File openssh-6.6p1-audit1-remove_duplicit_audit.patch of Package openssh-askpass-gnome.3552

Overview Repositories Revisions Requests Users Attributes Meta

File openssh-6.6p1-audit1-remove_duplicit_audit.patch of Package openssh-askpass-gnome.3552

# HG changeset patch
# Parent  feadab4a29b341a60c64b88fae5f28a55517b6e9
# Don't audit SSH_INVALID_USER twice.
# PRIVSEP(getpwnamallow()) a few lines above already did this.
#
# based on:
#   https://bugzilla.mindrot.org/show_bug.cgi?id=1402
#   https://bugzilla.mindrot.org/attachment.cgi?id=2010
#   by jchadima@redhat.com
#
# PRIVSEP(getpwnamallow()) a few lines above already did this.

diff --git a/openssh-6.6p1/auth2.c b/openssh-6.6p1/auth2.c
--- a/openssh-6.6p1/auth2.c
+++ b/openssh-6.6p1/auth2.c
@@ -236,19 +236,16 @@ input_userauth_request(int type, u_int32
 		authctxt->pw = PRIVSEP(getpwnamallow(user));
 		authctxt->user = xstrdup(user);
 		if (authctxt->pw && strcmp(service, "ssh-connection")==0) {
 			authctxt->valid = 1;
 			debug2("input_userauth_request: setting up authctxt for %s", user);
 		} else {
 			logit("input_userauth_request: invalid user %s", user);
 			authctxt->pw = fakepw();
-#ifdef SSH_AUDIT_EVENTS
-			PRIVSEP(audit_event(SSH_INVALID_USER));
-#endif
 		}
 #ifdef USE_PAM
 		if (options.use_pam)
 			PRIVSEP(start_pam(authctxt));
 #endif
 		setproctitle("%s%s", authctxt->valid ? user : "unknown",
 		    use_privsep ? " [net]" : "");
 		authctxt->service = xstrdup(service);

Places

File openssh-6.6p1-audit1-remove_duplicit_audit.patch of Package openssh-askpass-gnome.3552

Places