audit_event(struct ssh *ssh, ssh_audit_event_t event)
 {
-        struct ssh *ssh = active_state; /* XXX */
-
         switch(event) {
         case SSH_AUTH_SUCCESS:
         case SSH_CONNECTION_CLOSE:
diff --git a/audit.c b/audit.c
index 33a04376d..dd2f03558 100644
--- a/audit.c
+++ b/audit.c
@@ -131,7 +131,7 @@ audit_connection_from(const char *host, int port)
  * events and what they mean).
  */
 void
-audit_event(ssh_audit_event_t event)
+audit_event(struct ssh *ssh, ssh_audit_event_t event)
 {
         debug("audit event euid %d user %s event %d (%s)", geteuid(),
             audit_username(), event, audit_event_lookup(event));
diff --git a/audit.h b/audit.h
index 0b593666d..38cb5ad31 100644
--- a/audit.h
+++ b/audit.h
@@ -27,6 +27,8 @@
 
 #include "loginrec.h"
 
+struct ssh;
+
 enum ssh_audit_event_type {
         SSH_LOGIN_EXCEED_MAXTRIES,
         SSH_LOGIN_ROOT_DENIED,
@@ -46,7 +48,7 @@ enum ssh_audit_event_type {
 typedef enum ssh_audit_event_type ssh_audit_event_t;
 
 void    audit_connection_from(const char *, int);
-void    audit_event(ssh_audit_event_t);
+void    audit_event(struct ssh *, ssh_audit_event_t);
 void    audit_session_open(struct logininfo *);
 void    audit_session_close(struct logininfo *);
 void    audit_run_command(const char *);
diff --git a/auth.c b/auth.c
index a4c1dece5..62c58e72f 100644
--- a/auth.c
+++ b/auth.c
@@ -367,7 +367,7 @@ auth_log(struct ssh *ssh, int authenticated, int partial,
 #endif
 #ifdef SSH_AUDIT_EVENTS
         if (authenticated == 0 && !authctxt->postponed)
-                audit_event(audit_classify_auth(method));
+                audit_event(ssh, audit_classify_auth(method));
 #endif
 }
 
@@ -605,7 +605,7 @@ getpwnamallow(struct ssh *ssh, const char *user)
                     auth_get_canonical_hostname(ssh, options.use_dns), "ssh");
 #endif
 #ifdef SSH_AUDIT_EVENTS
-                audit_event(SSH_INVALID_USER);
+                audit_event(ssh, SSH_INVALID_USER);
 #endif /* SSH_AUDIT_EVENTS */
                 return (NULL);
         }
diff --git a/auth2.c b/auth2.c
index a80b3f872..e43350c36 100644
--- a/auth2.c
+++ b/auth2.c
@@ -294,7 +294,7 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh)
                         /* Invalid user, fake password information */
                         authctxt->pw = fakepw();
 #ifdef SSH_AUDIT_EVENTS
-                        PRIVSEP(audit_event(SSH_INVALID_USER));
+                        PRIVSEP(audit_event(ssh, SSH_INVALID_USER));
 #endif
                 }
 #ifdef USE_PAM
@@ -369,7 +369,7 @@ userauth_finish(struct ssh *ssh, int authenticated, const char *method,
             !auth_root_allowed(ssh, method)) {
                 authenticated = 0;
 #ifdef SSH_AUDIT_EVENTS
-                PRIVSEP(audit_event(SSH_LOGIN_ROOT_DENIED));
+                PRIVSEP(audit_event(ssh, SSH_LOGIN_ROOT_DENIED));
 #endif
         }
 
@@ -430,7 +430,7 @@ userauth_finish(struct ssh *ssh, int authenticated, const char *method,
                         authctxt->failures++;
                 if (authctxt->failures >= options.max_authtries) {
 #ifdef SSH_AUDIT_EVENTS
-                        PRIVSEP(audit_event(SSH_LOGIN_EXCEED_MAXTRIES));
+                        PRIVSEP(audit_event(ssh, SSH_LOGIN_EXCEED_MAXTRIES));
 #endif
                         auth_maxtries_exceeded(ssh);
                 }
diff --git a/monitor.c b/monitor.c
index 5fa30b2a8..a9546dad2 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1628,7 +1628,7 @@ mm_answer_audit_event(struct ssh *ssh, int socket, struct sshbuf *m)
         case SSH_LOGIN_ROOT_DENIED:
         case SSH_CONNECTION_CLOSE:
         case SSH_INVALID_USER:
-                audit_event(event);
+                audit_event(ssh, event);
                 break;
         default:
                 fatal("Audit event type %d not permitted", event);
diff --git a/monitor_wrap.c b/monitor_wrap.c
index f52b9c88c..9e3c7cd17 100644
--- a/monitor_wrap.c
+++ b/monitor_wrap.c
@@ -867,7 +867,7 @@ mm_bsdauth_respond(void *ctx, u_int numresponses, char **responses)
 
 #ifdef SSH_AUDIT_EVENTS
 void
-mm_audit_event(ssh_audit_event_t event)
+mm_audit_event(struct ssh *ssh, ssh_audit_event_t event)
 {
         struct sshbuf *m;
         int r;
diff --git a/monitor_wrap.h b/monitor_wrap.h
index c7e0c91dd..fdebb3aa4 100644
--- a/monitor_wrap.h
+++ b/monitor_wrap.h
@@ -76,7 +76,7 @@ void mm_sshpam_free_ctx(void *);
 
 #ifdef SSH_AUDIT_EVENTS
 #include "audit.h"
-void mm_audit_event(ssh_audit_event_t);
+void mm_audit_event(struct ssh *, ssh_audit_event_t);
 void mm_audit_run_command(const char *);
 #endif
 
diff --git a/regress/misc/kexfuzz/kexfuzz.c b/regress/misc/kexfuzz/kexfuzz.c
index 3e2c48160..61cae042f 100644
--- a/regress/misc/kexfuzz/kexfuzz.c
+++ b/regress/misc/kexfuzz/kexfuzz.c
@@ -29,8 +29,6 @@
 #include "authfile.h"
 #include "log.h"
 
-struct ssh *active_state = NULL; /* XXX - needed for linking */
-
 void kex_tests(void);
 static int do_debug = 0;
 
diff --git a/regress/unittests/kex/test_kex.c b/regress/unittests/kex/test_kex.c
index 90f1ebf45..112bc5499 100644
--- a/regress/unittests/kex/test_kex.c
+++ b/regress/unittests/kex/test_kex.c
@@ -24,8 +24,6 @@
 #include "packet.h"
 #include "myproposal.h"
 
-struct ssh *active_state = NULL; /* XXX - needed for linking */
-
 void kex_tests(void);
 static int do_debug = 0;
 
diff --git a/session.c b/session.c
index b5a382473..4862e5d63 100644
--- a/session.c
+++ b/session.c
@@ -123,9 +123,6 @@ int	do_exec_no_pty(struct ssh *, Session *, const char *);
 int     do_exec(struct ssh *, Session *, const char *);
 void    do_login(struct ssh *, Session *, const char *);
 void    do_child(struct ssh *, Session *, const char *);
-#ifdef LOGIN_NEEDS_UTMPX
-static void     do_pre_login(Session *s);
-#endif
 void    do_motd(void);
 int     check_quietlogin(Session *, const char *);
 
@@ -656,35 +653,6 @@ do_exec_pty(struct ssh *ssh, Session *s, const char *command)
         return 0;
 }
 
-#ifdef LOGIN_NEEDS_UTMPX
-static void
-do_pre_login(Session *s)
-{
-        struct ssh *ssh = active_state; /* XXX */
-        socklen_t fromlen;
-        struct sockaddr_storage from;
-        pid_t pid = getpid();
-
-        /*
-         * Get IP address of client. If the connection is not a socket, let
-         * the address be 0.0.0.0.
-         */
-        memset(&from, 0, sizeof(from));
-        fromlen = sizeof(from);
-        if (packet_connection_is_on_socket()) {
-                if (getpeername(packet_get_connection_in(),
-                    (struct sockaddr *)&from, &fromlen) < 0) {
-                        debug("getpeername: %.100s", strerror(errno));
-                        cleanup_exit(255);
-                }
-        }
-
-        record_utmp_only(pid, s->tty, s->pw->pw_name,
-            session_get_remote_name_or_ip(ssh, utmp_len, options.use_dns),
-            (struct sockaddr *)&from, fromlen);
-}
-#endif
-
 /*
  * This is called to fork and execute a command.  If another command is
  * to be forced, execute that instead.
diff --git a/ssh-keyscan.c b/ssh-keyscan.c
index 38b1c548b..88449f672 100644
--- a/ssh-keyscan.c
+++ b/ssh-keyscan.c
@@ -83,8 +83,6 @@ fd_set *read_wait;
 size_t read_wait_nfdset;
 int ncon;
 
-struct ssh *active_state = NULL; /* XXX needed for linking */
-
 /*
  * Keep a connection structure for each file descriptor.  The state
  * associated with file descriptor n is held in fdcon[n].
diff --git a/ssh-keysign.c b/ssh-keysign.c
index 7ea5ad0e9..601f6ca72 100644
--- a/ssh-keysign.c
+++ b/ssh-keysign.c
@@ -59,8 +59,6 @@
 #include "sshkey.h"
 #include "ssherr.h"
 
-struct ssh *active_state = NULL; /* XXX needed for linking */
-
 extern char *__progname;
 
 static int
diff --git a/sshd.c b/sshd.c
index 58d17e546..f6927672e 100644
--- a/sshd.c
+++ b/sshd.c
@@ -2080,7 +2080,7 @@ main(int ac, char **av)
         }
 
 #ifdef SSH_AUDIT_EVENTS
-        audit_event(SSH_AUTH_SUCCESS);
+        audit_event(ssh, SSH_AUTH_SUCCESS);
 #endif
 
 #ifdef GSSAPI
@@ -2128,7 +2128,7 @@ main(int ac, char **av)
 #endif /* USE_PAM */
 
 #ifdef SSH_AUDIT_EVENTS
-        PRIVSEP(audit_event(SSH_CONNECTION_CLOSE));
+        PRIVSEP(audit_event(ssh, SSH_CONNECTION_CLOSE));
 #endif
 
         ssh_packet_close(ssh);
@@ -2256,8 +2256,8 @@ cleanup_exit(int i)
         }
 #ifdef SSH_AUDIT_EVENTS
         /* done after do_cleanup so it can cancel the PAM auth 'thread' */
-        if (!use_privsep || mm_is_monitor())
-                audit_event(SSH_CONNECTION_ABANDON);
+        if (the_active_state != NULL && (!use_privsep || mm_is_monitor()))
+                audit_event(the_active_state, SSH_CONNECTION_ABANDON);
 #endif
         _exit(i);
 }