diff options
| author | Jim Popovitch <jimpop@domainmail.org> | 2018-06-06 10:06:19 +0000 |
|---|---|---|
| committer | Jim Popovitch <jimpop@domainmail.org> | 2018-06-06 10:06:19 +0000 |
| commit | cd47d41512f99aff9eaaaaf6e796a34aa00fa8bf (patch) | |
| tree | 11a9319cdd23a725293e77d7f7bbfe1712fe53e5 /Mailman/Cgi | |
| parent | 8291c814c54d87c7958304e471a5c5c013417e45 (diff) | |
| download | mailman2-cd47d41512f99aff9eaaaaf6e796a34aa00fa8bf.tar.gz mailman2-cd47d41512f99aff9eaaaaf6e796a34aa00fa8bf.tar.xz mailman2-cd47d41512f99aff9eaaaaf6e796a34aa00fa8bf.zip | |
Improved logging of security related events
Diffstat (limited to 'Mailman/Cgi')
| -rw-r--r-- | Mailman/Cgi/admin.py | 5 | ||||
| -rw-r--r-- | Mailman/Cgi/admindb.py | 5 | ||||
| -rw-r--r-- | Mailman/Cgi/edithtml.py | 5 | ||||
| -rwxr-xr-x | Mailman/Cgi/private.py | 5 | ||||
| -rw-r--r-- | Mailman/Cgi/roster.py | 5 |
5 files changed, 25 insertions, 0 deletions
diff --git a/Mailman/Cgi/admin.py b/Mailman/Cgi/admin.py index eeefc056..2a86298a 100644 --- a/Mailman/Cgi/admin.py +++ b/Mailman/Cgi/admin.py @@ -119,6 +119,11 @@ def main(): if cgidata.has_key('adminpw'): # This is a re-authorization attempt msg = Bold(FontSize('+1', _('Authorization failed.'))).Format() + remote = os.environ.get('HTTP_FORWARDED_FOR', + os.environ.get('HTTP_X_FORWARDED_FOR', + os.environ.get('REMOTE_ADDR', + 'unidentified origin'))) + syslog('security', 'Authorization failed (admin): list=%s: remote=%s', listname, remote) else: msg = '' Auth.loginpage(mlist, 'admin', msg=msg) diff --git a/Mailman/Cgi/admindb.py b/Mailman/Cgi/admindb.py index cc863306..58afb46a 100644 --- a/Mailman/Cgi/admindb.py +++ b/Mailman/Cgi/admindb.py @@ -159,6 +159,11 @@ def main(): if cgidata.has_key('adminpw'): # This is a re-authorization attempt msg = Bold(FontSize('+1', _('Authorization failed.'))).Format() + remote = os.environ.get('HTTP_FORWARDED_FOR', + os.environ.get('HTTP_X_FORWARDED_FOR', + os.environ.get('REMOTE_ADDR', + 'unidentified origin'))) + syslog('security', 'Authorization failed (admindb): list=%s: domain=%s', listname, remote) else: msg = '' Auth.loginpage(mlist, 'admindb', msg=msg) diff --git a/Mailman/Cgi/edithtml.py b/Mailman/Cgi/edithtml.py index d3d04a31..69421688 100644 --- a/Mailman/Cgi/edithtml.py +++ b/Mailman/Cgi/edithtml.py @@ -126,6 +126,11 @@ def main(): if cgidata.has_key('admlogin'): # This is a re-authorization attempt msg = Bold(FontSize('+1', _('Authorization failed.'))).Format() + remote = os.environ.get('HTTP_FORWARDED_FOR', + os.environ.get('HTTP_X_FORWARDED_FOR', + os.environ.get('REMOTE_ADDR', + 'unidentified origin'))) + syslog('security', 'Authorization failed (edithtml): list=%s: remote=%s', listname, remote) else: msg = '' Auth.loginpage(mlist, 'admin', msg=msg) diff --git a/Mailman/Cgi/private.py b/Mailman/Cgi/private.py index 80369e84..f5c73821 100755 --- a/Mailman/Cgi/private.py +++ b/Mailman/Cgi/private.py @@ -142,6 +142,11 @@ def main(): if cgidata.has_key('submit'): # This is a re-authorization attempt message = Bold(FontSize('+1', _('Authorization failed.'))).Format() + remote = os.environ.get('HTTP_FORWARDED_FOR', + os.environ.get('HTTP_X_FORWARDED_FOR', + os.environ.get('REMOTE_ADDR', + 'unidentified origin'))) + syslog('security', 'Authorization failed (private): list=%s: remote=%s', listname, remote) # give an HTTP 401 for authentication failure print 'Status: 401 Unauthorized' # Are we processing a password reminder from the login screen? diff --git a/Mailman/Cgi/roster.py b/Mailman/Cgi/roster.py index 739d4fff..88391997 100644 --- a/Mailman/Cgi/roster.py +++ b/Mailman/Cgi/roster.py @@ -118,6 +118,11 @@ def main(): error_page_doc(doc, _('%(realname)s roster authentication failed.')) doc.AddItem(mlist.GetMailmanFooter()) print doc.Format() + remote = os.environ.get('HTTP_FORWARDED_FOR', + os.environ.get('HTTP_X_FORWARDED_FOR', + os.environ.get('REMOTE_ADDR', + 'unidentified origin'))) + syslog('security', 'Authorization failed (roster): list=%s: remote=%s', listname, remote) return # The document and its language |