*/
#include "includes.h"
-RCSID("$OpenBSD: monitor.c,v 1.61 2004/07/17 05:31:41 dtucker Exp $");
+RCSID("$OpenBSD: monitor.c,v 1.63 2005/03/10 22:01:05 deraadt Exp $");
#include <openssl/dh.h>
{MONITOR_REQ_PAM_FREE_CTX, MON_ONCE|MON_AUTHDECIDE, mm_answer_pam_free_ctx},
#endif
#ifdef SSH_AUDIT_EVENTS
- {MONITOR_REQ_AUDIT_EVENT, 0, mm_answer_audit_event},
+ {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event},
#endif
#ifdef BSD_AUTH
{MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery},
{MONITOR_REQ_PAM_FREE_CTX, MON_ONCE|MON_AUTHDECIDE, mm_answer_pam_free_ctx},
#endif
#ifdef SSH_AUDIT_EVENTS
- {MONITOR_REQ_AUDIT_EVENT, 0, mm_answer_audit_event},
+ {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event},
#endif
{0, 0, NULL}
};
{MONITOR_REQ_TERM, 0, mm_answer_term},
#ifdef SSH_AUDIT_EVENTS
{MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event},
- {MONITOR_REQ_AUDIT_COMMAND, MON_PERMIT|MON_ONCE, mm_answer_audit_command},
+ {MONITOR_REQ_AUDIT_COMMAND, MON_ONCE, mm_answer_audit_command},
#endif
{0, 0, NULL}
};
authctxt = _authctxt;
memset(authctxt, 0, sizeof(*authctxt));
+ authctxt->loginmsg = &loginmsg;
+
if (compat20) {
mon_dispatch = mon_dispatch_proto20;
monitor_permit(mon_dispatch, MONITOR_REQ_PAM_START, 1);
#endif
#ifdef SSH_AUDIT_EVENTS
- monitor_permit(mon_dispatch, MONITOR_REQ_AUDIT_EVENT, 1);
+ monitor_permit(mon_dispatch, MONITOR_REQ_AUDIT_COMMAND, 1);
#endif
return (0);
debug3("%s: key_from_blob: %p", __func__, key);
if (key != NULL && authctxt->valid) {
- switch(type) {
+ switch (type) {
case MM_USERKEY:
allowed = options.pubkey_authentication &&
user_key_allowed(authctxt->pw, key);
int rsafail;
/* Turn off permissions */
- monitor_permit(mon_dispatch, MONITOR_REQ_SESSKEY, 1);
+ monitor_permit(mon_dispatch, MONITOR_REQ_SESSKEY, 0);
if ((p = BN_new()) == NULL)
fatal("%s: BN_new", __func__);
debug3("%s entering", __func__);
event = buffer_get_int(m);
- buffer_free(m);
switch(event) {
case SSH_AUTH_FAIL_PUBKEY:
case SSH_AUTH_FAIL_HOSTBASED:
/* sanity check command, if so how? */
audit_run_command(cmd);
xfree(cmd);
- buffer_free(m);
return (0);
}
#endif /* SSH_AUDIT_EVENTS */