auth.c (301551) | auth.c (302182) |
---|---|
1/* $OpenBSD: auth.c,v 1.113 2015/08/21 03:42:19 djm Exp $ */ 2/* 3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 10 unchanged lines hidden (view full) --- 19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 */ 25 26#include "includes.h" | 1/* $OpenBSD: auth.c,v 1.113 2015/08/21 03:42:19 djm Exp $ */ 2/* 3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 10 unchanged lines hidden (view full) --- 19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 */ 25 26#include "includes.h" |
27__RCSID("$FreeBSD: head/crypto/openssh/auth.c 301551 2016-06-07 16:18:09Z lidl $"); | 27__RCSID("$FreeBSD: head/crypto/openssh/auth.c 302182 2016-06-24 23:22:42Z gjb $"); |
28 29#include <sys/types.h> 30#include <sys/stat.h> 31 32#include <netinet/in.h> 33 34#include <errno.h> 35#include <fcntl.h> --- 34 unchanged lines hidden (view full) --- 70#ifdef GSSAPI 71#include "ssh-gss.h" 72#endif 73#include "authfile.h" 74#include "monitor_wrap.h" 75#include "authfile.h" 76#include "ssherr.h" 77#include "compat.h" | 28 29#include <sys/types.h> 30#include <sys/stat.h> 31 32#include <netinet/in.h> 33 34#include <errno.h> 35#include <fcntl.h> --- 34 unchanged lines hidden (view full) --- 70#ifdef GSSAPI 71#include "ssh-gss.h" 72#endif 73#include "authfile.h" 74#include "monitor_wrap.h" 75#include "authfile.h" 76#include "ssherr.h" 77#include "compat.h" |
78#ifdef USE_BLACKLIST 79#include "blacklist_client.h" 80#endif | |
81 82/* import */ 83extern ServerOptions options; 84extern int use_privsep; 85extern Buffer loginmsg; 86extern struct passwd *privsep_pw; 87 88/* Debugging messages */ --- 215 unchanged lines hidden (view full) --- 304 submethod != NULL ? "/" : "", submethod == NULL ? "" : submethod, 305 authctxt->valid ? "" : "invalid user ", 306 authctxt->user, 307 get_remote_ipaddr(), 308 get_remote_port(), 309 compat20 ? "ssh2" : "ssh1", 310 authctxt->info != NULL ? ": " : "", 311 authctxt->info != NULL ? authctxt->info : ""); | 78 79/* import */ 80extern ServerOptions options; 81extern int use_privsep; 82extern Buffer loginmsg; 83extern struct passwd *privsep_pw; 84 85/* Debugging messages */ --- 215 unchanged lines hidden (view full) --- 301 submethod != NULL ? "/" : "", submethod == NULL ? "" : submethod, 302 authctxt->valid ? "" : "invalid user ", 303 authctxt->user, 304 get_remote_ipaddr(), 305 get_remote_port(), 306 compat20 ? "ssh2" : "ssh1", 307 authctxt->info != NULL ? ": " : "", 308 authctxt->info != NULL ? authctxt->info : ""); |
312#ifdef USE_BLACKLIST 313 if (!authctxt->postponed) 314 blacklist_notify(!authenticated); 315#endif | |
316 free(authctxt->info); 317 authctxt->info = NULL; 318 319#ifdef CUSTOM_FAILED_LOGIN 320 if (authenticated == 0 && !authctxt->postponed && 321 (strcmp(method, "password") == 0 || 322 strncmp(method, "keyboard-interactive", 20) == 0 || 323 strcmp(method, "challenge-response") == 0)) --- 318 unchanged lines hidden (view full) --- 642 */ 643 if (pw != NULL && strcmp(user, pw->pw_name) != 0) { 644 logit("Login name %.100s does not match stored username %.100s", 645 user, pw->pw_name); 646 pw = NULL; 647 } 648#endif 649 if (pw == NULL) { | 309 free(authctxt->info); 310 authctxt->info = NULL; 311 312#ifdef CUSTOM_FAILED_LOGIN 313 if (authenticated == 0 && !authctxt->postponed && 314 (strcmp(method, "password") == 0 || 315 strncmp(method, "keyboard-interactive", 20) == 0 || 316 strcmp(method, "challenge-response") == 0)) --- 318 unchanged lines hidden (view full) --- 635 */ 636 if (pw != NULL && strcmp(user, pw->pw_name) != 0) { 637 logit("Login name %.100s does not match stored username %.100s", 638 user, pw->pw_name); 639 pw = NULL; 640 } 641#endif 642 if (pw == NULL) { |
650#ifdef USE_BLACKLIST 651 blacklist_notify(1); 652#endif | |
653 logit("Invalid user %.100s from %.100s", 654 user, get_remote_ipaddr()); 655#ifdef CUSTOM_FAILED_LOGIN 656 record_failed_login(user, 657 get_canonical_hostname(options.use_dns), "ssh"); 658#endif 659#ifdef SSH_AUDIT_EVENTS 660 audit_event(SSH_INVALID_USER); --- 126 unchanged lines hidden --- | 643 logit("Invalid user %.100s from %.100s", 644 user, get_remote_ipaddr()); 645#ifdef CUSTOM_FAILED_LOGIN 646 record_failed_login(user, 647 get_canonical_hostname(options.use_dns), "ssh"); 648#endif 649#ifdef SSH_AUDIT_EVENTS 650 audit_event(SSH_INVALID_USER); --- 126 unchanged lines hidden --- |