diff options
author | Damien Miller <djm@mindrot.org> | 2016-07-27 00:25:42 +0200 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2016-07-27 00:25:42 +0200 |
commit | 3e1e076550c27c6bbdddf36d8f42bd79fbaaa187 (patch) | |
tree | 794b730daf54f12ff31e2d57ff48b8cc491fed21 | |
parent | Linux auditing also needs packet.h (diff) | |
download | openssh-3e1e076550c27c6bbdddf36d8f42bd79fbaaa187.tar.xz openssh-3e1e076550c27c6bbdddf36d8f42bd79fbaaa187.zip |
KNF
-rw-r--r-- | audit-linux.c | 23 |
1 files changed, 11 insertions, 12 deletions
diff --git a/audit-linux.c b/audit-linux.c index 58722d737..d3524f7e1 100644 --- a/audit-linux.c +++ b/audit-linux.c @@ -38,16 +38,15 @@ #include "canohost.h" #include "packet.h" -const char* audit_username(void); +const char *audit_username(void); int -linux_audit_record_event(int uid, const char *username, - const char *hostname, const char *ip, const char *ttyn, int success) +linux_audit_record_event(int uid, const char *username, const char *hostname, + const char *ip, const char *ttyn, int success) { int audit_fd, rc, saved_errno; - audit_fd = audit_open(); - if (audit_fd < 0) { + if ((audit_fd = audit_open()) < 0) { if (errno == EINVAL || errno == EPROTONOSUPPORT || errno == EAFNOSUPPORT) return 1; /* No audit support in kernel */ @@ -59,6 +58,7 @@ linux_audit_record_event(int uid, const char *username, username == NULL ? uid : -1, hostname, ip, ttyn, success); saved_errno = errno; close(audit_fd); + /* * Do not report error if the error is EPERM and sshd is run as non * root user. @@ -66,7 +66,8 @@ linux_audit_record_event(int uid, const char *username, if ((rc == -EPERM) && (geteuid() != 0)) rc = 0; errno = saved_errno; - return (rc >= 0); + + return rc >= 0; } /* Below is the sshd audit API code */ @@ -74,8 +75,8 @@ linux_audit_record_event(int uid, const char *username, void audit_connection_from(const char *host, int port) { -} /* not implemented */ +} void audit_run_command(const char *command) @@ -86,8 +87,8 @@ audit_run_command(const char *command) void audit_session_open(struct logininfo *li) { - if (linux_audit_record_event(li->uid, NULL, li->hostname, - NULL, li->line, 1) == 0) + if (linux_audit_record_event(li->uid, NULL, li->hostname, NULL, + li->line, 1) == 0) fatal("linux_audit_write_entry failed: %s", strerror(errno)); } @@ -109,7 +110,6 @@ audit_event(ssh_audit_event_t event) case SSH_LOGIN_EXCEED_MAXTRIES: case SSH_LOGIN_ROOT_DENIED: break; - case SSH_AUTH_FAIL_NONE: case SSH_AUTH_FAIL_PASSWD: case SSH_AUTH_FAIL_KBDINT: @@ -120,10 +120,9 @@ audit_event(ssh_audit_event_t event) linux_audit_record_event(-1, audit_username(), NULL, ssh_remote_ipaddr(ssh), "sshd", 0); break; - default: debug("%s: unhandled event %d", __func__, event); + break; } } - #endif /* USE_LINUX_AUDIT */ |