merge lp:mailman/2.1 up to rev 1770

6 files changed, 42 insertions, 4 deletions

diff --git a/Mailman/Cgi/admin.py b/Mailman/Cgi/admin.py
index eeefc056..174cf34f 100644
--- a/Mailman/Cgi/admin.py
+++ b/Mailman/Cgi/admin.py
@@ -119,6 +119,13 @@ def main():
         if cgidata.has_key('adminpw'):
             # This is a re-authorization attempt
             msg = Bold(FontSize('+1', _('Authorization failed.'))).Format()
+            remote = os.environ.get('HTTP_FORWARDED_FOR',
+                     os.environ.get('HTTP_X_FORWARDED_FOR',
+                     os.environ.get('REMOTE_ADDR',
+                                    'unidentified origin')))
+            syslog('security',
+                   'Authorization failed (admin): list=%s: remote=%s',
+                   listname, remote)
         else:
             msg = ''
         Auth.loginpage(mlist, 'admin', msg=msg)
diff --git a/Mailman/Cgi/admindb.py b/Mailman/Cgi/admindb.py
index cc863306..010d8aae 100644
--- a/Mailman/Cgi/admindb.py
+++ b/Mailman/Cgi/admindb.py
@@ -159,6 +159,13 @@ def main():
         if cgidata.has_key('adminpw'):
             # This is a re-authorization attempt
             msg = Bold(FontSize('+1', _('Authorization failed.'))).Format()
+            remote = os.environ.get('HTTP_FORWARDED_FOR',
+                     os.environ.get('HTTP_X_FORWARDED_FOR',
+                     os.environ.get('REMOTE_ADDR',
+                                    'unidentified origin')))
+            syslog('security',
+                   'Authorization failed (admindb): list=%s: remote=%s',
+                   listname, remote)
         else:
             msg = ''
         Auth.loginpage(mlist, 'admindb', msg=msg)
diff --git a/Mailman/Cgi/edithtml.py b/Mailman/Cgi/edithtml.py
index d3d04a31..8bf1652a 100644
--- a/Mailman/Cgi/edithtml.py
+++ b/Mailman/Cgi/edithtml.py
@@ -126,6 +126,13 @@ def main():
         if cgidata.has_key('admlogin'):
             # This is a re-authorization attempt
             msg = Bold(FontSize('+1', _('Authorization failed.'))).Format()
+            remote = os.environ.get('HTTP_FORWARDED_FOR',
+                     os.environ.get('HTTP_X_FORWARDED_FOR',
+                     os.environ.get('REMOTE_ADDR',
+                                    'unidentified origin')))
+            syslog('security',
+                   'Authorization failed (edithtml): list=%s: remote=%s',
+                   listname, remote)
         else:
             msg = ''
         Auth.loginpage(mlist, 'admin', msg=msg)
diff --git a/Mailman/Cgi/options.py b/Mailman/Cgi/options.py
index 6608df4f..4f128baf 100644
--- a/Mailman/Cgi/options.py
+++ b/Mailman/Cgi/options.py
@@ -288,13 +288,16 @@ def main():
         # message.
         if cgidata.has_key('password'):
             doc.addError(_('Authentication failed.'))
+            remote = os.environ.get('HTTP_FORWARDED_FOR',
+                     os.environ.get('HTTP_X_FORWARDED_FOR',
+                     os.environ.get('REMOTE_ADDR',
+                                    'unidentified origin')))
+            syslog('security',
+                 'Authorization failed (private): user=%s: list=%s: remote=%s',
+                   user, listname, remote)
             # So as not to allow membership leakage, prompt for the email
             # address and the password here.
             if mlist.private_roster <> 0:
-                remote = os.environ.get('HTTP_FORWARDED_FOR',
-                         os.environ.get('HTTP_X_FORWARDED_FOR',
-                         os.environ.get('REMOTE_ADDR',
-                                        'unidentified origin')))
                 syslog('mischief',
                        'Login failure with private rosters: %s from %s',
                        user, remote)
diff --git a/Mailman/Cgi/private.py b/Mailman/Cgi/private.py
index 80369e84..131c5de8 100755
--- a/Mailman/Cgi/private.py
+++ b/Mailman/Cgi/private.py
@@ -142,6 +142,13 @@ def main():
         if cgidata.has_key('submit'):
             # This is a re-authorization attempt
             message = Bold(FontSize('+1', _('Authorization failed.'))).Format()
+            remote = os.environ.get('HTTP_FORWARDED_FOR',
+                     os.environ.get('HTTP_X_FORWARDED_FOR',
+                     os.environ.get('REMOTE_ADDR',
+                                    'unidentified origin')))
+            syslog('security',
+                 'Authorization failed (private): user=%s: list=%s: remote=%s',
+                   username, listname, remote)
             # give an HTTP 401 for authentication failure
             print 'Status: 401 Unauthorized'
         # Are we processing a password reminder from the login screen?
diff --git a/Mailman/Cgi/roster.py b/Mailman/Cgi/roster.py
index 739d4fff..02286c09 100644
--- a/Mailman/Cgi/roster.py
+++ b/Mailman/Cgi/roster.py
@@ -118,6 +118,13 @@ def main():
         error_page_doc(doc, _('%(realname)s roster authentication failed.'))
         doc.AddItem(mlist.GetMailmanFooter())
         print doc.Format()
+        remote = os.environ.get('HTTP_FORWARDED_FOR',
+                 os.environ.get('HTTP_X_FORWARDED_FOR',
+                 os.environ.get('REMOTE_ADDR',
+                                'unidentified origin')))
+        syslog('security',
+               'Authorization failed (roster): list=%s: remote=%s',
+               listname, remote)
         return
 
     # The document and its language