From 5e917665b9094149e7cd8460c8332ef6c0a203bc Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Mon, 22 Jan 2018 12:18:45 +0100
Subject: [PATCH] USER_AUTH: Remove bogus rport, add required grantors

---
 openssh-7.6p1-audit.patch | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/openssh-7.6p1-audit.patch b/openssh-7.6p1-audit.patch
index 6d1012c..fc370a6 100644
--- a/openssh-7.6p1-audit.patch
+++ b/openssh-7.6p1-audit.patch
@@ -435,7 +435,7 @@ diff -up openssh-7.6p1/audit-linux.c.audit openssh-7.6p1/audit-linux.c
 +		else
 +			return 0; /* Must prevent login */
 +	}
-+	snprintf(buf, sizeof(buf), "%s_auth rport=%d", host_user ? "pubkey" : "hostbased", ssh_remote_port(active_state));
++	snprintf(buf, sizeof(buf), "%s_auth grantors=auth-key", host_user ? "pubkey" : "hostbased");
 +	rc = audit_log_acct_message(audit_fd, AUDIT_USER_AUTH, NULL,
 +		buf, audit_username(), -1, NULL, ssh_remote_ipaddr(active_state), NULL, rv);
 +	if ((rc < 0) && ((rc != -1) || (getuid() == 0)))