From 7a8f5b330dc7a98e7144ec119a7b5b0737a26708 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Fri, 31 Mar 2006 23:14:23 +1100 Subject: [PATCH] - dtucker@cvs.openbsd.org 2006/03/30 11:40:21 [auth.c monitor.c] Prevent duplicate log messages when privsep=yes; ok djm@ --- ChangeLog | 5 ++++- auth.c | 6 +++++- monitor.c | 18 ++++++++++++++---- 3 files changed, 23 insertions(+), 6 deletions(-) diff --git a/ChangeLog b/ChangeLog index baae286ae..9ca87fda0 100644 --- a/ChangeLog +++ b/ChangeLog @@ -37,6 +37,9 @@ - dtucker@cvs.openbsd.org 2006/03/30 11:05:17 [ssh-keygen.c] Correctly handle truncated files while converting keys; ok djm@ + - dtucker@cvs.openbsd.org 2006/03/30 11:40:21 + [auth.c monitor.c] + Prevent duplicate log messages when privsep=yes; ok djm@ 20060326 - OpenBSD CVS Sync @@ -4486,4 +4489,4 @@ - (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu -$Id: ChangeLog,v 1.4297 2006/03/31 12:13:35 djm Exp $ +$Id: ChangeLog,v 1.4298 2006/03/31 12:14:23 djm Exp $ diff --git a/auth.c b/auth.c index bf2948a84..e43c81658 100644 --- a/auth.c +++ b/auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth.c,v 1.66 2006/03/25 13:17:01 djm Exp $ */ +/* $OpenBSD: auth.c,v 1.67 2006/03/30 11:40:21 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -61,6 +61,7 @@ /* import */ extern ServerOptions options; +extern int use_privsep; extern Buffer loginmsg; /* Debugging messages */ @@ -237,6 +238,9 @@ auth_log(Authctxt *authctxt, int authenticated, char *method, char *info) void (*authlog) (const char *fmt,...) = verbose; char *authmsg; + if (use_privsep && !mm_is_monitor() && !authctxt->postponed) + return; + /* Raise logging level */ if (authenticated == 1 || !authctxt->valid || diff --git a/monitor.c b/monitor.c index d672aeb72..894523da3 100644 --- a/monitor.c +++ b/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.76 2006/03/25 13:17:02 djm Exp $ */ +/* $OpenBSD: monitor.c,v 1.77 2006/03/30 11:40:21 dtucker Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -179,6 +179,7 @@ struct mon_table { #define MON_ISAUTH 0x0004 /* Required for Authentication */ #define MON_AUTHDECIDE 0x0008 /* Decides Authentication */ #define MON_ONCE 0x0010 /* Disable after calling */ +#define MON_ALOG 0x0020 /* Log auth attempt without authenticating */ #define MON_AUTH (MON_ISAUTH|MON_AUTHDECIDE) @@ -239,8 +240,8 @@ struct mon_table mon_dispatch_proto15[] = { {MONITOR_REQ_SESSKEY, MON_ONCE, mm_answer_sesskey}, {MONITOR_REQ_SESSID, MON_ONCE, mm_answer_sessid}, {MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword}, - {MONITOR_REQ_RSAKEYALLOWED, MON_ISAUTH, mm_answer_rsa_keyallowed}, - {MONITOR_REQ_KEYALLOWED, MON_ISAUTH, mm_answer_keyallowed}, + {MONITOR_REQ_RSAKEYALLOWED, MON_ISAUTH|MON_ALOG, mm_answer_rsa_keyallowed}, + {MONITOR_REQ_KEYALLOWED, MON_ISAUTH|MON_ALOG, mm_answer_keyallowed}, {MONITOR_REQ_RSACHALLENGE, MON_ONCE, mm_answer_rsa_challenge}, {MONITOR_REQ_RSARESPONSE, MON_ONCE|MON_AUTHDECIDE, mm_answer_rsa_response}, #ifdef BSD_AUTH @@ -334,6 +335,7 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor) /* The first few requests do not require asynchronous access */ while (!authenticated) { + auth_method = "unknown"; authenticated = monitor_read(pmonitor, mon_dispatch, &ent); if (authenticated) { if (!(ent->flags & MON_AUTHDECIDE)) @@ -356,7 +358,7 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor) #endif } - if (ent->flags & MON_AUTHDECIDE) { + if (ent->flags & (MON_AUTHDECIDE|MON_ALOG)) { auth_log(authctxt, authenticated, auth_method, compat20 ? " ssh2" : ""); if (!authenticated) @@ -366,6 +368,8 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor) if (!authctxt->valid) fatal("%s: authenticated invalid user", __func__); + if (strcmp(auth_method, "unknown") == 0) + fatal("%s: authentication method name unknown", __func__); debug("%s: %s has been authenticated by privileged process", __func__, authctxt->user); @@ -992,17 +996,20 @@ mm_answer_keyallowed(int sock, Buffer *m) case MM_USERKEY: allowed = options.pubkey_authentication && user_key_allowed(authctxt->pw, key); + auth_method = "publickey"; break; case MM_HOSTKEY: allowed = options.hostbased_authentication && hostbased_key_allowed(authctxt->pw, cuser, chost, key); + auth_method = "hostbased"; break; case MM_RSAHOSTKEY: key->type = KEY_RSA1; /* XXX */ allowed = options.rhosts_rsa_authentication && auth_rhosts_rsa_key_allowed(authctxt->pw, cuser, chost, key); + auth_method = "rsa"; break; default: fatal("%s: unknown key type %d", __func__, type); @@ -1023,6 +1030,8 @@ mm_answer_keyallowed(int sock, Buffer *m) hostbased_cuser = cuser; hostbased_chost = chost; } else { + /* Log failed attempt */ + auth_log(authctxt, 0, auth_method, compat20 ? " ssh2" : ""); xfree(blob); xfree(cuser); xfree(chost); @@ -1390,6 +1399,7 @@ mm_answer_rsa_keyallowed(int sock, Buffer *m) debug3("%s entering", __func__); + auth_method = "rsa"; if (options.rsa_authentication && authctxt->valid) { if ((client_n = BN_new()) == NULL) fatal("%s: BN_new", __func__);