Attachment 936 Details for Bug 1058 – Updated patch on protected password database for bad login

[patch] Updated patch on protected password database for bad login

maxbadlogin.patch (text/plain), 4.17 KB, created by senthilkumar on 2005-07-05 22:32:42 AEST

(hide)

Description:

Filename:

MIME Type:

Creator: senthilkumar

Created: 2005-07-05 22:32:42 AEST

Size: 4.17 KB

patch

obsolete

>diff -Nur openssh-4.1p1/auth.c openssh-4.1p1-maxbadlogin/auth.c
>--- openssh-4.1p1/auth.c        2005-03-14 17:47:27.000000000 +0530
>+++ openssh-4.1p1-maxbadlogin/auth.c    2005-06-30 11:32:05.000000000 +0530
>@@ -219,6 +219,23 @@
> }
>
> void
>+update_trusted_badlogins(char *username)
>+{
>+if(iscomsec()){
>+                struct pr_passwd *pr,*putpr;
>+                pr=getprpwnam((char *)username);
>+                putpr=pr;
>+                if(putpr != NULL) {
>+                       if(!putpr->uflg.fg_nlogins)
>+                               putpr->uflg.fg_nlogins=1;
>+                putpr->ufld.fd_nlogins++;
>+                putprpwnam(username,putpr);
>+               }
>+        }
>+}
>+
>+
>+void
> auth_log(Authctxt *authctxt, int authenticated, char *method, char *info)
> {
>        void (*authlog) (const char *fmt,...) = verbose;
>@@ -245,6 +262,7 @@
>            get_remote_port(),
>            info);
>
>+
> #ifdef CUSTOM_FAILED_LOGIN
>        if (authenticated == 0 && !authctxt->postponed &&
>            (strcmp(method, "password") == 0 ||
>@@ -252,6 +270,9 @@
>            strcmp(method, "challenge-response") == 0))
>                record_failed_login(authctxt->user,
>                    get_canonical_hostname(options.use_dns), "ssh");
>+       else
>+          if (authenticated == 0 && !authctxt->postponed && options.use_pam && strcmp(method, "none"))
>+               PRIVSEP(update_trusted_badlogins(authctxt->user));
> #endif
> #ifdef SSH_AUDIT_EVENTS
>        if (authenticated == 0 && !authctxt->postponed) {
>diff -Nur openssh-4.1p1/monitor.c openssh-4.1p1-maxbadlogin/monitor.c
>--- openssh-4.1p1/monitor.c     2005-04-03 08:14:23.000000000 +0530
>+++ openssh-4.1p1-maxbadlogin/monitor.c 2005-06-29 11:23:24.000000000 +0530
>@@ -126,6 +126,7 @@
> int mm_answer_rsa_response(int, Buffer *);
> int mm_answer_sesskey(int, Buffer *);
> int mm_answer_sessid(int, Buffer *);
>+int mm_answer_update_trusted_badlogins(int, Buffer *);
>
> #ifdef USE_PAM
> int mm_answer_pam_start(int, Buffer *);
>@@ -210,6 +211,7 @@
>     {MONITOR_REQ_GSSUSEROK, MON_AUTH, mm_answer_gss_userok},
>     {MONITOR_REQ_GSSCHECKMIC, MON_ISAUTH, mm_answer_gss_checkmic},
> #endif
>+    {MONITOR_REQ_TRUSTED_BADLOGIN, MON_ISAUTH, mm_answer_update_trusted_badlogins},
>     {0, 0, NULL}
> };
>
>@@ -254,6 +256,7 @@
> #ifdef SSH_AUDIT_EVENTS
>     {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event},
> #endif
>+    {MONITOR_REQ_TRUSTED_BADLOGIN, MON_ISAUTH, mm_answer_update_trusted_badlogins},
>     {0, 0, NULL}
> };
>
>@@ -1916,3 +1919,14 @@
>        return (authenticated);
> }
> #endif /* GSSAPI */
>+
>+int
>+mm_answer_update_trusted_badlogins(int socket, Buffer *m)
>+{
>+
>+       update_trusted_badlogins(authctxt->user);
>+
>+
>+        return (0);
>+}
>+
>diff -Nur openssh-4.1p1/monitor.h openssh-4.1p1-maxbadlogin/monitor.h
>--- openssh-4.1p1/monitor.h     2005-02-02 18:50:53.000000000 +0530
>+++ openssh-4.1p1-maxbadlogin/monitor.h 2005-06-29 11:31:04.000000000 +0530
>@@ -60,6 +60,7 @@
>        MONITOR_REQ_PAM_RESPOND, MONITOR_ANS_PAM_RESPOND,
>        MONITOR_REQ_PAM_FREE_CTX, MONITOR_ANS_PAM_FREE_CTX,
>        MONITOR_REQ_AUDIT_EVENT, MONITOR_REQ_AUDIT_COMMAND,
>+       MONITOR_REQ_TRUSTED_BADLOGIN,
>        MONITOR_REQ_TERM
> };
>
>diff -Nur openssh-4.1p1/monitor_wrap.c openssh-4.1p1-maxbadlogin/monitor_wrap.c
>--- openssh-4.1p1/monitor_wrap.c        2005-02-08 16:22:48.000000000 +0530
>+++ openssh-4.1p1-maxbadlogin/monitor_wrap.c    2005-06-29 11:30:17.000000000 +0530
>@@ -1218,3 +1218,16 @@
>        return (authenticated);
> }
> #endif /* GSSAPI */
>+
>+void
>+mm_update_trusted_badlogins(char *username) {
>+
>+        Buffer m;
>+
>+        buffer_init(&m);
>+
>+        mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_TRUSTED_BADLOGIN, &m);
>+
>+        buffer_free(&m);
>+}
>+
>diff -Nur openssh-4.1p1/monitor_wrap.h openssh-4.1p1-maxbadlogin/monitor_wrap.h
>--- openssh-4.1p1/monitor_wrap.h        2005-02-08 16:22:48.000000000 +0530
>+++ openssh-4.1p1-maxbadlogin/monitor_wrap.h    2005-06-29 11:20:54.000000000 +0530
>@@ -111,4 +111,6 @@
> void mm_zfree(struct mm_master *, void *);
> void mm_init_compression(struct mm_master *);
>
>+void mm_update_trusted_badlogins(char *);
>+
> #endif /* _MM_H_ */

Actions: View | Diff

Attachments on bug 1058: 932 | 936