OpenSSH_4.3p1 configure patch
Corinna Vinschen
vinschen at redhat.com
Wed Feb 8 00:54:34 EST 2006
On Feb 8 00:15, Darren Tucker wrote:
> On Tue, Feb 07, 2006 at 01:55:01PM +0100, Corinna Vinschen wrote:
> > I found a better solution which doesn't require an #ifdef:
> >
> > --- auth2.c.ORIG 2006-02-07 13:53:11.561136300 +0100
> > +++ auth2.c 2006-02-07 13:51:08.992832300 +0100
> > @@ -243,7 +243,8 @@ userauth_finish(Authctxt *authctxt, int
> > #endif /* _UNICOS */
> >
> > /* Log before sending the reply */
> > - auth_log(authctxt, authenticated, method, " ssh2");
> > + if (!use_privsep)
> > + auth_log(authctxt, authenticated, method, " ssh2");
> >
> > if (authctxt->postponed)
> > return;
> >
> > Is that ok?
>
> I think that will stop logging of some auth attempts entirely when
> privsep is on (eg those that don't require a monitor call, such as
> failed pubkey attempts).
>
> Eg, compare "sshd -D -e -p 2022 -o maxauthtries=2" with and without the
> patch.
Pity. Back to #ifndef DISABLE_FD_PASSING :-(
Corinna
--
Corinna Vinschen
Cygwin Project Co-Leader
Red Hat
More information about the openssh-unix-dev
mailing list