Added flags -z to have telnetd log unauthenticated logins, such as

when using an old telnet client. Unfortunately in most of these cases, the user name is not known. There should also be a way to tell the difference between bad authentication (such as with expired tickets) and no attempt to provide authentication (such as with an old client). git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@279 ec53bebd-3082-4978-b11e-865c3cabbd6b
1996-02-26 16:59:05 +00:00
parent 43cfae67ed
commit 2a8068132e
4 changed files with 20 additions and 9 deletions
--- a/appl/telnet/telnetd/ext.h
+++ b/appl/telnet/telnetd/ext.h
@@ -220,6 +220,8 @@ struct clocks_t{
 };
 extern struct clocks_t clocks;

+extern int log_unauth;
+

 #if	defined(CRAY2) && defined(UNICOS5)
 extern int	needtermstat;
--- a/appl/telnet/telnetd/global.c
+++ b/appl/telnet/telnetd/global.c
@@ -94,17 +94,13 @@ char *unptyip;  /* pointer to remaining characters in buffer */
 int	ourpty, net;
 int	SYNCHing;		/* we are in TELNET SYNCH mode */

-#ifndef	P
-# ifdef	__STDC__
-#  define P(x)	x
-# else
-#  define P(x)	()
-# endif
-#endif
-
 /*
 * The following are some clocks used to decide how to interpret
 * the relationship between various variables.
 */

 struct clocks_t clocks;
+
+
+/* whether to log unauthenticated login attempts */
+int log_unauth;
--- a/appl/telnet/telnetd/sys_term.c
+++ b/appl/telnet/telnetd/sys_term.c
@@ -1564,6 +1564,14 @@ void start_login(char *host, int autologin, char *name)
 	if (auth_level < 0 || autologin != AUTH_VALID) {
 		printf("User not authenticated. "
 		       "Using plaintext username and password\r\n");
+		if(log_unauth) {
+		  char *u;
+		  if(name[0]) u = name;
+		  else u=getenv("USER");
+		  u = u ? u : "unknown user";
+		  syslog(LOG_INFO, "unauthenticated access from %s (%s)", 
+			 host, u);
+		}
 	}
 	if (auth_level >= 0 && autologin == AUTH_VALID) {
 # if	!defined(NO_LOGIN_F)
--- a/appl/telnet/telnetd/telnetd.c
+++ b/appl/telnet/telnetd/telnetd.c
@@ -170,6 +170,7 @@ char valid_opts[] = {
 	's',
 #endif
 	'L', ':',
+	'z',
 	'\0'
 };

@@ -367,6 +368,10 @@ int main(int argc, char **argv)
 			 */
 			auth_disable_name(optarg);
 			break;
+		case 'z':
+		  log_unauth = 1;
+		  break;
+
 #endif	/* AUTHENTICATION */

 		case 'L':
@@ -577,7 +582,7 @@ usage()
 	fprintf(stderr, " [-S tos]");
 #endif
 #ifdef	AUTHENTICATION
-	fprintf(stderr, " [-X auth-type]");
+	fprintf(stderr, " [-X auth-type] [-z]");
 #endif
 	fprintf(stderr, " [-u utmp_hostname_length] [-U]");
 	fprintf(stderr, " [port]\n");