diff options
Diffstat (limited to 'auth2.c')
| -rw-r--r-- | auth2.c | 12 |
1 files changed, 9 insertions, 3 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: auth2.c,v 1.136 2016/05/02 08:49:03 djm Exp $ */ | 1 | /* $OpenBSD: auth2.c,v 1.137 2017/02/03 23:05:57 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
| 4 | * | 4 | * |
| @@ -214,6 +214,7 @@ input_service_request(int type, u_int32_t seq, void *ctxt) | |||
| 214 | static int | 214 | static int |
| 215 | input_userauth_request(int type, u_int32_t seq, void *ctxt) | 215 | input_userauth_request(int type, u_int32_t seq, void *ctxt) |
| 216 | { | 216 | { |
| 217 | struct ssh *ssh = active_state; /* XXX */ | ||
| 217 | Authctxt *authctxt = ctxt; | 218 | Authctxt *authctxt = ctxt; |
| 218 | Authmethod *m = NULL; | 219 | Authmethod *m = NULL; |
| 219 | char *user, *service, *method, *style = NULL, *role = NULL; | 220 | char *user, *service, *method, *style = NULL, *role = NULL; |
| @@ -242,9 +243,10 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt) | |||
| 242 | authctxt->user = xstrdup(user); | 243 | authctxt->user = xstrdup(user); |
| 243 | if (authctxt->pw && strcmp(service, "ssh-connection")==0) { | 244 | if (authctxt->pw && strcmp(service, "ssh-connection")==0) { |
| 244 | authctxt->valid = 1; | 245 | authctxt->valid = 1; |
| 245 | debug2("input_userauth_request: setting up authctxt for %s", user); | 246 | debug2("%s: setting up authctxt for %s", |
| 247 | __func__, user); | ||
| 246 | } else { | 248 | } else { |
| 247 | logit("input_userauth_request: invalid user %s", user); | 249 | /* Invalid user, fake password information */ |
| 248 | authctxt->pw = fakepw(); | 250 | authctxt->pw = fakepw(); |
| 249 | #ifdef SSH_AUDIT_EVENTS | 251 | #ifdef SSH_AUDIT_EVENTS |
| 250 | PRIVSEP(audit_event(SSH_INVALID_USER)); | 252 | PRIVSEP(audit_event(SSH_INVALID_USER)); |
| @@ -254,6 +256,8 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt) | |||
| 254 | if (options.use_pam) | 256 | if (options.use_pam) |
| 255 | PRIVSEP(start_pam(authctxt)); | 257 | PRIVSEP(start_pam(authctxt)); |
| 256 | #endif | 258 | #endif |
| 259 | ssh_packet_set_log_preamble(ssh, "%suser %s", | ||
| 260 | authctxt->valid ? "authenticating " : "invalid ", user); | ||
| 257 | setproctitle("%s%s", authctxt->valid ? user : "unknown", | 261 | setproctitle("%s%s", authctxt->valid ? user : "unknown", |
| 258 | use_privsep ? " [net]" : ""); | 262 | use_privsep ? " [net]" : ""); |
| 259 | authctxt->service = xstrdup(service); | 263 | authctxt->service = xstrdup(service); |
| @@ -300,6 +304,7 @@ void | |||
| 300 | userauth_finish(Authctxt *authctxt, int authenticated, const char *method, | 304 | userauth_finish(Authctxt *authctxt, int authenticated, const char *method, |
| 301 | const char *submethod) | 305 | const char *submethod) |
| 302 | { | 306 | { |
| 307 | struct ssh *ssh = active_state; /* XXX */ | ||
| 303 | char *methods; | 308 | char *methods; |
| 304 | int partial = 0; | 309 | int partial = 0; |
| 305 | 310 | ||
| @@ -361,6 +366,7 @@ userauth_finish(Authctxt *authctxt, int authenticated, const char *method, | |||
| 361 | packet_write_wait(); | 366 | packet_write_wait(); |
| 362 | /* now we can break out */ | 367 | /* now we can break out */ |
| 363 | authctxt->success = 1; | 368 | authctxt->success = 1; |
| 369 | ssh_packet_set_log_preamble(ssh, "user %s", authctxt->user); | ||
| 364 | } else { | 370 | } else { |
| 365 | 371 | ||
| 366 | /* Allow initial try of "none" auth without failure penalty */ | 372 | /* Allow initial try of "none" auth without failure penalty */ |