- (dtucker) [Makefile.in auth.c auth.h auth1.c auth2.c loginrec.c monitor.c

monitor.h monitor_wrap.c monitor_wrap.h session.c sshd.c] Bug #125: (first stage) Add audit instrumentation to sshd, currently disabled by default. with suggestions from and djm@
author: Darren Tucker <dtucker@zip.com.au> 2005-02-03 00:20:53 +1100
committer: Darren Tucker <dtucker@zip.com.au> 2005-02-03 00:20:53 +1100
commit: 269a1ea1c80a855d1eb74fccba6dd5c75947c5d2 (patch)
tree: 2c3ece8547de7552c4c78337607a1a387decd797 /auth1.c
parent: 2fba993080eba14e339d6a6666ee79580ee20f97 (diff)
1 files changed, 10 insertions, 2 deletions
diff --git a/auth1.c b/auth1.c
index 2a9d18b9..aeb5d8cb 100644
--- a/auth1.c
+++ b/auth1.c
@@ -247,8 +247,12 @@ do_authloop(Authctxt *authctxt)
 #else
 		/* Special handling for root */
 		if (authenticated && authctxt->pw->pw_uid == 0 &&
-		    !auth_root_allowed(get_authname(type)))
+		    !auth_root_allowed(get_authname(type))) {
 			authenticated = 0;
+# ifdef AUDIT_EVENTS
+			PRIVSEP(audit_event(LOGIN_ROOT_DENIED));
+# endif
+		}
 #endif
 
 #ifdef USE_PAM
@@ -283,8 +287,12 @@ do_authloop(Authctxt *authctxt)
 		if (authenticated)
 			return;
 
-		if (authctxt->failures++ > options.max_authtries)
+		if (authctxt->failures++ > options.max_authtries) {
+#ifdef AUDIT_EVENTS
+			PRIVSEP(audit_event(LOGIN_EXCEED_MAXTRIES));
+#endif
 			packet_disconnect(AUTH_FAIL_MSG, authctxt->user);
+		}
 
 		packet_start(SSH_SMSG_FAILURE);
 		packet_send();
author	Darren Tucker <dtucker@zip.com.au>	2005-02-03 00:20:53 +1100
committer	Darren Tucker <dtucker@zip.com.au>	2005-02-03 00:20:53 +1100
commit	269a1ea1c80a855d1eb74fccba6dd5c75947c5d2 (patch)
tree	2c3ece8547de7552c4c78337607a1a387decd797 /auth1.c
parent	2fba993080eba14e339d6a6666ee79580ee20f97 (diff)