diff options
-rw-r--r-- | NEWS | 1 | ||||
-rw-r--r-- | src/http_auth.c | 8 |
2 files changed, 5 insertions, 4 deletions
@@ -162,6 +162,7 @@ NEWS * Append to previous buffer in con read (fixes #2147, found by liming, CVE-2010-0295) * Fix handling return value of SSL_CTX_set_options (fixes #2157, thx mlcreech) * Print double quotes properly when dumping config file (fixes #1806) + * Include IP addresses on error log on password failures (fixes #2191) - 1.5.0-r19.. - * -F option added for spawn-fcgi diff --git a/src/http_auth.c b/src/http_auth.c index 647ab12f..52f44ef1 100644 --- a/src/http_auth.c +++ b/src/http_auth.c @@ -912,14 +912,14 @@ int http_auth_basic_check(server *srv, connection *con, mod_auth_plugin_data *p, buffer_free(username); buffer_free(password); - log_error_write(srv, __FILE__, __LINE__, "s", "get_password failed"); + log_error_write(srv, __FILE__, __LINE__, "ss", "get_password failed, IP:", inet_ntop_cache_get_ip(srv, &(con->dst_addr))); return 0; } /* password doesn't match */ if (http_auth_basic_password_compare(srv, p, req, username, realm->value, password, pw)) { - log_error_write(srv, __FILE__, __LINE__, "sbb", "password doesn't match for", con->uri.path, username); + log_error_write(srv, __FILE__, __LINE__, "sbsBss", "password doesn't match for", con->uri.path, "username:", username, ", IP:", inet_ntop_cache_get_ip(srv, &(con->dst_addr))); buffer_free(username); buffer_free(password); @@ -1186,8 +1186,8 @@ int http_auth_digest_check(server *srv, connection *con, mod_auth_plugin_data *p "digest: digest mismatch", a2, respons); } - log_error_write(srv, __FILE__, __LINE__, "sss", - "digest: auth failed for", username, "wrong password"); + log_error_write(srv, __FILE__, __LINE__, "ssss", + "digest: auth failed for ", username, ": wrong password, IP:", inet_ntop_cache_get_ip(srv, &(con->dst_addr))); buffer_free(b); return 0; |