- (dtucker) [audit.c audit.h auth.c auth1.c auth2.c loginrec.c monitor.c

monitor_wrap.c monitor_wrap.h session.c sshd.c]: Prepend all of the audit
   defines and enums with SSH_ to prevent namespace collisions on some
   platforms (eg AIX).

ChangeLog

@@ -3,6 +3,10 @@
    regress tests so newer versions of GNU head(1) behave themselves.  Patch
    by djm, so ok me.
  - (dtucker) [openbsd-compat/port-aix.c] Silence compiler warnings.
+ - (dtucker) [audit.c audit.h auth.c auth1.c auth2.c loginrec.c monitor.c
+   monitor_wrap.c monitor_wrap.h session.c sshd.c]: Prepend all of the audit
+   defines and enums with SSH_ to prevent namespace collisions on some
+   platforms (eg AIX).
 
 20050204
  - (dtucker) [monitor.c] Permit INVALID_USER audit events from slave too.
@@ -2082,4 +2086,4 @@
    - (djm) Trim deprecated options from INSTALL. Mention UsePAM
    - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
 
-$Id: ChangeLog,v 1.3638 2005/02/08 10:06:55 dtucker Exp $
+$Id: ChangeLog,v 1.3639 2005/02/08 10:52:47 dtucker Exp $

audit.c

@@ -1,4 +1,4 @@
-/* $Id: audit.c,v 1.1 2005/02/02 13:37:14 dtucker Exp $ */
+/* $Id: audit.c,v 1.2 2005/02/08 10:52:48 dtucker Exp $ */
 
 /*
  * Copyright (c) 2004, 2005 Darren Tucker.  All rights reserved.
@@ -26,7 +26,7 @@
 
 #include "includes.h"
 
-#ifdef AUDIT_EVENTS
+#ifdef SSH_AUDIT_EVENTS
 
 #include "audit.h"
 #include "log.h"
@@ -44,22 +44,22 @@ ssh_audit_event_t
 audit_classify_auth(const char *method)
 {
 	if (strcmp(method, "none") == 0)
-		return AUTH_FAIL_NONE;
+		return SSH_AUTH_FAIL_NONE;
 	else if (strcmp(method, "password") == 0)
-		return AUTH_FAIL_PASSWD;
+		return SSH_AUTH_FAIL_PASSWD;
 	else if (strcmp(method, "publickey") == 0 ||
 	    strcmp(method, "rsa") == 0)
-		return AUTH_FAIL_PUBKEY;
+		return SSH_AUTH_FAIL_PUBKEY;
 	else if (strncmp(method, "keyboard-interactive", 20) == 0 ||
 	    strcmp(method, "challenge-response") == 0)
-		return AUTH_FAIL_KBDINT;
+		return SSH_AUTH_FAIL_KBDINT;
 	else if (strcmp(method, "hostbased") == 0 ||
 	    strcmp(method, "rhosts-rsa") == 0)
-		return AUTH_FAIL_HOSTBASED;
+		return SSH_AUTH_FAIL_HOSTBASED;
 	else if (strcmp(method, "gssapi-with-mic") == 0)
-		return AUTH_FAIL_GSSAPI;
+		return SSH_AUTH_FAIL_GSSAPI;
 	else
-		return AUDIT_UNKNOWN;
+		return SSH_AUDIT_UNKNOWN;
 }
 
 /* helper to return supplied username */
@@ -84,32 +84,32 @@ audit_event_lookup(ssh_audit_event_t ev)
 		ssh_audit_event_t event;
 		const char *name;
 	} event_lookup[] = {
-		{LOGIN_EXCEED_MAXTRIES,	"LOGIN_EXCEED_MAXTRIES"},
-		{LOGIN_ROOT_DENIED,	"LOGIN_ROOT_DENIED"},
-		{AUTH_SUCCESS,		"AUTH_SUCCESS"},
-		{AUTH_FAIL_NONE,	"AUTH_FAIL_NONE"},
-		{AUTH_FAIL_PASSWD,	"AUTH_FAIL_PASSWD"},
-		{AUTH_FAIL_KBDINT,	"AUTH_FAIL_KBDINT"},
-		{AUTH_FAIL_PUBKEY,	"AUTH_FAIL_PUBKEY"},
-		{AUTH_FAIL_HOSTBASED,	"AUTH_FAIL_HOSTBASED"},
-		{AUTH_FAIL_GSSAPI,	"AUTH_FAIL_GSSAPI"},
-		{INVALID_USER,		"INVALID_USER"},
-		{NOLOGIN,		"NOLOGIN"},
-		{CONNECTION_CLOSE,	"CONNECTION_CLOSE"},
-		{CONNECTION_ABANDON,	"CONNECTION_ABANDON"},
-		{AUDIT_UNKNOWN,		"AUDIT_UNKNOWN"}
+		{SSH_LOGIN_EXCEED_MAXTRIES,	"LOGIN_EXCEED_MAXTRIES"},
+		{SSH_LOGIN_ROOT_DENIED,		"LOGIN_ROOT_DENIED"},
+		{SSH_AUTH_SUCCESS,		"AUTH_SUCCESS"},
+		{SSH_AUTH_FAIL_NONE,		"AUTH_FAIL_NONE"},
+		{SSH_AUTH_FAIL_PASSWD,		"AUTH_FAIL_PASSWD"},
+		{SSH_AUTH_FAIL_KBDINT,		"AUTH_FAIL_KBDINT"},
+		{SSH_AUTH_FAIL_PUBKEY,		"AUTH_FAIL_PUBKEY"},
+		{SSH_AUTH_FAIL_HOSTBASED,	"AUTH_FAIL_HOSTBASED"},
+		{SSH_AUTH_FAIL_GSSAPI,		"AUTH_FAIL_GSSAPI"},
+		{SSH_INVALID_USER,		"INVALID_USER"},
+		{SSH_NOLOGIN,			"NOLOGIN"},
+		{SSH_CONNECTION_CLOSE,		"CONNECTION_CLOSE"},
+		{SSH_CONNECTION_ABANDON,	"CONNECTION_ABANDON"},
+		{SSH_AUDIT_UNKNOWN,		"AUDIT_UNKNOWN"}
 	};
 
-	for (i = 0; event_lookup[i].event != AUDIT_UNKNOWN; i++)
+	for (i = 0; event_lookup[i].event != SSH_AUDIT_UNKNOWN; i++)
 		if (event_lookup[i].event == ev)
 			break;
 	return(event_lookup[i].name);
 }
 
-# ifndef CUSTOM_AUDIT_EVENTS
+# ifndef CUSTOM_SSH_AUDIT_EVENTS
 /*
  * Null implementations of audit functions.
- * These get used if AUDIT_EVENTS is defined but no audit module is enabled.
+ * These get used if SSH_AUDIT_EVENTS is defined but no audit module is enabled.
  */
 
 /*
@@ -177,5 +177,5 @@ audit_run_command(const char *command)
 	debug("audit run command euid %d user %s command '%.200s'", geteuid(),
 	    audit_username(), command);
 }
-# endif  /* !defined CUSTOM_AUDIT_EVENTS */
-#endif /* AUDIT_EVENTS */
+# endif  /* !defined CUSTOM_SSH_AUDIT_EVENTS */
+#endif /* SSH_AUDIT_EVENTS */

audit.h

@@ -1,4 +1,4 @@
-/* $Id: audit.h,v 1.1 2005/02/02 13:37:14 dtucker Exp $ */
+/* $Id: audit.h,v 1.2 2005/02/08 10:52:48 dtucker Exp $ */
 
 /*
  * Copyright (c) 2004, 2005 Darren Tucker.  All rights reserved.
@@ -29,20 +29,20 @@
 #ifndef _SSH_AUDIT_H
 # define _SSH_AUDIT_H
 enum ssh_audit_event_type {
-	LOGIN_EXCEED_MAXTRIES,
-	LOGIN_ROOT_DENIED,
-	AUTH_SUCCESS,
-	AUTH_FAIL_NONE,
-	AUTH_FAIL_PASSWD,
-	AUTH_FAIL_KBDINT,	/* keyboard-interactive or challenge-response */
-	AUTH_FAIL_PUBKEY,	/* ssh2 pubkey or ssh1 rsa */
-	AUTH_FAIL_HOSTBASED,	/* ssh2 hostbased or ssh1 rhostsrsa */
-	AUTH_FAIL_GSSAPI,
-	INVALID_USER,
-	NOLOGIN,		/* denied by /etc/nologin, not implemented */
-	CONNECTION_CLOSE,	/* closed after attempting auth or session */
-	CONNECTION_ABANDON,	/* closed without completing auth */
-	AUDIT_UNKNOWN
+	SSH_LOGIN_EXCEED_MAXTRIES,
+	SSH_LOGIN_ROOT_DENIED,
+	SSH_AUTH_SUCCESS,
+	SSH_AUTH_FAIL_NONE,
+	SSH_AUTH_FAIL_PASSWD,
+	SSH_AUTH_FAIL_KBDINT,	/* keyboard-interactive or challenge-response */
+	SSH_AUTH_FAIL_PUBKEY,	/* ssh2 pubkey or ssh1 rsa */
+	SSH_AUTH_FAIL_HOSTBASED,	/* ssh2 hostbased or ssh1 rhostsrsa */
+	SSH_AUTH_FAIL_GSSAPI,
+	SSH_INVALID_USER,
+	SSH_NOLOGIN,		/* denied by /etc/nologin, not implemented */
+	SSH_CONNECTION_CLOSE,	/* closed after attempting auth or session */
+	SSH_CONNECTION_ABANDON,	/* closed without completing auth */
+	SSH_AUDIT_UNKNOWN
 };
 typedef enum ssh_audit_event_type ssh_audit_event_t;
 

auth.c

@@ -252,7 +252,7 @@ auth_log(Authctxt *authctxt, int authenticated, char *method, char *info)
 		record_failed_login(authctxt->user,
 		    get_canonical_hostname(options.use_dns), "ssh");
 #endif
-#ifdef AUDIT_EVENTS
+#ifdef SSH_AUDIT_EVENTS
 	if (authenticated == 0 && !authctxt->postponed) {
 		ssh_audit_event_t event;
 
@@ -265,15 +265,15 @@ auth_log(Authctxt *authctxt, int authenticated, char *method, char *info)
 		 */
 		event = audit_classify_auth(method);
 		switch(event) {
-		case AUTH_FAIL_NONE:
-		case AUTH_FAIL_PASSWD:
-		case AUTH_FAIL_KBDINT:
+		case SSH_AUTH_FAIL_NONE:
+		case SSH_AUTH_FAIL_PASSWD:
+		case SSH_AUTH_FAIL_KBDINT:
 			if (geteuid() == 0)
 				audit_event(event);
 			break;
-		case AUTH_FAIL_PUBKEY:
-		case AUTH_FAIL_HOSTBASED:
-		case AUTH_FAIL_GSSAPI:
+		case SSH_AUTH_FAIL_PUBKEY:
+		case SSH_AUTH_FAIL_HOSTBASED:
+		case SSH_AUTH_FAIL_GSSAPI:
 			/*
 			 * This is required to handle the case where privsep
 			 * is enabled but it's root logging in, since
@@ -515,9 +515,9 @@ getpwnamallow(const char *user)
 		record_failed_login(user,
 		    get_canonical_hostname(options.use_dns), "ssh");
 #endif
-#ifdef AUDIT_EVENTS
-		audit_event(INVALID_USER);
-#endif /* AUDIT_EVENTS */
+#ifdef SSH_AUDIT_EVENTS
+		audit_event(SSH_INVALID_USER);
+#endif /* SSH_AUDIT_EVENTS */
 		return (NULL);
 	}
 	if (!allowed_user(pw))

auth1.c

@@ -249,8 +249,8 @@ do_authloop(Authctxt *authctxt)
 		if (authenticated && authctxt->pw->pw_uid == 0 &&
 		    !auth_root_allowed(get_authname(type))) {
 			authenticated = 0;
-# ifdef AUDIT_EVENTS
-			PRIVSEP(audit_event(LOGIN_ROOT_DENIED));
+# ifdef SSH_AUDIT_EVENTS
+			PRIVSEP(audit_event(SSH_LOGIN_ROOT_DENIED));
 # endif
 		}
 #endif
@@ -288,8 +288,8 @@ do_authloop(Authctxt *authctxt)
 			return;
 
 		if (authctxt->failures++ > options.max_authtries) {
-#ifdef AUDIT_EVENTS
-			PRIVSEP(audit_event(LOGIN_EXCEED_MAXTRIES));
+#ifdef SSH_AUDIT_EVENTS
+			PRIVSEP(audit_event(SSH_LOGIN_EXCEED_MAXTRIES));
 #endif
 			packet_disconnect(AUTH_FAIL_MSG, authctxt->user);
 		}

auth2.c

@@ -167,8 +167,8 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt)
 			if (options.use_pam)
 				PRIVSEP(start_pam(authctxt));
 #endif
-#ifdef AUDIT_EVENTS
-			PRIVSEP(audit_event(INVALID_USER));
+#ifdef SSH_AUDIT_EVENTS
+			PRIVSEP(audit_event(SSH_INVALID_USER));
 #endif
 		}
 		setproctitle("%s%s", authctxt->valid ? user : "unknown",
@@ -219,8 +219,8 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method)
 	if (authenticated && authctxt->pw->pw_uid == 0 &&
 	    !auth_root_allowed(method)) {
 		authenticated = 0;
-#ifdef AUDIT_EVENTS
-		PRIVSEP(audit_event(LOGIN_ROOT_DENIED));
+#ifdef SSH_AUDIT_EVENTS
+		PRIVSEP(audit_event(SSH_LOGIN_ROOT_DENIED));
 #endif
 	}
 
@@ -263,8 +263,8 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method)
 		authctxt->success = 1;
 	} else {
 		if (authctxt->failures++ > options.max_authtries) {
-#ifdef AUDIT_EVENTS
-			PRIVSEP(audit_event(LOGIN_EXCEED_MAXTRIES));
+#ifdef SSH_AUDIT_EVENTS
+			PRIVSEP(audit_event(SSH_LOGIN_EXCEED_MAXTRIES));
 #endif
 			packet_disconnect(AUTH_FAIL_MSG, authctxt->user);
 		}

loginrec.c

@@ -164,7 +164,7 @@
 # include <libutil.h>
 #endif
 
-RCSID("$Id: loginrec.c,v 1.64 2005/02/02 13:20:53 dtucker Exp $");
+RCSID("$Id: loginrec.c,v 1.65 2005/02/08 10:52:48 dtucker Exp $");
 
 /**
  ** prototypes for helper functions in this file
@@ -444,7 +444,7 @@ login_write(struct logininfo *li)
 	   !sys_auth_record_login(li->username,li->hostname,li->line))
 		logit("Writing login record failed for %s", li->username);
 #endif
-#ifdef AUDIT_EVENTS
+#ifdef SSH_AUDIT_EVENTS
 	if (li->type == LTYPE_LOGIN)
 		audit_session_open(li->line);
 	else if (li->type == LTYPE_LOGOUT)

monitor.c

@@ -143,7 +143,7 @@ int mm_answer_gss_userok(int, Buffer *);
 int mm_answer_gss_checkmic(int, Buffer *);
 #endif
 
-#ifdef AUDIT_EVENTS
+#ifdef SSH_AUDIT_EVENTS
 int mm_answer_audit_event(int, Buffer *);
 int mm_answer_audit_command(int, Buffer *);
 #endif
@@ -191,7 +191,7 @@ struct mon_table mon_dispatch_proto20[] = {
     {MONITOR_REQ_PAM_RESPOND, MON_ISAUTH, mm_answer_pam_respond},
     {MONITOR_REQ_PAM_FREE_CTX, MON_ONCE|MON_AUTHDECIDE, mm_answer_pam_free_ctx},
 #endif
-#ifdef AUDIT_EVENTS
+#ifdef SSH_AUDIT_EVENTS
     {MONITOR_REQ_AUDIT_EVENT, 0, mm_answer_audit_event},
 #endif
 #ifdef BSD_AUTH
@@ -219,7 +219,7 @@ struct mon_table mon_dispatch_postauth20[] = {
     {MONITOR_REQ_PTY, 0, mm_answer_pty},
     {MONITOR_REQ_PTYCLEANUP, 0, mm_answer_pty_cleanup},
     {MONITOR_REQ_TERM, 0, mm_answer_term},
-#ifdef AUDIT_EVENTS
+#ifdef SSH_AUDIT_EVENTS
     {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event},
     {MONITOR_REQ_AUDIT_COMMAND, MON_PERMIT, mm_answer_audit_command},
 #endif
@@ -251,7 +251,7 @@ struct mon_table mon_dispatch_proto15[] = {
     {MONITOR_REQ_PAM_RESPOND, MON_ISAUTH, mm_answer_pam_respond},
     {MONITOR_REQ_PAM_FREE_CTX, MON_ONCE|MON_AUTHDECIDE, mm_answer_pam_free_ctx},
 #endif
-#ifdef AUDIT_EVENTS
+#ifdef SSH_AUDIT_EVENTS
     {MONITOR_REQ_AUDIT_EVENT, 0, mm_answer_audit_event},
 #endif
     {0, 0, NULL}
@@ -261,7 +261,7 @@ struct mon_table mon_dispatch_postauth15[] = {
     {MONITOR_REQ_PTY, MON_ONCE, mm_answer_pty},
     {MONITOR_REQ_PTYCLEANUP, MON_ONCE, mm_answer_pty_cleanup},
     {MONITOR_REQ_TERM, 0, mm_answer_term},
-#ifdef AUDIT_EVENTS
+#ifdef SSH_AUDIT_EVENTS
     {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event},
     {MONITOR_REQ_AUDIT_COMMAND, MON_PERMIT|MON_ONCE, mm_answer_audit_command},
 #endif
@@ -628,7 +628,7 @@ mm_answer_pwnamallow(int sock, Buffer *m)
 	if (options.use_pam)
 		monitor_permit(mon_dispatch, MONITOR_REQ_PAM_START, 1);
 #endif
-#ifdef AUDIT_EVENTS
+#ifdef SSH_AUDIT_EVENTS
 	monitor_permit(mon_dispatch, MONITOR_REQ_AUDIT_EVENT, 1);
 #endif
 
@@ -1513,7 +1513,7 @@ mm_answer_term(int sock, Buffer *req)
 	exit(res);
 }
 
-#ifdef AUDIT_EVENTS
+#ifdef SSH_AUDIT_EVENTS
 /* Report that an audit event occurred */
 int
 mm_answer_audit_event(int socket, Buffer *m)
@@ -1525,13 +1525,13 @@ mm_answer_audit_event(int socket, Buffer *m)
 	event = buffer_get_int(m);
 	buffer_free(m);
 	switch(event) {
-	case AUTH_FAIL_PUBKEY:
-	case AUTH_FAIL_HOSTBASED:
-	case AUTH_FAIL_GSSAPI:
-	case LOGIN_EXCEED_MAXTRIES:
-	case LOGIN_ROOT_DENIED:
-	case CONNECTION_CLOSE:
-	case INVALID_USER:
+	case SSH_AUTH_FAIL_PUBKEY:
+	case SSH_AUTH_FAIL_HOSTBASED:
+	case SSH_AUTH_FAIL_GSSAPI:
+	case SSH_LOGIN_EXCEED_MAXTRIES:
+	case SSH_LOGIN_ROOT_DENIED:
+	case SSH_CONNECTION_CLOSE:
+	case SSH_INVALID_USER:
 		audit_event(event);
 		break;
 	default:
@@ -1555,7 +1555,7 @@ mm_answer_audit_command(int socket, Buffer *m)
 	buffer_free(m);
 	return (0);
 }
-#endif /* AUDIT_EVENTS */
+#endif /* SSH_AUDIT_EVENTS */
 
 void
 monitor_apply_keystate(struct monitor *pmonitor)

monitor_wrap.c

@@ -1103,7 +1103,7 @@ mm_auth_rsa_verify_response(Key *key, BIGNUM *p, u_char response[16])
 	return (success);
 }
 
-#ifdef AUDIT_EVENTS
+#ifdef SSH_AUDIT_EVENTS
 void
 mm_audit_event(ssh_audit_event_t event)
 {
@@ -1131,7 +1131,7 @@ mm_audit_run_command(const char *command)
 	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_COMMAND, &m);
 	buffer_free(&m);
 }
-#endif /* AUDIT_EVENTS */
+#endif /* SSH_AUDIT_EVENTS */
 
 #ifdef GSSAPI
 OM_uint32

monitor_wrap.h

@@ -74,7 +74,7 @@ int mm_sshpam_respond(void *, u_int, char **);
 void mm_sshpam_free_ctx(void *);
 #endif
 
-#ifdef AUDIT_EVENTS
+#ifdef SSH_AUDIT_EVENTS
 #include "audit.h"
 void mm_audit_event(ssh_audit_event_t);
 void mm_audit_run_command(const char *);

session.c

@@ -665,7 +665,7 @@ do_exec(Session *s, const char *command)
 		debug("Forced command '%.900s'", command);
 	}
 
-#ifdef AUDIT_EVENTS
+#ifdef SSH_AUDIT_EVENTS
 	if (command != NULL)
 		PRIVSEP(audit_run_command(command));
 	else if (s->ttyfd == -1) {
@@ -2333,8 +2333,8 @@ do_cleanup(Authctxt *authctxt)
 	}
 #endif
 
-#ifdef AUDIT_EVENTS
-	PRIVSEP(audit_event(CONNECTION_CLOSE));
+#ifdef SSH_AUDIT_EVENTS
+	PRIVSEP(audit_event(SSH_CONNECTION_CLOSE));
 #endif
 
 	/* remove agent socket */

sshd.c

@@ -1628,7 +1628,7 @@ main(int ac, char **av)
 	remote_port = get_remote_port();
 	remote_ip = get_remote_ipaddr();
 
-#ifdef AUDIT_EVENTS
+#ifdef SSH_AUDIT_EVENTS
 	audit_connection_from(remote_ip, remote_port);
 #endif
 #ifdef LIBWRAP
@@ -1700,8 +1700,8 @@ main(int ac, char **av)
 	}
 
  authenticated:
-#ifdef AUDIT_EVENTS
-	audit_event(AUTH_SUCCESS);
+#ifdef SSH_AUDIT_EVENTS
+	audit_event(SSH_AUTH_SUCCESS);
 #endif
 
 	/*
@@ -2017,10 +2017,10 @@ cleanup_exit(int i)
 {
 	if (the_authctxt)
 		do_cleanup(the_authctxt);
-#ifdef AUDIT_EVENTS
+#ifdef SSH_AUDIT_EVENTS
 	/* done after do_cleanup so it can cancel the PAM auth 'thread' */
 	if (!use_privsep || mm_is_monitor())
-		audit_event(CONNECTION_ABANDON);
+		audit_event(SSH_CONNECTION_ABANDON);
 #endif
 	_exit(i);
 }