add more blacklist rejection points.
This commit is contained in:
parent
e7633a3426
commit
1d2e8f9944
4
crypto/external/bsd/openssh/dist/auth-pam.c
vendored
4
crypto/external/bsd/openssh/dist/auth-pam.c
vendored
@ -50,7 +50,7 @@
|
|||||||
/*
|
/*
|
||||||
* NetBSD local changes
|
* NetBSD local changes
|
||||||
*/
|
*/
|
||||||
__RCSID("$NetBSD: auth-pam.c,v 1.7 2015/07/03 00:59:59 christos Exp $");
|
__RCSID("$NetBSD: auth-pam.c,v 1.8 2016/01/23 00:03:30 christos Exp $");
|
||||||
#undef USE_POSIX_THREADS /* Not yet */
|
#undef USE_POSIX_THREADS /* Not yet */
|
||||||
#define HAVE_SECURITY_PAM_APPL_H
|
#define HAVE_SECURITY_PAM_APPL_H
|
||||||
#define HAVE_PAM_GETENVLIST
|
#define HAVE_PAM_GETENVLIST
|
||||||
@ -114,6 +114,7 @@ void sshpam_password_change_required(int);
|
|||||||
#include "ssh-gss.h"
|
#include "ssh-gss.h"
|
||||||
#endif
|
#endif
|
||||||
#include "monitor_wrap.h"
|
#include "monitor_wrap.h"
|
||||||
|
#include "pfilter.h"
|
||||||
|
|
||||||
extern ServerOptions options;
|
extern ServerOptions options;
|
||||||
extern Buffer loginmsg;
|
extern Buffer loginmsg;
|
||||||
@ -809,6 +810,7 @@ sshpam_query(void *ctx, char **name, char **info,
|
|||||||
free(msg);
|
free(msg);
|
||||||
return (0);
|
return (0);
|
||||||
}
|
}
|
||||||
|
pfilter_notify(1);
|
||||||
error("PAM: %s for %s%.100s from %.100s", msg,
|
error("PAM: %s for %s%.100s from %.100s", msg,
|
||||||
sshpam_authctxt->valid ? "" : "illegal user ",
|
sshpam_authctxt->valid ? "" : "illegal user ",
|
||||||
sshpam_authctxt->user,
|
sshpam_authctxt->user,
|
||||||
|
5
crypto/external/bsd/openssh/dist/auth.c
vendored
5
crypto/external/bsd/openssh/dist/auth.c
vendored
@ -1,4 +1,4 @@
|
|||||||
/* $NetBSD: auth.c,v 1.15 2015/08/21 08:20:59 christos Exp $ */
|
/* $NetBSD: auth.c,v 1.16 2016/01/23 00:03:30 christos Exp $ */
|
||||||
/* $OpenBSD: auth.c,v 1.113 2015/08/21 03:42:19 djm Exp $ */
|
/* $OpenBSD: auth.c,v 1.113 2015/08/21 03:42:19 djm Exp $ */
|
||||||
/*
|
/*
|
||||||
* Copyright (c) 2000 Markus Friedl. All rights reserved.
|
* Copyright (c) 2000 Markus Friedl. All rights reserved.
|
||||||
@ -25,7 +25,7 @@
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
__RCSID("$NetBSD: auth.c,v 1.15 2015/08/21 08:20:59 christos Exp $");
|
__RCSID("$NetBSD: auth.c,v 1.16 2016/01/23 00:03:30 christos Exp $");
|
||||||
#include <sys/types.h>
|
#include <sys/types.h>
|
||||||
#include <sys/stat.h>
|
#include <sys/stat.h>
|
||||||
|
|
||||||
@ -656,6 +656,7 @@ getpwnamallow(const char *user)
|
|||||||
|
|
||||||
pw = getpwnam(user);
|
pw = getpwnam(user);
|
||||||
if (pw == NULL) {
|
if (pw == NULL) {
|
||||||
|
pfilter_notify(1);
|
||||||
logit("Invalid user %.100s from %.100s",
|
logit("Invalid user %.100s from %.100s",
|
||||||
user, get_remote_ipaddr());
|
user, get_remote_ipaddr());
|
||||||
return (NULL);
|
return (NULL);
|
||||||
|
5
crypto/external/bsd/openssh/dist/auth1.c
vendored
5
crypto/external/bsd/openssh/dist/auth1.c
vendored
@ -1,4 +1,4 @@
|
|||||||
/* $NetBSD: auth1.c,v 1.12 2015/07/03 00:59:59 christos Exp $ */
|
/* $NetBSD: auth1.c,v 1.13 2016/01/23 00:03:30 christos Exp $ */
|
||||||
/* $OpenBSD: auth1.c,v 1.82 2014/07/15 15:54:14 millert Exp $ */
|
/* $OpenBSD: auth1.c,v 1.82 2014/07/15 15:54:14 millert Exp $ */
|
||||||
/*
|
/*
|
||||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||||
@ -12,7 +12,7 @@
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
__RCSID("$NetBSD: auth1.c,v 1.12 2015/07/03 00:59:59 christos Exp $");
|
__RCSID("$NetBSD: auth1.c,v 1.13 2016/01/23 00:03:30 christos Exp $");
|
||||||
#include <sys/types.h>
|
#include <sys/types.h>
|
||||||
#include <sys/queue.h>
|
#include <sys/queue.h>
|
||||||
|
|
||||||
@ -376,6 +376,7 @@ do_authloop(Authctxt *authctxt)
|
|||||||
char *msg;
|
char *msg;
|
||||||
size_t len;
|
size_t len;
|
||||||
|
|
||||||
|
pfilter_notify(1);
|
||||||
error("Access denied for user %s by PAM account "
|
error("Access denied for user %s by PAM account "
|
||||||
"configuration", authctxt->user);
|
"configuration", authctxt->user);
|
||||||
len = buffer_len(&loginmsg);
|
len = buffer_len(&loginmsg);
|
||||||
|
1
crypto/external/bsd/openssh/dist/pfilter.c
vendored
1
crypto/external/bsd/openssh/dist/pfilter.c
vendored
@ -1,4 +1,5 @@
|
|||||||
#include "namespace.h"
|
#include "namespace.h"
|
||||||
|
#include "includes.h"
|
||||||
#include "ssh.h"
|
#include "ssh.h"
|
||||||
#include "packet.h"
|
#include "packet.h"
|
||||||
#include "log.h"
|
#include "log.h"
|
||||||
|
Loading…
Reference in New Issue
Block a user