Attachment #932 for bug #1058

Lines 219-224 Link Here

(-)openssh-4.1p1/auth.c (+19 lines)
219	}	219	}
220	void	220	void
		221	update_trusted_badlogins(char *username)
		222	{
		223	if(iscomsec()){
		224	struct pr_passwd *pr;
		225	pr=getprpwnam((char *)username);
		226	if(!pr->uflg.fg_nlogins)
		227	pr->uflg.fg_nlogins=1;
		228	pr->ufld.fd_nlogins++;
		229	putprpwnam(username,pr);
		230	}
		231	}
		232
		233
		234	void
221	auth_log(Authctxt authctxt, int authenticated, char method, char *info)	235	auth_log(Authctxt authctxt, int authenticated, char method, char *info)
222	{	236	{
223	void (authlog) (const char fmt,...) = verbose;	237	void (authlog) (const char fmt,...) = verbose;
Lines 245-250 Link Here
245	get_remote_port(),	259	get_remote_port(),
246	info);	260	info);
		261	if(!authctxt->postponed && !authenticated && options.use_pam && strcmp(method,"
		262	ponse") && strcmp(method, "keyboard-interactive/pam"))
		263	PRIVSEP(update_trusted_badlogins(authctxt->user));
		264
		265
247	#ifdef CUSTOM_FAILED_LOGIN	266	#ifdef CUSTOM_FAILED_LOGIN
248	if (authenticated == 0 && !authctxt->postponed &&	267	if (authenticated == 0 && !authctxt->postponed &&
249	(strcmp(method, "password") == 0 \|\|	268	(strcmp(method, "password") == 0 \|\|

Lines 126-131 Link Here

(-)openssh-4.1p1/monitor.c (+14 lines)
126	int mm_answer_rsa_response(int, Buffer *);	126	int mm_answer_rsa_response(int, Buffer *);
127	int mm_answer_sesskey(int, Buffer *);	127	int mm_answer_sesskey(int, Buffer *);
128	int mm_answer_sessid(int, Buffer *);	128	int mm_answer_sessid(int, Buffer *);
		129	int mm_answer_update_trusted_badlogins(int, Buffer *);
129	#ifdef USE_PAM	130	#ifdef USE_PAM
130	int mm_answer_pam_start(int, Buffer *);	131	int mm_answer_pam_start(int, Buffer *);
Lines 210-215 Link Here
210	{MONITOR_REQ_GSSUSEROK, MON_AUTH, mm_answer_gss_userok},	211	{MONITOR_REQ_GSSUSEROK, MON_AUTH, mm_answer_gss_userok},
211	{MONITOR_REQ_GSSCHECKMIC, MON_ISAUTH, mm_answer_gss_checkmic},	212	{MONITOR_REQ_GSSCHECKMIC, MON_ISAUTH, mm_answer_gss_checkmic},
212	#endif	213	#endif
		214	{MONITOR_REQ_TRUSTED_BADLOGIN, MON_ISAUTH, mm_answer_update_trusted_badlogi
213	{0, 0, NULL}	215	{0, 0, NULL}
214	};	216	};
Lines 254-259 Link Here
254	#ifdef SSH_AUDIT_EVENTS	256	#ifdef SSH_AUDIT_EVENTS
255	{MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event},	257	{MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event},
256	#endif	258	#endif
		259	{MONITOR_REQ_TRUSTED_BADLOGIN, MON_ISAUTH, mm_answer_update_trusted_badlogi
257	{0, 0, NULL}	260	{0, 0, NULL}
258	};	261	};
Lines 1916-1918 Link Here
1916	return (authenticated);	1919	return (authenticated);
1917	}	1920	}
1918	#endif /* GSSAPI */	1921	#endif /* GSSAPI */
		1922
		1923	int
		1924	mm_answer_update_trusted_badlogins(int socket, Buffer *m)
		1925	{
		1926
		1927	update_trusted_badlogins(authctxt->user);
		1928
		1929
		1930	return (0);
		1931	}
		1932

Lines 60-65 Link Here

(-)openssh-4.1p1/monitor.h (+1 lines)
60	MONITOR_REQ_PAM_RESPOND, MONITOR_ANS_PAM_RESPOND,	60	MONITOR_REQ_PAM_RESPOND, MONITOR_ANS_PAM_RESPOND,
61	MONITOR_REQ_PAM_FREE_CTX, MONITOR_ANS_PAM_FREE_CTX,	61	MONITOR_REQ_PAM_FREE_CTX, MONITOR_ANS_PAM_FREE_CTX,
62	MONITOR_REQ_AUDIT_EVENT, MONITOR_REQ_AUDIT_COMMAND,	62	MONITOR_REQ_AUDIT_EVENT, MONITOR_REQ_AUDIT_COMMAND,
		63	MONITOR_REQ_TRUSTED_BADLOGIN,
63	MONITOR_REQ_TERM	64	MONITOR_REQ_TERM
64	};	65	};




       return (authenticated);
}
#endif /* GSSAPI */

void
mm_update_trusted_badlogins(char *username) {

        Buffer m;

        buffer_init(&m);

        mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_TRUSTED_BADLOGIN, &m);

        buffer_free(&m);
}


Lines 111-114 Link Here

(-)openssh-4.1p1/monitor_wrap.h (+2 lines)
111	void mm_zfree(struct mm_master , void );	111	void mm_zfree(struct mm_master , void );
112	void mm_init_compression(struct mm_master *);	112	void mm_init_compression(struct mm_master *);
		113	void mm_update_trusted_badlogins(char *);
		114
113	#endif /* _MM_H_ */	115	#endif /* _MM_H_ */

Return to bug 1058

Lines 1218-1220 Link Here

(-)openssh-4.1p1/monitor_wrap.c (+13 lines)
1218	return (authenticated);	1218	return (authenticated);
1219	}	1219	}
1220	#endif /* GSSAPI */	1220	#endif /* GSSAPI */
		1221
		1222	void
		1223	mm_update_trusted_badlogins(char *username) {
		1224
		1225	Buffer m;
		1226
		1227	buffer_init(&m);
		1228
		1229	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_TRUSTED_BADLOGIN, &m);
		1230
		1231	buffer_free(&m);
		1232	}
		1233