summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMarkus Friedl <markus@cvs.openbsd.org>1999-11-22 21:02:40 +0000
committerMarkus Friedl <markus@cvs.openbsd.org>1999-11-22 21:02:40 +0000
commite635c41f03fe35686ec48598b5ff248c2485d8bb (patch)
tree8521120e30f644f5a56001e3b3d4bc47b97bdb40
parent2632baae61bff755f455a90159bc81cffae148f0 (diff)
syslog changes:
* Unified Logmessage for all auth-types, for success and for failed * Standard connections get only ONE line in the LOG when level==LOG: Auth-attempts are logged only, if authentication is: a) successfull or b) with passwd or c) we had more than AUTH_FAIL_LOG failues * many log() became verbose() * old behaviour with level=VERBOSE
-rw-r--r--usr.bin/ssh/auth-rh-rsa.c4
-rw-r--r--usr.bin/ssh/auth-rsa.c4
-rw-r--r--usr.bin/ssh/channels.c4
-rw-r--r--usr.bin/ssh/cipher.c6
-rw-r--r--usr.bin/ssh/compat.c4
-rw-r--r--usr.bin/ssh/log-client.c4
-rw-r--r--usr.bin/ssh/log-server.c8
-rw-r--r--usr.bin/ssh/log.c8
-rw-r--r--usr.bin/ssh/packet.c8
-rw-r--r--usr.bin/ssh/scp.c28
-rw-r--r--usr.bin/ssh/serverloop.c12
-rw-r--r--usr.bin/ssh/ssh.h16
-rw-r--r--usr.bin/ssh/sshd.84
-rw-r--r--usr.bin/ssh/sshd.c166
14 files changed, 160 insertions, 116 deletions
diff --git a/usr.bin/ssh/auth-rh-rsa.c b/usr.bin/ssh/auth-rh-rsa.c
index 77d685ebd48..abc7c2d6eeb 100644
--- a/usr.bin/ssh/auth-rh-rsa.c
+++ b/usr.bin/ssh/auth-rh-rsa.c
@@ -15,7 +15,7 @@ authentication.
*/
#include "includes.h"
-RCSID("$Id: auth-rh-rsa.c,v 1.6 1999/11/15 20:53:24 markus Exp $");
+RCSID("$Id: auth-rh-rsa.c,v 1.7 1999/11/22 21:02:38 markus Exp $");
#include "packet.h"
#include "ssh.h"
@@ -96,7 +96,7 @@ int auth_rhosts_rsa(struct passwd *pw, const char *client_user,
/* We have authenticated the user using .rhosts or /etc/hosts.equiv, and
the host using RSA. We accept the authentication. */
- log("Rhosts with RSA host authentication accepted for %.100s, %.100s on %.700s.",
+ verbose("Rhosts with RSA host authentication accepted for %.100s, %.100s on %.700s.",
pw->pw_name, client_user, canonical_hostname);
packet_send_debug("Rhosts with RSA host authentication accepted.");
return 1;
diff --git a/usr.bin/ssh/auth-rsa.c b/usr.bin/ssh/auth-rsa.c
index 382ac71a717..9a59e0ffba7 100644
--- a/usr.bin/ssh/auth-rsa.c
+++ b/usr.bin/ssh/auth-rsa.c
@@ -16,7 +16,7 @@ validity of the host key.
*/
#include "includes.h"
-RCSID("$Id: auth-rsa.c,v 1.10 1999/11/18 14:00:48 markus Exp $");
+RCSID("$Id: auth-rsa.c,v 1.11 1999/11/22 21:02:38 markus Exp $");
#include "rsa.h"
#include "packet.h"
@@ -274,7 +274,7 @@ auth_rsa(struct passwd *pw, BIGNUM *client_n)
if (!auth_rsa_challenge_dialog(e, n))
{
/* Wrong response. */
- log("Wrong response to RSA authentication challenge.");
+ verbose("Wrong response to RSA authentication challenge.");
packet_send_debug("Wrong response to RSA authentication challenge.");
continue;
}
diff --git a/usr.bin/ssh/channels.c b/usr.bin/ssh/channels.c
index 94d7156b9f9..7f52276acf2 100644
--- a/usr.bin/ssh/channels.c
+++ b/usr.bin/ssh/channels.c
@@ -16,7 +16,7 @@ arbitrary tcp/ip connections, and the authentication agent connection.
*/
#include "includes.h"
-RCSID("$Id: channels.c,v 1.23 1999/11/19 19:58:18 markus Exp $");
+RCSID("$Id: channels.c,v 1.24 1999/11/22 21:02:38 markus Exp $");
#include "ssh.h"
#include "packet.h"
@@ -904,7 +904,7 @@ void channel_request_remote_forwarding(int port, const char *host,
int payload_len;
/* Record locally that connection to this host/port is permitted. */
if (num_permitted_opens >= SSH_MAX_FORWARDS_PER_DIRECTION)
- fatal("channel_request_remote_forwarding: too many forwards");
+ fatal("channel_request_remote_forwarding: too many forwards"); /* XXX why panic? -markus */
permitted_opens[num_permitted_opens].host = xstrdup(host);
permitted_opens[num_permitted_opens].port = remote_port;
num_permitted_opens++;
diff --git a/usr.bin/ssh/cipher.c b/usr.bin/ssh/cipher.c
index c4283373ee0..b6f04d9a404 100644
--- a/usr.bin/ssh/cipher.c
+++ b/usr.bin/ssh/cipher.c
@@ -12,7 +12,7 @@ Created: Wed Apr 19 17:41:39 1995 ylo
*/
#include "includes.h"
-RCSID("$Id: cipher.c,v 1.14 1999/11/15 21:38:53 markus Exp $");
+RCSID("$Id: cipher.c,v 1.15 1999/11/22 21:02:38 markus Exp $");
#include "ssh.h"
#include "cipher.h"
@@ -264,7 +264,7 @@ void cipher_encrypt(CipherContext *context, unsigned char *dest,
break;
default:
- fatal("cipher_encrypt: unknown cipher: %d", context->type);
+ fatal("cipher_encrypt: unknown cipher: %s", cipher_name(context->type));
}
}
@@ -299,6 +299,6 @@ void cipher_decrypt(CipherContext *context, unsigned char *dest,
break;
default:
- fatal("cipher_decrypt: unknown cipher: %d", context->type);
+ fatal("cipher_decrypt: unknown cipher: %s", cipher_name(context->type));
}
}
diff --git a/usr.bin/ssh/compat.c b/usr.bin/ssh/compat.c
index fa0579c3107..a0d27a5e3a4 100644
--- a/usr.bin/ssh/compat.c
+++ b/usr.bin/ssh/compat.c
@@ -1,10 +1,10 @@
#include "includes.h"
-RCSID("$Id: compat.c,v 1.2 1999/10/16 22:29:01 markus Exp $");
+RCSID("$Id: compat.c,v 1.3 1999/11/22 21:02:38 markus Exp $");
#include "ssh.h"
int compat13=0;
void enable_compat13(void){
- log("Enabling compatibility mode for protocol 1.3");
+ verbose("Enabling compatibility mode for protocol 1.3");
compat13=1;
}
diff --git a/usr.bin/ssh/log-client.c b/usr.bin/ssh/log-client.c
index 92b47649a38..97e253062e7 100644
--- a/usr.bin/ssh/log-client.c
+++ b/usr.bin/ssh/log-client.c
@@ -15,7 +15,7 @@ This is a stripped down version of log-server.c.
*/
#include "includes.h"
-RCSID("$Id: log-client.c,v 1.3 1999/11/10 23:36:44 markus Exp $");
+RCSID("$Id: log-client.c,v 1.4 1999/11/22 21:02:38 markus Exp $");
#include "xmalloc.h"
#include "ssh.h"
@@ -36,7 +36,7 @@ log_init(char *av0, LogLevel level, SyslogFacility ignored1, int ignored2)
case SYSLOG_LEVEL_ERROR:
case SYSLOG_LEVEL_FATAL:
case SYSLOG_LEVEL_INFO:
- case SYSLOG_LEVEL_CHAT:
+ case SYSLOG_LEVEL_VERBOSE:
case SYSLOG_LEVEL_DEBUG:
log_level = level;
break;
diff --git a/usr.bin/ssh/log-server.c b/usr.bin/ssh/log-server.c
index 67b1062773a..7e37e136dc2 100644
--- a/usr.bin/ssh/log-server.c
+++ b/usr.bin/ssh/log-server.c
@@ -15,7 +15,7 @@ to the system log.
*/
#include "includes.h"
-RCSID("$Id: log-server.c,v 1.8 1999/11/14 22:28:44 markus Exp $");
+RCSID("$Id: log-server.c,v 1.9 1999/11/22 21:02:38 markus Exp $");
#include <syslog.h>
#include "packet.h"
@@ -41,7 +41,7 @@ void log_init(char *av0, LogLevel level, SyslogFacility facility, int on_stderr)
case SYSLOG_LEVEL_ERROR:
case SYSLOG_LEVEL_FATAL:
case SYSLOG_LEVEL_INFO:
- case SYSLOG_LEVEL_CHAT:
+ case SYSLOG_LEVEL_VERBOSE:
case SYSLOG_LEVEL_DEBUG:
log_level = level;
break;
@@ -119,9 +119,7 @@ do_log(LogLevel level, const char *fmt, va_list args)
pri = LOG_ERR;
break;
case SYSLOG_LEVEL_INFO:
- pri = LOG_INFO;
- break;
- case SYSLOG_LEVEL_CHAT:
+ case SYSLOG_LEVEL_VERBOSE:
pri = LOG_INFO;
break;
case SYSLOG_LEVEL_DEBUG:
diff --git a/usr.bin/ssh/log.c b/usr.bin/ssh/log.c
index 1ce534ea57d..af5395da8f8 100644
--- a/usr.bin/ssh/log.c
+++ b/usr.bin/ssh/log.c
@@ -5,7 +5,7 @@ Shared versions of debug(), log(), etc.
*/
#include "includes.h"
-RCSID("$OpenBSD: log.c,v 1.2 1999/11/19 16:04:17 markus Exp $");
+RCSID("$OpenBSD: log.c,v 1.3 1999/11/22 21:02:38 markus Exp $");
#include "ssh.h"
#include "xmalloc.h"
@@ -47,11 +47,11 @@ log(const char *fmt, ...)
/* More detailed messages (information that does not need to go to the log). */
void
-chat(const char *fmt, ...)
+verbose(const char *fmt, ...)
{
va_list args;
va_start(args, fmt);
- do_log(SYSLOG_LEVEL_CHAT, fmt, args);
+ do_log(SYSLOG_LEVEL_VERBOSE, fmt, args);
va_end(args);
}
@@ -167,7 +167,7 @@ static struct
{ "FATAL", SYSLOG_LEVEL_FATAL },
{ "ERROR", SYSLOG_LEVEL_ERROR },
{ "INFO", SYSLOG_LEVEL_INFO },
- { "CHAT", SYSLOG_LEVEL_CHAT },
+ { "VERBOSE", SYSLOG_LEVEL_VERBOSE },
{ "DEBUG", SYSLOG_LEVEL_DEBUG },
{ NULL, 0 }
};
diff --git a/usr.bin/ssh/packet.c b/usr.bin/ssh/packet.c
index 6f0f3f0022d..f392fc4dbe9 100644
--- a/usr.bin/ssh/packet.c
+++ b/usr.bin/ssh/packet.c
@@ -15,7 +15,7 @@ with the other side. This same code is used both on client and server side.
*/
#include "includes.h"
-RCSID("$Id: packet.c,v 1.12 1999/11/19 19:58:18 markus Exp $");
+RCSID("$Id: packet.c,v 1.13 1999/11/22 21:02:38 markus Exp $");
#include "xmalloc.h"
#include "buffer.h"
@@ -397,7 +397,7 @@ packet_read(int *payload_len_ptr)
/* Read data from the socket. */
len = read(connection_in, buf, sizeof(buf));
if (len == 0)
- fatal("Connection closed by remote host.");
+ fatal("Connection closed by %.200s", get_remote_ipaddr());
if (len < 0)
fatal("Read from socket failed: %.100s", strerror(errno));
/* Append it to the buffer. */
@@ -513,7 +513,7 @@ packet_read_poll(int *payload_len_ptr)
/* Handle disconnect message. */
if ((unsigned char)buf[0] == SSH_MSG_DISCONNECT)
- fatal("%.900s", packet_get_string(NULL));
+ fatal("Received disconnect: %.900s", packet_get_string(NULL));
/* Ignore ignore messages. */
if ((unsigned char)buf[0] == SSH_MSG_IGNORE)
@@ -636,7 +636,7 @@ packet_disconnect(const char *fmt, ...)
packet_close();
/* Display the error locally and exit. */
- fatal("Local: %.100s", buf);
+ fatal("Disconnecting: %.100s", buf);
}
/* Checks if there is any buffered output, and tries to write some of the
diff --git a/usr.bin/ssh/scp.c b/usr.bin/ssh/scp.c
index a3b65a9fd7d..b5efaa56cf2 100644
--- a/usr.bin/ssh/scp.c
+++ b/usr.bin/ssh/scp.c
@@ -42,11 +42,11 @@ and ssh has the necessary privileges.)
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $Id: scp.c,v 1.16 1999/11/17 09:20:17 deraadt Exp $
+ * $Id: scp.c,v 1.17 1999/11/22 21:02:38 markus Exp $
*/
#include "includes.h"
-RCSID("$Id: scp.c,v 1.16 1999/11/17 09:20:17 deraadt Exp $");
+RCSID("$Id: scp.c,v 1.17 1999/11/22 21:02:38 markus Exp $");
#include "ssh.h"
#include "xmalloc.h"
@@ -76,7 +76,7 @@ off_t totalbytes = 0;
char *curfile;
/* This is set to non-zero to enable verbose mode. */
-int verbose = 0;
+int verbose_mode = 0;
/* This is set to non-zero if compression is desired. */
int compress = 0;
@@ -106,7 +106,7 @@ int do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout)
{
int pin[2], pout[2], reserved[2];
- if (verbose)
+ if (verbose_mode)
fprintf(stderr, "Executing: host %s, user %s, command %s\n",
host, remuser ? remuser : "(unspecified)", cmd);
@@ -142,7 +142,7 @@ int do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout)
args[i++] = SSH_PROGRAM;
args[i++] = "-x";
args[i++] = "-oFallBackToRsh no";
- if (verbose)
+ if (verbose_mode)
args[i++] = "-v";
if (compress)
args[i++] = "-C";
@@ -272,7 +272,7 @@ main(argc, argv)
identity = optarg;
break;
case 'v':
- verbose = 1;
+ verbose_mode = 1;
break;
case 'B':
batchmode = 1;
@@ -317,7 +317,7 @@ main(argc, argv)
remin = remout = -1;
/* Command to be executed on remote system using "ssh". */
- (void)sprintf(cmd, "scp%s%s%s%s", verbose ? " -v" : "",
+ (void)sprintf(cmd, "scp%s%s%s%s", verbose_mode ? " -v" : "",
iamrecursive ? " -r" : "", pflag ? " -p" : "",
targetshouldbedirectory ? " -d" : "");
@@ -378,18 +378,18 @@ toremote(targ, argc, argv)
continue;
(void)sprintf(bp,
"%s%s -x -o'FallBackToRsh no' -n -l %s %s %s %s '%s%s%s:%s'",
- SSH_PROGRAM, verbose ? " -v" : "",
+ SSH_PROGRAM, verbose_mode ? " -v" : "",
suser, host, cmd, src,
tuser ? tuser : "", tuser ? "@" : "",
thost, targ);
} else
(void)sprintf(bp,
"exec %s%s -x -o'FallBackToRsh no' -n %s %s %s '%s%s%s:%s'",
- SSH_PROGRAM, verbose ? " -v" : "",
+ SSH_PROGRAM, verbose_mode ? " -v" : "",
argv[i], cmd, src,
tuser ? tuser : "", tuser ? "@" : "",
thost, targ);
- if (verbose)
+ if (verbose_mode)
fprintf(stderr, "Executing: %s\n", bp);
(void)system(bp);
(void)xfree(bp);
@@ -427,7 +427,7 @@ tolocal(argc, argv)
(void)sprintf(bp, "exec %s%s%s %s %s", _PATH_CP,
iamrecursive ? " -r" : "", pflag ? " -p" : "",
argv[i], argv[argc - 1]);
- if (verbose)
+ if (verbose_mode)
fprintf(stderr, "Executing: %s\n", bp);
if (system(bp))
++errs;
@@ -519,7 +519,7 @@ syserr: run_err("%s: %s", name, strerror(errno));
(unsigned int)(stb.st_mode & FILEMODEMASK),
(unsigned long)stb.st_size,
last);
- if (verbose)
+ if (verbose_mode)
{
fprintf(stderr, "Sending file modes: %s", buf);
fflush(stderr);
@@ -600,7 +600,7 @@ rsource(name, statp)
(void)sprintf(path,
"D%04o %d %.1024s\n", (unsigned int)(statp->st_mode & FILEMODEMASK),
0, last);
- if (verbose)
+ if (verbose_mode)
fprintf(stderr, "Entering directory: %s", path);
(void)write(remout, path, strlen(path));
if (response() < 0) {
@@ -976,7 +976,7 @@ run_err(const char *fmt, ...)
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $Id: scp.c,v 1.16 1999/11/17 09:20:17 deraadt Exp $
+ * $Id: scp.c,v 1.17 1999/11/22 21:02:38 markus Exp $
*/
char *
diff --git a/usr.bin/ssh/serverloop.c b/usr.bin/ssh/serverloop.c
index 9961170a5b3..8294714d328 100644
--- a/usr.bin/ssh/serverloop.c
+++ b/usr.bin/ssh/serverloop.c
@@ -308,16 +308,20 @@ void process_input(fd_set *readset)
if (FD_ISSET(connection_in, readset))
{
len = read(connection_in, buf, sizeof(buf));
- if (len == 0)
- fatal("Connection closed by remote host.");
+ if (len == 0) {
+ verbose("Connection closed by remote host.");
+ fatal_cleanup();
+ }
/* There is a kernel bug on Solaris that causes select to sometimes
wake up even though there is no data available. */
if (len < 0 && errno == EAGAIN)
len = 0;
- if (len < 0)
- fatal("Read error from remote host: %.100s", strerror(errno));
+ if (len < 0) {
+ verbose("Read error from remote host: %.100s", strerror(errno));
+ fatal_cleanup();
+ }
/* Buffer any received data. */
packet_process_incoming(buf, len);
diff --git a/usr.bin/ssh/ssh.h b/usr.bin/ssh/ssh.h
index b1de3d26564..85923137bbc 100644
--- a/usr.bin/ssh/ssh.h
+++ b/usr.bin/ssh/ssh.h
@@ -13,7 +13,7 @@ Generic header file for ssh.
*/
-/* RCSID("$Id: ssh.h,v 1.22 1999/11/19 16:04:17 markus Exp $"); */
+/* RCSID("$Id: ssh.h,v 1.23 1999/11/22 21:02:38 markus Exp $"); */
#ifndef SSH_H
#define SSH_H
@@ -365,7 +365,7 @@ typedef enum
SYSLOG_LEVEL_FATAL,
SYSLOG_LEVEL_ERROR,
SYSLOG_LEVEL_INFO,
- SYSLOG_LEVEL_CHAT,
+ SYSLOG_LEVEL_VERBOSE,
SYSLOG_LEVEL_DEBUG
} LogLevel;
@@ -380,12 +380,12 @@ SyslogFacility log_facility_number(char *name);
LogLevel log_level_number(char *name);
/* Output a message to syslog or stderr */
-void fatal(const char *fmt, ...);
-void error(const char *fmt, ...);
-void log(const char *fmt, ...);
-void chat(const char *fmt, ...);
-void debug(const char *fmt, ...);
-
+void fatal(const char *fmt, ...) __attribute__ ((format (printf, 1, 2)));
+void error(const char *fmt, ...) __attribute__ ((format (printf, 1, 2)));
+void log(const char *fmt, ...) __attribute__ ((format (printf, 1, 2)));
+void verbose(const char *fmt, ...) __attribute__ ((format (printf, 1, 2)));
+void debug(const char *fmt, ...) __attribute__ ((format (printf, 1, 2)));
+
/* same as fatal() but w/o logging */
void fatal_cleanup(void);
diff --git a/usr.bin/ssh/sshd.8 b/usr.bin/ssh/sshd.8
index c2162c0581c..ccdea15097e 100644
--- a/usr.bin/ssh/sshd.8
+++ b/usr.bin/ssh/sshd.8
@@ -9,7 +9,7 @@
.\"
.\" Created: Sat Apr 22 21:55:14 1995 ylo
.\"
-.\" $Id: sshd.8,v 1.26 1999/11/22 20:02:45 markus Exp $
+.\" $Id: sshd.8,v 1.27 1999/11/22 21:02:39 markus Exp $
.\"
.Dd September 25, 1999
.Dt SSHD 8
@@ -328,7 +328,7 @@ The default is 600 (seconds).
Gives the verbosity level that is used when logging messages from
.Nm sshd .
The possible values are:
-QUIET, FATAL, ERROR, INFO, CHAT and DEBUG.
+QUIET, FATAL, ERROR, INFO, VERBOSE and DEBUG.
The default is INFO.
Logging with level DEBUG violates the privacy of users
and is not recommended.
diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c
index afa9667058d..eda984b4788 100644
--- a/usr.bin/ssh/sshd.c
+++ b/usr.bin/ssh/sshd.c
@@ -18,7 +18,7 @@ agent connections.
*/
#include "includes.h"
-RCSID("$Id: sshd.c,v 1.61 1999/11/22 20:02:45 markus Exp $");
+RCSID("$Id: sshd.c,v 1.62 1999/11/22 21:02:39 markus Exp $");
#include "xmalloc.h"
#include "rsa.h"
@@ -190,7 +190,29 @@ void grace_alarm_handler(int sig)
packet_close();
/* Log error and exit. */
- fatal("Timeout before authentication.");
+ fatal("Timeout before authentication for %s.", get_remote_ipaddr());
+}
+
+/* convert ssh auth msg type into description */
+char *
+get_authname(int type)
+{
+ switch (type) {
+ case SSH_CMSG_AUTH_PASSWORD:
+ return "password";
+ case SSH_CMSG_AUTH_RSA:
+ return "rsa";
+ case SSH_CMSG_AUTH_RHOSTS_RSA:
+ return "rhosts-rsa";
+ case SSH_CMSG_AUTH_RHOSTS:
+ return "rhosts";
+#ifdef KRB4
+ case SSH_CMSG_AUTH_KERBEROS:
+ return "kerberos";
+#endif
+ }
+ fatal("get_authname: unknown auth %d: internal error", type);
+ return NULL;
}
/* Signal handler for the key regeneration alarm. Note that this
@@ -242,6 +264,7 @@ main(int ac, char **av)
struct sockaddr_in sin;
char buf[100]; /* Must not be larger than remote_version. */
char remote_version[100]; /* Must be at least as big as buf. */
+ const char *remote_ip;
int remote_port;
char *comment;
FILE *f;
@@ -610,6 +633,7 @@ main(int ac, char **av)
packet_set_connection(sock_in, sock_out);
remote_port = get_remote_port();
+ remote_ip = get_remote_ipaddr();
/* Check whether logins are denied from this host. */
#ifdef LIBWRAP
@@ -624,11 +648,11 @@ main(int ac, char **av)
close(sock_out);
refuse(&req);
}
- log("Connection from %.500s port %d", eval_client(&req), remote_port);
+ verbose("Connection from %.500s port %d", eval_client(&req), remote_port);
}
#else
/* Log the connection. */
- log("Connection from %.100s port %d", get_remote_ipaddr(), remote_port);
+ verbose("Connection from %.500s port %d", remote_ip, remote_port);
#endif /* LIBWRAP */
/* We don\'t want to listen forever unless the other side successfully
@@ -648,13 +672,13 @@ main(int ac, char **av)
snprintf(buf, sizeof buf, "SSH-%d.%d-%.100s\n",
PROTOCOL_MAJOR, PROTOCOL_MINOR, SSH_VERSION);
if (write(sock_out, buf, strlen(buf)) != strlen(buf))
- fatal("Could not write ident string.");
+ fatal("Could not write ident string to %s.", get_remote_ipaddr());
/* Read other side\'s version identification. */
for (i = 0; i < sizeof(buf) - 1; i++)
{
if (read(sock_in, &buf[i], 1) != 1)
- fatal("Did not receive ident string.");
+ fatal("Did not receive ident string from %s.", get_remote_ipaddr());
if (buf[i] == '\r')
{
buf[i] = '\n';
@@ -680,7 +704,8 @@ main(int ac, char **av)
(void) write(sock_out, s, strlen(s));
close(sock_in);
close(sock_out);
- fatal("Bad protocol version identification: %.100s", buf);
+ fatal("Bad protocol version identification '%.100s' from %s",
+ buf, get_remote_ipaddr());
}
debug("Client protocol version %d.%d; client software version %.100s",
remote_major, remote_minor, remote_version);
@@ -690,7 +715,8 @@ main(int ac, char **av)
(void) write(sock_out, s, strlen(s));
close(sock_in);
close(sock_out);
- fatal("Protocol major versions differ: %d vs. %d",
+ fatal("Protocol major versions differ for %s: %d vs. %d",
+ get_remote_ipaddr(),
PROTOCOL_MAJOR, remote_major);
}
@@ -734,7 +760,7 @@ main(int ac, char **av)
if (xauthfile) unlink(xauthfile);
/* The connection has been terminated. */
- log("Closing connection to %.100s", inet_ntoa(sin.sin_addr));
+ verbose("Closing connection to %.100s", remote_ip);
packet_close();
exit(0);
}
@@ -851,7 +877,8 @@ do_connection()
/* Private key has bigger modulus. */
if (BN_num_bits(sensitive_data.private_key->n) <
BN_num_bits(sensitive_data.host_key->n) + SSH_KEY_BITS_RESERVED) {
- fatal("do_connection: private_key %d < host_key %d + SSH_KEY_BITS_RESERVED %d",
+ fatal("do_connection: %s: private_key %d < host_key %d + SSH_KEY_BITS_RESERVED %d",
+ get_remote_ipaddr(),
BN_num_bits(sensitive_data.private_key->n),
BN_num_bits(sensitive_data.host_key->n),
SSH_KEY_BITS_RESERVED);
@@ -867,7 +894,8 @@ do_connection()
/* Host key has bigger modulus (or they are equal). */
if (BN_num_bits(sensitive_data.host_key->n) <
BN_num_bits(sensitive_data.private_key->n) + SSH_KEY_BITS_RESERVED) {
- fatal("do_connection: host_key %d < private_key %d + SSH_KEY_BITS_RESERVED %d",
+ fatal("do_connection: %s: host_key %d < private_key %d + SSH_KEY_BITS_RESERVED %d",
+ get_remote_ipaddr(),
BN_num_bits(sensitive_data.host_key->n),
BN_num_bits(sensitive_data.private_key->n),
SSH_KEY_BITS_RESERVED);
@@ -889,7 +917,8 @@ do_connection()
BN_mask_bits(session_key_int, sizeof(session_key) * 8);
len = BN_num_bytes(session_key_int);
if (len < 0 || len > sizeof(session_key))
- fatal("do_connection: bad len: session_key_int %d > sizeof(session_key) %d",
+ fatal("do_connection: bad len from %s: session_key_int %d > sizeof(session_key) %d",
+ get_remote_ipaddr(),
len, sizeof(session_key));
memset(session_key, 0, sizeof(session_key));
BN_bn2bin(session_key_int, session_key + sizeof(session_key) - len);
@@ -1061,15 +1090,14 @@ do_authentication(char *user)
auth_password(pw, ""))
{
/* Authentication with empty password succeeded. */
- debug("Login for user %.100s accepted without authentication.", user);
+ log("Login for user %s from %.100s, accepted without authentication.",
+ pw->pw_name, get_remote_ipaddr());
} else {
/* Loop until the user has been authenticated or the connection is closed,
do_authloop() returns only if authentication is successfull */
do_authloop(pw);
}
- /* XXX log unified auth message */
-
/* Check if the user is logging in as root and root logins are disallowed. */
if (pw->pw_uid == 0 && !options.permit_root_login)
{
@@ -1089,30 +1117,36 @@ do_authentication(char *user)
do_authenticated(pw);
}
-#define MAX_AUTH_FAILURES 5
+#define AUTH_FAIL_MAX 6
+#define AUTH_FAIL_LOG (AUTH_FAIL_MAX/2)
+#define AUTH_FAIL_MSG "Too many authentication failures for %.100s"
/* read packets and try to authenticate local user *pw.
return if authentication is successfull */
void
do_authloop(struct passwd *pw)
{
- int authentication_failures = 0;
+ int attempt = 0;
unsigned int bits;
BIGNUM *client_host_key_e, *client_host_key_n;
BIGNUM *n;
char *client_user, *password;
+ char user[1024];
int plen, dlen, nlen, ulen, elen;
+ int type = 0;
+ void (*authlog)(const char *fmt, ...) = verbose;
/* Indicate that authentication is needed. */
packet_start(SSH_SMSG_FAILURE);
packet_send();
packet_write_wait();
- for (;;) {
+ for (attempt = 1; ; attempt++) {
int authenticated = 0;
+ strlcpy(user, "", sizeof user);
/* Get a packet from the client. */
- int type = packet_read(&plen);
+ type = packet_read(&plen);
/* Process the packet. */
switch (type)
@@ -1122,7 +1156,7 @@ do_authloop(struct passwd *pw)
if (!options.kerberos_tgt_passing)
{
/* packet_get_all(); */
- log("Kerberos tgt passing disabled.");
+ verbose("Kerberos tgt passing disabled.");
break;
}
else {
@@ -1130,7 +1164,7 @@ do_authloop(struct passwd *pw)
char *tgt = packet_get_string(&dlen);
packet_integrity_check(plen, 4 + dlen, type);
if (!auth_kerberos_tgt(pw, tgt))
- debug("Kerberos tgt REFUSED for %s", pw->pw_name);
+ verbose("Kerberos tgt REFUSED for %s", pw->pw_name);
xfree(tgt);
}
continue;
@@ -1138,7 +1172,7 @@ do_authloop(struct passwd *pw)
case SSH_CMSG_HAVE_AFS_TOKEN:
if (!options.afs_token_passing || !k_hasafs()) {
/* packet_get_all(); */
- log("AFS token passing disabled.");
+ verbose("AFS token passing disabled.");
break;
}
else {
@@ -1146,7 +1180,7 @@ do_authloop(struct passwd *pw)
char *token_string = packet_get_string(&dlen);
packet_integrity_check(plen, 4 + dlen, type);
if (!auth_afs_token(pw, token_string))
- debug("AFS token REFUSED for %s", pw->pw_name);
+ verbose("AFS token REFUSED for %s", pw->pw_name);
xfree(token_string);
}
continue;
@@ -1157,7 +1191,7 @@ do_authloop(struct passwd *pw)
if (!options.kerberos_authentication)
{
/* packet_get_all(); */
- log("Kerberos authentication disabled.");
+ verbose("Kerberos authentication disabled.");
break;
}
else {
@@ -1173,12 +1207,10 @@ do_authloop(struct passwd *pw)
authenticated = auth_krb4(pw->pw_name, &auth, &tkt_user);
- log("Kerberos authentication %s%s for account %s from %s",
- authenticated ? "accepted " : "failed",
- tkt_user != NULL ? tkt_user : "",
- pw->pw_name, get_canonical_hostname());
- if (authenticated)
+ if (authenticated) {
+ snprintf(user, sizeof user, " tktuser %s", tkt_user);
xfree(tkt_user);
+ }
}
break;
#endif /* KRB4 */
@@ -1186,29 +1218,27 @@ do_authloop(struct passwd *pw)
case SSH_CMSG_AUTH_RHOSTS:
if (!options.rhosts_authentication)
{
- log("Rhosts authentication disabled.");
+ verbose("Rhosts authentication disabled.");
break;
}
/* Get client user name. Note that we just have to trust the client;
this is one reason why rhosts authentication is insecure.
(Another is IP-spoofing on a local network.) */
- client_user = packet_get_string(&dlen);
- packet_integrity_check(plen, 4 + dlen, type);
+ client_user = packet_get_string(&ulen);
+ packet_integrity_check(plen, 4 + ulen, type);
/* Try to authenticate using /etc/hosts.equiv and .rhosts. */
authenticated = auth_rhosts(pw, client_user);
- log("Rhosts authentication %s for %.100s, remote %.100s on %.700s.",
- authenticated ? "accepted" : "failed",
- pw->pw_name, client_user, get_canonical_hostname());
+ snprintf(user, sizeof user, " ruser %s", client_user);
xfree(client_user);
break;
case SSH_CMSG_AUTH_RHOSTS_RSA:
if (!options.rhosts_rsa_authentication)
{
- log("Rhosts with RSA authentication disabled.");
+ verbose("Rhosts with RSA authentication disabled.");
break;
}
@@ -1231,18 +1261,17 @@ do_authloop(struct passwd *pw)
authenticated = auth_rhosts_rsa(pw, client_user,
client_host_key_e, client_host_key_n);
- log("Rhosts authentication %s for %.100s, remote %.100s.",
- authenticated ? "accepted" : "failed",
- pw->pw_name, client_user);
- xfree(client_user);
BN_clear_free(client_host_key_e);
BN_clear_free(client_host_key_n);
+
+ snprintf(user, sizeof user, " ruser %s", client_user);
+ xfree(client_user);
break;
case SSH_CMSG_AUTH_RSA:
if (!options.rsa_authentication)
{
- log("RSA authentication disabled.");
+ verbose("RSA authentication disabled.");
break;
}
@@ -1250,18 +1279,14 @@ do_authloop(struct passwd *pw)
n = BN_new();
packet_get_bignum(n, &nlen);
packet_integrity_check(plen, nlen, type);
-
authenticated = auth_rsa(pw, n);
- log("RSA authentication %s for %.100s.",
- authenticated ? "accepted" : "failed",
- pw->pw_name);
BN_clear_free(n);
break;
case SSH_CMSG_AUTH_PASSWORD:
if (!options.password_authentication)
{
- log("Password authentication disabled.");
+ verbose("Password authentication disabled.");
break;
}
@@ -1273,9 +1298,6 @@ do_authloop(struct passwd *pw)
/* Try authentication with the password. */
authenticated = auth_password(pw, password);
- log("Password authentication %s for %.100s.",
- authenticated ? "accepted" : "failed",
- pw->pw_name);
memset(password, 0, strlen(password));
xfree(password);
@@ -1290,14 +1312,29 @@ do_authloop(struct passwd *pw)
/* Any unknown messages will be ignored (and failure returned)
during authentication. */
log("Unknown message during authentication: type %d", type);
- break; /* Respond with a failure message. */
+ break;
}
+ /* Raise logging level */
+ if (authenticated ||
+ attempt == AUTH_FAIL_LOG ||
+ type == SSH_CMSG_AUTH_PASSWORD)
+ authlog = log;
+
+ authlog("%s %s for %.200s from %.200s port %d%s",
+ authenticated ? "Accepted" : "Failed",
+ get_authname(type),
+ pw->pw_uid == 0 ? "ROOT" : pw->pw_name,
+ get_remote_ipaddr(),
+ get_remote_port(),
+ user);
+
if (authenticated)
- break;
- if (++authentication_failures >= MAX_AUTH_FAILURES)
- packet_disconnect("Too many authentication failures for %.100s from %.200s",
- pw->pw_name, get_canonical_hostname());
+ return;
+
+ if (attempt > AUTH_FAIL_MAX)
+ packet_disconnect(AUTH_FAIL_MSG, pw->pw_name);
+
/* Send a message indicating that the authentication attempt failed. */
packet_start(SSH_SMSG_FAILURE);
packet_send();
@@ -1310,7 +1347,12 @@ do_authloop(struct passwd *pw)
void
do_fake_authloop(char *user)
{
- int authentication_failures = 0;
+ int attempt = 0;
+
+ log("Faking authloop for illegal user %.200s from %.200s port %d",
+ user,
+ get_remote_ipaddr(),
+ get_remote_port());
/* Indicate that authentication is needed. */
packet_start(SSH_SMSG_FAILURE);
@@ -1319,28 +1361,28 @@ do_fake_authloop(char *user)
/* Keep reading packets, and always respond with a failure. This is to
avoid disclosing whether such a user really exists. */
- for (;;)
+ for (attempt = 1; ; attempt++)
{
/* Read a packet. This will not return if the client disconnects. */
int plen;
int type = packet_read(&plen);
#ifdef SKEY
- int passw_len;
+ int dlen;
char *password, *skeyinfo;
if (options.password_authentication &&
options.skey_authentication == 1 &&
type == SSH_CMSG_AUTH_PASSWORD &&
- (password = packet_get_string(&passw_len)) != NULL &&
- passw_len == 5 &&
+ (password = packet_get_string(&dlen)) != NULL &&
+ dlen == 5 &&
strncasecmp(password, "s/key", 5) == 0 &&
(skeyinfo = skey_fake_keyinfo(user)) != NULL ){
/* Send a fake s/key challenge. */
packet_send_debug(skeyinfo);
}
#endif
- if (++authentication_failures >= MAX_AUTH_FAILURES)
- packet_disconnect("Too many authentication failures for %.100s from %.200s",
- user, get_canonical_hostname());
+ if (attempt > AUTH_FAIL_MAX)
+ packet_disconnect(AUTH_FAIL_MSG, user);
+
/* Send failure. This should be indistinguishable from a failed
authentication. */
packet_start(SSH_SMSG_FAILURE);