Sat Jan 23 00:05:38 2016 UTC ()
add more points.


(christos)
diff -r1.7 -r1.8 src/external/bsd/blacklist/diff/ssh.diff
cvs diff -r1.7 -r1.8 src/external/bsd/blacklist/diff/Attic/ssh.diff (expand / switch to unified diff)

--- src/external/bsd/blacklist/diff/Attic/ssh.diff 2015/05/30 21:05:18 1.7
+++ src/external/bsd/blacklist/diff/Attic/ssh.diff 2016/01/23 00:05:38 1.8
@@ -1,17 +1,18 @@ @@ -1,17 +1,18 @@
1--- /dev/null 2015-01-22 23:10:33.000000000 -0500 1--- /dev/null 2015-01-22 23:10:33.000000000 -0500
2+++ dist/pfilter.c 2015-01-22 23:46:03.000000000 -0500 2+++ dist/pfilter.c 2015-01-22 23:46:03.000000000 -0500
3@@ -0,0 +1,27 @@ 3@@ -0,0 +1,28 @@
4+#include "namespace.h" 4+#include "namespace.h"
 5+#include "includes.h"
5+#include "ssh.h" 6+#include "ssh.h"
6+#include "packet.h" 7+#include "packet.h"
7+#include "log.h" 8+#include "log.h"
8+#include "pfilter.h" 9+#include "pfilter.h"
9+#include <blacklist.h> 10+#include <blacklist.h>
10+ 11+
11+static struct blacklist *blstate; 12+static struct blacklist *blstate;
12+ 13+
13+void 14+void
14+pfilter_init(void) 15+pfilter_init(void)
15+{ 16+{
16+ blstate = blacklist_open(); 17+ blstate = blacklist_open();
17+} 18+}
@@ -165,13 +166,66 @@ retrieving revision 1.16 @@ -165,13 +166,66 @@ retrieving revision 1.16
165diff -u -r1.16 sshd.c 166diff -u -r1.16 sshd.c
166--- sshd.c 25 Jan 2015 15:52:44 -0000 1.16 167--- sshd.c 25 Jan 2015 15:52:44 -0000 1.16
167+++ sshd.c 14 Feb 2015 09:55:06 -0000 168+++ sshd.c 14 Feb 2015 09:55:06 -0000
168@@ -628,6 +628,8 @@ 169@@ -628,6 +628,8 @@
169 explicit_bzero(pw->pw_passwd, strlen(pw->pw_passwd)); 170 explicit_bzero(pw->pw_passwd, strlen(pw->pw_passwd));
170 endpwent(); 171 endpwent();
171  172
172+ pfilter_init(); 173+ pfilter_init();
173+ 174+
174 /* Change our root directory */ 175 /* Change our root directory */
175 if (chroot(_PATH_PRIVSEP_CHROOT_DIR) == -1) 176 if (chroot(_PATH_PRIVSEP_CHROOT_DIR) == -1)
176 fatal("chroot(\"%s\"): %s", _PATH_PRIVSEP_CHROOT_DIR, 177 fatal("chroot(\"%s\"): %s", _PATH_PRIVSEP_CHROOT_DIR,
177 178
 179Index: auth-pam.c
 180===================================================================
 181RCS file: /cvsroot/src/crypto/external/bsd/openssh/dist/auth-pam.c,v
 182retrieving revision 1.7
 183diff -u -u -r1.7 auth-pam.c
 184--- auth-pam.c 3 Jul 2015 00:59:59 -0000 1.7
 185+++ auth-pam.c 23 Jan 2016 00:01:16 -0000
 186@@ -114,6 +114,7 @@
 187 #include "ssh-gss.h"
 188 #endif
 189 #include "monitor_wrap.h"
 190+#include "pfilter.h"
 191
 192 extern ServerOptions options;
 193 extern Buffer loginmsg;
 194@@ -809,6 +810,7 @@
 195 free(msg);
 196 return (0);
 197 }
 198+ pfilter_notify(1);
 199 error("PAM: %s for %s%.100s from %.100s", msg,
 200 sshpam_authctxt->valid ? "" : "illegal user ",
 201 sshpam_authctxt->user,
 202Index: auth.c
 203===================================================================
 204RCS file: /cvsroot/src/crypto/external/bsd/openssh/dist/auth.c,v
 205retrieving revision 1.15
 206diff -u -u -r1.15 auth.c
 207--- auth.c 21 Aug 2015 08:20:59 -0000 1.15
 208+++ auth.c 23 Jan 2016 00:01:16 -0000
 209@@ -656,6 +656,7 @@
 210
 211 pw = getpwnam(user);
 212 if (pw == NULL) {
 213+ pfilter_notify(1);
 214 logit("Invalid user %.100s from %.100s",
 215 user, get_remote_ipaddr());
 216 return (NULL);
 217Index: auth1.c
 218===================================================================
 219RCS file: /cvsroot/src/crypto/external/bsd/openssh/dist/auth1.c,v
 220retrieving revision 1.12
 221diff -u -u -r1.12 auth1.c
 222--- auth1.c 3 Jul 2015 00:59:59 -0000 1.12
 223+++ auth1.c 23 Jan 2016 00:01:16 -0000
 224@@ -376,6 +376,7 @@
 225 char *msg;
 226 size_t len;
 227
 228+ pfilter_notify(1);
 229 error("Access denied for user %s by PAM account "
 230 "configuration", authctxt->user);
 231 len = buffer_len(&loginmsg);