From 48147d6801be6b9158c4bcedce6c67b0d591d642 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Sat, 26 Jun 2010 09:39:25 +1000 Subject: [PATCH] - djm@cvs.openbsd.org 2010/06/22 04:49:47 [auth.c] queue auth debug messages for bad ownership or permissions on the user's keyfiles. These messages will be sent after the user has successfully authenticated (where our client will display them with LogLevel=debug). --- ChangeLog | 5 +++++ auth.c | 5 ++++- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index fc7ac30ce..556e29fe5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -36,6 +36,11 @@ standardise error messages when attempting to open private key files to include "progname: filename: error reason" bz#1783; ok dtucker@ + - djm@cvs.openbsd.org 2010/06/22 04:49:47 + [auth.c] + queue auth debug messages for bad ownership or permissions on the user's + keyfiles. These messages will be sent after the user has successfully + authenticated (where our client will display them with LogLevel=debug). 20100622 - (djm) [loginrec.c] crank LINFO_NAMESIZE (username length) to 512 diff --git a/auth.c b/auth.c index bec191a59..d1727a4a9 100644 --- a/auth.c +++ b/auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth.c,v 1.87 2010/05/07 11:30:29 djm Exp $ */ +/* $OpenBSD: auth.c,v 1.88 2010/06/22 04:49:47 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -397,6 +397,8 @@ check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host, logit("Authentication refused for %.100s: " "bad owner or modes for %.200s", pw->pw_name, user_hostfile); + auth_debug_add("Ignored %.200s: bad ownership or modes", + user_hostfile); } else { temporarily_use_uid(pw); host_status = check_host_in_hostfile(user_hostfile, @@ -520,6 +522,7 @@ auth_openfile(const char *file, struct passwd *pw, int strict_modes, secure_filename(f, file, pw, line, sizeof(line)) != 0) { fclose(f); logit("Authentication refused: %s", line); + auth_debug_add("Ignored %s: %s", file_type, line); return NULL; }