- djm@cvs.openbsd.org 2012/12/02 20:34:10 [auth.c auth.h auth1.c auth2-chall.c auth2-gss.c auth2-jpake.c auth2.c] [monitor.c monitor.h] Fixes logging of partial authentication when privsep is enabled Previously, we recorded "Failed xxx" since we reset authenticated before calling auth_log() in auth2.c. This adds an explcit "Partial" state. Add a "submethod" to auth_log() to report which submethod is used for keyboard-interactive. Fix multiple authentication when one of the methods is keyboard-interactive. ok markus@

commit: 15b05cfa17592da7470d7bd4b2de063188697471 [log] [tgz]
author: Damien Miller <djm@mindrot.org> Mon Dec 03 09:53:20 2012 +1100
committer: Damien Miller <djm@mindrot.org> Mon Dec 03 09:53:20 2012 +1100
tree: 50686085795dc25237f6aabe4c2a5963f38a6e06
parent: aa5b3f831417bac9538d2b6f21d55fef278e8926 [diff] [blame]
diff --git a/monitor.h b/monitor.h
index 5e7d552..2caa469 100644
--- a/monitor.h
+++ b/monitor.h

@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.h,v 1.16 2011/06/17 21:44:31 djm Exp $ */
+/* $OpenBSD: monitor.h,v 1.17 2012/12/02 20:34:10 djm Exp $ */
 
 /*
  * Copyright 2002 Niels Provos <provos@citi.umich.edu>
@@ -28,44 +28,48 @@
 #ifndef _MONITOR_H_
 #define _MONITOR_H_
 
+/* Please keep *_REQ_* values on even numbers and *_ANS_* on odd numbers */
 enum monitor_reqtype {
-	MONITOR_REQ_MODULI, MONITOR_ANS_MODULI,
-	MONITOR_REQ_FREE, MONITOR_REQ_AUTHSERV,
-	MONITOR_REQ_SIGN, MONITOR_ANS_SIGN,
-	MONITOR_REQ_PWNAM, MONITOR_ANS_PWNAM,
-	MONITOR_REQ_AUTH2_READ_BANNER, MONITOR_ANS_AUTH2_READ_BANNER,
-	MONITOR_REQ_AUTHPASSWORD, MONITOR_ANS_AUTHPASSWORD,
-	MONITOR_REQ_BSDAUTHQUERY, MONITOR_ANS_BSDAUTHQUERY,
-	MONITOR_REQ_BSDAUTHRESPOND, MONITOR_ANS_BSDAUTHRESPOND,
-	MONITOR_REQ_SKEYQUERY, MONITOR_ANS_SKEYQUERY,
-	MONITOR_REQ_SKEYRESPOND, MONITOR_ANS_SKEYRESPOND,
-	MONITOR_REQ_KEYALLOWED, MONITOR_ANS_KEYALLOWED,
-	MONITOR_REQ_KEYVERIFY, MONITOR_ANS_KEYVERIFY,
-	MONITOR_REQ_KEYEXPORT,
-	MONITOR_REQ_PTY, MONITOR_ANS_PTY,
-	MONITOR_REQ_PTYCLEANUP,
-	MONITOR_REQ_SESSKEY, MONITOR_ANS_SESSKEY,
-	MONITOR_REQ_SESSID,
-	MONITOR_REQ_RSAKEYALLOWED, MONITOR_ANS_RSAKEYALLOWED,
-	MONITOR_REQ_RSACHALLENGE, MONITOR_ANS_RSACHALLENGE,
-	MONITOR_REQ_RSARESPONSE, MONITOR_ANS_RSARESPONSE,
-	MONITOR_REQ_GSSSETUP, MONITOR_ANS_GSSSETUP,
-	MONITOR_REQ_GSSSTEP, MONITOR_ANS_GSSSTEP,
-	MONITOR_REQ_GSSUSEROK, MONITOR_ANS_GSSUSEROK,
-	MONITOR_REQ_GSSCHECKMIC, MONITOR_ANS_GSSCHECKMIC,
-	MONITOR_REQ_PAM_START,
-	MONITOR_REQ_PAM_ACCOUNT, MONITOR_ANS_PAM_ACCOUNT,
-	MONITOR_REQ_PAM_INIT_CTX, MONITOR_ANS_PAM_INIT_CTX,
-	MONITOR_REQ_PAM_QUERY, MONITOR_ANS_PAM_QUERY,
-	MONITOR_REQ_PAM_RESPOND, MONITOR_ANS_PAM_RESPOND,
-	MONITOR_REQ_PAM_FREE_CTX, MONITOR_ANS_PAM_FREE_CTX,
-	MONITOR_REQ_AUDIT_EVENT, MONITOR_REQ_AUDIT_COMMAND,
-	MONITOR_REQ_TERM,
-	MONITOR_REQ_JPAKE_STEP1, MONITOR_ANS_JPAKE_STEP1,
-	MONITOR_REQ_JPAKE_GET_PWDATA, MONITOR_ANS_JPAKE_GET_PWDATA,
-	MONITOR_REQ_JPAKE_STEP2, MONITOR_ANS_JPAKE_STEP2,
-	MONITOR_REQ_JPAKE_KEY_CONFIRM, MONITOR_ANS_JPAKE_KEY_CONFIRM,
-	MONITOR_REQ_JPAKE_CHECK_CONFIRM, MONITOR_ANS_JPAKE_CHECK_CONFIRM,
+	MONITOR_REQ_MODULI = 0, MONITOR_ANS_MODULI = 1,
+	MONITOR_REQ_FREE = 2,
+	MONITOR_REQ_AUTHSERV = 4,
+	MONITOR_REQ_SIGN = 6, MONITOR_ANS_SIGN = 7,
+	MONITOR_REQ_PWNAM = 8, MONITOR_ANS_PWNAM = 9,
+	MONITOR_REQ_AUTH2_READ_BANNER = 10, MONITOR_ANS_AUTH2_READ_BANNER = 11,
+	MONITOR_REQ_AUTHPASSWORD = 12, MONITOR_ANS_AUTHPASSWORD = 13,
+	MONITOR_REQ_BSDAUTHQUERY = 14, MONITOR_ANS_BSDAUTHQUERY = 15,
+	MONITOR_REQ_BSDAUTHRESPOND = 16, MONITOR_ANS_BSDAUTHRESPOND = 17,
+	MONITOR_REQ_SKEYQUERY = 18, MONITOR_ANS_SKEYQUERY = 19,
+	MONITOR_REQ_SKEYRESPOND = 20, MONITOR_ANS_SKEYRESPOND = 21,
+	MONITOR_REQ_KEYALLOWED = 22, MONITOR_ANS_KEYALLOWED = 23,
+	MONITOR_REQ_KEYVERIFY = 24, MONITOR_ANS_KEYVERIFY = 25,
+	MONITOR_REQ_KEYEXPORT = 26,
+	MONITOR_REQ_PTY = 28, MONITOR_ANS_PTY = 29,
+	MONITOR_REQ_PTYCLEANUP = 30,
+	MONITOR_REQ_SESSKEY = 32, MONITOR_ANS_SESSKEY = 33,
+	MONITOR_REQ_SESSID = 34,
+	MONITOR_REQ_RSAKEYALLOWED = 36, MONITOR_ANS_RSAKEYALLOWED = 37,
+	MONITOR_REQ_RSACHALLENGE = 38, MONITOR_ANS_RSACHALLENGE = 39,
+	MONITOR_REQ_RSARESPONSE = 40, MONITOR_ANS_RSARESPONSE = 41,
+	MONITOR_REQ_GSSSETUP = 42, MONITOR_ANS_GSSSETUP = 43,
+	MONITOR_REQ_GSSSTEP = 44, MONITOR_ANS_GSSSTEP = 45,
+	MONITOR_REQ_GSSUSEROK = 46, MONITOR_ANS_GSSUSEROK = 47,
+	MONITOR_REQ_GSSCHECKMIC = 48, MONITOR_ANS_GSSCHECKMIC = 49,
+	MONITOR_REQ_TERM = 50,
+	MONITOR_REQ_JPAKE_STEP1 = 52, MONITOR_ANS_JPAKE_STEP1 = 53,
+	MONITOR_REQ_JPAKE_GET_PWDATA = 54, MONITOR_ANS_JPAKE_GET_PWDATA = 55,
+	MONITOR_REQ_JPAKE_STEP2 = 56, MONITOR_ANS_JPAKE_STEP2 = 57,
+	MONITOR_REQ_JPAKE_KEY_CONFIRM = 58, MONITOR_ANS_JPAKE_KEY_CONFIRM = 59,
+	MONITOR_REQ_JPAKE_CHECK_CONFIRM = 60, MONITOR_ANS_JPAKE_CHECK_CONFIRM = 61,
+
+	MONITOR_REQ_PAM_START = 100,
+	MONITOR_REQ_PAM_ACCOUNT = 102, MONITOR_ANS_PAM_ACCOUNT = 103,
+	MONITOR_REQ_PAM_INIT_CTX = 104, MONITOR_ANS_PAM_INIT_CTX = 105,
+	MONITOR_REQ_PAM_QUERY = 106, MONITOR_ANS_PAM_QUERY = 107,
+	MONITOR_REQ_PAM_RESPOND = 108, MONITOR_ANS_PAM_RESPOND = 109,
+	MONITOR_REQ_PAM_FREE_CTX = 110, MONITOR_ANS_PAM_FREE_CTX = 111,
+	MONITOR_REQ_AUDIT_EVENT = 112, MONITOR_REQ_AUDIT_COMMAND = 113,
+
 };
 
 struct mm_master;
commit	15b05cfa17592da7470d7bd4b2de063188697471	[log] [tgz]
author	Damien Miller <djm@mindrot.org>	Mon Dec 03 09:53:20 2012 +1100
committer	Damien Miller <djm@mindrot.org>	Mon Dec 03 09:53:20 2012 +1100
tree	50686085795dc25237f6aabe4c2a5963f38a6e06
parent	aa5b3f831417bac9538d2b6f21d55fef278e8926 [diff] [blame]