[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 15 Sep 2005 12:39:33 +0200
From: Fredrik Björk <Fredrik.Bjork.List@...bergenergi.se>
To: popa3d-users@...ts.openwall.com
Subject: Patch to include the username in all syslog messages
Hi!
This may well be in some other contrib patch, but since I couldn't find a
link to the contrib directory, here it is. It is a patch that adds the
username (or mailbox, which should be the same most of the time) to all
syslog messages that popa3d writes. It is very useful for detecting users
that misspell usernames, or use incorrect case when typing the username.
Example:
Sep 15 12:22:14 mail01 popa3d[22645]: Authentication failed for UNKNOWN
USER Vjen
Sep 15 12:22:14 mail01 popa3d[22659]: Authentication passed for sea0593a
Sep 15 12:22:14 mail01 popa3d[22659]: 25 messages (1585238 bytes) loaded
for se0593a
Sep 15 12:22:14 mail01 popa3d[22659]: 0 (0) deleted, 25 (1585238) left for
se0593a
Sep 15 12:25:17 mail01 popa3d[24468]: Authentication passed for se1161d
Sep 15 12:25:17 mail01 popa3d[24468]: 1 message (12918 bytes) loaded for
se1161d
Sep 15 12:25:18 mail01 popa3d[24468]: 1 (12918) deleted, 0 (0) left for se1161d
popa3d unpatched would have given the following:
Sep 15 12:22:14 mail01 popa3d[22645]: Authentication failed for UNKNOWN USER
Sep 15 12:22:14 mail01 popa3d[22659]: Authentication passed for sea0593a
Sep 15 12:22:14 mail01 popa3d[22659]: 25 messages (1585238 bytes) loaded
Sep 15 12:22:14 mail01 popa3d[22659]: 0 (0) deleted, 25 (1585238) left
Sep 15 12:25:17 mail01 popa3d[24468]: Authentication passed
Sep 15 12:25:17 mail01 popa3d[24468]: 1 message (12918 bytes) loaded
Sep 15 12:25:18 mail01 popa3d[24468]: 1 (12918) deleted, 0 (0) left
It is quite obvious that the patch helps our support staff quite a bit!
I've not tested it in POP_VIRTUAL environments, but I have included support
it. I'm not really a programmer, so please audit the code and get back to
me or just fix it if anything needs to be fixed!
/Fredrik
diff -urpN popa3d-1.0-orig/pop_auth.c popa3d-1.0/pop_auth.c
--- popa3d-1.0-orig/pop_auth.c 2002-09-09 13:07:48.000000000 +0200
+++ popa3d-1.0/pop_auth.c 2005-09-15 12:32:13.000000000 +0200
@@ -65,7 +65,7 @@ int do_pop_auth(int channel)
return 0;
}
-void log_pop_auth(int result, char *user)
+void log_pop_auth(int result, char *user, int known)
{
if (result == AUTH_NONE) {
syslog(SYSLOG_PRI_LO, "Didn't attempt authentication");
@@ -75,15 +75,17 @@ void log_pop_auth(int result, char *user
#if POP_VIRTUAL
if (virtual_domain) {
syslog(result == AUTH_OK ? SYSLOG_PRI_LO : SYSLOG_PRI_HI,
- "Authentication %s for %s@%s",
+ "Authentication %s for %s%s@%s",
result == AUTH_OK ? "passed" : "failed",
- user ? user : "UNKNOWN USER",
+ known == 0 ? "UNKNOWN USER " : "",
+ user,
virtual_domain);
return;
}
#endif
syslog(result == AUTH_OK ? SYSLOG_PRI_LO : SYSLOG_PRI_HI,
- "Authentication %s for %s",
+ "Authentication %s for %s%s",
result == AUTH_OK ? "passed" : "failed",
- user ? user : "UNKNOWN USER");
+ known == 0 ? "UNKNOWN USER " : "",
+ user);
}
diff -urpN popa3d-1.0-orig/pop_auth.h popa3d-1.0/pop_auth.h
--- popa3d-1.0-orig/pop_auth.h 2001-09-06 02:11:28.000000000 +0200
+++ popa3d-1.0/pop_auth.h 2005-09-15 09:53:16.000000000 +0200
@@ -21,6 +21,6 @@ extern int do_pop_auth(int channel);
/*
* Logs an authentication attempt for user, use NULL for non-existent.
*/
-extern void log_pop_auth(int result, char *user);
+extern void log_pop_auth(int result, char *user, int known);
#endif
diff -urpN popa3d-1.0-orig/pop_root.c popa3d-1.0/pop_root.c
--- popa3d-1.0-orig/pop_root.c 2002-03-21 21:15:19.000000000 +0100
+++ popa3d-1.0/pop_root.c 2005-09-15 09:50:34.000000000 +0200
@@ -247,12 +247,12 @@ int do_pop_session(void)
if (result == AUTH_OK) {
if (close(channel[0])) return log_error("close");
- log_pop_auth(result, user);
+ log_pop_auth(result, user, known);
return do_pop_trans(spool, mailbox);
}
if (drop_root()) return 1;
- log_pop_auth(result, known ? user : NULL);
+ log_pop_auth(result, user, known);
#ifdef AUTH_FAILED_MESSAGE
if (result == AUTH_FAILED) pop_reply("-ERR %s", AUTH_FAILED_MESSAGE);
diff -urpN popa3d-1.0-orig/pop_trans.c popa3d-1.0/pop_trans.c
--- popa3d-1.0-orig/pop_trans.c 2003-03-02 03:43:10.000000000 +0100
+++ popa3d-1.0/pop_trans.c 2005-09-15 10:04:22.000000000 +0200
@@ -216,9 +216,10 @@ int do_pop_trans(char *spool, char *mail
return 0;
}
- syslog(SYSLOG_PRI_LO, "%u message%s (%lu byte%s) loaded",
+ syslog(SYSLOG_PRI_LO, "%u message%s (%lu byte%s) loaded for %s",
db.total_count, db.total_count == 1 ? "" : "s",
- db.total_size, db.total_size == 1 ? "" : "s");
+ db.total_size, db.total_size == 1 ? "" : "s",
+ mailbox);
if (pop_reply_ok())
event = POP_CRASH_NETFAIL;
@@ -234,24 +235,25 @@ int do_pop_trans(char *spool, char *mail
break;
}
- syslog(SYSLOG_PRI_LO, "%u (%lu) deleted, %u (%lu) left",
+ syslog(SYSLOG_PRI_LO, "%u (%lu) deleted, %u (%lu) left for %s",
db.total_count - db.visible_count,
db.total_size - db.visible_size,
db.visible_count,
- db.visible_size);
+ db.visible_size,
+ mailbox);
pop_reply_ok();
break;
case POP_CRASH_NETFAIL:
- syslog(SYSLOG_PRI_LO, "Premature disconnect");
+ syslog(SYSLOG_PRI_LO, "Premature disconnect form %s",mailbox);
break;
case POP_CRASH_NETTIME:
- syslog(SYSLOG_PRI_LO, "Connection timed out");
+ syslog(SYSLOG_PRI_LO, "Connection timed out with %s",mailbox);
}
if (db.flags & DB_STALE)
- syslog(SYSLOG_PRI_LO, "Another MUA active, giving up");
+ syslog(SYSLOG_PRI_LO, "Another MUA active, giving up on
%s",mailbox);
else
if (event == POP_CRASH_SERVER)
syslog(SYSLOG_PRI_ERROR,
Download attachment "popa3d-1.0-show-username-in-logs.diff.gz" of type "application/octet-stream" (1236 bytes)
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
