- dtucker@cvs.openbsd.org 2005/01/22 08:17:59

[auth.c] Log source of connections denied by AllowUsers, DenyUsers, AllowGroups and DenyGroups. bz #909, ok djm@
2005-01-24 21:56:48 +11:00 · 2005-01-24 21:56:48 +11:00 · 094cd0ba02
parent 5c14c73429
commit 094cd0ba02
2 changed files with 19 additions and 12 deletions
--- a/6
+++ b/6
@ -5,6 +5,10 @@
     Warn in advance for password and account expiry; initialize loginmsg
     buffer earlier and clear it after privsep fork. ok and help dtucker@
     markus@
   - dtucker@cvs.openbsd.org 2005/01/22 08:17:59
     [auth.c]
     Log source of connections denied by AllowUsers, DenyUsers, AllowGroups and
     DenyGroups.  bz #909, ok djm@
 20050120
 - (dtucker) OpenBSD CVS Sync
@ -2023,4 +2027,4 @@
   - (djm) Trim deprecated options from INSTALL. Mention UsePAM
   - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
-$Id: ChangeLog,v 1.3621 2005/01/24 10:55:49 dtucker Exp $
+$Id: ChangeLog,v 1.3622 2005/01/24 10:56:48 dtucker Exp $
--- a/auth.c
+++ b/auth.c
@ -23,7 +23,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: auth.c,v 1.56 2004/07/28 09:40:29 markus Exp $");
+RCSID("$OpenBSD: auth.c,v 1.57 2005/01/22 08:17:59 dtucker Exp $");
 #ifdef HAVE_LOGIN_H
 #include <login.h>
@ -153,8 +153,9 @@ allowed_user(struct passwd * pw)
 		for (i = 0; i < options.num_deny_users; i++)
 			if (match_user(pw->pw_name, hostname, ipaddr,
 			    options.deny_users[i])) {
-				logit("User %.100s not allowed because listed in DenyUsers",
+				logit("User %.100s from %.100s not allowed "
-				    pw->pw_name);
+				    "because listed in DenyUsers",
 				    pw->pw_name, hostname);
 				return 0;
 			}
 	}
@ -166,16 +167,16 @@ allowed_user(struct passwd * pw)
 				break;
 		/* i < options.num_allow_users iff we break for loop */
 		if (i >= options.num_allow_users) {
-			logit("User %.100s not allowed because not listed in AllowUsers",
+			logit("User %.100s from %.100s not allowed because "
-			    pw->pw_name);
+			    "not listed in AllowUsers", pw->pw_name, hostname);
 			return 0;
 		}
 	}
 	if (options.num_deny_groups > 0 || options.num_allow_groups > 0) {
 		/* Get the user's group access list (primary and supplementary) */
 		if (ga_init(pw->pw_name, pw->pw_gid) == 0) {
-			logit("User %.100s not allowed because not in any group",
+			logit("User %.100s from %.100s not allowed because "
-			    pw->pw_name);
+			    "not in any group", pw->pw_name, hostname);
 			return 0;
 		}
@ -184,8 +185,9 @@ allowed_user(struct passwd * pw)
 			if (ga_match(options.deny_groups,
 			    options.num_deny_groups)) {
 				ga_free();
-				logit("User %.100s not allowed because a group is listed in DenyGroups",
+				logit("User %.100s from %.100s not allowed "
-				    pw->pw_name);
+				    "because a group is listed in DenyGroups",
 				    pw->pw_name, hostname);
 				return 0;
 			}
 		/*
@ -196,8 +198,9 @@ allowed_user(struct passwd * pw)
 			if (!ga_match(options.allow_groups,
 			    options.num_allow_groups)) {
 				ga_free();
-				logit("User %.100s not allowed because none of user's groups are listed in AllowGroups",
+				logit("User %.100s from %.100s not allowed "
-				    pw->pw_name);
+				    "because none of user's groups are listed "
 				    "in AllowGroups", pw->pw_name, hostname);
 				return 0;
 			}
 		ga_free();