summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2016-07-27 00:25:42 +0200
committerDamien Miller <djm@mindrot.org>2016-07-27 00:25:42 +0200
commit3e1e076550c27c6bbdddf36d8f42bd79fbaaa187 (patch)
tree794b730daf54f12ff31e2d57ff48b8cc491fed21
parentLinux auditing also needs packet.h (diff)
downloadopenssh-3e1e076550c27c6bbdddf36d8f42bd79fbaaa187.tar.xz
openssh-3e1e076550c27c6bbdddf36d8f42bd79fbaaa187.zip
KNF
-rw-r--r--audit-linux.c23
1 files changed, 11 insertions, 12 deletions
diff --git a/audit-linux.c b/audit-linux.c
index 58722d737..d3524f7e1 100644
--- a/audit-linux.c
+++ b/audit-linux.c
@@ -38,16 +38,15 @@
#include "canohost.h"
#include "packet.h"
-const char* audit_username(void);
+const char *audit_username(void);
int
-linux_audit_record_event(int uid, const char *username,
- const char *hostname, const char *ip, const char *ttyn, int success)
+linux_audit_record_event(int uid, const char *username, const char *hostname,
+ const char *ip, const char *ttyn, int success)
{
int audit_fd, rc, saved_errno;
- audit_fd = audit_open();
- if (audit_fd < 0) {
+ if ((audit_fd = audit_open()) < 0) {
if (errno == EINVAL || errno == EPROTONOSUPPORT ||
errno == EAFNOSUPPORT)
return 1; /* No audit support in kernel */
@@ -59,6 +58,7 @@ linux_audit_record_event(int uid, const char *username,
username == NULL ? uid : -1, hostname, ip, ttyn, success);
saved_errno = errno;
close(audit_fd);
+
/*
* Do not report error if the error is EPERM and sshd is run as non
* root user.
@@ -66,7 +66,8 @@ linux_audit_record_event(int uid, const char *username,
if ((rc == -EPERM) && (geteuid() != 0))
rc = 0;
errno = saved_errno;
- return (rc >= 0);
+
+ return rc >= 0;
}
/* Below is the sshd audit API code */
@@ -74,8 +75,8 @@ linux_audit_record_event(int uid, const char *username,
void
audit_connection_from(const char *host, int port)
{
-}
/* not implemented */
+}
void
audit_run_command(const char *command)
@@ -86,8 +87,8 @@ audit_run_command(const char *command)
void
audit_session_open(struct logininfo *li)
{
- if (linux_audit_record_event(li->uid, NULL, li->hostname,
- NULL, li->line, 1) == 0)
+ if (linux_audit_record_event(li->uid, NULL, li->hostname, NULL,
+ li->line, 1) == 0)
fatal("linux_audit_write_entry failed: %s", strerror(errno));
}
@@ -109,7 +110,6 @@ audit_event(ssh_audit_event_t event)
case SSH_LOGIN_EXCEED_MAXTRIES:
case SSH_LOGIN_ROOT_DENIED:
break;
-
case SSH_AUTH_FAIL_NONE:
case SSH_AUTH_FAIL_PASSWD:
case SSH_AUTH_FAIL_KBDINT:
@@ -120,10 +120,9 @@ audit_event(ssh_audit_event_t event)
linux_audit_record_event(-1, audit_username(), NULL,
ssh_remote_ipaddr(ssh), "sshd", 0);
break;
-
default:
debug("%s: unhandled event %d", __func__, event);
+ break;
}
}
-
#endif /* USE_LINUX_AUDIT */