vishalmishra434 / rpms / openssh

Forked from rpms/openssh a month ago
Clone
Source Code
GIT

Blame openssh-5.8p1-audit4a.patch

c10s-sig-hyperscale c10s-sig-hyperscale-2 c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c8s-sig-hyperscale c9 c9-beta c9s-sig-hyperscale
  1.   9cefae06b087e176e3f37f8125041478677bc753
  2.   openssh-5.8p1-audit4a.patch
Blob History Raw
Jan F 9cefae 
diff -up openssh-5.8p1/audit-bsm.c.audit4a openssh-5.8p1/audit-bsm.c
Jan F 9cefae 
--- openssh-5.8p1/audit-bsm.c.audit4a	2011-02-21 18:42:14.000000000 +0100
Jan F 9cefae 
+++ openssh-5.8p1/audit-bsm.c	2011-02-21 18:42:14.000000000 +0100
Jan F 9cefae 
@@ -397,7 +397,7 @@ audit_kex_body(int ctos, char *enc, char
Jan F 9cefae 
 }
Jan F 9cefae
Jan F 9cefae 
 void
Jan F 9cefae 
-audit_session_key_free_body(int ctos)
Jan F 9cefae 
+audit_session_key_free_body(int ctos, pid_t pid, uid_t uid)
Jan F 9cefae 
 {
Jan F 9cefae 
 	/* not implemented */
Jan F 9cefae 
 }
Jan F 9cefae 
diff -up openssh-5.8p1/audit.c.audit4a openssh-5.8p1/audit.c
Jan F 9cefae 
--- openssh-5.8p1/audit.c.audit4a	2011-02-21 18:42:14.000000000 +0100
Jan F 9cefae 
+++ openssh-5.8p1/audit.c	2011-02-21 18:42:14.000000000 +0100
Jan F 9cefae 
@@ -146,7 +146,7 @@ audit_kex(int ctos, char *enc, char *mac
Jan F 9cefae 
 void
Jan F 9cefae 
 audit_session_key_free(int ctos)
Jan F 9cefae 
 {
Jan F 9cefae 
-	PRIVSEP(audit_session_key_free_body(ctos));
Jan F 9cefae 
+	PRIVSEP(audit_session_key_free_body(ctos, getpid(), getuid()));
Jan F 9cefae 
 }
Jan F 9cefae
Jan F 9cefae 
 # ifndef CUSTOM_SSH_AUDIT_EVENTS
Jan F 9cefae 
@@ -258,9 +258,10 @@ audit_kex_body(int ctos, char *enc, char
Jan F 9cefae 
  * This will be called on succesfull session key discard
Jan F 9cefae 
  */
Jan F 9cefae 
 void
Jan F 9cefae 
-audit_session_key_free_body(int ctos)
Jan F 9cefae 
+audit_session_key_free_body(int ctos, pid_t pid, uid_t uid)
Jan F 9cefae 
 {
Jan F 9cefae 
-	debug("audit session key discard euid %d direction %d", geteuid(), ctos);
Jan F 9cefae 
+	debug("audit session key discard euid %u direction %d from pid %ld uid %u",
Jan F 9cefae 
+		(unsigned)geteuid(), ctos, (long)pid, (unsigned)uid);
Jan F 9cefae 
 }
Jan F 9cefae 
 # endif  /* !defined CUSTOM_SSH_AUDIT_EVENTS */
Jan F 9cefae 
 #endif /* SSH_AUDIT_EVENTS */
Jan F 9cefae 
diff -up openssh-5.8p1/audit.h.audit4a openssh-5.8p1/audit.h
Jan F 9cefae 
--- openssh-5.8p1/audit.h.audit4a	2011-02-21 18:42:14.000000000 +0100
Jan F 9cefae 
+++ openssh-5.8p1/audit.h	2011-02-21 18:42:14.000000000 +0100
Jan F 9cefae 
@@ -61,6 +61,6 @@ void	audit_kex(int, char *, char *, char
Jan F 9cefae 
 void	audit_unsupported_body(int);
Jan F 9cefae 
 void	audit_kex_body(int, char *, char *, char *, pid_t, uid_t);
Jan F 9cefae 
 void	audit_session_key_free(int ctos);
Jan F 9cefae 
-void	audit_session_key_free_body(int ctos);
Jan F 9cefae 
+void	audit_session_key_free_body(int ctos, pid_t, uid_t);
Jan F 9cefae
Jan F 9cefae 
 #endif /* _SSH_AUDIT_H */
Jan F 9cefae 
diff -up openssh-5.8p1/audit-linux.c.audit4a openssh-5.8p1/audit-linux.c
Jan F 9cefae 
--- openssh-5.8p1/audit-linux.c.audit4a	2011-02-21 18:42:14.000000000 +0100
Jan F 9cefae 
+++ openssh-5.8p1/audit-linux.c	2011-02-21 18:42:14.000000000 +0100
Jan F 9cefae 
@@ -299,13 +299,14 @@ audit_kex_body(int ctos, char *enc, char
Jan F 9cefae 
 }
Jan F 9cefae
Jan F 9cefae 
 void
Jan F 9cefae 
-audit_session_key_free_body(int ctos)
Jan F 9cefae 
+audit_session_key_free_body(int ctos, pid_t pid, uid_t uid)
Jan F 9cefae 
 {
Jan F 9cefae 
 	char buf[AUDIT_LOG_SIZE];
Jan F 9cefae 
 	int audit_fd, audit_ok;
Jan F 9cefae
Jan F 9cefae 
-	snprintf(buf, sizeof(buf), "op=destroy kind=session direction=%s rport=%d laddr=%s lport=%d",
Jan F 9cefae 
-		 direction[ctos], get_remote_port(),
Jan F 9cefae 
+	snprintf(buf, sizeof(buf), "op=destroy kind=session fp=? direction=%s spid=%jd suid=%jd rport=%d laddr=%s lport=%d",
Jan F 9cefae 
+		 direction[ctos], (intmax_t)pid, (intmax_t)uid,
Jan F 9cefae 
+		 get_remote_port(),
Jan F 9cefae 
 		 get_local_ipaddr(packet_get_connection_in()),
Jan F 9cefae 
 		 get_local_port());
Jan F 9cefae 
 	audit_fd = audit_open();
Jan F 9cefae 
diff -up openssh-5.8p1/monitor.c.audit4a openssh-5.8p1/monitor.c
Jan F 9cefae 
--- openssh-5.8p1/monitor.c.audit4a	2011-02-21 18:42:14.000000000 +0100
Jan F 9cefae 
+++ openssh-5.8p1/monitor.c	2011-02-21 18:42:14.000000000 +0100
Jan F 9cefae 
@@ -2266,10 +2266,14 @@ int
Jan F 9cefae 
 mm_answer_audit_session_key_free_body(int sock, Buffer *m)
Jan F 9cefae 
 {
Jan F 9cefae 
 	int ctos;
Jan F 9cefae 
+	pid_t pid;
Jan F 9cefae 
+	uid_t uid;
Jan F 9cefae
Jan F 9cefae 
 	ctos = buffer_get_int(m);
Jan F 9cefae 
+	pid = buffer_get_int64(m);
Jan F 9cefae 
+	uid = buffer_get_int64(m);
Jan F 9cefae
Jan F 9cefae 
-	audit_session_key_free_body(ctos);
Jan F 9cefae 
+	audit_session_key_free_body(ctos, pid, uid);
Jan F 9cefae
Jan F 9cefae 
 	buffer_clear(m);
Jan F 9cefae
Jan F 9cefae 
diff -up openssh-5.8p1/monitor_wrap.c.audit4a openssh-5.8p1/monitor_wrap.c
Jan F 9cefae 
--- openssh-5.8p1/monitor_wrap.c.audit4a	2011-02-21 18:42:14.000000000 +0100
Jan F 9cefae 
+++ openssh-5.8p1/monitor_wrap.c	2011-02-21 18:42:14.000000000 +0100
Jan F 9cefae 
@@ -1451,12 +1451,14 @@ mm_audit_kex_body(int ctos, char *cipher
Jan F 9cefae 
 }
Jan F 9cefae
Jan F 9cefae 
 void
Jan F 9cefae 
-mm_audit_session_key_free_body(int ctos)
Jan F 9cefae 
+mm_audit_session_key_free_body(int ctos, pid_t pid, uid_t uid)
Jan F 9cefae 
 {
Jan F 9cefae 
 	Buffer m;
Jan F 9cefae
Jan F 9cefae 
 	buffer_init(&m);
Jan F 9cefae 
 	buffer_put_int(&m, ctos);
Jan F 9cefae 
+	buffer_put_int64(&m, pid);
Jan F 9cefae 
+	buffer_put_int64(&m, uid);
Jan F 9cefae 
 	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_SESSION_KEY_FREE, &m);
Jan F 9cefae 
 	mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_AUDIT_SESSION_KEY_FREE,
Jan F 9cefae 
 				  &m);
Jan F 9cefae 
diff -up openssh-5.8p1/monitor_wrap.h.audit4a openssh-5.8p1/monitor_wrap.h
Jan F 9cefae 
--- openssh-5.8p1/monitor_wrap.h.audit4a	2011-02-21 18:42:14.000000000 +0100
Jan F 9cefae 
+++ openssh-5.8p1/monitor_wrap.h	2011-02-21 18:42:14.000000000 +0100
Jan F 9cefae 
@@ -76,7 +76,7 @@ void mm_audit_event(ssh_audit_event_t);
Jan F 9cefae 
 void mm_audit_run_command(const char *);
Jan F 9cefae 
 void mm_audit_unsupported_body(int);
Jan F 9cefae 
 void mm_audit_kex_body(int, char *, char *, char *, pid_t, uid_t);
Jan F 9cefae 
-void mm_audit_session_key_free_body(int);
Jan F 9cefae 
+void mm_audit_session_key_free_body(int, pid_t, uid_t);
Jan F 9cefae 
 #endif
Jan F 9cefae
Jan F 9cefae 
 struct Session;
Jan F 9cefae 
diff -up openssh-5.8p1/sshd.c.audit4a openssh-5.8p1/sshd.c
Jan F 9cefae 
--- openssh-5.8p1/sshd.c.audit4a	2011-02-21 18:48:30.000000000 +0100
Jan F 9cefae 
+++ openssh-5.8p1/sshd.c	2011-02-21 18:48:41.000000000 +0100
Jan F 9cefae 
@@ -693,7 +693,7 @@ privsep_postauth(Authctxt *authctxt)
Jan F 9cefae 
  		newkeys_destroy(current_keys[MODE_OUT]);
Jan F 9cefae 
 		newkeys_destroy(current_keys[MODE_IN]);
Jan F 9cefae 
 		packet_destroy_all();
Jan F 9cefae 
-		audit_session_key_free_body(2);
Jan F 9cefae 
+		audit_session_key_free_body(2, getpid(), getuid());
Jan F 9cefae 
 		monitor_child_postauth(pmonitor);
Jan F 9cefae
Jan F 9cefae 
 		/* NEVERREACHED */

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation