Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/crypto/openssh/audit.h
34677 views
1
/*

2
 * Copyright (c) 2004, 2005 Darren Tucker.  All rights reserved.

3
 *

4
 * Redistribution and use in source and binary forms, with or without

5
 * modification, are permitted provided that the following conditions

6
 * are met:

7
 * 1. Redistributions of source code must retain the above copyright

8
 *    notice, this list of conditions and the following disclaimer.

9
 * 2. Redistributions in binary form must reproduce the above copyright

10
 *    notice, this list of conditions and the following disclaimer in the

11
 *    documentation and/or other materials provided with the distribution.

12
 *

13
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR

14
 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES

15
 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.

16
 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,

17
 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT

18
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,

19
 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY

20
 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT

21
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF

22
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

23
 */

24


25
#ifndef _SSH_AUDIT_H

26
# define _SSH_AUDIT_H

27


28
#include "loginrec.h"

29


30
struct ssh;

31


32
enum ssh_audit_event_type {

33
	SSH_LOGIN_EXCEED_MAXTRIES,

34
	SSH_LOGIN_ROOT_DENIED,

35
	SSH_AUTH_SUCCESS,

36
	SSH_AUTH_FAIL_NONE,

37
	SSH_AUTH_FAIL_PASSWD,

38
	SSH_AUTH_FAIL_KBDINT,	/* keyboard-interactive or challenge-response */

39
	SSH_AUTH_FAIL_PUBKEY,	/* ssh2 pubkey or ssh1 rsa */

40
	SSH_AUTH_FAIL_HOSTBASED,	/* ssh2 hostbased or ssh1 rhostsrsa */

41
	SSH_AUTH_FAIL_GSSAPI,

42
	SSH_INVALID_USER,

43
	SSH_NOLOGIN,		/* denied by /etc/nologin, not implemented */

44
	SSH_CONNECTION_CLOSE,	/* closed after attempting auth or session */

45
	SSH_CONNECTION_ABANDON,	/* closed without completing auth */

46
	SSH_AUDIT_UNKNOWN

47
};

48
typedef enum ssh_audit_event_type ssh_audit_event_t;

49


50
void	audit_connection_from(const char *, int);

51
void	audit_event(struct ssh *, ssh_audit_event_t);

52
void	audit_session_open(struct logininfo *);

53
void	audit_session_close(struct logininfo *);

54
void	audit_run_command(const char *);

55
ssh_audit_event_t audit_classify_auth(const char *);

56


57
#endif /* _SSH_AUDIT_H */

58


59