heimdal: Pass extra information to hdb_auth_status() to log success and failures

We now pass on the original client name and the client address to allow consistent audit logging in Samba across multiple protocols. We use config->db[0] to find the first database to record incorrect users. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
author: Andrew Bartlett <abartlet@samba.org> 2017-02-21 14:07:54 +1300
committer: Andrew Bartlett <abartlet@samba.org> 2017-03-29 02:37:28 +0200
commit: f498ba77df2313e78863e5f2706840c43e232a96 (patch)
tree: f9946b6f23308cb8288ed363658fbc5207f94aa6 /auth/auth_log.c
parent: 7cbe1c844ea359b6d5386b3986aa16152e975f3d (diff)
download: samba-f498ba77df2313e78863e5f2706840c43e232a96.tar.gz
1 files changed, 5 insertions, 3 deletions
diff --git a/auth/auth_log.c b/auth/auth_log.c
index 63b531ca1a0..cec135e45cf 100644
--- a/auth/auth_log.c
+++ b/auth/auth_log.c
@@ -637,9 +637,11 @@ static const char* get_password_type(const struct auth_usersupplied_info *ui)
 
 	const char *password_type = NULL;
 
-	if (ui->password_state == AUTH_PASSWORD_RESPONSE &&
-	    (ui->logon_parameters & MSV1_0_ALLOW_MSVCHAPV2) &&
-	    ui->password.response.nt.length == 24) {
+	if (ui->password_type != NULL) {
+		password_type = ui->password_type;
+	} else if (ui->password_state == AUTH_PASSWORD_RESPONSE &&
+		   (ui->logon_parameters & MSV1_0_ALLOW_MSVCHAPV2) &&
+		   ui->password.response.nt.length == 24) {
 		password_type = "MSCHAPv2";
 	} else if ((ui->logon_parameters & MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED)
 		   || (ui->password_state == AUTH_PASSWORD_PLAIN)) {
author	Andrew Bartlett <abartlet@samba.org>	2017-02-21 14:07:54 +1300
committer	Andrew Bartlett <abartlet@samba.org>	2017-03-29 02:37:28 +0200
commit	f498ba77df2313e78863e5f2706840c43e232a96 (patch)
tree	f9946b6f23308cb8288ed363658fbc5207f94aa6 /auth/auth_log.c
parent	7cbe1c844ea359b6d5386b3986aa16152e975f3d (diff)
download	samba-f498ba77df2313e78863e5f2706840c43e232a96.tar.gz