1/* $OpenBSD: auth.c,v 1.113 2015/08/21 03:42:19 djm Exp $ */
2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
--- 10 unchanged lines hidden (view full) ---
19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24 */
25
26#include "includes.h"
27__RCSID("$FreeBSD: head/crypto/openssh/auth.c 301551 2016-06-07 16:18:09Z lidl $");
28
29#include <sys/types.h>
30#include <sys/stat.h>
31
32#include <netinet/in.h>
33
34#include <errno.h>
35#include <fcntl.h>
--- 34 unchanged lines hidden (view full) ---
70#ifdef GSSAPI
71#include "ssh-gss.h"
72#endif
73#include "authfile.h"
74#include "monitor_wrap.h"
75#include "authfile.h"
76#include "ssherr.h"
77#include "compat.h"
78#ifdef USE_BLACKLIST
79#include "blacklist_client.h"
80#endif
81
82/* import */
83extern ServerOptions options;
84extern int use_privsep;
85extern Buffer loginmsg;
86extern struct passwd *privsep_pw;
87
88/* Debugging messages */
--- 215 unchanged lines hidden (view full) ---
304 submethod != NULL ? "/" : "", submethod == NULL ? "" : submethod,
305 authctxt->valid ? "" : "invalid user ",
306 authctxt->user,
307 get_remote_ipaddr(),
308 get_remote_port(),
309 compat20 ? "ssh2" : "ssh1",
310 authctxt->info != NULL ? ": " : "",
311 authctxt->info != NULL ? authctxt->info : "");
312#ifdef USE_BLACKLIST
313 if (!authctxt->postponed)
314 blacklist_notify(!authenticated);
315#endif
316 free(authctxt->info);
317 authctxt->info = NULL;
318
319#ifdef CUSTOM_FAILED_LOGIN
320 if (authenticated == 0 && !authctxt->postponed &&
321 (strcmp(method, "password") == 0 ||
322 strncmp(method, "keyboard-interactive", 20) == 0 ||
323 strcmp(method, "challenge-response") == 0))
--- 318 unchanged lines hidden (view full) ---
642 */
643 if (pw != NULL && strcmp(user, pw->pw_name) != 0) {
644 logit("Login name %.100s does not match stored username %.100s",
645 user, pw->pw_name);
646 pw = NULL;
647 }
648#endif
649 if (pw == NULL) {
650#ifdef USE_BLACKLIST
651 blacklist_notify(1);
652#endif
653 logit("Invalid user %.100s from %.100s",
654 user, get_remote_ipaddr());
655#ifdef CUSTOM_FAILED_LOGIN
656 record_failed_login(user,
657 get_canonical_hostname(options.use_dns), "ssh");
658#endif
659#ifdef SSH_AUDIT_EVENTS
660 audit_event(SSH_INVALID_USER);
--- 126 unchanged lines hidden ---
2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
--- 10 unchanged lines hidden (view full) ---
19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24 */
25
26#include "includes.h"
27__RCSID("$FreeBSD: head/crypto/openssh/auth.c 301551 2016-06-07 16:18:09Z lidl $");
28
29#include <sys/types.h>
30#include <sys/stat.h>
31
32#include <netinet/in.h>
33
34#include <errno.h>
35#include <fcntl.h>
--- 34 unchanged lines hidden (view full) ---
70#ifdef GSSAPI
71#include "ssh-gss.h"
72#endif
73#include "authfile.h"
74#include "monitor_wrap.h"
75#include "authfile.h"
76#include "ssherr.h"
77#include "compat.h"
78#ifdef USE_BLACKLIST
79#include "blacklist_client.h"
80#endif
81
82/* import */
83extern ServerOptions options;
84extern int use_privsep;
85extern Buffer loginmsg;
86extern struct passwd *privsep_pw;
87
88/* Debugging messages */
--- 215 unchanged lines hidden (view full) ---
304 submethod != NULL ? "/" : "", submethod == NULL ? "" : submethod,
305 authctxt->valid ? "" : "invalid user ",
306 authctxt->user,
307 get_remote_ipaddr(),
308 get_remote_port(),
309 compat20 ? "ssh2" : "ssh1",
310 authctxt->info != NULL ? ": " : "",
311 authctxt->info != NULL ? authctxt->info : "");
312#ifdef USE_BLACKLIST
313 if (!authctxt->postponed)
314 blacklist_notify(!authenticated);
315#endif
316 free(authctxt->info);
317 authctxt->info = NULL;
318
319#ifdef CUSTOM_FAILED_LOGIN
320 if (authenticated == 0 && !authctxt->postponed &&
321 (strcmp(method, "password") == 0 ||
322 strncmp(method, "keyboard-interactive", 20) == 0 ||
323 strcmp(method, "challenge-response") == 0))
--- 318 unchanged lines hidden (view full) ---
642 */
643 if (pw != NULL && strcmp(user, pw->pw_name) != 0) {
644 logit("Login name %.100s does not match stored username %.100s",
645 user, pw->pw_name);
646 pw = NULL;
647 }
648#endif
649 if (pw == NULL) {
650#ifdef USE_BLACKLIST
651 blacklist_notify(1);
652#endif
653 logit("Invalid user %.100s from %.100s",
654 user, get_remote_ipaddr());
655#ifdef CUSTOM_FAILED_LOGIN
656 record_failed_login(user,
657 get_canonical_hostname(options.use_dns), "ssh");
658#endif
659#ifdef SSH_AUDIT_EVENTS
660 audit_event(SSH_INVALID_USER);
--- 126 unchanged lines hidden ---