rpms/openssh
7
0
Fork 1
Code Issues Pull Requests Releases Activity

Do not audit passsword authentication, if handled by PAM

Browse Source 
and avoid auditing none auth method (not acually a method)
This commit is contained in:
Jakub Jelen 2018-01-22 12:21:00 +01:00
parent 9b05c6d476
commit 6996c6f503
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
openssh-7.6p1-audit.patch
View File

@ -518,7 +518,7 @@ diff -up openssh-7.6p1/audit-linux.c.audit openssh-7.6p1/audit-linux.c
} }
void void
@@ -102,25 +231,154 @@ audit_event(ssh_audit_event_t event) @@ -102,25 +231,155 @@ audit_event(ssh_audit_event_t event)
struct ssh *ssh = active_state; /* XXX */ struct ssh *ssh = active_state; /* XXX */
switch(event) { switch(event) {
@ -532,9 +532,11 @@ diff -up openssh-7.6p1/audit-linux.c.audit openssh-7.6p1/audit-linux.c
+ linux_audit_user_logxxx(-1, audit_username(), + linux_audit_user_logxxx(-1, audit_username(),
+ ssh_remote_ipaddr(ssh), "ssh", 0, AUDIT_USER_LOGIN); + ssh_remote_ipaddr(ssh), "ssh", 0, AUDIT_USER_LOGIN);
break; break;
+ case SSH_LOGIN_EXCEED_MAXTRIES: - case SSH_AUTH_FAIL_NONE:
case SSH_AUTH_FAIL_NONE:
case SSH_AUTH_FAIL_PASSWD: case SSH_AUTH_FAIL_PASSWD:
+ if (options.use_pam)
+ break;
+ case SSH_LOGIN_EXCEED_MAXTRIES:
case SSH_AUTH_FAIL_KBDINT: case SSH_AUTH_FAIL_KBDINT:
case SSH_AUTH_FAIL_PUBKEY: case SSH_AUTH_FAIL_PUBKEY:
case SSH_AUTH_FAIL_HOSTBASED: case SSH_AUTH_FAIL_HOSTBASED: