diff options
| author | Darren Tucker <dtucker@zip.com.au> | 2004-04-18 11:00:26 +1000 |
|---|---|---|
| committer | Darren Tucker <dtucker@zip.com.au> | 2004-04-18 11:00:26 +1000 |
| commit | 2a9bf4b3d3fd0dfef74eed568152b71348fbbda6 (patch) | |
| tree | 6bb98f9f4d3b555612efe0a01c3796f28566ea6b | |
| parent | fe6d5aa54b8c832b6c0f06c94a21a2b48c34cc06 (diff) | |
- (dtucker) [auth-pam.c] Log username and source host for failed PAM
authentication attempts. With & ok djm@
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | auth-pam.c | 9 |
2 files changed, 11 insertions, 4 deletions
@@ -1,3 +1,7 @@ +20040418 + - (dtucker) [auth-pam.c] Log username and source host for failed PAM + authentication attempts. With & ok djm@ + 20040416 - (dtucker) [regress/sftp-cmds.sh] Skip quoting test on Cygwin, since FAT/NTFS does not permit quotes in filenames. From vinschen at redhat.com @@ -975,4 +979,4 @@ - (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu -$Id: ChangeLog,v 1.3314 2004/04/17 03:03:07 tim Exp $ +$Id: ChangeLog,v 1.3315 2004/04/18 01:00:26 dtucker Exp $ @@ -31,7 +31,7 @@ /* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */ #include "includes.h" -RCSID("$Id: auth-pam.c,v 1.99 2004/03/30 10:57:57 dtucker Exp $"); +RCSID("$Id: auth-pam.c,v 1.100 2004/04/18 01:00:26 dtucker Exp $"); #ifdef USE_PAM #if defined(HAVE_SECURITY_PAM_APPL_H) @@ -58,6 +58,7 @@ RCSID("$Id: auth-pam.c,v 1.99 2004/03/30 10:57:57 dtucker Exp $"); extern ServerOptions options; extern Buffer loginmsg; extern int compat20; +extern u_int utmp_len; #ifdef USE_POSIX_THREADS #include <pthread.h> @@ -453,7 +454,6 @@ sshpam_cleanup(void) static int sshpam_init(Authctxt *authctxt) { - extern u_int utmp_len; extern char *__progname; const char *pam_rhost, *pam_user, *user = authctxt->user; @@ -599,7 +599,10 @@ sshpam_query(void *ctx, char **name, char **info, xfree(msg); return (0); } - error("PAM: %s", msg); + error("PAM: %s for %s%.100s from %.100s", msg, + sshpam_authctxt->valid ? "" : "illegal user ", + sshpam_authctxt->user, + get_remote_name_or_ip(utmp_len, options.use_dns)); /* FALLTHROUGH */ default: *num = 0; |