search for: get_remote_name_or_ip

...1.34 diff -u -r1.34 auth-pam.c --- auth-pam.c 2001/03/27 06:12:24 1.34 +++ auth-pam.c 2001/03/30 16:46:12 @@ -41,6 +41,10 @@ static int do_pam_conversation(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr); +/* XXX: move to header file */ +const char * +get_remote_name_or_ip(void); + /* module-local variables */ static struct pam_conv conv = { do_pam_conversation, @@ -356,9 +360,9 @@ pam_retval, PAM_STRERROR(__pamh, pam_retval)); debug("PAM setting rhost to \"%.200s\"", - get_canonical_hostname(options.reverse_mapping_check)); +...

...(struct sockaddr *) & from, &fromlen) < 0) { + debug("getpeername: %.100s", strerror(errno)); + fatal_cleanup(); + } + } + + record_utmp_only(pid, s->tty, s->pw->pw_name, + get_remote_name_or_ip(utmp_len, options.reverse_mapping_check), + (struct sockaddr *)&from); +} +#endif + /* * This is called to fork and execute a command when we have no tty. This * will call do_child from the child, and server_loop from the parent after @@ -621,34 +649,6 @@ /* serv...

...gin && command == NULL)) + /* print motd, etc. similar to login(1) */ + if (!(options.use_login && command == NULL)) { + /* Record that there was a login on that tty from the remote host. */ + record_login(getpid(), s->tty, s->pw->pw_name, s->pw->pw_uid, + get_remote_name_or_ip(), (struct sockaddr *)&from); do_login(s, command); + } +#ifdef LOGIN_NEEDS_UTMPX + /* Record that there was a login on that tty from the remote host. */ + record_login(getpid(), s->tty, s->pw->pw_name, s->pw->pw_uid, + get_remote_name_or_ip(), (struct sockaddr *)&...

...if (!auth_ttyok(lc, s->tty)) { (void)printf("Permission denied.\n"); log( "LOGIN %.200s REFUSED (TTY) FROM %.200s ON TTY %.200s", pw->pw_name, get_remote_name_or_ip(utmp_len, options.verify_reverse_mapping), s->tty); exit(254); } #endif /* HAVE_LOGIN_CAP */

...ct sockaddr_storage from; - struct stat st; - time_t last_login_time; struct passwd * pw = s->pw; pid_t pid = getpid(); @@ -714,15 +712,30 @@ } } + /* Record that there was a login on that tty from the remote host. */ + record_login(pid, s->tty, pw->pw_name, pw->pw_uid, + get_remote_name_or_ip(), (struct sockaddr *)&from); +} + +/* administrative, login(1)-like work */ +void +do_login(Session *s, const char *command) +{ + FILE *f; + char *time_string; + char buf[256]; + char hostname[MAXHOSTNAMELEN]; + struct stat st; + time_t last_login_time; + struct passwd * pw = s->pw; + + cal...

...penssh-2.9.9p2/canohost.h.bak Tue Jul 3 21:46:57 2001 --- openssh-2.9.9p2/canohost.h Fri Oct 12 16:52:12 2001 *************** *** 14,19 **** --- 14,20 ---- const char *get_canonical_hostname(int); const char *get_remote_ipaddr(void); + const char *get_local_ipaddr2(void); const char *get_remote_name_or_ip(u_int, int); char *get_peer_ipaddr(int); *** openssh-2.9.9p2/session.c.bak Sun Sep 16 15:17:15 2001 --- openssh-2.9.9p2/session.c Fri Oct 12 16:52:09 2001 *************** *** 1255,1260 **** --- 1255,1263 ---- snprintf(buf, sizeof buf, "%.50s %d %d", get_remote_ipaddr(), get_...

Hi, ssh clients shows "closed by UNKNOWN" message when a socket is closed by a remote side while ssh is waiting for user's password: $ ssh user at localhost user at localhost's password: Connection closed by UNKNOWN When the packet_read_seqnr() calls get_remote_ipaddr(), a connection's socket is already closed and there's not been any other call of this function yet

...host.h Mon May 20 11:56:19 2002 *************** *** 12,17 **** --- 12,18 ---- * called by a name other than "ssh" or "Secure Shell". */ + const char *get_local_hostname(int); const char *get_canonical_hostname(int); const char *get_remote_ipaddr(void); const char *get_remote_name_or_ip(u_int, int);

...last_login_time = get_last_login_time(pw->pw_uid, pw->pw_name, - hostname, sizeof(hostname)); - } - /* Record that there was a login on that tty from the remote host. */ record_login(pid, s->tty, pw->pw_name, pw->pw_uid, get_remote_name_or_ip(utmp_len, options.reverse_mapping_check), @@ -741,14 +738,14 @@ printf("%s\n", aixloginmsg); #endif /* WITH_AIXAUTHENTICATE */ - if (options.print_lastlog && last_login_time != 0) { - time_string = ctime(&last_login_time); + if (opt...

Hi. One thing that people seem to want to do with PAM is to deny a login immediately without interacting but return a message to the user. (Some platforms implement, eg, /etc/nologin via PAM this way.) Currently, sshd will just deny the login and the user will not be told why. Attached it a patch that return a keyboard-interactive packet with the message in the "instruction"

...()) { + fromlen = sizeof(from); + if (getpeername(packet_get_connection_in(), + (struct sockaddr *) & from, &fromlen) < 0) { + debug("getpeername: %.100s", strerror(errno)); + fatal_cleanup(); + } + } + + record_utmp_only(pid, s->tty, s->pw->pw_name, + get_remote_name_or_ip(utmp_len, options.reverse_mapping_check), + (struct sockaddr *)&from); +} +#endif + /* administrative, login(1)-like work */ void do_login(Session *s, const char *command) @@ -1511,6 +1546,9 @@ /* Launch login(1). */ execl(LOGIN_PROGRAM, "login", "-h", hostn...

...) libssh.a ssh-keyscan.o $(LD) -o $@ ssh-keyscan.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) diff -urN openssh-3.1p1.old/canohost.c openssh-3.1p1/canohost.c --- openssh-3.1p1.old/canohost.c Mon Mar 4 20:31:29 2002 +++ openssh-3.1p1/canohost.c Tue Apr 9 21:05:15 2002 @@ -284,9 +284,11 @@ get_remote_name_or_ip(u_int utmp_len, int verify_reverse_mapping) { static const char *remote = ""; - if (utmp_len > 0) + /* Assume that if utmp_len = -1 then there is no limit on the + hostname length */ + if (utmp_len > 0 || utmp_len == -1) remote = get_canonical_hostname(verify_reverse_mapping);...

...s at cvs.openbsd.org 2000/08/19 15:55:52 [channels.c channels.h clientloop.c] more ~ support for ssh2 - markus at cvs.openbsd.org 2000/08/19 16:21:19 [clientloop.c] oops - millert at cvs.openbsd.org 2000/08/20 12:25:53 [session.c] We have to stash the result of get_remote_name_or_ip() before we close our socket or getpeername() will get EBADF and the process will exit. Only a problem for "UseLogin yes". - millert at cvs.openbsd.org 2000/08/20 12:30:59 [session.c] Only check /etc/nologin if "UseLogin no" since login(1) may have its...

...AM_SERVICE, user, &null_conv, &sshpam_handle_holder); + grab_pamh(1, sshpam_handle_holder); if (sshpam_err != PAM_SUCCESS) { - pam_end(sshpam_handle, sshpam_err); - sshpam_handle = NULL; + pam_end(grab_pamh(0, NULL), sshpam_err); + grab_pamh(1, NULL); return (-1); } pam_rhost = get_remote_name_or_ip(utmp_len, options.use_dns); debug("PAM: setting PAM_RHOST to \"%s\"", pam_rhost); - sshpam_err = pam_set_item(sshpam_handle, PAM_RHOST, pam_rhost); + sshpam_err = pam_set_item(grab_pamh(0, NULL), PAM_RHOST, pam_rhost); if (sshpam_err != PAM_SUCCESS) { - pam_end(sshpam_handl...

...3 +++ openssh-3.7.1p2/session.c Sat Oct 4 23:36:50 2003 @@ -692,7 +692,9 @@ } /* Record that there was a login on that tty from the remote host. */ +#ifndef DISABLE_PRIVSEP if (!use_privsep) +#endif /* DISABLE_PRIVSEP */ record_login(pid, s->tty, pw->pw_name, pw->pw_uid, get_remote_name_or_ip(utmp_len, options.use_dns), @@ -1668,7 +1670,9 @@ * time in case we call fatal() (e.g., the connection gets closed). */ fatal_add_cleanup(session_pty_cleanup, (void *)s); +#ifndef DISABLE_PRIVSEP if (!use_privsep) +#endif /* DISABLE_PRIVSEP */ pty_setowner(s->pw, s->tty);...

...ssion *s, const char *command, const char *realname) { char *time_string; char hostname[MAXHOSTNAMELEN]; @@ -690,7 +690,7 @@ /* Record that there was a login on that tty from the remote host. */ record_login(pid, s->tty, pw->pw_name, pw->pw_uid, get_remote_name_or_ip(utmp_len, options.verify_reverse_mapping), - - (struct sockaddr *)&from); + (struct sockaddr *)&from, realname); #ifdef USE_PAM /* @@ -1509,7 +1509,7 @@ } static int - -session_subsystem_req(Session *s) +session_subsystem_req(Session *s, const char *realname...