Changeset View
Changeset View
Standalone View
Standalone View
audit.h
Show All 21 Lines | |||||
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||||
*/ | */ | ||||
#ifndef _SSH_AUDIT_H | #ifndef _SSH_AUDIT_H | ||||
# define _SSH_AUDIT_H | # define _SSH_AUDIT_H | ||||
#include "loginrec.h" | #include "loginrec.h" | ||||
struct ssh; | |||||
enum ssh_audit_event_type { | enum ssh_audit_event_type { | ||||
SSH_LOGIN_EXCEED_MAXTRIES, | SSH_LOGIN_EXCEED_MAXTRIES, | ||||
SSH_LOGIN_ROOT_DENIED, | SSH_LOGIN_ROOT_DENIED, | ||||
SSH_AUTH_SUCCESS, | SSH_AUTH_SUCCESS, | ||||
SSH_AUTH_FAIL_NONE, | SSH_AUTH_FAIL_NONE, | ||||
SSH_AUTH_FAIL_PASSWD, | SSH_AUTH_FAIL_PASSWD, | ||||
SSH_AUTH_FAIL_KBDINT, /* keyboard-interactive or challenge-response */ | SSH_AUTH_FAIL_KBDINT, /* keyboard-interactive or challenge-response */ | ||||
SSH_AUTH_FAIL_PUBKEY, /* ssh2 pubkey or ssh1 rsa */ | SSH_AUTH_FAIL_PUBKEY, /* ssh2 pubkey or ssh1 rsa */ | ||||
SSH_AUTH_FAIL_HOSTBASED, /* ssh2 hostbased or ssh1 rhostsrsa */ | SSH_AUTH_FAIL_HOSTBASED, /* ssh2 hostbased or ssh1 rhostsrsa */ | ||||
SSH_AUTH_FAIL_GSSAPI, | SSH_AUTH_FAIL_GSSAPI, | ||||
SSH_INVALID_USER, | SSH_INVALID_USER, | ||||
SSH_NOLOGIN, /* denied by /etc/nologin, not implemented */ | SSH_NOLOGIN, /* denied by /etc/nologin, not implemented */ | ||||
SSH_CONNECTION_CLOSE, /* closed after attempting auth or session */ | SSH_CONNECTION_CLOSE, /* closed after attempting auth or session */ | ||||
SSH_CONNECTION_ABANDON, /* closed without completing auth */ | SSH_CONNECTION_ABANDON, /* closed without completing auth */ | ||||
SSH_AUDIT_UNKNOWN | SSH_AUDIT_UNKNOWN | ||||
}; | }; | ||||
typedef enum ssh_audit_event_type ssh_audit_event_t; | typedef enum ssh_audit_event_type ssh_audit_event_t; | ||||
void audit_connection_from(const char *, int); | void audit_connection_from(const char *, int); | ||||
void audit_event(ssh_audit_event_t); | void audit_event(struct ssh *, ssh_audit_event_t); | ||||
void audit_session_open(struct logininfo *); | void audit_session_open(struct logininfo *); | ||||
void audit_session_close(struct logininfo *); | void audit_session_close(struct logininfo *); | ||||
void audit_run_command(const char *); | void audit_run_command(const char *); | ||||
ssh_audit_event_t audit_classify_auth(const char *); | ssh_audit_event_t audit_classify_auth(const char *); | ||||
#endif /* _SSH_AUDIT_H */ | #endif /* _SSH_AUDIT_H */ |