diff options
author | Darren Tucker <dtucker@zip.com.au> | 2005-02-03 00:20:53 +1100 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2005-02-03 00:20:53 +1100 |
commit | 269a1ea1c80a855d1eb74fccba6dd5c75947c5d2 (patch) | |
tree | 2c3ece8547de7552c4c78337607a1a387decd797 /auth1.c | |
parent | 2fba993080eba14e339d6a6666ee79580ee20f97 (diff) |
- (dtucker) [Makefile.in auth.c auth.h auth1.c auth2.c loginrec.c monitor.c
monitor.h monitor_wrap.c monitor_wrap.h session.c sshd.c] Bug #125:
(first stage) Add audit instrumentation to sshd, currently disabled by
default. with suggestions from and djm@
Diffstat (limited to 'auth1.c')
-rw-r--r-- | auth1.c | 12 |
1 files changed, 10 insertions, 2 deletions
@@ -247,8 +247,12 @@ do_authloop(Authctxt *authctxt) #else /* Special handling for root */ if (authenticated && authctxt->pw->pw_uid == 0 && - !auth_root_allowed(get_authname(type))) + !auth_root_allowed(get_authname(type))) { authenticated = 0; +# ifdef AUDIT_EVENTS + PRIVSEP(audit_event(LOGIN_ROOT_DENIED)); +# endif + } #endif #ifdef USE_PAM @@ -283,8 +287,12 @@ do_authloop(Authctxt *authctxt) if (authenticated) return; - if (authctxt->failures++ > options.max_authtries) + if (authctxt->failures++ > options.max_authtries) { +#ifdef AUDIT_EVENTS + PRIVSEP(audit_event(LOGIN_EXCEED_MAXTRIES)); +#endif packet_disconnect(AUTH_FAIL_MSG, authctxt->user); + } packet_start(SSH_SMSG_FAILURE); packet_send(); |