diff --git a/openssh-5.8p1-audit1a.patch b/openssh-5.8p1-audit1a.patch index e69de29..db0940b 100644 --- a/openssh-5.8p1-audit1a.patch +++ b/openssh-5.8p1-audit1a.patch @@ -0,0 +1,15 @@ +diff -up openssh-5.8p1/audit-linux.c.audit1a openssh-5.8p1/audit-linux.c +--- openssh-5.8p1/audit-linux.c.audit1a 2011-02-22 14:42:30.000000000 +0100 ++++ openssh-5.8p1/audit-linux.c 2011-02-22 14:47:03.000000000 +0100 +@@ -199,6 +199,11 @@ audit_event(ssh_audit_event_t event) + break; + + case SSH_CONNECTION_CLOSE: ++ if (user_login_count) ++ linux_audit_user_logxxx(the_authctxt->pw->pw_uid, NULL, get_remote_name_or_ip(utmp_len, options.use_dns), ++ NULL, "ssh", 1, AUDIT_USER_LOGOUT); ++ break; ++ + case SSH_CONNECTION_ABANDON: + case SSH_INVALID_USER: + linux_audit_user_logxxx(-1, audit_username(), NULL, diff --git a/openssh-5.8p1-audit2.patch b/openssh-5.8p1-audit2.patch index e3b003c..ba0b204 100644 --- a/openssh-5.8p1-audit2.patch +++ b/openssh-5.8p1-audit2.patch @@ -1,6 +1,6 @@ diff -up openssh-5.8p1/audit-bsm.c.audit2 openssh-5.8p1/audit-bsm.c --- openssh-5.8p1/audit-bsm.c.audit2 2011-01-17 11:15:29.000000000 +0100 -+++ openssh-5.8p1/audit-bsm.c 2011-02-21 20:04:37.000000000 +0100 ++++ openssh-5.8p1/audit-bsm.c 2011-02-22 14:04:27.000000000 +0100 @@ -316,6 +316,12 @@ audit_session_close(struct logininfo *li /* not implemented */ } @@ -16,7 +16,7 @@ diff -up openssh-5.8p1/audit-bsm.c.audit2 openssh-5.8p1/audit-bsm.c { diff -up openssh-5.8p1/audit.c.audit2 openssh-5.8p1/audit.c --- openssh-5.8p1/audit.c.audit2 2011-01-17 11:15:30.000000000 +0100 -+++ openssh-5.8p1/audit.c 2011-02-21 20:04:37.000000000 +0100 ++++ openssh-5.8p1/audit.c 2011-02-22 14:04:27.000000000 +0100 @@ -36,6 +36,7 @@ #include "key.h" #include "hostfile.h" @@ -68,7 +68,7 @@ diff -up openssh-5.8p1/audit.c.audit2 openssh-5.8p1/audit.c #endif /* SSH_AUDIT_EVENTS */ diff -up openssh-5.8p1/audit.h.audit2 openssh-5.8p1/audit.h --- openssh-5.8p1/audit.h.audit2 2011-01-17 11:15:30.000000000 +0100 -+++ openssh-5.8p1/audit.h 2011-02-21 20:04:37.000000000 +0100 ++++ openssh-5.8p1/audit.h 2011-02-22 14:04:27.000000000 +0100 @@ -28,6 +28,7 @@ # define _SSH_AUDIT_H @@ -86,8 +86,8 @@ diff -up openssh-5.8p1/audit.h.audit2 openssh-5.8p1/audit.h #endif /* _SSH_AUDIT_H */ diff -up openssh-5.8p1/audit-linux.c.audit2 openssh-5.8p1/audit-linux.c ---- openssh-5.8p1/audit-linux.c.audit2 2011-02-21 20:04:37.000000000 +0100 -+++ openssh-5.8p1/audit-linux.c 2011-02-21 20:04:37.000000000 +0100 +--- openssh-5.8p1/audit-linux.c.audit2 2011-02-22 14:04:27.000000000 +0100 ++++ openssh-5.8p1/audit-linux.c 2011-02-22 14:05:28.000000000 +0100 @@ -41,6 +41,8 @@ #include "servconf.h" #include "canohost.h" @@ -137,7 +137,7 @@ diff -up openssh-5.8p1/audit-linux.c.audit2 openssh-5.8p1/audit-linux.c /* Below is the sshd audit API code */ diff -up openssh-5.8p1/auth2-hostbased.c.audit2 openssh-5.8p1/auth2-hostbased.c --- openssh-5.8p1/auth2-hostbased.c.audit2 2010-08-05 05:04:50.000000000 +0200 -+++ openssh-5.8p1/auth2-hostbased.c 2011-02-21 20:04:37.000000000 +0100 ++++ openssh-5.8p1/auth2-hostbased.c 2011-02-22 14:04:27.000000000 +0100 @@ -136,6 +136,18 @@ done: return authenticated; } @@ -159,7 +159,7 @@ diff -up openssh-5.8p1/auth2-hostbased.c.audit2 openssh-5.8p1/auth2-hostbased.c hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost, diff -up openssh-5.8p1/auth2-pubkey.c.audit2 openssh-5.8p1/auth2-pubkey.c --- openssh-5.8p1/auth2-pubkey.c.audit2 2010-12-01 01:50:14.000000000 +0100 -+++ openssh-5.8p1/auth2-pubkey.c 2011-02-21 20:04:37.000000000 +0100 ++++ openssh-5.8p1/auth2-pubkey.c 2011-02-22 14:04:27.000000000 +0100 @@ -177,6 +177,18 @@ done: return authenticated; } @@ -181,7 +181,7 @@ diff -up openssh-5.8p1/auth2-pubkey.c.audit2 openssh-5.8p1/auth2-pubkey.c { diff -up openssh-5.8p1/auth.h.audit2 openssh-5.8p1/auth.h --- openssh-5.8p1/auth.h.audit2 2010-05-10 03:58:03.000000000 +0200 -+++ openssh-5.8p1/auth.h 2011-02-21 20:04:37.000000000 +0100 ++++ openssh-5.8p1/auth.h 2011-02-22 14:04:27.000000000 +0100 @@ -170,6 +170,7 @@ void abandon_challenge_response(Authctxt char *authorized_keys_file(struct passwd *); char *authorized_keys_file2(struct passwd *); @@ -200,7 +200,7 @@ diff -up openssh-5.8p1/auth.h.audit2 openssh-5.8p1/auth.h void auth_debug_add(const char *fmt,...) __attribute__((format(printf, 1, 2))); diff -up openssh-5.8p1/auth-rsa.c.audit2 openssh-5.8p1/auth-rsa.c --- openssh-5.8p1/auth-rsa.c.audit2 2010-12-04 23:01:47.000000000 +0100 -+++ openssh-5.8p1/auth-rsa.c 2011-02-21 20:04:37.000000000 +0100 ++++ openssh-5.8p1/auth-rsa.c 2011-02-22 14:04:27.000000000 +0100 @@ -92,7 +92,10 @@ auth_rsa_verify_response(Key *key, BIGNU { u_char buf[32], mdbuf[16]; @@ -239,7 +239,7 @@ diff -up openssh-5.8p1/auth-rsa.c.audit2 openssh-5.8p1/auth-rsa.c /* diff -up openssh-5.8p1/monitor.c.audit2 openssh-5.8p1/monitor.c --- openssh-5.8p1/monitor.c.audit2 2010-09-10 03:23:34.000000000 +0200 -+++ openssh-5.8p1/monitor.c 2011-02-21 20:04:37.000000000 +0100 ++++ openssh-5.8p1/monitor.c 2011-02-22 14:04:27.000000000 +0100 @@ -1235,7 +1235,17 @@ mm_answer_keyverify(int sock, Buffer *m) if (!valid_data) fatal("%s: bad signature data blob", __func__); diff --git a/openssh-5.8p1-wIm.patch b/openssh-5.8p1-wIm.patch index 2ae400c..34e1f28 100644 --- a/openssh-5.8p1-wIm.patch +++ b/openssh-5.8p1-wIm.patch @@ -1,17 +1,18 @@ diff -up openssh-5.8p1/log.h.wIm openssh-5.8p1/log.h --- openssh-5.8p1/log.h.wIm 2008-06-13 02:22:54.000000000 +0200 -+++ openssh-5.8p1/log.h 2011-02-17 11:41:51.000000000 +0100 -@@ -63,6 +63,7 @@ void verbose(const char *, ...) __at ++++ openssh-5.8p1/log.h 2011-02-22 09:21:58.000000000 +0100 +@@ -63,6 +63,8 @@ void verbose(const char *, ...) __at void debug(const char *, ...) __attribute__((format(printf, 1, 2))); void debug2(const char *, ...) __attribute__((format(printf, 1, 2))); void debug3(const char *, ...) __attribute__((format(printf, 1, 2))); -+void debug_wIm(const char *); ++void _debug_wIm_body(const char *, const char *); ++#define debug_wIm(a) _debug_wIm_body(a,__func__) void do_log(LogLevel, const char *, va_list); void cleanup_exit(int) __attribute__((noreturn)); diff -up openssh-5.8p1/Makefile.in.wIm openssh-5.8p1/Makefile.in --- openssh-5.8p1/Makefile.in.wIm 2011-02-04 01:42:13.000000000 +0100 -+++ openssh-5.8p1/Makefile.in 2011-02-17 11:44:05.000000000 +0100 ++++ openssh-5.8p1/Makefile.in 2011-02-22 09:20:18.000000000 +0100 @@ -71,7 +71,7 @@ LIBSSH_OBJS=acss.o authfd.o authfile.o b cipher-bf1.o cipher-ctr.o cipher-3des1.o cleanup.o \ compat.o compress.o crc32.o deattack.o fatal.o hostfile.o \ @@ -23,7 +24,7 @@ diff -up openssh-5.8p1/Makefile.in.wIm openssh-5.8p1/Makefile.in kexdh.o kexgex.o kexdhc.o kexgexc.o bufec.o kexecdh.o kexecdhc.o \ diff -up openssh-5.8p1/sshd.c.wIm openssh-5.8p1/sshd.c --- openssh-5.8p1/sshd.c.wIm 2011-01-11 07:20:31.000000000 +0100 -+++ openssh-5.8p1/sshd.c 2011-02-17 11:41:51.000000000 +0100 ++++ openssh-5.8p1/sshd.c 2011-02-22 09:20:18.000000000 +0100 @@ -139,6 +139,9 @@ int deny_severity; extern char *__progname; @@ -60,15 +61,15 @@ diff -up openssh-5.8p1/sshd.c.wIm openssh-5.8p1/sshd.c (void)set_auth_parameters(ac, av); #endif diff -up openssh-5.8p1/whereIam.c.wIm openssh-5.8p1/whereIam.c ---- openssh-5.8p1/whereIam.c.wIm 2011-02-17 11:41:51.000000000 +0100 -+++ openssh-5.8p1/whereIam.c 2011-02-17 11:41:51.000000000 +0100 +--- openssh-5.8p1/whereIam.c.wIm 2011-02-22 09:20:18.000000000 +0100 ++++ openssh-5.8p1/whereIam.c 2011-02-22 09:24:01.000000000 +0100 @@ -0,0 +1,9 @@ + +int whereIam = -1; + -+void debug_wIm(const char *txt) ++void _debug_wIm_body(const char *txt, const char *func) +{ -+ debug("%s: %s wIm = %d, euid=%d", txt, __func__, whereIam, geteuid()); ++ debug("%s: %s wIm = %d, uid=%d, euid=%d", txt, func, whereIam, getuid(), geteuid()); +} + + diff --git a/openssh.spec b/openssh.spec index 14ce2ff..f2bb20d 100644 --- a/openssh.spec +++ b/openssh.spec @@ -71,7 +71,7 @@ # Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1 %define openssh_ver 5.8p1 -%define openssh_rel 5 +%define openssh_rel 6 %define pam_ssh_agent_ver 0.9.2 %define pam_ssh_agent_rel 30 @@ -616,7 +616,7 @@ fi %endif %changelog -* Mon Feb 21 2011 Jan F. Chadima - 5.8p1-5 + 0.9.2-30 +* Tue Feb 22 2011 Jan F. Chadima - 5.8p1-6 + 0.9.2-30 - another audit improovements * Thu Feb 17 2011 Jan F. Chadima - 5.8p1-4 + 0.9.2-30