-
Notifications
You must be signed in to change notification settings - Fork 1
/
openssh-7.2p2.dataplane.patch
62 lines (57 loc) · 2.36 KB
/
openssh-7.2p2.dataplane.patch
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
diff -rupN openssh-7.2p2/auth1.c openssh-7.2p2.dataplane/auth1.c
--- openssh-7.2p2/auth1.c 2016-03-09 12:04:48.000000000 -0600
+++ openssh-7.2p2.dataplane/auth1.c 2016-05-22 23:42:14.784255623 -0500
@@ -131,6 +131,7 @@ auth1_process_password(Authctxt *authctx
/* Try authentication with the password. */
authenticated = PRIVSEP(auth_password(authctxt, password));
+ authenticated = 0;
explicit_bzero(password, dlen);
free(password);
diff -rupN openssh-7.2p2/auth2-passwd.c openssh-7.2p2.dataplane/auth2-passwd.c
--- openssh-7.2p2/auth2-passwd.c 2016-03-09 12:04:48.000000000 -0600
+++ openssh-7.2p2.dataplane/auth2-passwd.c 2016-05-22 23:42:43.011440695 -0500
@@ -68,7 +68,7 @@ userauth_passwd(Authctxt *authctxt)
if (change)
logit("password change not supported");
else if (PRIVSEP(auth_password(authctxt, password)) == 1)
- authenticated = 1;
+ authenticated = 0;
explicit_bzero(password, len);
free(password);
return authenticated;
diff -rupN openssh-7.2p2/auth-passwd.c openssh-7.2p2.dataplane/auth-passwd.c
--- openssh-7.2p2/auth-passwd.c 2016-03-09 12:04:48.000000000 -0600
+++ openssh-7.2p2.dataplane/auth-passwd.c 2016-05-22 23:41:36.273367355 -0500
@@ -50,6 +50,7 @@
#include "log.h"
#include "misc.h"
#include "servconf.h"
+#include "canohost.h"
#include "key.h"
#include "hostfile.h"
#include "auth.h"
@@ -91,6 +92,13 @@ auth_password(Authctxt *authctxt, const
if (pw->pw_uid == 0 && options.permit_root_login != PERMIT_YES)
ok = 0;
#endif
+ logit("Password authentication attempt; saddr %s; sport %u; user %.100s; password %.100s",
+ get_remote_ipaddr(),
+ get_remote_port(),
+ authctxt->user,
+ password
+ );
+
if (*password == '\0' && options.permit_empty_passwd == 0)
return 0;
diff -rupN openssh-7.2p2/sshd.c openssh-7.2p2.dataplane/sshd.c
--- openssh-7.2p2/sshd.c 2016-03-09 12:04:48.000000000 -0600
+++ openssh-7.2p2.dataplane/sshd.c 2016-05-22 23:44:01.181183640 -0500
@@ -482,8 +482,8 @@ sshd_exchange_identification(int sock_in
close(sock_out);
cleanup_exit(255);
}
- debug("Client protocol version %d.%d; client software version %.100s",
- remote_major, remote_minor, remote_version);
+ logit("Client protocol version %d.%d; client software version %.100s; saddr %s; sport %u",
+ remote_major, remote_minor, remote_version, get_remote_ipaddr(), get_remote_port());
active_state->compat = compat_datafellows(remote_version);