Do not audit final success (#1534577)

This commit is contained in:
Jakub Jelen 2018-01-22 11:16:18 +01:00
parent 57349a88a8
commit 667e6f013f

View File

@ -518,15 +518,12 @@ diff -up openssh-7.6p1/audit-linux.c.audit openssh-7.6p1/audit-linux.c
} }
void void
@@ -103,24 +231,158 @@ audit_event(ssh_audit_event_t event) @@ -102,25 +231,154 @@ audit_event(ssh_audit_event_t event)
struct ssh *ssh = active_state; /* XXX */
switch(event) { switch(event) {
case SSH_AUTH_SUCCESS: - case SSH_AUTH_SUCCESS:
- case SSH_CONNECTION_CLOSE: - case SSH_CONNECTION_CLOSE:
+ linux_audit_user_auth(-1, audit_username(),
+ ssh_remote_ipaddr(ssh), "ssh", 1, event);
+ break;
+
case SSH_NOLOGIN: case SSH_NOLOGIN:
- case SSH_LOGIN_EXCEED_MAXTRIES: - case SSH_LOGIN_EXCEED_MAXTRIES:
case SSH_LOGIN_ROOT_DENIED: case SSH_LOGIN_ROOT_DENIED: