Added flags -z to have telnetd log unauthenticated logins, such as

when using an old telnet client. Unfortunately in most of these cases,
the user name is not known.

There should also be a way to tell the difference between bad
authentication (such as with expired tickets) and no attempt to
provide authentication (such as with an old client).


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@279 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Unknown User d91-jda
1996-02-26 16:59:05 +00:00
parent 43cfae67ed
commit 2a8068132e
4 changed files with 20 additions and 9 deletions

View File

@@ -220,6 +220,8 @@ struct clocks_t{
};
extern struct clocks_t clocks;
extern int log_unauth;
#if defined(CRAY2) && defined(UNICOS5)
extern int needtermstat;

View File

@@ -94,17 +94,13 @@ char *unptyip; /* pointer to remaining characters in buffer */
int ourpty, net;
int SYNCHing; /* we are in TELNET SYNCH mode */
#ifndef P
# ifdef __STDC__
# define P(x) x
# else
# define P(x) ()
# endif
#endif
/*
* The following are some clocks used to decide how to interpret
* the relationship between various variables.
*/
struct clocks_t clocks;
/* whether to log unauthenticated login attempts */
int log_unauth;

View File

@@ -1564,6 +1564,14 @@ void start_login(char *host, int autologin, char *name)
if (auth_level < 0 || autologin != AUTH_VALID) {
printf("User not authenticated. "
"Using plaintext username and password\r\n");
if(log_unauth) {
char *u;
if(name[0]) u = name;
else u=getenv("USER");
u = u ? u : "unknown user";
syslog(LOG_INFO, "unauthenticated access from %s (%s)",
host, u);
}
}
if (auth_level >= 0 && autologin == AUTH_VALID) {
# if !defined(NO_LOGIN_F)

View File

@@ -170,6 +170,7 @@ char valid_opts[] = {
's',
#endif
'L', ':',
'z',
'\0'
};
@@ -367,6 +368,10 @@ int main(int argc, char **argv)
*/
auth_disable_name(optarg);
break;
case 'z':
log_unauth = 1;
break;
#endif /* AUTHENTICATION */
case 'L':
@@ -577,7 +582,7 @@ usage()
fprintf(stderr, " [-S tos]");
#endif
#ifdef AUTHENTICATION
fprintf(stderr, " [-X auth-type]");
fprintf(stderr, " [-X auth-type] [-z]");
#endif
fprintf(stderr, " [-u utmp_hostname_length] [-U]");
fprintf(stderr, " [port]\n");