diff options
Diffstat (limited to 'auth1.c')
| -rw-r--r-- | auth1.c | 12 |
1 files changed, 10 insertions, 2 deletions
| @@ -247,8 +247,12 @@ do_authloop(Authctxt *authctxt) | |||
| 247 | #else | 247 | #else |
| 248 | /* Special handling for root */ | 248 | /* Special handling for root */ |
| 249 | if (authenticated && authctxt->pw->pw_uid == 0 && | 249 | if (authenticated && authctxt->pw->pw_uid == 0 && |
| 250 | !auth_root_allowed(get_authname(type))) | 250 | !auth_root_allowed(get_authname(type))) { |
| 251 | authenticated = 0; | 251 | authenticated = 0; |
| 252 | # ifdef AUDIT_EVENTS | ||
| 253 | PRIVSEP(audit_event(LOGIN_ROOT_DENIED)); | ||
| 254 | # endif | ||
| 255 | } | ||
| 252 | #endif | 256 | #endif |
| 253 | 257 | ||
| 254 | #ifdef USE_PAM | 258 | #ifdef USE_PAM |
| @@ -283,8 +287,12 @@ do_authloop(Authctxt *authctxt) | |||
| 283 | if (authenticated) | 287 | if (authenticated) |
| 284 | return; | 288 | return; |
| 285 | 289 | ||
| 286 | if (authctxt->failures++ > options.max_authtries) | 290 | if (authctxt->failures++ > options.max_authtries) { |
| 291 | #ifdef AUDIT_EVENTS | ||
| 292 | PRIVSEP(audit_event(LOGIN_EXCEED_MAXTRIES)); | ||
| 293 | #endif | ||
| 287 | packet_disconnect(AUTH_FAIL_MSG, authctxt->user); | 294 | packet_disconnect(AUTH_FAIL_MSG, authctxt->user); |
| 295 | } | ||
| 288 | 296 | ||
| 289 | packet_start(SSH_SMSG_FAILURE); | 297 | packet_start(SSH_SMSG_FAILURE); |
| 290 | packet_send(); | 298 | packet_send(); |