diff options
Diffstat (limited to 'audit.h')
-rw-r--r-- | audit.h | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/audit.h b/audit.h new file mode 100644 index 000000000..78e58966f --- /dev/null +++ b/audit.h | |||
@@ -0,0 +1,56 @@ | |||
1 | /* $Id: audit.h,v 1.2 2005/02/08 10:52:48 dtucker Exp $ */ | ||
2 | |||
3 | /* | ||
4 | * Copyright (c) 2004, 2005 Darren Tucker. All rights reserved. | ||
5 | * | ||
6 | * Redistribution and use in source and binary forms, with or without | ||
7 | * modification, are permitted provided that the following conditions | ||
8 | * are met: | ||
9 | * 1. Redistributions of source code must retain the above copyright | ||
10 | * notice, this list of conditions and the following disclaimer. | ||
11 | * 2. Redistributions in binary form must reproduce the above copyright | ||
12 | * notice, this list of conditions and the following disclaimer in the | ||
13 | * documentation and/or other materials provided with the distribution. | ||
14 | * | ||
15 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | ||
16 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | ||
17 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | ||
18 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | ||
19 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
20 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | ||
21 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | ||
22 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
23 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | ||
24 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
25 | */ | ||
26 | |||
27 | #include "auth.h" | ||
28 | |||
29 | #ifndef _SSH_AUDIT_H | ||
30 | # define _SSH_AUDIT_H | ||
31 | enum ssh_audit_event_type { | ||
32 | SSH_LOGIN_EXCEED_MAXTRIES, | ||
33 | SSH_LOGIN_ROOT_DENIED, | ||
34 | SSH_AUTH_SUCCESS, | ||
35 | SSH_AUTH_FAIL_NONE, | ||
36 | SSH_AUTH_FAIL_PASSWD, | ||
37 | SSH_AUTH_FAIL_KBDINT, /* keyboard-interactive or challenge-response */ | ||
38 | SSH_AUTH_FAIL_PUBKEY, /* ssh2 pubkey or ssh1 rsa */ | ||
39 | SSH_AUTH_FAIL_HOSTBASED, /* ssh2 hostbased or ssh1 rhostsrsa */ | ||
40 | SSH_AUTH_FAIL_GSSAPI, | ||
41 | SSH_INVALID_USER, | ||
42 | SSH_NOLOGIN, /* denied by /etc/nologin, not implemented */ | ||
43 | SSH_CONNECTION_CLOSE, /* closed after attempting auth or session */ | ||
44 | SSH_CONNECTION_ABANDON, /* closed without completing auth */ | ||
45 | SSH_AUDIT_UNKNOWN | ||
46 | }; | ||
47 | typedef enum ssh_audit_event_type ssh_audit_event_t; | ||
48 | |||
49 | void audit_connection_from(const char *, int); | ||
50 | void audit_event(ssh_audit_event_t); | ||
51 | void audit_session_open(const char *); | ||
52 | void audit_session_close(const char *); | ||
53 | void audit_run_command(const char *); | ||
54 | ssh_audit_event_t audit_classify_auth(const char *); | ||
55 | |||
56 | #endif /* _SSH_AUDIT_H */ | ||