- stevesk@cvs.openbsd.org 2002/09/20 18:41:29

     [auth.c]
     log illegal user here for missing privsep case (ssh2).
     this is executed in the monitor. ok markus@

diff --git a/ChangeLog b/ChangeLog
index b6229da8ad1e9b7d8d95f160d3c39a0b654a79d6..a2364ac3376e62560e0530117117b4b00b1f1204 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -8,6 +8,10 @@
    - stevesk@cvs.openbsd.org 2002/09/19 16:03:15
      [serverloop.c]
      log IP address also; ok markus@
+   - stevesk@cvs.openbsd.org 2002/09/20 18:41:29
+     [auth.c]
+     log illegal user here for missing privsep case (ssh2).
+     this is executed in the monitor. ok markus@
 
 20020919
  - (djm) OpenBSD CVS Sync

diff --git a/auth.c b/auth.c
index 43163b62e9b060e709e8e83839333258921a1a57..48720da8f295a1183af029583f2878ae2bc29457 100644 (file)
--- a/auth.c
+++ b/auth.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth.c,v 1.44 2002/08/08 23:54:52 stevesk Exp $");
+RCSID("$OpenBSD: auth.c,v 1.45 2002/09/20 18:41:29 stevesk Exp $");
 
 #ifdef HAVE_LOGIN_H
 #include <login.h>
@@ -484,7 +484,12 @@ getpwnamallow(const char *user)
        struct passwd *pw;
 
        pw = getpwnam(user);
-       if (pw == NULL || !allowed_user(pw))
+       if (pw == NULL) {
+               log("Illegal user %.100s from %.100s",
+                   user, get_remote_ipaddr());
+               return (NULL);
+       }
+       if (!allowed_user(pw))
                return (NULL);
 #ifdef HAVE_LOGIN_CAP
        if ((lc = login_getclass(pw->pw_class)) == NULL) {