[Bug 974] Record Badlogins for all supported Authentication methods

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Wed Feb 2 13:06:40 EST 2005


http://bugzilla.mindrot.org/show_bug.cgi?id=974





------- Additional Comments From dtucker at zip.com.au  2005-02-02 13:06 -------
(From update of attachment 787)
I think we could commit the btmp logging part hooked up to CUSTOM_FAILED_LOGIN
(subject to some changes below) but I think the monitor parts should be
deferred until bug #125 is sorted.

>+#define _PATH_BTMP      "/var/adm/btmp"

We'll put this in configure.ac.  No big deal.

>+void
>+log_btmp(const char *username, const char *hostname)
>+{
[...]
>+        strcpy(ut.ut_line,"ssh:notty");

We don't use strcpy.

[lots of processing snipped]
>+       if (stat(_PATH_BTMP,&fst) == -1){
[...]
>+        fd = open(_PATH_BTMP, O_WRONLY | O_APPEND);

Not that this is a big deal but stat()ing the file then opening it is racy, and
building the record is a waste of time if you're not going to be able to write
it.

I think the sequence should be: open, fstat, construct record, write.

I'll do a patch with the above changes.




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.




More information about the openssh-bugs mailing list