r2096@chromobil: stefan | 2008-02-26 17:12:09 +0100

Enhancement #1544: Log the ip of failed auth tries in error.log


git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2091 152afb58-edef-0310-8abb-c4023f1b3aa9

src/http_auth.c

@@ -29,6 +29,7 @@
 #include "log.h"
 #include "http_auth.h"
 #include "http_auth_digest.h"
+#include "inet_ntop_cache.h"
 #include "stream.h"
 
 #ifdef USE_OPENSSL
@@ -862,7 +863,7 @@ int http_auth_basic_check(server *srv, connection *con, mod_auth_plugin_data *p,
 
 	/* password doesn't match */
 	if (http_auth_basic_password_compare(srv, p, req, username, realm->value, password, pw)) {
-		log_error_write(srv, __FILE__, __LINE__, "sbb", "password doesn't match for", con->uri.path, username);
+		log_error_write(srv, __FILE__, __LINE__, "sbbss", "password doesn't match for ", con->uri.path, username, ", IP:", inet_ntop_cache_get_ip(srv, &(con->dst_addr)));
 
 		buffer_free(username);
 		buffer_free(password);
@@ -1130,7 +1131,7 @@ int http_auth_digest_check(server *srv, connection *con, mod_auth_plugin_data *p
 		}
 
 		log_error_write(srv, __FILE__, __LINE__, "sss",
-				"digest: auth failed for", username, "wrong password");
+				"digest: auth failed for ", username, ": wrong password, IP:", inet_ntop_cache_get_ip(srv, &(con->dst_addr)));
 
 		buffer_free(b);
 		return 0;