diff options
author | Darren Tucker <dtucker@zip.com.au> | 2005-02-03 00:20:53 +1100 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2005-02-03 00:20:53 +1100 |
commit | 269a1ea1c80a855d1eb74fccba6dd5c75947c5d2 (patch) | |
tree | 2c3ece8547de7552c4c78337607a1a387decd797 /sshd.c | |
parent | 2fba993080eba14e339d6a6666ee79580ee20f97 (diff) | |
download | openssh-git-269a1ea1c80a855d1eb74fccba6dd5c75947c5d2.tar.gz |
- (dtucker) [Makefile.in auth.c auth.h auth1.c auth2.c loginrec.c monitor.c
monitor.h monitor_wrap.c monitor_wrap.h session.c sshd.c] Bug #125:
(first stage) Add audit instrumentation to sshd, currently disabled by
default. with suggestions from and djm@
Diffstat (limited to 'sshd.c')
-rw-r--r-- | sshd.c | 12 |
1 files changed, 12 insertions, 0 deletions
@@ -1628,6 +1628,9 @@ main(int ac, char **av) remote_port = get_remote_port(); remote_ip = get_remote_ipaddr(); +#ifdef AUDIT_EVENTS + audit_connection_from(remote_ip, remote_port); +#endif #ifdef LIBWRAP /* Check whether logins are denied from this host. */ if (packet_connection_is_on_socket()) { @@ -1697,6 +1700,10 @@ main(int ac, char **av) } authenticated: +#ifdef AUDIT_EVENTS + audit_event(AUTH_SUCCESS); +#endif + /* * In privilege separation, we fork another child and prepare * file descriptor passing. @@ -2010,5 +2017,10 @@ cleanup_exit(int i) { if (the_authctxt) do_cleanup(the_authctxt); +#ifdef AUDIT_EVENTS + /* done after do_cleanup so it can cancel the PAM auth 'thread' */ + if (!use_privsep || mm_is_monitor()) + audit_event(CONNECTION_ABANDON); +#endif _exit(i); } |