diff options
Diffstat (limited to 'auth2.c')
| -rw-r--r-- | auth2.c | 12 |
1 files changed, 9 insertions, 3 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: auth2.c,v 1.136 2016/05/02 08:49:03 djm Exp $ */ | 1 | /* $OpenBSD: auth2.c,v 1.137 2017/02/03 23:05:57 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
| 4 | * | 4 | * |
| @@ -212,6 +212,7 @@ input_service_request(int type, u_int32_t seq, void *ctxt) | |||
| 212 | static int | 212 | static int |
| 213 | input_userauth_request(int type, u_int32_t seq, void *ctxt) | 213 | input_userauth_request(int type, u_int32_t seq, void *ctxt) |
| 214 | { | 214 | { |
| 215 | struct ssh *ssh = active_state; /* XXX */ | ||
| 215 | Authctxt *authctxt = ctxt; | 216 | Authctxt *authctxt = ctxt; |
| 216 | Authmethod *m = NULL; | 217 | Authmethod *m = NULL; |
| 217 | char *user, *service, *method, *style = NULL; | 218 | char *user, *service, *method, *style = NULL; |
| @@ -235,9 +236,10 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt) | |||
| 235 | authctxt->user = xstrdup(user); | 236 | authctxt->user = xstrdup(user); |
| 236 | if (authctxt->pw && strcmp(service, "ssh-connection")==0) { | 237 | if (authctxt->pw && strcmp(service, "ssh-connection")==0) { |
| 237 | authctxt->valid = 1; | 238 | authctxt->valid = 1; |
| 238 | debug2("input_userauth_request: setting up authctxt for %s", user); | 239 | debug2("%s: setting up authctxt for %s", |
| 240 | __func__, user); | ||
| 239 | } else { | 241 | } else { |
| 240 | logit("input_userauth_request: invalid user %s", user); | 242 | /* Invalid user, fake password information */ |
| 241 | authctxt->pw = fakepw(); | 243 | authctxt->pw = fakepw(); |
| 242 | #ifdef SSH_AUDIT_EVENTS | 244 | #ifdef SSH_AUDIT_EVENTS |
| 243 | PRIVSEP(audit_event(SSH_INVALID_USER)); | 245 | PRIVSEP(audit_event(SSH_INVALID_USER)); |
| @@ -247,6 +249,8 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt) | |||
| 247 | if (options.use_pam) | 249 | if (options.use_pam) |
| 248 | PRIVSEP(start_pam(authctxt)); | 250 | PRIVSEP(start_pam(authctxt)); |
| 249 | #endif | 251 | #endif |
| 252 | ssh_packet_set_log_preamble(ssh, "%suser %s", | ||
| 253 | authctxt->valid ? "authenticating " : "invalid ", user); | ||
| 250 | setproctitle("%s%s", authctxt->valid ? user : "unknown", | 254 | setproctitle("%s%s", authctxt->valid ? user : "unknown", |
| 251 | use_privsep ? " [net]" : ""); | 255 | use_privsep ? " [net]" : ""); |
| 252 | authctxt->service = xstrdup(service); | 256 | authctxt->service = xstrdup(service); |
| @@ -292,6 +296,7 @@ void | |||
| 292 | userauth_finish(Authctxt *authctxt, int authenticated, const char *method, | 296 | userauth_finish(Authctxt *authctxt, int authenticated, const char *method, |
| 293 | const char *submethod) | 297 | const char *submethod) |
| 294 | { | 298 | { |
| 299 | struct ssh *ssh = active_state; /* XXX */ | ||
| 295 | char *methods; | 300 | char *methods; |
| 296 | int partial = 0; | 301 | int partial = 0; |
| 297 | 302 | ||
| @@ -353,6 +358,7 @@ userauth_finish(Authctxt *authctxt, int authenticated, const char *method, | |||
| 353 | packet_write_wait(); | 358 | packet_write_wait(); |
| 354 | /* now we can break out */ | 359 | /* now we can break out */ |
| 355 | authctxt->success = 1; | 360 | authctxt->success = 1; |
| 361 | ssh_packet_set_log_preamble(ssh, "user %s", authctxt->user); | ||
| 356 | } else { | 362 | } else { |
| 357 | 363 | ||
| 358 | /* Allow initial try of "none" auth without failure penalty */ | 364 | /* Allow initial try of "none" auth without failure penalty */ |