improove ssh-ldap (documentation)

This commit is contained in:
Jan F 2011-03-14 16:20:20 +01:00
parent f33c99e38b
commit b32f1200b4
4 changed files with 10 additions and 10 deletions

View File

@ -271,16 +271,16 @@ diff -up openssh-5.8p1/audit-linux.c.audit1 openssh-5.8p1/audit-linux.c
case SSH_AUTH_SUCCESS: case SSH_AUTH_SUCCESS:
- case SSH_CONNECTION_CLOSE: - case SSH_CONNECTION_CLOSE:
+ linux_audit_user_auth(-1, audit_username(), NULL, + linux_audit_user_auth(-1, audit_username(), NULL,
+ get_remote_ipaddr(), "sshd", 1, event); + get_remote_ipaddr(), "ssh", 1, event);
+ break; + break;
+ +
case SSH_NOLOGIN: case SSH_NOLOGIN:
- case SSH_LOGIN_EXCEED_MAXTRIES: - case SSH_LOGIN_EXCEED_MAXTRIES:
case SSH_LOGIN_ROOT_DENIED: case SSH_LOGIN_ROOT_DENIED:
+ linux_audit_user_auth(-1, audit_username(), NULL, + linux_audit_user_auth(-1, audit_username(), NULL,
+ get_remote_ipaddr(), "sshd", 0, event); + get_remote_ipaddr(), "ssh", 0, event);
+ linux_audit_user_logxxx(-1, audit_username(), NULL, + linux_audit_user_logxxx(-1, audit_username(), NULL,
+ get_remote_ipaddr(), "sshd", 0, AUDIT_USER_LOGIN); + get_remote_ipaddr(), "ssh", 0, AUDIT_USER_LOGIN);
break; break;
+ case SSH_LOGIN_EXCEED_MAXTRIES: + case SSH_LOGIN_EXCEED_MAXTRIES:
@ -291,7 +291,7 @@ diff -up openssh-5.8p1/audit-linux.c.audit1 openssh-5.8p1/audit-linux.c
case SSH_AUTH_FAIL_HOSTBASED: case SSH_AUTH_FAIL_HOSTBASED:
case SSH_AUTH_FAIL_GSSAPI: case SSH_AUTH_FAIL_GSSAPI:
+ linux_audit_user_auth(-1, audit_username(), NULL, + linux_audit_user_auth(-1, audit_username(), NULL,
+ get_remote_ipaddr(), "sshd", 0, event); + get_remote_ipaddr(), "ssh", 0, event);
+ break; + break;
+ +
+ case SSH_CONNECTION_CLOSE: + case SSH_CONNECTION_CLOSE:
@ -309,7 +309,7 @@ diff -up openssh-5.8p1/audit-linux.c.audit1 openssh-5.8p1/audit-linux.c
- linux_audit_record_event(-1, audit_username(), NULL, - linux_audit_record_event(-1, audit_username(), NULL,
- get_remote_ipaddr(), "sshd", 0); - get_remote_ipaddr(), "sshd", 0);
+ linux_audit_user_logxxx(-1, audit_username(), NULL, + linux_audit_user_logxxx(-1, audit_username(), NULL,
+ get_remote_ipaddr(), "sshd", 0, AUDIT_USER_LOGIN); + get_remote_ipaddr(), "ssh", 0, AUDIT_USER_LOGIN);
break; break;
default: default:

View File

@ -121,7 +121,7 @@ diff -up openssh-5.8p1/audit-linux.c.audit3 openssh-5.8p1/audit-linux.c
+ const static char *name[] = { "cipher", "mac", "comp" }; + const static char *name[] = { "cipher", "mac", "comp" };
+ int audit_fd; + int audit_fd;
+ +
+ snprintf(buf, sizeof(buf), "op=unsupported-%s direction=? cipher=? ksize=? rport=%d laddr=%s lport=%d", + snprintf(buf, sizeof(buf), "op=unsupported-%s direction=? cipher=? ksize=? rport=%d laddr=%s lport=%d ",
+ name[what], get_remote_port(), get_local_ipaddr(packet_get_connection_in()), + name[what], get_remote_port(), get_local_ipaddr(packet_get_connection_in()),
+ get_local_port()); + get_local_port());
+ audit_fd = audit_open(); + audit_fd = audit_open();
@ -144,7 +144,7 @@ diff -up openssh-5.8p1/audit-linux.c.audit3 openssh-5.8p1/audit-linux.c
+ const static char *direction[] = { "from-server", "from-client", "both" }; + const static char *direction[] = { "from-server", "from-client", "both" };
+ Cipher *cipher = cipher_by_name(enc); + Cipher *cipher = cipher_by_name(enc);
+ +
+ snprintf(buf, sizeof(buf), "op=start direction=%s cipher=%s ksize=%d spid=%jd suid=%jd rport=%d laddr=%s lport=%d", + snprintf(buf, sizeof(buf), "op=start direction=%s cipher=%s ksize=%d spid=%jd suid=%jd rport=%d laddr=%s lport=%d ",
+ direction[ctos], enc, cipher ? 8 * cipher->key_len : 0, + direction[ctos], enc, cipher ? 8 * cipher->key_len : 0,
+ (intmax_t)pid, (intmax_t)uid, + (intmax_t)pid, (intmax_t)uid,
+ get_remote_port(), get_local_ipaddr(packet_get_connection_in()), get_local_port()); + get_remote_port(), get_local_ipaddr(packet_get_connection_in()), get_local_port());

View File

@ -85,7 +85,7 @@ diff -up openssh-5.8p1/audit-linux.c.audit4 openssh-5.8p1/audit-linux.c
+ char buf[AUDIT_LOG_SIZE]; + char buf[AUDIT_LOG_SIZE];
+ int audit_fd, audit_ok; + int audit_fd, audit_ok;
+ +
+ snprintf(buf, sizeof(buf), "op=destroy kind=session fp=? direction=%s spid=%jd suid=%jd rport=%d laddr=%s lport=%d", + snprintf(buf, sizeof(buf), "op=destroy kind=session fp=? direction=%s spid=%jd suid=%jd rport=%d laddr=%s lport=%d ",
+ direction[ctos], (intmax_t)pid, (intmax_t)uid, + direction[ctos], (intmax_t)pid, (intmax_t)uid,
+ get_remote_port(), + get_remote_port(),
+ get_local_ipaddr(packet_get_connection_in()), + get_local_ipaddr(packet_get_connection_in()),

View File

@ -85,7 +85,7 @@ diff -up openssh-5.8p1/audit-linux.c.audit5 openssh-5.8p1/audit-linux.c
+ char buf[AUDIT_LOG_SIZE]; + char buf[AUDIT_LOG_SIZE];
+ int audit_fd, audit_ok; + int audit_fd, audit_ok;
+ +
+ snprintf(buf, sizeof(buf), "op=destroy kind=server fp=%s direction=? spid=%jd suid=%jd", + snprintf(buf, sizeof(buf), "op=destroy kind=server fp=%s direction=? spid=%jd suid=%jd ",
+ fp, (intmax_t)pid, (intmax_t)uid); + fp, (intmax_t)pid, (intmax_t)uid);
+ audit_fd = audit_open(); + audit_fd = audit_open();
+ if (audit_fd < 0) { + if (audit_fd < 0) {
@ -110,7 +110,7 @@ diff -up openssh-5.8p1/audit-linux.c.audit5 openssh-5.8p1/audit-linux.c
+ char buf[AUDIT_LOG_SIZE]; + char buf[AUDIT_LOG_SIZE];
+ int audit_fd, audit_ok; + int audit_fd, audit_ok;
+ +
+ snprintf(buf, sizeof(buf), "op=create kind=server fp=%s direction=?", fp); + snprintf(buf, sizeof(buf), "op=create kind=server fp=%s direction=? ", fp);
+ audit_fd = audit_open(); + audit_fd = audit_open();
+ if (audit_fd < 0) { + if (audit_fd < 0) {
+ if (errno != EINVAL && errno != EPROTONOSUPPORT && + if (errno != EINVAL && errno != EPROTONOSUPPORT &&