Bugzilla – Attachment 2449 Details for
Bug 2199
"Too many authentication failures for root" does not log IP
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Log authentication tries exceeded in similar format to success/failure
auth-exceeded.diff (text/plain), 2.06 KB, created by
Damien Miller
on 2014-07-03 14:05:30 AEST
(
hide
)
Description:
Log authentication tries exceeded in similar format to success/failure
Filename:
MIME Type:
Creator:
Damien Miller
Created:
2014-07-03 14:05:30 AEST
Size:
2.06 KB
patch
obsolete
>diff --git auth.c auth.c >index 72b88c2..eaf333d 100644 >--- auth.c >+++ auth.c >@@ -236,6 +236,19 @@ auth_log(Authctxt *authctxt, int authenticated, int partial, > authctxt->info = NULL; > } > >+void >+auth_maxtries_exceeded(Authctxt *authctxt) >+{ >+ packet_disconnect("Too many authentication failures for " >+ "%s%.100s from %.200s port %d %s", >+ authctxt->valid ? "" : "invalid user ", >+ authctxt->user, >+ get_remote_ipaddr(), >+ get_remote_port(), >+ compat20 ? "ssh2" : "ssh1"); >+ /* NOTREACHED */ >+} >+ > /* > * Check whether root logins are disallowed. > */ >diff --git auth.h auth.h >index fc4374b..7cb094b 100644 >--- auth.h >+++ auth.h >@@ -133,6 +133,7 @@ void auth_info(Authctxt *authctxt, const char *, ...) > __attribute__((__format__ (printf, 2, 3))) > __attribute__((__nonnull__ (2))); > void auth_log(Authctxt *, int, int, const char *, const char *); >+void auth_maxtries_exceeded(Authctxt *) __attribute__((noreturn)); > void userauth_finish(Authctxt *, int, const char *, const char *); > int auth_root_allowed(const char *); > >@@ -184,6 +185,4 @@ void auth_debug_reset(void); > > struct passwd *fakepw(void); > >-#define AUTH_FAIL_MSG "Too many authentication failures for %.100s" >- > #endif >diff --git auth1.c auth1.c >index 6d01c52..d116b55 100644 >--- auth1.c >+++ auth1.c >@@ -297,7 +297,7 @@ do_authloop(Authctxt *authctxt) > return; > > if (++authctxt->failures >= options.max_authtries) >- packet_disconnect(AUTH_FAIL_MSG, authctxt->user); >+ auth_maxtries_exceeded(authctxt); > > packet_start(SSH_SMSG_FAILURE); > packet_send(); >diff --git auth2.c auth2.c >index 72321dc..3b26305 100644 >--- auth2.c >+++ auth2.c >@@ -312,7 +312,7 @@ userauth_finish(Authctxt *authctxt, int authenticated, const char *method, > (authctxt->attempt > 1 || strcmp(method, "none") != 0)) > authctxt->failures++; > if (authctxt->failures >= options.max_authtries) >- packet_disconnect(AUTH_FAIL_MSG, authctxt->user); >+ auth_maxtries_exceeded(authctxt); > methods = authmethods_get(authctxt); > debug3("%s: failure partial=%d next methods=\"%s\"", __func__, > partial, methods);
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=2449">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Flags:
dtucker
:
ok+
Actions:
View
|
Diff
Attachments on
bug 2199
: 2449