src - OpenBSD base system

diff options


context:
space:
mode:

author	Markus Friedl <markus@cvs.openbsd.org>	1999-11-22 21:02:40 +0000
committer	Markus Friedl <markus@cvs.openbsd.org>	1999-11-22 21:02:40 +0000
commit	e635c41f03fe35686ec48598b5ff248c2485d8bb (patch)
tree	8521120e30f644f5a56001e3b3d4bc47b97bdb40 /usr.bin
parent	2632baae61bff755f455a90159bc81cffae148f0 (diff)

syslog changes:

* Unified Logmessage for all auth-types, for success and for failed * Standard connections get only ONE line in the LOG when level==LOG: Auth-attempts are logged only, if authentication is: a) successfull or b) with passwd or c) we had more than AUTH_FAIL_LOG failues * many log() became verbose() * old behaviour with level=VERBOSE

Diffstat (limited to 'usr.bin')

-rw-r--r--

usr.bin/ssh/auth-rh-rsa.c

-rw-r--r--

usr.bin/ssh/auth-rsa.c

-rw-r--r--

usr.bin/ssh/channels.c

-rw-r--r--

usr.bin/ssh/cipher.c

-rw-r--r--

usr.bin/ssh/compat.c

-rw-r--r--

usr.bin/ssh/log-client.c

-rw-r--r--

usr.bin/ssh/log-server.c

-rw-r--r--

usr.bin/ssh/log.c

-rw-r--r--

usr.bin/ssh/packet.c

-rw-r--r--

usr.bin/ssh/scp.c

-rw-r--r--

usr.bin/ssh/serverloop.c

-rw-r--r--

usr.bin/ssh/ssh.h

-rw-r--r--

usr.bin/ssh/sshd.8

-rw-r--r--

usr.bin/ssh/sshd.c

166

14 files changed, 160 insertions, 116 deletions

diff --git a/usr.bin/ssh/auth-rh-rsa.c b/usr.bin/ssh/auth-rh-rsa.c
index 77d685ebd48..abc7c2d6eeb 100644
--- a/usr.bin/ssh/auth-rh-rsa.c
+++ b/usr.bin/ssh/auth-rh-rsa.c

@@ -15,7 +15,7 @@ authentication.

#include "includes.h"

-RCSID("$Id: auth-rh-rsa.c,v 1.6 1999/11/15 20:53:24 markus Exp $");

+RCSID("$Id: auth-rh-rsa.c,v 1.7 1999/11/22 21:02:38 markus Exp $");

#include "packet.h"

#include "ssh.h"

@@ -96,7 +96,7 @@ int auth_rhosts_rsa(struct passwd *pw, const char *client_user,

/* We have authenticated the user using .rhosts or /etc/hosts.equiv, and

the host using RSA. We accept the authentication. */

- log("Rhosts with RSA host authentication accepted for %.100s, %.100s on %.700s.",

+ verbose("Rhosts with RSA host authentication accepted for %.100s, %.100s on %.700s.",

pw->pw_name, client_user, canonical_hostname);

packet_send_debug("Rhosts with RSA host authentication accepted.");

return 1;

diff --git a/usr.bin/ssh/auth-rsa.c b/usr.bin/ssh/auth-rsa.c
index 382ac71a717..9a59e0ffba7 100644
--- a/usr.bin/ssh/auth-rsa.c
+++ b/usr.bin/ssh/auth-rsa.c

@@ -16,7 +16,7 @@ validity of the host key.

#include "includes.h"

-RCSID("$Id: auth-rsa.c,v 1.10 1999/11/18 14:00:48 markus Exp $");

+RCSID("$Id: auth-rsa.c,v 1.11 1999/11/22 21:02:38 markus Exp $");

#include "rsa.h"

#include "packet.h"

@@ -274,7 +274,7 @@ auth_rsa(struct passwd *pw, BIGNUM *client_n)

if (!auth_rsa_challenge_dialog(e, n))

{

/* Wrong response. */

- log("Wrong response to RSA authentication challenge.");

+ verbose("Wrong response to RSA authentication challenge.");

packet_send_debug("Wrong response to RSA authentication challenge.");

continue;

}

diff --git a/usr.bin/ssh/channels.c b/usr.bin/ssh/channels.c
index 94d7156b9f9..7f52276acf2 100644
--- a/usr.bin/ssh/channels.c
+++ b/usr.bin/ssh/channels.c

@@ -16,7 +16,7 @@ arbitrary tcp/ip connections, and the authentication agent connection.

#include "includes.h"

-RCSID("$Id: channels.c,v 1.23 1999/11/19 19:58:18 markus Exp $");

+RCSID("$Id: channels.c,v 1.24 1999/11/22 21:02:38 markus Exp $");

#include "ssh.h"

#include "packet.h"

@@ -904,7 +904,7 @@ void channel_request_remote_forwarding(int port, const char *host,

int payload_len;

/* Record locally that connection to this host/port is permitted. */

if (num_permitted_opens >= SSH_MAX_FORWARDS_PER_DIRECTION)

- fatal("channel_request_remote_forwarding: too many forwards");

+ fatal("channel_request_remote_forwarding: too many forwards"); /* XXX why panic? -markus */

permitted_opens[num_permitted_opens].host = xstrdup(host);

permitted_opens[num_permitted_opens].port = remote_port;

num_permitted_opens++;

diff --git a/usr.bin/ssh/cipher.c b/usr.bin/ssh/cipher.c
index c4283373ee0..b6f04d9a404 100644
--- a/usr.bin/ssh/cipher.c
+++ b/usr.bin/ssh/cipher.c

@@ -12,7 +12,7 @@ Created: Wed Apr 19 17:41:39 1995 ylo

#include "includes.h"

-RCSID("$Id: cipher.c,v 1.14 1999/11/15 21:38:53 markus Exp $");

+RCSID("$Id: cipher.c,v 1.15 1999/11/22 21:02:38 markus Exp $");

#include "ssh.h"

#include "cipher.h"

@@ -264,7 +264,7 @@ void cipher_encrypt(CipherContext *context, unsigned char *dest,

break;

default:

- fatal("cipher_encrypt: unknown cipher: %d", context->type);

+ fatal("cipher_encrypt: unknown cipher: %s", cipher_name(context->type));

}

@@ -299,6 +299,6 @@ void cipher_decrypt(CipherContext *context, unsigned char *dest,

break;

default:

- fatal("cipher_decrypt: unknown cipher: %d", context->type);

+ fatal("cipher_decrypt: unknown cipher: %s", cipher_name(context->type));

}

diff --git a/usr.bin/ssh/compat.c b/usr.bin/ssh/compat.c
index fa0579c3107..a0d27a5e3a4 100644
--- a/usr.bin/ssh/compat.c
+++ b/usr.bin/ssh/compat.c

@@ -1,10 +1,10 @@

#include "includes.h"

-RCSID("$Id: compat.c,v 1.2 1999/10/16 22:29:01 markus Exp $");

+RCSID("$Id: compat.c,v 1.3 1999/11/22 21:02:38 markus Exp $");

#include "ssh.h"

int compat13=0;

void enable_compat13(void){

- log("Enabling compatibility mode for protocol 1.3");

+ verbose("Enabling compatibility mode for protocol 1.3");

compat13=1;

}

diff --git a/usr.bin/ssh/log-client.c b/usr.bin/ssh/log-client.c
index 92b47649a38..97e253062e7 100644
--- a/usr.bin/ssh/log-client.c
+++ b/usr.bin/ssh/log-client.c

@@ -15,7 +15,7 @@ This is a stripped down version of log-server.c.

#include "includes.h"

-RCSID("$Id: log-client.c,v 1.3 1999/11/10 23:36:44 markus Exp $");

+RCSID("$Id: log-client.c,v 1.4 1999/11/22 21:02:38 markus Exp $");

#include "xmalloc.h"

#include "ssh.h"

@@ -36,7 +36,7 @@ log_init(char *av0, LogLevel level, SyslogFacility ignored1, int ignored2)

case SYSLOG_LEVEL_ERROR:

case SYSLOG_LEVEL_FATAL:

case SYSLOG_LEVEL_INFO:

- case SYSLOG_LEVEL_CHAT:

+ case SYSLOG_LEVEL_VERBOSE:

case SYSLOG_LEVEL_DEBUG:

log_level = level;

break;

diff --git a/usr.bin/ssh/log-server.c b/usr.bin/ssh/log-server.c
index 67b1062773a..7e37e136dc2 100644
--- a/usr.bin/ssh/log-server.c
+++ b/usr.bin/ssh/log-server.c

@@ -15,7 +15,7 @@ to the system log.

#include "includes.h"

-RCSID("$Id: log-server.c,v 1.8 1999/11/14 22:28:44 markus Exp $");

+RCSID("$Id: log-server.c,v 1.9 1999/11/22 21:02:38 markus Exp $");

#include <syslog.h>

#include "packet.h"

@@ -41,7 +41,7 @@ void log_init(char *av0, LogLevel level, SyslogFacility facility, int on_stderr)

case SYSLOG_LEVEL_ERROR:

case SYSLOG_LEVEL_FATAL:

case SYSLOG_LEVEL_INFO:

- case SYSLOG_LEVEL_CHAT:

+ case SYSLOG_LEVEL_VERBOSE:

case SYSLOG_LEVEL_DEBUG:

log_level = level;

break;

@@ -119,9 +119,7 @@ do_log(LogLevel level, const char *fmt, va_list args)

pri = LOG_ERR;

break;

case SYSLOG_LEVEL_INFO:

- pri = LOG_INFO;

- break;

- case SYSLOG_LEVEL_CHAT:

+ case SYSLOG_LEVEL_VERBOSE:

pri = LOG_INFO;

break;

case SYSLOG_LEVEL_DEBUG:

diff --git a/usr.bin/ssh/log.c b/usr.bin/ssh/log.c
index 1ce534ea57d..af5395da8f8 100644
--- a/usr.bin/ssh/log.c
+++ b/usr.bin/ssh/log.c

@@ -5,7 +5,7 @@ Shared versions of debug(), log(), etc.

#include "includes.h"

-RCSID("$OpenBSD: log.c,v 1.2 1999/11/19 16:04:17 markus Exp $");

+RCSID("$OpenBSD: log.c,v 1.3 1999/11/22 21:02:38 markus Exp $");

#include "ssh.h"

#include "xmalloc.h"

@@ -47,11 +47,11 @@ log(const char *fmt, ...)

/* More detailed messages (information that does not need to go to the log). */

void

-chat(const char *fmt, ...)

+verbose(const char *fmt, ...)

{

va_list args;

va_start(args, fmt);

- do_log(SYSLOG_LEVEL_CHAT, fmt, args);

+ do_log(SYSLOG_LEVEL_VERBOSE, fmt, args);

va_end(args);

}

@@ -167,7 +167,7 @@ static struct

{ "FATAL", SYSLOG_LEVEL_FATAL },

{ "ERROR", SYSLOG_LEVEL_ERROR },

{ "INFO", SYSLOG_LEVEL_INFO },

- { "CHAT", SYSLOG_LEVEL_CHAT },

+ { "VERBOSE", SYSLOG_LEVEL_VERBOSE },

{ "DEBUG", SYSLOG_LEVEL_DEBUG },

{ NULL, 0 }

};

diff --git a/usr.bin/ssh/packet.c b/usr.bin/ssh/packet.c
index 6f0f3f0022d..f392fc4dbe9 100644
--- a/usr.bin/ssh/packet.c
+++ b/usr.bin/ssh/packet.c

@@ -15,7 +15,7 @@ with the other side. This same code is used both on client and server side.

#include "includes.h"

-RCSID("$Id: packet.c,v 1.12 1999/11/19 19:58:18 markus Exp $");

+RCSID("$Id: packet.c,v 1.13 1999/11/22 21:02:38 markus Exp $");

#include "xmalloc.h"

#include "buffer.h"

@@ -397,7 +397,7 @@ packet_read(int *payload_len_ptr)

/* Read data from the socket. */

len = read(connection_in, buf, sizeof(buf));

if (len == 0)

- fatal("Connection closed by remote host.");

+ fatal("Connection closed by %.200s", get_remote_ipaddr());

if (len < 0)

fatal("Read from socket failed: %.100s", strerror(errno));

/* Append it to the buffer. */

@@ -513,7 +513,7 @@ packet_read_poll(int *payload_len_ptr)

/* Handle disconnect message. */

if ((unsigned char)buf[0] == SSH_MSG_DISCONNECT)

- fatal("%.900s", packet_get_string(NULL));

+ fatal("Received disconnect: %.900s", packet_get_string(NULL));

/* Ignore ignore messages. */

if ((unsigned char)buf[0] == SSH_MSG_IGNORE)

@@ -636,7 +636,7 @@ packet_disconnect(const char *fmt, ...)

packet_close();

/* Display the error locally and exit. */

- fatal("Local: %.100s", buf);

+ fatal("Disconnecting: %.100s", buf);

}

/* Checks if there is any buffered output, and tries to write some of the

diff --git a/usr.bin/ssh/scp.c b/usr.bin/ssh/scp.c
index a3b65a9fd7d..b5efaa56cf2 100644
--- a/usr.bin/ssh/scp.c
+++ b/usr.bin/ssh/scp.c

@@ -42,11 +42,11 @@ and ssh has the necessary privileges.)

* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

* SUCH DAMAGE.

- * $Id: scp.c,v 1.16 1999/11/17 09:20:17 deraadt Exp $

+ * $Id: scp.c,v 1.17 1999/11/22 21:02:38 markus Exp $

#include "includes.h"

-RCSID("$Id: scp.c,v 1.16 1999/11/17 09:20:17 deraadt Exp $");

+RCSID("$Id: scp.c,v 1.17 1999/11/22 21:02:38 markus Exp $");

#include "ssh.h"

#include "xmalloc.h"

@@ -76,7 +76,7 @@ off_t totalbytes = 0;

char *curfile;

/* This is set to non-zero to enable verbose mode. */

-int verbose = 0;

+int verbose_mode = 0;

/* This is set to non-zero if compression is desired. */

int compress = 0;

@@ -106,7 +106,7 @@ int do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout)

{

int pin[2], pout[2], reserved[2];

- if (verbose)

+ if (verbose_mode)

fprintf(stderr, "Executing: host %s, user %s, command %s\n",

host, remuser ? remuser : "(unspecified)", cmd);

@@ -142,7 +142,7 @@ int do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout)

args[i++] = SSH_PROGRAM;

args[i++] = "-x";

args[i++] = "-oFallBackToRsh no";

- if (verbose)

+ if (verbose_mode)

args[i++] = "-v";

if (compress)

args[i++] = "-C";

@@ -272,7 +272,7 @@ main(argc, argv)

identity = optarg;

break;

case 'v':

- verbose = 1;

+ verbose_mode = 1;

break;

case 'B':

batchmode = 1;

@@ -317,7 +317,7 @@ main(argc, argv)

remin = remout = -1;

/* Command to be executed on remote system using "ssh". */

- (void)sprintf(cmd, "scp%s%s%s%s", verbose ? " -v" : "",

+ (void)sprintf(cmd, "scp%s%s%s%s", verbose_mode ? " -v" : "",

iamrecursive ? " -r" : "", pflag ? " -p" : "",

targetshouldbedirectory ? " -d" : "");

@@ -378,18 +378,18 @@ toremote(targ, argc, argv)

continue;

(void)sprintf(bp,

"%s%s -x -o'FallBackToRsh no' -n -l %s %s %s %s '%s%s%s:%s'",

- SSH_PROGRAM, verbose ? " -v" : "",

+ SSH_PROGRAM, verbose_mode ? " -v" : "",

suser, host, cmd, src,

tuser ? tuser : "", tuser ? "@" : "",

thost, targ);

} else

(void)sprintf(bp,

"exec %s%s -x -o'FallBackToRsh no' -n %s %s %s '%s%s%s:%s'",

- SSH_PROGRAM, verbose ? " -v" : "",

+ SSH_PROGRAM, verbose_mode ? " -v" : "",

argv[i], cmd, src,

tuser ? tuser : "", tuser ? "@" : "",

thost, targ);

- if (verbose)

+ if (verbose_mode)

fprintf(stderr, "Executing: %s\n", bp);

(void)system(bp);

(void)xfree(bp);

@@ -427,7 +427,7 @@ tolocal(argc, argv)

(void)sprintf(bp, "exec %s%s%s %s %s", _PATH_CP,

iamrecursive ? " -r" : "", pflag ? " -p" : "",

argv[i], argv[argc - 1]);

- if (verbose)

+ if (verbose_mode)

fprintf(stderr, "Executing: %s\n", bp);

if (system(bp))

++errs;

@@ -519,7 +519,7 @@ syserr: run_err("%s: %s", name, strerror(errno));

(unsigned int)(stb.st_mode & FILEMODEMASK),

(unsigned long)stb.st_size,

last);

- if (verbose)

+ if (verbose_mode)

{

fprintf(stderr, "Sending file modes: %s", buf);

fflush(stderr);

@@ -600,7 +600,7 @@ rsource(name, statp)

(void)sprintf(path,

"D%04o %d %.1024s\n", (unsigned int)(statp->st_mode & FILEMODEMASK),

0, last);

- if (verbose)

+ if (verbose_mode)

fprintf(stderr, "Entering directory: %s", path);

(void)write(remout, path, strlen(path));

if (response() < 0) {

@@ -976,7 +976,7 @@ run_err(const char *fmt, ...)

* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

* SUCH DAMAGE.

- * $Id: scp.c,v 1.16 1999/11/17 09:20:17 deraadt Exp $

+ * $Id: scp.c,v 1.17 1999/11/22 21:02:38 markus Exp $

char *

diff --git a/usr.bin/ssh/serverloop.c b/usr.bin/ssh/serverloop.c
index 9961170a5b3..8294714d328 100644
--- a/usr.bin/ssh/serverloop.c
+++ b/usr.bin/ssh/serverloop.c

@@ -308,16 +308,20 @@ void process_input(fd_set *readset)

if (FD_ISSET(connection_in, readset))

{

len = read(connection_in, buf, sizeof(buf));

- if (len == 0)

- fatal("Connection closed by remote host.");

+ if (len == 0) {

+ verbose("Connection closed by remote host.");

+ fatal_cleanup();

+ }

/* There is a kernel bug on Solaris that causes select to sometimes

wake up even though there is no data available. */

if (len < 0 && errno == EAGAIN)

len = 0;

- if (len < 0)

- fatal("Read error from remote host: %.100s", strerror(errno));

+ if (len < 0) {

+ verbose("Read error from remote host: %.100s", strerror(errno));

+ fatal_cleanup();

+ }

/* Buffer any received data. */

packet_process_incoming(buf, len);

diff --git a/usr.bin/ssh/ssh.h b/usr.bin/ssh/ssh.h
index b1de3d26564..85923137bbc 100644
--- a/usr.bin/ssh/ssh.h
+++ b/usr.bin/ssh/ssh.h

@@ -13,7 +13,7 @@ Generic header file for ssh.

-/* RCSID("$Id: ssh.h,v 1.22 1999/11/19 16:04:17 markus Exp $"); */

+/* RCSID("$Id: ssh.h,v 1.23 1999/11/22 21:02:38 markus Exp $"); */

#ifndef SSH_H

#define SSH_H

@@ -365,7 +365,7 @@ typedef enum

SYSLOG_LEVEL_FATAL,

SYSLOG_LEVEL_ERROR,

SYSLOG_LEVEL_INFO,

- SYSLOG_LEVEL_CHAT,

+ SYSLOG_LEVEL_VERBOSE,

SYSLOG_LEVEL_DEBUG

} LogLevel;

@@ -380,12 +380,12 @@ SyslogFacility log_facility_number(char *name);

LogLevel log_level_number(char *name);

/* Output a message to syslog or stderr */

-void fatal(const char *fmt, ...);

-void error(const char *fmt, ...);

-void log(const char *fmt, ...);

-void chat(const char *fmt, ...);

-void debug(const char *fmt, ...);

+void fatal(const char *fmt, ...) __attribute__ ((format (printf, 1, 2)));

+void error(const char *fmt, ...) __attribute__ ((format (printf, 1, 2)));

+void log(const char *fmt, ...) __attribute__ ((format (printf, 1, 2)));

+void verbose(const char *fmt, ...) __attribute__ ((format (printf, 1, 2)));

+void debug(const char *fmt, ...) __attribute__ ((format (printf, 1, 2)));

/* same as fatal() but w/o logging */

void fatal_cleanup(void);

diff --git a/usr.bin/ssh/sshd.8 b/usr.bin/ssh/sshd.8
index c2162c0581c..ccdea15097e 100644
--- a/usr.bin/ssh/sshd.8
+++ b/usr.bin/ssh/sshd.8

@@ -9,7 +9,7 @@

.\"

.\" Created: Sat Apr 22 21:55:14 1995 ylo

.\"

-.\" $Id: sshd.8,v 1.26 1999/11/22 20:02:45 markus Exp $

+.\" $Id: sshd.8,v 1.27 1999/11/22 21:02:39 markus Exp $

.\"

.Dd September 25, 1999

.Dt SSHD 8

@@ -328,7 +328,7 @@ The default is 600 (seconds).

Gives the verbosity level that is used when logging messages from

.Nm sshd .

The possible values are:

-QUIET, FATAL, ERROR, INFO, CHAT and DEBUG.

+QUIET, FATAL, ERROR, INFO, VERBOSE and DEBUG.

The default is INFO.

Logging with level DEBUG violates the privacy of users

and is not recommended.

diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c
index afa9667058d..eda984b4788 100644
--- a/usr.bin/ssh/sshd.c
+++ b/usr.bin/ssh/sshd.c

@@ -18,7 +18,7 @@ agent connections.

#include "includes.h"

-RCSID("$Id: sshd.c,v 1.61 1999/11/22 20:02:45 markus Exp $");

+RCSID("$Id: sshd.c,v 1.62 1999/11/22 21:02:39 markus Exp $");

#include "xmalloc.h"

#include "rsa.h"

@@ -190,7 +190,29 @@ void grace_alarm_handler(int sig)

packet_close();

/* Log error and exit. */

- fatal("Timeout before authentication.");

+ fatal("Timeout before authentication for %s.", get_remote_ipaddr());

+/* convert ssh auth msg type into description */

+char *

+get_authname(int type)

+ switch (type) {

+ case SSH_CMSG_AUTH_PASSWORD:

+ return "password";

+ case SSH_CMSG_AUTH_RSA:

+ return "rsa";

+ case SSH_CMSG_AUTH_RHOSTS_RSA:

+ return "rhosts-rsa";

+ case SSH_CMSG_AUTH_RHOSTS:

+ return "rhosts";

+#ifdef KRB4

+ case SSH_CMSG_AUTH_KERBEROS:

+ return "kerberos";

+#endif

+ }

+ fatal("get_authname: unknown auth %d: internal error", type);

+ return NULL;

}

/* Signal handler for the key regeneration alarm. Note that this

@@ -242,6 +264,7 @@ main(int ac, char **av)

struct sockaddr_in sin;

char buf[100]; /* Must not be larger than remote_version. */

char remote_version[100]; /* Must be at least as big as buf. */

+ const char *remote_ip;

int remote_port;

char *comment;

FILE *f;

@@ -610,6 +633,7 @@ main(int ac, char **av)

packet_set_connection(sock_in, sock_out);

remote_port = get_remote_port();

+ remote_ip = get_remote_ipaddr();

/* Check whether logins are denied from this host. */

#ifdef LIBWRAP

@@ -624,11 +648,11 @@ main(int ac, char **av)

close(sock_out);

refuse(&req);

}

- log("Connection from %.500s port %d", eval_client(&req), remote_port);

+ verbose("Connection from %.500s port %d", eval_client(&req), remote_port);

}

#else

/* Log the connection. */

- log("Connection from %.100s port %d", get_remote_ipaddr(), remote_port);

+ verbose("Connection from %.500s port %d", remote_ip, remote_port);

#endif /* LIBWRAP */

/* We don\'t want to listen forever unless the other side successfully

@@ -648,13 +672,13 @@ main(int ac, char **av)

snprintf(buf, sizeof buf, "SSH-%d.%d-%.100s\n",

PROTOCOL_MAJOR, PROTOCOL_MINOR, SSH_VERSION);

if (write(sock_out, buf, strlen(buf)) != strlen(buf))

- fatal("Could not write ident string.");

+ fatal("Could not write ident string to %s.", get_remote_ipaddr());

/* Read other side\'s version identification. */

for (i = 0; i < sizeof(buf) - 1; i++)

{

if (read(sock_in, &buf[i], 1) != 1)

- fatal("Did not receive ident string.");

+ fatal("Did not receive ident string from %s.", get_remote_ipaddr());

if (buf[i] == '\r')

{

buf[i] = '\n';

@@ -680,7 +704,8 @@ main(int ac, char **av)

(void) write(sock_out, s, strlen(s));

close(sock_in);

close(sock_out);

- fatal("Bad protocol version identification: %.100s", buf);

+ fatal("Bad protocol version identification '%.100s' from %s",

+ buf, get_remote_ipaddr());

}

debug("Client protocol version %d.%d; client software version %.100s",

remote_major, remote_minor, remote_version);

@@ -690,7 +715,8 @@ main(int ac, char **av)

(void) write(sock_out, s, strlen(s));

close(sock_in);

close(sock_out);

- fatal("Protocol major versions differ: %d vs. %d",

+ fatal("Protocol major versions differ for %s: %d vs. %d",

+ get_remote_ipaddr(),

PROTOCOL_MAJOR, remote_major);

}

@@ -734,7 +760,7 @@ main(int ac, char **av)

if (xauthfile) unlink(xauthfile);

/* The connection has been terminated. */

- log("Closing connection to %.100s", inet_ntoa(sin.sin_addr));

+ verbose("Closing connection to %.100s", remote_ip);

packet_close();

exit(0);

}

@@ -851,7 +877,8 @@ do_connection()

/* Private key has bigger modulus. */

if (BN_num_bits(sensitive_data.private_key->n) <

BN_num_bits(sensitive_data.host_key->n) + SSH_KEY_BITS_RESERVED) {

- fatal("do_connection: private_key %d < host_key %d + SSH_KEY_BITS_RESERVED %d",

+ fatal("do_connection: %s: private_key %d < host_key %d + SSH_KEY_BITS_RESERVED %d",

+ get_remote_ipaddr(),

BN_num_bits(sensitive_data.private_key->n),

BN_num_bits(sensitive_data.host_key->n),

SSH_KEY_BITS_RESERVED);

@@ -867,7 +894,8 @@ do_connection()

/* Host key has bigger modulus (or they are equal). */

if (BN_num_bits(sensitive_data.host_key->n) <

BN_num_bits(sensitive_data.private_key->n) + SSH_KEY_BITS_RESERVED) {

- fatal("do_connection: host_key %d < private_key %d + SSH_KEY_BITS_RESERVED %d",

+ fatal("do_connection: %s: host_key %d < private_key %d + SSH_KEY_BITS_RESERVED %d",

+ get_remote_ipaddr(),

BN_num_bits(sensitive_data.host_key->n),

BN_num_bits(sensitive_data.private_key->n),

SSH_KEY_BITS_RESERVED);

@@ -889,7 +917,8 @@ do_connection()

BN_mask_bits(session_key_int, sizeof(session_key) * 8);

len = BN_num_bytes(session_key_int);

if (len < 0 || len > sizeof(session_key))

- fatal("do_connection: bad len: session_key_int %d > sizeof(session_key) %d",

+ fatal("do_connection: bad len from %s: session_key_int %d > sizeof(session_key) %d",

+ get_remote_ipaddr(),

len, sizeof(session_key));

memset(session_key, 0, sizeof(session_key));

BN_bn2bin(session_key_int, session_key + sizeof(session_key) - len);

@@ -1061,15 +1090,14 @@ do_authentication(char *user)

auth_password(pw, ""))

{

/* Authentication with empty password succeeded. */

- debug("Login for user %.100s accepted without authentication.", user);

+ log("Login for user %s from %.100s, accepted without authentication.",

+ pw->pw_name, get_remote_ipaddr());

} else {

/* Loop until the user has been authenticated or the connection is closed,

do_authloop() returns only if authentication is successfull */

do_authloop(pw);

}

- /* XXX log unified auth message */

/* Check if the user is logging in as root and root logins are disallowed. */

if (pw->pw_uid == 0 && !options.permit_root_login)

{

@@ -1089,30 +1117,36 @@ do_authentication(char *user)

do_authenticated(pw);

}

-#define MAX_AUTH_FAILURES 5

+#define AUTH_FAIL_MAX 6

+#define AUTH_FAIL_LOG (AUTH_FAIL_MAX/2)

+#define AUTH_FAIL_MSG "Too many authentication failures for %.100s"

/* read packets and try to authenticate local user *pw.

return if authentication is successfull */

void

do_authloop(struct passwd *pw)

{

- int authentication_failures = 0;

+ int attempt = 0;

unsigned int bits;

BIGNUM *client_host_key_e, *client_host_key_n;

BIGNUM *n;

char *client_user, *password;

+ char user[1024];

int plen, dlen, nlen, ulen, elen;

+ int type = 0;

+ void (*authlog)(const char *fmt, ...) = verbose;

/* Indicate that authentication is needed. */

packet_start(SSH_SMSG_FAILURE);

packet_send();

packet_write_wait();

- for (;;) {

+ for (attempt = 1; ; attempt++) {

int authenticated = 0;

+ strlcpy(user, "", sizeof user);

/* Get a packet from the client. */

- int type = packet_read(&plen);

+ type = packet_read(&plen);

/* Process the packet. */

switch (type)

@@ -1122,7 +1156,7 @@ do_authloop(struct passwd *pw)

if (!options.kerberos_tgt_passing)

{

/* packet_get_all(); */

- log("Kerberos tgt passing disabled.");

+ verbose("Kerberos tgt passing disabled.");

break;

}

else {

@@ -1130,7 +1164,7 @@ do_authloop(struct passwd *pw)

char *tgt = packet_get_string(&dlen);

packet_integrity_check(plen, 4 + dlen, type);

if (!auth_kerberos_tgt(pw, tgt))

- debug("Kerberos tgt REFUSED for %s", pw->pw_name);

+ verbose("Kerberos tgt REFUSED for %s", pw->pw_name);

xfree(tgt);

}

continue;

@@ -1138,7 +1172,7 @@ do_authloop(struct passwd *pw)

case SSH_CMSG_HAVE_AFS_TOKEN:

if (!options.afs_token_passing || !k_hasafs()) {

/* packet_get_all(); */

- log("AFS token passing disabled.");

+ verbose("AFS token passing disabled.");

break;

}

else {

@@ -1146,7 +1180,7 @@ do_authloop(struct passwd *pw)

char *token_string = packet_get_string(&dlen);

packet_integrity_check(plen, 4 + dlen, type);

if (!auth_afs_token(pw, token_string))

- debug("AFS token REFUSED for %s", pw->pw_name);

+ verbose("AFS token REFUSED for %s", pw->pw_name);

xfree(token_string);

}

continue;

@@ -1157,7 +1191,7 @@ do_authloop(struct passwd *pw)

if (!options.kerberos_authentication)

{

/* packet_get_all(); */

- log("Kerberos authentication disabled.");

+ verbose("Kerberos authentication disabled.");

break;

}

else {

@@ -1173,12 +1207,10 @@ do_authloop(struct passwd *pw)

authenticated = auth_krb4(pw->pw_name, &auth, &tkt_user);

- log("Kerberos authentication %s%s for account %s from %s",

- authenticated ? "accepted " : "failed",

- tkt_user != NULL ? tkt_user : "",

- pw->pw_name, get_canonical_hostname());

- if (authenticated)

+ if (authenticated) {

+ snprintf(user, sizeof user, " tktuser %s", tkt_user);

xfree(tkt_user);

+ }

}

break;

#endif /* KRB4 */

@@ -1186,29 +1218,27 @@ do_authloop(struct passwd *pw)

case SSH_CMSG_AUTH_RHOSTS:

if (!options.rhosts_authentication)

{

- log("Rhosts authentication disabled.");

+ verbose("Rhosts authentication disabled.");

break;

}

/* Get client user name. Note that we just have to trust the client;

this is one reason why rhosts authentication is insecure.

(Another is IP-spoofing on a local network.) */

- client_user = packet_get_string(&dlen);

- packet_integrity_check(plen, 4 + dlen, type);

+ client_user = packet_get_string(&ulen);

+ packet_integrity_check(plen, 4 + ulen, type);

/* Try to authenticate using /etc/hosts.equiv and .rhosts. */

authenticated = auth_rhosts(pw, client_user);

- log("Rhosts authentication %s for %.100s, remote %.100s on %.700s.",

- authenticated ? "accepted" : "failed",

- pw->pw_name, client_user, get_canonical_hostname());

+ snprintf(user, sizeof user, " ruser %s", client_user);

xfree(client_user);

break;

case SSH_CMSG_AUTH_RHOSTS_RSA:

if (!options.rhosts_rsa_authentication)

{

- log("Rhosts with RSA authentication disabled.");

+ verbose("Rhosts with RSA authentication disabled.");

break;

}

@@ -1231,18 +1261,17 @@ do_authloop(struct passwd *pw)

authenticated = auth_rhosts_rsa(pw, client_user,

client_host_key_e, client_host_key_n);

- log("Rhosts authentication %s for %.100s, remote %.100s.",

- authenticated ? "accepted" : "failed",

- pw->pw_name, client_user);

- xfree(client_user);

BN_clear_free(client_host_key_e);

BN_clear_free(client_host_key_n);

+ snprintf(user, sizeof user, " ruser %s", client_user);

+ xfree(client_user);

break;

case SSH_CMSG_AUTH_RSA:

if (!options.rsa_authentication)

{

- log("RSA authentication disabled.");

+ verbose("RSA authentication disabled.");

break;

}

@@ -1250,18 +1279,14 @@ do_authloop(struct passwd *pw)

n = BN_new();

packet_get_bignum(n, &nlen);

packet_integrity_check(plen, nlen, type);

authenticated = auth_rsa(pw, n);

- log("RSA authentication %s for %.100s.",

- authenticated ? "accepted" : "failed",

- pw->pw_name);

BN_clear_free(n);

break;

case SSH_CMSG_AUTH_PASSWORD:

if (!options.password_authentication)

{

- log("Password authentication disabled.");

+ verbose("Password authentication disabled.");

break;

}

@@ -1273,9 +1298,6 @@ do_authloop(struct passwd *pw)

/* Try authentication with the password. */

authenticated = auth_password(pw, password);

- log("Password authentication %s for %.100s.",

- authenticated ? "accepted" : "failed",

- pw->pw_name);

memset(password, 0, strlen(password));

xfree(password);

@@ -1290,14 +1312,29 @@ do_authloop(struct passwd *pw)

/* Any unknown messages will be ignored (and failure returned)

during authentication. */

log("Unknown message during authentication: type %d", type);

- break; /* Respond with a failure message. */

+ break;

}

+ /* Raise logging level */

+ if (authenticated ||

+ attempt == AUTH_FAIL_LOG ||

+ type == SSH_CMSG_AUTH_PASSWORD)

+ authlog = log;

+ authlog("%s %s for %.200s from %.200s port %d%s",

+ authenticated ? "Accepted" : "Failed",

+ get_authname(type),

+ pw->pw_uid == 0 ? "ROOT" : pw->pw_name,

+ get_remote_ipaddr(),

+ get_remote_port(),

+ user);

if (authenticated)

- break;

- if (++authentication_failures >= MAX_AUTH_FAILURES)

- packet_disconnect("Too many authentication failures for %.100s from %.200s",

- pw->pw_name, get_canonical_hostname());

+ return;

+ if (attempt > AUTH_FAIL_MAX)

+ packet_disconnect(AUTH_FAIL_MSG, pw->pw_name);

/* Send a message indicating that the authentication attempt failed. */

packet_start(SSH_SMSG_FAILURE);

packet_send();

@@ -1310,7 +1347,12 @@ do_authloop(struct passwd *pw)

void

do_fake_authloop(char *user)

{

- int authentication_failures = 0;

+ int attempt = 0;

+ log("Faking authloop for illegal user %.200s from %.200s port %d",

+ user,

+ get_remote_ipaddr(),

+ get_remote_port());

/* Indicate that authentication is needed. */

packet_start(SSH_SMSG_FAILURE);

@@ -1319,28 +1361,28 @@ do_fake_authloop(char *user)

/* Keep reading packets, and always respond with a failure. This is to

avoid disclosing whether such a user really exists. */

- for (;;)

+ for (attempt = 1; ; attempt++)

{

/* Read a packet. This will not return if the client disconnects. */

int plen;

int type = packet_read(&plen);

#ifdef SKEY

- int passw_len;

+ int dlen;

char *password, *skeyinfo;

if (options.password_authentication &&

options.skey_authentication == 1 &&

type == SSH_CMSG_AUTH_PASSWORD &&

- (password = packet_get_string(&passw_len)) != NULL &&

- passw_len == 5 &&

+ (password = packet_get_string(&dlen)) != NULL &&

+ dlen == 5 &&

strncasecmp(password, "s/key", 5) == 0 &&

(skeyinfo = skey_fake_keyinfo(user)) != NULL ){

/* Send a fake s/key challenge. */

packet_send_debug(skeyinfo);

}

#endif

- if (++authentication_failures >= MAX_AUTH_FAILURES)

- packet_disconnect("Too many authentication failures for %.100s from %.200s",

- user, get_canonical_hostname());

+ if (attempt > AUTH_FAIL_MAX)

+ packet_disconnect(AUTH_FAIL_MSG, user);

/* Send failure. This should be indistinguishable from a failed

authentication. */

packet_start(SSH_SMSG_FAILURE);