summaryrefslogtreecommitdiff
path: root/audit.h
diff options
context:
space:
mode:
Diffstat (limited to 'audit.h')
-rw-r--r--audit.h56
1 files changed, 56 insertions, 0 deletions
diff --git a/audit.h b/audit.h
new file mode 100644
index 000000000..78e58966f
--- /dev/null
+++ b/audit.h
@@ -0,0 +1,56 @@
1/* $Id: audit.h,v 1.2 2005/02/08 10:52:48 dtucker Exp $ */
2
3/*
4 * Copyright (c) 2004, 2005 Darren Tucker. All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25 */
26
27#include "auth.h"
28
29#ifndef _SSH_AUDIT_H
30# define _SSH_AUDIT_H
31enum ssh_audit_event_type {
32 SSH_LOGIN_EXCEED_MAXTRIES,
33 SSH_LOGIN_ROOT_DENIED,
34 SSH_AUTH_SUCCESS,
35 SSH_AUTH_FAIL_NONE,
36 SSH_AUTH_FAIL_PASSWD,
37 SSH_AUTH_FAIL_KBDINT, /* keyboard-interactive or challenge-response */
38 SSH_AUTH_FAIL_PUBKEY, /* ssh2 pubkey or ssh1 rsa */
39 SSH_AUTH_FAIL_HOSTBASED, /* ssh2 hostbased or ssh1 rhostsrsa */
40 SSH_AUTH_FAIL_GSSAPI,
41 SSH_INVALID_USER,
42 SSH_NOLOGIN, /* denied by /etc/nologin, not implemented */
43 SSH_CONNECTION_CLOSE, /* closed after attempting auth or session */
44 SSH_CONNECTION_ABANDON, /* closed without completing auth */
45 SSH_AUDIT_UNKNOWN
46};
47typedef enum ssh_audit_event_type ssh_audit_event_t;
48
49void audit_connection_from(const char *, int);
50void audit_event(ssh_audit_event_t);
51void audit_session_open(const char *);
52void audit_session_close(const char *);
53void audit_run_command(const char *);
54ssh_audit_event_t audit_classify_auth(const char *);
55
56#endif /* _SSH_AUDIT_H */