diff options
author | Andrew Bartlett <abartlet@samba.org> | 2017-02-21 14:07:54 +1300 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2017-03-29 02:37:28 +0200 |
commit | f498ba77df2313e78863e5f2706840c43e232a96 (patch) | |
tree | f9946b6f23308cb8288ed363658fbc5207f94aa6 /auth/auth_log.c | |
parent | 7cbe1c844ea359b6d5386b3986aa16152e975f3d (diff) | |
download | samba-f498ba77df2313e78863e5f2706840c43e232a96.tar.gz |
heimdal: Pass extra information to hdb_auth_status() to log success and failures
We now pass on the original client name and the client address to allow
consistent audit logging in Samba across multiple protocols.
We use config->db[0] to find the first database to record incorrect
users.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'auth/auth_log.c')
-rw-r--r-- | auth/auth_log.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/auth/auth_log.c b/auth/auth_log.c index 63b531ca1a0..cec135e45cf 100644 --- a/auth/auth_log.c +++ b/auth/auth_log.c @@ -637,9 +637,11 @@ static const char* get_password_type(const struct auth_usersupplied_info *ui) const char *password_type = NULL; - if (ui->password_state == AUTH_PASSWORD_RESPONSE && - (ui->logon_parameters & MSV1_0_ALLOW_MSVCHAPV2) && - ui->password.response.nt.length == 24) { + if (ui->password_type != NULL) { + password_type = ui->password_type; + } else if (ui->password_state == AUTH_PASSWORD_RESPONSE && + (ui->logon_parameters & MSV1_0_ALLOW_MSVCHAPV2) && + ui->password.response.nt.length == 24) { password_type = "MSCHAPv2"; } else if ((ui->logon_parameters & MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED) || (ui->password_state == AUTH_PASSWORD_PLAIN)) { |