From 0acca3797d53d958d240c69a5f222f2aa8444858 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 2 Jun 2013 07:41:51 +1000 Subject: - djm@cvs.openbsd.org 2013/05/19 02:42:42 [auth.h auth.c key.c monitor.c auth-rsa.c auth2.c auth1.c key.h] Standardise logging of supplemental information during userauth. Keys and ruser is now logged in the auth success/failure message alongside the local username, remote host/port and protocol in use. Certificates contents and CA are logged too. Pushing all logging onto a single line simplifies log analysis as it is no longer necessary to relate information scattered across multiple log entries. "I like it" markus@ --- auth.h | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'auth.h') diff --git a/auth.h b/auth.h index 7ff59f1ba..a406e1393 100644 --- a/auth.h +++ b/auth.h @@ -1,4 +1,4 @@ -/* $OpenBSD: auth.h,v 1.73 2013/03/07 19:27:25 markus Exp $ */ +/* $OpenBSD: auth.h,v 1.74 2013/05/19 02:42:42 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -60,6 +60,7 @@ struct Authctxt { struct passwd *pw; /* set if 'valid' */ char *style; void *kbdintctxt; + char *info; /* Extra info for next auth_log */ void *jpake_ctx; #ifdef BSD_AUTH auth_session_t *as; @@ -121,6 +122,7 @@ int auth_rsa_key_allowed(struct passwd *, BIGNUM *, Key **); int auth_rhosts_rsa_key_allowed(struct passwd *, char *, char *, Key *); int hostbased_key_allowed(struct passwd *, const char *, char *, Key *); int user_key_allowed(struct passwd *, Key *); +void pubkey_auth_info(Authctxt *, const Key *); struct stat; int auth_secure_path(const char *, struct stat *, const char *, uid_t, @@ -148,8 +150,10 @@ void disable_forwarding(void); void do_authentication(Authctxt *); void do_authentication2(Authctxt *); -void auth_log(Authctxt *, int, int, const char *, const char *, - const char *); +void auth_info(Authctxt *authctxt, const char *, ...) + __attribute__((__format__ (printf, 2, 3))) + __attribute__((__nonnull__ (2))); +void auth_log(Authctxt *, int, int, const char *, const char *); void userauth_finish(Authctxt *, int, const char *, const char *); int auth_root_allowed(const char *); -- cgit v1.2.3