head 1.2; access; symbols pkgsrc-2013Q2:1.2.0.54 pkgsrc-2013Q2-base:1.2 pkgsrc-2012Q4:1.2.0.52 pkgsrc-2012Q4-base:1.2 pkgsrc-2011Q4:1.2.0.50 pkgsrc-2011Q4-base:1.2 pkgsrc-2011Q2:1.2.0.48 pkgsrc-2011Q2-base:1.2 pkgsrc-2009Q4:1.2.0.46 pkgsrc-2009Q4-base:1.2 pkgsrc-2008Q4:1.2.0.44 pkgsrc-2008Q4-base:1.2 pkgsrc-2008Q3:1.2.0.42 pkgsrc-2008Q3-base:1.2 cube-native-xorg:1.2.0.40 cube-native-xorg-base:1.2 pkgsrc-2008Q2:1.2.0.38 pkgsrc-2008Q2-base:1.2 pkgsrc-2008Q1:1.2.0.36 pkgsrc-2008Q1-base:1.2 pkgsrc-2007Q4:1.2.0.34 pkgsrc-2007Q4-base:1.2 pkgsrc-2007Q3:1.2.0.32 pkgsrc-2007Q3-base:1.2 pkgsrc-2007Q2:1.2.0.30 pkgsrc-2007Q2-base:1.2 pkgsrc-2007Q1:1.2.0.28 pkgsrc-2007Q1-base:1.2 pkgsrc-2006Q4:1.2.0.26 pkgsrc-2006Q4-base:1.2 pkgsrc-2006Q3:1.2.0.24 pkgsrc-2006Q3-base:1.2 pkgsrc-2006Q2:1.2.0.22 pkgsrc-2006Q2-base:1.2 pkgsrc-2006Q1:1.2.0.20 pkgsrc-2006Q1-base:1.2 pkgsrc-2005Q4:1.2.0.18 pkgsrc-2005Q4-base:1.2 pkgsrc-2005Q3:1.2.0.16 pkgsrc-2005Q3-base:1.2 pkgsrc-2005Q2:1.2.0.14 pkgsrc-2005Q2-base:1.2 pkgsrc-2005Q1:1.2.0.12 pkgsrc-2005Q1-base:1.2 pkgsrc-2004Q4:1.2.0.10 pkgsrc-2004Q4-base:1.2 pkgsrc-2004Q3:1.2.0.8 pkgsrc-2004Q3-base:1.2 pkgsrc-2004Q2:1.2.0.6 pkgsrc-2004Q2-base:1.2 pkgsrc-2004Q1:1.2.0.4 pkgsrc-2004Q1-base:1.2 pkgsrc-2003Q4:1.2.0.2 pkgsrc-2003Q4-base:1.2 buildlink2-base:1.2 netbsd-1-5-PATCH001:1.1 netbsd-1-5-RELEASE:1.1 netbsd-1-4-PATCH003:1.1; locks; strict; comment @# @; 1.2 date 2001.08.02.12.55.25; author itojun; state dead; branches; next 1.1; 1.1 date 2000.03.20.02.25.34; author itojun; state Exp; branches; next ; desc @@ 1.2 log @say goodbye to security/ssh6. per comments on packages@@netbsd. @ text @$NetBSD: patch-ag,v 1.1 2000/03/20 02:25:34 itojun Exp $ --- log-server.c.orig Wed May 12 07:19:26 1999 +++ log-server.c Sat Dec 25 00:17:29 1999 @@@@ -146,6 +146,25 @@@@ syslog(LOG_INFO, "log: %.500s", buf); } +#ifdef ENABLE_LOG_AUTH +void log_auth(const char *fmt, ...) +{ + char buf[1024]; + va_list args; + extern int log_auth_flag; + if (!log_auth_flag) + return; + if (log_quiet) + return; + va_start(args, fmt); + vsprintf(buf, fmt, args); + va_end(args); + if (log_on_stderr) + fprintf(stderr, "log: %s\n", buf); + syslog(LOG_INFO|LOG_AUTH, "%.500s", buf); +} +#endif /* ENABLE_LOG_AUTH */ + /* Converts portable syslog severity to machine-specific syslog severity. */ static int syslog_severity(int severity) @@@@ -265,9 +284,12 @@@@ { struct fatal_cleanup *cu, *next_cu; static int fatal_called = 0; -#ifdef KERBEROS +#if defined(KRB4) || defined(KRB5) extern char *ticket; -#endif +#ifdef AFS + extern char *xauthfile; +#endif /* AFS */ +#endif /* KRB4 || KRB5 */ if (!fatal_called) { @@@@ -281,19 +303,27 @@@@ (unsigned long)cu->proc, (unsigned long)cu->context); (*cu->proc)(cu->context); } -#ifdef KERBEROS +#if defined(KRB4) || defined(KRB5) /* If you forwarded a ticket you get one shot for proper authentication. */ /* If tgt was passed unlink file */ if (ticket) { if (strcmp(ticket,"none")) +#ifdef KRB5 /* ticket -> FILE:path */ unlink(ticket + 5); +#else /* KRB4 */ + unlink(ticket); +#endif else ticket = NULL; } -#endif /* KERBEROS */ +#ifdef AFS + /* If local XAUTHORITY was created, remove it. */ + if (xauthfile) unlink(xauthfile); +#endif /* AFS */ +#endif /* KRB4 || KRB5 */ } } @@@@ -322,6 +352,9 @@@@ { char buf[1024]; va_list args; +#ifdef ENABLE_LOG_AUTH + extern char *unauthenticated_user; +#endif /* ENABLE_LOG_AUTH */ if (log_quiet) exit(1); @@@@ -331,6 +364,11 @@@@ if (log_on_stderr) fprintf(stderr, "fatal: %s\n", buf); syslog(syslog_severity(severity), "fatal: %.500s", buf); +#ifdef ENABLE_LOG_AUTH + if (unauthenticated_user) + log_auth("LOGIN FAILED %.100s from %.200s", + unauthenticated_user, get_canonical_hostname()); +#endif /* ENABLE_LOG_AUTH */ do_fatal_cleanups(); @ 1.1 log @split security/ssh and security/ssh6. security/ssh6: IPv4/v6 ready, socks unavailable, kerberos available (not tested) security/ssh: IPv4 onlyready, socks available, kerberos available (not tested) should be integrated into one whenever socks support becomes aware of getaddrinfo/getnameinfo. two directories with tons of patches/patch-* is a maintenance headache. @ text @d1 1 a1 1 $NetBSD: patch-ag,v 1.3 1999/12/25 05:28:35 kim Exp $ @