rpms
/
openssh
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

USER_AUTH: Remove bogus rport, add required grantors

This commit is contained in:
Jakub Jelen 2018-01-22 12:18:45 +01:00
parent c7c6705319
commit 5e917665b9
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
openssh-7.6p1-audit.patch
View File

@ -435,7 +435,7 @@ diff -up openssh-7.6p1/audit-linux.c.audit openssh-7.6p1/audit-linux.c
+ else
+ return 0; /* Must prevent login */
+ }
+ snprintf(buf, sizeof(buf), "%s_auth rport=%d", host_user ? "pubkey" : "hostbased", ssh_remote_port(active_state));
+ snprintf(buf, sizeof(buf), "%s_auth grantors=auth-key", host_user ? "pubkey" : "hostbased");
+ rc = audit_log_acct_message(audit_fd, AUDIT_USER_AUTH, NULL,
+ buf, audit_username(), -1, NULL, ssh_remote_ipaddr(active_state), NULL, rv);
+ if ((rc < 0) && ((rc != -1) || (getuid() == 0)))