Attachment #862 for bug #974

Line Link Here

(-)file_not_specified_in_diff (-7 / +13 lines)
0	-- openssh-4.0p1/auth.c 2005-02-15 16:15:57.000000000 +0530	0	++ openssh-4.0p1-btmp/auth.c 2005-03-31 11:03:32.000000000 +0530
Lines 245-256 Link Here
245	info);	245	info);
246	#ifdef CUSTOM_FAILED_LOGIN	246	#ifdef CUSTOM_FAILED_LOGIN
247	if (authenticated == 0 && !authctxt->postponed &&	247	if (authenticated == 0 && !authctxt->postponed && strcmp(method,"none"))
248	(strcmp(method, "password") == 0 \|\|	248	{
249	strncmp(method, "keyboard-interactive", 20) == 0 \|\|	249	debug("Entering record_failed_login uid %d ", getuid());
250	strcmp(method, "challenge-response") == 0))	250	if(!strcmp(method,"publickey") \|\| !strcmp(method,"gssapi-with-mic") \|\| !strcmp(method,"gssapi") \|\| !strcmp(method,"hostbased")) {
251	record_failed_login(authctxt->user,	251	PRIVSEP(record_failed_login(authctxt->user,
252	get_canonical_hostname(options.use_dns), "ssh");	252	get_canonical_hostname(options.use_dns), "ssh"));
		253	}
		254	else if (getuid()==0){
		255	record_failed_login(authctxt->user,
		256	get_canonical_hostname(options.use_dns), "ssh");
		257	}
		258	}
253	#endif	259	#endif
254	#ifdef SSH_AUDIT_EVENTS	260	#ifdef SSH_AUDIT_EVENTS
255	if (authenticated == 0 && !authctxt->postponed) {	261	if (authenticated == 0 && !authctxt->postponed) {

Lines 127-132 Link Here

(-)openssh-4.0p1/monitor.c (+11 lines)
127	int mm_answer_sesskey(int, Buffer *);	127	int mm_answer_sesskey(int, Buffer *);
128	int mm_answer_sessid(int, Buffer *);	128	int mm_answer_sessid(int, Buffer *);
		129	int mm_answer_record_failed_login(int, Buffer *);
		130
129	#ifdef USE_PAM	131	#ifdef USE_PAM
130	int mm_answer_pam_start(int, Buffer *);	132	int mm_answer_pam_start(int, Buffer *);
131	int mm_answer_pam_account(int, Buffer *);	133	int mm_answer_pam_account(int, Buffer *);
Lines 210-215 Link Here
210	{MONITOR_REQ_GSSUSEROK, MON_AUTH, mm_answer_gss_userok},	212	{MONITOR_REQ_GSSUSEROK, MON_AUTH, mm_answer_gss_userok},
211	{MONITOR_REQ_GSSCHECKMIC, MON_ISAUTH, mm_answer_gss_checkmic},	213	{MONITOR_REQ_GSSCHECKMIC, MON_ISAUTH, mm_answer_gss_checkmic},
212	#endif	214	#endif
		215	{MONITOR_REQ_BADLOGIN, MON_ISAUTH, mm_answer_record_failed_login},
213	{0, 0, NULL}	216	{0, 0, NULL}
214	};	217	};
Lines 254-259 Link Here
254	#ifdef SSH_AUDIT_EVENTS	257	#ifdef SSH_AUDIT_EVENTS
255	{MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event},	258	{MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event},
256	#endif	259	#endif
		260	{MONITOR_REQ_BADLOGIN , MON_ISAUTH , mm_answer_record_failed_login},
257	{0, 0, NULL}	261	{0, 0, NULL}
258	};	262	};
Lines 1916-1918 Link Here
1916	return (authenticated);	1920	return (authenticated);
1917	}	1921	}
1918	#endif /* GSSAPI */	1922	#endif /* GSSAPI */
		1923
		1924	int
		1925	mm_answer_record_failed_login(int socket, Buffer *m)
		1926	{
		1927	record_failed_login(authctxt->user,get_canonical_hostname(options.use_dns), "ssh");
		1928	}
		1929

Lines 59-64 Link Here

(-)openssh-4.0p1/monitor.h (+1 lines)
59	MONITOR_REQ_PAM_QUERY, MONITOR_ANS_PAM_QUERY,	59	MONITOR_REQ_PAM_QUERY, MONITOR_ANS_PAM_QUERY,
60	MONITOR_REQ_PAM_RESPOND, MONITOR_ANS_PAM_RESPOND,	60	MONITOR_REQ_PAM_RESPOND, MONITOR_ANS_PAM_RESPOND,
61	MONITOR_REQ_PAM_FREE_CTX, MONITOR_ANS_PAM_FREE_CTX,	61	MONITOR_REQ_PAM_FREE_CTX, MONITOR_ANS_PAM_FREE_CTX,
		62	MONITOR_REQ_BADLOGIN,
62	MONITOR_REQ_AUDIT_EVENT, MONITOR_REQ_AUDIT_COMMAND,	63	MONITOR_REQ_AUDIT_EVENT, MONITOR_REQ_AUDIT_COMMAND,
63	MONITOR_REQ_TERM	64	MONITOR_REQ_TERM
64	};	65	};




       return (authenticated);
}
#endif /* GSSAPI */

void
mm_record_failed_login(const char *username, const char *hostname, const char *service)
{
       Buffer m;
       buffer_init(&m);

       mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_BADLOGIN, &m);

       buffer_free(&m);
}


Lines 111-114 Link Here

(-)openssh-4.0p1/monitor_wrap.h (+1 lines)
111	void mm_zfree(struct mm_master , void );	111	void mm_zfree(struct mm_master , void );
112	void mm_init_compression(struct mm_master *);	112	void mm_init_compression(struct mm_master *);
		113	void mm_record_failed_login(const char , const char , const char *);
113	#endif /* _MM_H_ */	114	#endif /* _MM_H_ */

Return to bug 974

Lines 1218-1220 Link Here

(-)openssh-4.0p1/monitor_wrap.c (+12 lines)
1218	return (authenticated);	1218	return (authenticated);
1219	}	1219	}
1220	#endif /* GSSAPI */	1220	#endif /* GSSAPI */
		1221
		1222	void
		1223	mm_record_failed_login(const char username, const char hostname, const char *service)
		1224	{
		1225	Buffer m;
		1226	buffer_init(&m);
		1227
		1228	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_BADLOGIN, &m);
		1229
		1230	buffer_free(&m);
		1231	}
		1232