diff options
Diffstat (limited to 'auth2.c')
-rw-r--r-- | auth2.c | 15 |
1 files changed, 13 insertions, 2 deletions
@@ -167,6 +167,9 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt) | |||
167 | if (options.use_pam) | 167 | if (options.use_pam) |
168 | PRIVSEP(start_pam(authctxt)); | 168 | PRIVSEP(start_pam(authctxt)); |
169 | #endif | 169 | #endif |
170 | #ifdef AUDIT_EVENTS | ||
171 | PRIVSEP(audit_event(INVALID_USER)); | ||
172 | #endif | ||
170 | } | 173 | } |
171 | setproctitle("%s%s", authctxt->valid ? user : "unknown", | 174 | setproctitle("%s%s", authctxt->valid ? user : "unknown", |
172 | use_privsep ? " [net]" : ""); | 175 | use_privsep ? " [net]" : ""); |
@@ -214,8 +217,12 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method) | |||
214 | 217 | ||
215 | /* Special handling for root */ | 218 | /* Special handling for root */ |
216 | if (authenticated && authctxt->pw->pw_uid == 0 && | 219 | if (authenticated && authctxt->pw->pw_uid == 0 && |
217 | !auth_root_allowed(method)) | 220 | !auth_root_allowed(method)) { |
218 | authenticated = 0; | 221 | authenticated = 0; |
222 | #ifdef AUDIT_EVENTS | ||
223 | PRIVSEP(audit_event(LOGIN_ROOT_DENIED)); | ||
224 | #endif | ||
225 | } | ||
219 | 226 | ||
220 | #ifdef USE_PAM | 227 | #ifdef USE_PAM |
221 | if (options.use_pam && authenticated) { | 228 | if (options.use_pam && authenticated) { |
@@ -255,8 +262,12 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method) | |||
255 | /* now we can break out */ | 262 | /* now we can break out */ |
256 | authctxt->success = 1; | 263 | authctxt->success = 1; |
257 | } else { | 264 | } else { |
258 | if (authctxt->failures++ > options.max_authtries) | 265 | if (authctxt->failures++ > options.max_authtries) { |
266 | #ifdef AUDIT_EVENTS | ||
267 | PRIVSEP(audit_event(LOGIN_EXCEED_MAXTRIES)); | ||
268 | #endif | ||
259 | packet_disconnect(AUTH_FAIL_MSG, authctxt->user); | 269 | packet_disconnect(AUTH_FAIL_MSG, authctxt->user); |
270 | } | ||
260 | methods = authmethods_get(); | 271 | methods = authmethods_get(); |
261 | packet_start(SSH2_MSG_USERAUTH_FAILURE); | 272 | packet_start(SSH2_MSG_USERAUTH_FAILURE); |
262 | packet_put_cstring(methods); | 273 | packet_put_cstring(methods); |