- dtucker@cvs.openbsd.org 2013/04/07 02:10:33
[log.c log.h ssh.1 ssh.c sshd.8 sshd.c] Add -E option to ssh and sshd to append debugging logs to a specified file instead of stderr or syslog. ok markus@, man page help jmc@
This commit is contained in:
parent
37f1c08473
commit
03d4d7e60b
|
@ -39,6 +39,10 @@
|
||||||
- markus@cvs.openbsd.org 2013/04/06 16:07:00
|
- markus@cvs.openbsd.org 2013/04/06 16:07:00
|
||||||
[channels.c sshd.c]
|
[channels.c sshd.c]
|
||||||
handle ECONNABORTED for accept(); ok deraadt some time ago...
|
handle ECONNABORTED for accept(); ok deraadt some time ago...
|
||||||
|
- dtucker@cvs.openbsd.org 2013/04/07 02:10:33
|
||||||
|
[log.c log.h ssh.1 ssh.c sshd.8 sshd.c]
|
||||||
|
Add -E option to ssh and sshd to append debugging logs to a specified file
|
||||||
|
instead of stderr or syslog. ok markus@, man page help jmc@
|
||||||
|
|
||||||
20130418
|
20130418
|
||||||
- (djm) [config.guess config.sub] Update to last versions before they switch
|
- (djm) [config.guess config.sub] Update to last versions before they switch
|
||||||
|
|
20
log.c
20
log.c
|
@ -1,4 +1,4 @@
|
||||||
/* $OpenBSD: log.c,v 1.43 2012/09/06 04:37:39 dtucker Exp $ */
|
/* $OpenBSD: log.c,v 1.44 2013/04/07 02:10:33 dtucker Exp $ */
|
||||||
/*
|
/*
|
||||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||||
|
@ -38,6 +38,7 @@
|
||||||
|
|
||||||
#include <sys/types.h>
|
#include <sys/types.h>
|
||||||
|
|
||||||
|
#include <fcntl.h>
|
||||||
#include <stdarg.h>
|
#include <stdarg.h>
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
#include <stdlib.h>
|
#include <stdlib.h>
|
||||||
|
@ -54,6 +55,7 @@
|
||||||
|
|
||||||
static LogLevel log_level = SYSLOG_LEVEL_INFO;
|
static LogLevel log_level = SYSLOG_LEVEL_INFO;
|
||||||
static int log_on_stderr = 1;
|
static int log_on_stderr = 1;
|
||||||
|
static int log_stderr_fd = STDERR_FILENO;
|
||||||
static int log_facility = LOG_AUTH;
|
static int log_facility = LOG_AUTH;
|
||||||
static char *argv0;
|
static char *argv0;
|
||||||
static log_handler_fn *log_handler;
|
static log_handler_fn *log_handler;
|
||||||
|
@ -344,6 +346,20 @@ log_is_on_stderr(void)
|
||||||
return log_on_stderr;
|
return log_on_stderr;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* redirect what would usually get written to stderr to specified file */
|
||||||
|
void
|
||||||
|
log_redirect_stderr_to(const char *logfile)
|
||||||
|
{
|
||||||
|
int fd;
|
||||||
|
|
||||||
|
if ((fd = open(logfile, O_WRONLY|O_CREAT|O_APPEND, 0600)) == -1) {
|
||||||
|
fprintf(stderr, "Couldn't open logfile %s: %s\n", logfile,
|
||||||
|
strerror(errno));
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
log_stderr_fd = fd;
|
||||||
|
}
|
||||||
|
|
||||||
#define MSGBUFSIZ 1024
|
#define MSGBUFSIZ 1024
|
||||||
|
|
||||||
void
|
void
|
||||||
|
@ -429,7 +445,7 @@ do_log(LogLevel level, const char *fmt, va_list args)
|
||||||
log_handler = tmp_handler;
|
log_handler = tmp_handler;
|
||||||
} else if (log_on_stderr) {
|
} else if (log_on_stderr) {
|
||||||
snprintf(msgbuf, sizeof msgbuf, "%s\r\n", fmtbuf);
|
snprintf(msgbuf, sizeof msgbuf, "%s\r\n", fmtbuf);
|
||||||
write(STDERR_FILENO, msgbuf, strlen(msgbuf));
|
write(log_stderr_fd, msgbuf, strlen(msgbuf));
|
||||||
} else {
|
} else {
|
||||||
#if defined(HAVE_OPENLOG_R) && defined(SYSLOG_DATA_INIT)
|
#if defined(HAVE_OPENLOG_R) && defined(SYSLOG_DATA_INIT)
|
||||||
openlog_r(argv0 ? argv0 : __progname, LOG_PID, log_facility, &sdata);
|
openlog_r(argv0 ? argv0 : __progname, LOG_PID, log_facility, &sdata);
|
||||||
|
|
3
log.h
3
log.h
|
@ -1,4 +1,4 @@
|
||||||
/* $OpenBSD: log.h,v 1.19 2012/09/06 04:37:39 dtucker Exp $ */
|
/* $OpenBSD: log.h,v 1.20 2013/04/07 02:10:33 dtucker Exp $ */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||||
|
@ -51,6 +51,7 @@ typedef void (log_handler_fn)(LogLevel, const char *, void *);
|
||||||
void log_init(char *, LogLevel, SyslogFacility, int);
|
void log_init(char *, LogLevel, SyslogFacility, int);
|
||||||
void log_change_level(LogLevel);
|
void log_change_level(LogLevel);
|
||||||
int log_is_on_stderr(void);
|
int log_is_on_stderr(void);
|
||||||
|
void log_redirect_stderr_to(const char *);
|
||||||
|
|
||||||
SyslogFacility log_facility_number(char *);
|
SyslogFacility log_facility_number(char *);
|
||||||
const char * log_facility_name(SyslogFacility);
|
const char * log_facility_name(SyslogFacility);
|
||||||
|
|
9
ssh.1
9
ssh.1
|
@ -33,8 +33,8 @@
|
||||||
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||||
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
.\"
|
.\"
|
||||||
.\" $OpenBSD: ssh.1,v 1.330 2012/10/04 13:21:50 markus Exp $
|
.\" $OpenBSD: ssh.1,v 1.331 2013/04/07 02:10:33 dtucker Exp $
|
||||||
.Dd $Mdocdate: October 4 2012 $
|
.Dd $Mdocdate: April 7 2013 $
|
||||||
.Dt SSH 1
|
.Dt SSH 1
|
||||||
.Os
|
.Os
|
||||||
.Sh NAME
|
.Sh NAME
|
||||||
|
@ -47,6 +47,7 @@
|
||||||
.Op Fl b Ar bind_address
|
.Op Fl b Ar bind_address
|
||||||
.Op Fl c Ar cipher_spec
|
.Op Fl c Ar cipher_spec
|
||||||
.Op Fl D Oo Ar bind_address : Oc Ns Ar port
|
.Op Fl D Oo Ar bind_address : Oc Ns Ar port
|
||||||
|
.Op Fl E Ar log_file
|
||||||
.Op Fl e Ar escape_char
|
.Op Fl e Ar escape_char
|
||||||
.Op Fl F Ar configfile
|
.Op Fl F Ar configfile
|
||||||
.Op Fl I Ar pkcs11
|
.Op Fl I Ar pkcs11
|
||||||
|
@ -217,6 +218,10 @@ indicates that the listening port be bound for local use only, while an
|
||||||
empty address or
|
empty address or
|
||||||
.Sq *
|
.Sq *
|
||||||
indicates that the port should be available from all interfaces.
|
indicates that the port should be available from all interfaces.
|
||||||
|
.It Fl E Ar log_file
|
||||||
|
Append debug logs to
|
||||||
|
.Ar log_file
|
||||||
|
instead of standard error.
|
||||||
.It Fl e Ar escape_char
|
.It Fl e Ar escape_char
|
||||||
Sets the escape character for sessions with a pty (default:
|
Sets the escape character for sessions with a pty (default:
|
||||||
.Ql ~ ) .
|
.Ql ~ ) .
|
||||||
|
|
28
ssh.c
28
ssh.c
|
@ -1,4 +1,4 @@
|
||||||
/* $OpenBSD: ssh.c,v 1.374 2013/03/08 06:32:58 djm Exp $ */
|
/* $OpenBSD: ssh.c,v 1.375 2013/04/07 02:10:33 dtucker Exp $ */
|
||||||
/*
|
/*
|
||||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||||
|
@ -197,8 +197,8 @@ usage(void)
|
||||||
{
|
{
|
||||||
fprintf(stderr,
|
fprintf(stderr,
|
||||||
"usage: ssh [-1246AaCfgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec]\n"
|
"usage: ssh [-1246AaCfgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec]\n"
|
||||||
" [-D [bind_address:]port] [-e escape_char] [-F configfile]\n"
|
" [-D [bind_address:]port] [-E log_file] [-e escape_char]\n"
|
||||||
" [-I pkcs11] [-i identity_file]\n"
|
" [-F configfile] [-I pkcs11] [-i identity_file]\n"
|
||||||
" [-L [bind_address:]port:host:hostport]\n"
|
" [-L [bind_address:]port:host:hostport]\n"
|
||||||
" [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]\n"
|
" [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]\n"
|
||||||
" [-R [bind_address:]port:host:hostport] [-S ctl_path]\n"
|
" [-R [bind_address:]port:host:hostport] [-S ctl_path]\n"
|
||||||
|
@ -238,7 +238,7 @@ int
|
||||||
main(int ac, char **av)
|
main(int ac, char **av)
|
||||||
{
|
{
|
||||||
int i, r, opt, exit_status, use_syslog;
|
int i, r, opt, exit_status, use_syslog;
|
||||||
char *p, *cp, *line, *argv0, buf[MAXPATHLEN], *host_arg;
|
char *p, *cp, *line, *argv0, buf[MAXPATHLEN], *host_arg, *logfile;
|
||||||
char thishost[NI_MAXHOST], shorthost[NI_MAXHOST], portstr[NI_MAXSERV];
|
char thishost[NI_MAXHOST], shorthost[NI_MAXHOST], portstr[NI_MAXSERV];
|
||||||
struct stat st;
|
struct stat st;
|
||||||
struct passwd *pw;
|
struct passwd *pw;
|
||||||
|
@ -322,11 +322,12 @@ main(int ac, char **av)
|
||||||
/* Parse command-line arguments. */
|
/* Parse command-line arguments. */
|
||||||
host = NULL;
|
host = NULL;
|
||||||
use_syslog = 0;
|
use_syslog = 0;
|
||||||
|
logfile = NULL;
|
||||||
argv0 = av[0];
|
argv0 = av[0];
|
||||||
|
|
||||||
again:
|
again:
|
||||||
while ((opt = getopt(ac, av, "1246ab:c:e:fgi:kl:m:no:p:qstvx"
|
while ((opt = getopt(ac, av, "1246ab:c:e:fgi:kl:m:no:p:qstvx"
|
||||||
"ACD:F:I:KL:MNO:PR:S:TVw:W:XYy")) != -1) {
|
"ACD:E:F:I:KL:MNO:PR:S:TVw:W:XYy")) != -1) {
|
||||||
switch (opt) {
|
switch (opt) {
|
||||||
case '1':
|
case '1':
|
||||||
options.protocol = SSH_PROTO_1;
|
options.protocol = SSH_PROTO_1;
|
||||||
|
@ -356,6 +357,9 @@ main(int ac, char **av)
|
||||||
case 'y':
|
case 'y':
|
||||||
use_syslog = 1;
|
use_syslog = 1;
|
||||||
break;
|
break;
|
||||||
|
case 'E':
|
||||||
|
logfile = xstrdup(optarg);
|
||||||
|
break;
|
||||||
case 'Y':
|
case 'Y':
|
||||||
options.forward_x11 = 1;
|
options.forward_x11 = 1;
|
||||||
options.forward_x11_trusted = 1;
|
options.forward_x11_trusted = 1;
|
||||||
|
@ -427,9 +431,8 @@ main(int ac, char **av)
|
||||||
} else {
|
} else {
|
||||||
if (options.log_level < SYSLOG_LEVEL_DEBUG3)
|
if (options.log_level < SYSLOG_LEVEL_DEBUG3)
|
||||||
options.log_level++;
|
options.log_level++;
|
||||||
break;
|
|
||||||
}
|
}
|
||||||
/* FALLTHROUGH */
|
break;
|
||||||
case 'V':
|
case 'V':
|
||||||
fprintf(stderr, "%s, %s\n",
|
fprintf(stderr, "%s, %s\n",
|
||||||
SSH_RELEASE, SSLeay_version(SSLEAY_VERSION));
|
SSH_RELEASE, SSLeay_version(SSLEAY_VERSION));
|
||||||
|
@ -663,12 +666,21 @@ main(int ac, char **av)
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Initialize "log" output. Since we are the client all output
|
* Initialize "log" output. Since we are the client all output
|
||||||
* actually goes to stderr.
|
* goes to stderr unless otherwise specified by -y or -E.
|
||||||
*/
|
*/
|
||||||
|
if (use_syslog && logfile != NULL)
|
||||||
|
fatal("Can't specify both -y and -E");
|
||||||
|
if (logfile != NULL) {
|
||||||
|
log_redirect_stderr_to(logfile);
|
||||||
|
xfree(logfile);
|
||||||
|
}
|
||||||
log_init(argv0,
|
log_init(argv0,
|
||||||
options.log_level == -1 ? SYSLOG_LEVEL_INFO : options.log_level,
|
options.log_level == -1 ? SYSLOG_LEVEL_INFO : options.log_level,
|
||||||
SYSLOG_FACILITY_USER, !use_syslog);
|
SYSLOG_FACILITY_USER, !use_syslog);
|
||||||
|
|
||||||
|
if (debug_flag)
|
||||||
|
logit("%s, %s", SSH_VERSION, SSLeay_version(SSLEAY_VERSION));
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Read per-user configuration file. Ignore the system wide config
|
* Read per-user configuration file. Ignore the system wide config
|
||||||
* file if the user specifies a config file on the command line.
|
* file if the user specifies a config file on the command line.
|
||||||
|
|
9
sshd.8
9
sshd.8
|
@ -33,8 +33,8 @@
|
||||||
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||||
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
.\"
|
.\"
|
||||||
.\" $OpenBSD: sshd.8,v 1.267 2012/10/04 13:21:50 markus Exp $
|
.\" $OpenBSD: sshd.8,v 1.268 2013/04/07 02:10:33 dtucker Exp $
|
||||||
.Dd $Mdocdate: October 4 2012 $
|
.Dd $Mdocdate: April 7 2013 $
|
||||||
.Dt SSHD 8
|
.Dt SSHD 8
|
||||||
.Os
|
.Os
|
||||||
.Sh NAME
|
.Sh NAME
|
||||||
|
@ -47,6 +47,7 @@
|
||||||
.Op Fl b Ar bits
|
.Op Fl b Ar bits
|
||||||
.Op Fl C Ar connection_spec
|
.Op Fl C Ar connection_spec
|
||||||
.Op Fl c Ar host_certificate_file
|
.Op Fl c Ar host_certificate_file
|
||||||
|
.Op Fl E Ar log_file
|
||||||
.Op Fl f Ar config_file
|
.Op Fl f Ar config_file
|
||||||
.Op Fl g Ar login_grace_time
|
.Op Fl g Ar login_grace_time
|
||||||
.Op Fl h Ar host_key_file
|
.Op Fl h Ar host_key_file
|
||||||
|
@ -146,6 +147,10 @@ Multiple
|
||||||
.Fl d
|
.Fl d
|
||||||
options increase the debugging level.
|
options increase the debugging level.
|
||||||
Maximum is 3.
|
Maximum is 3.
|
||||||
|
.It Fl E Ar log_file
|
||||||
|
Append debug logs to
|
||||||
|
.Ar log_file
|
||||||
|
instead of the system log.
|
||||||
.It Fl e
|
.It Fl e
|
||||||
When this option is specified,
|
When this option is specified,
|
||||||
.Nm
|
.Nm
|
||||||
|
|
19
sshd.c
19
sshd.c
|
@ -1,4 +1,4 @@
|
||||||
/* $OpenBSD: sshd.c,v 1.398 2013/04/06 16:07:00 markus Exp $ */
|
/* $OpenBSD: sshd.c,v 1.399 2013/04/07 02:10:33 dtucker Exp $ */
|
||||||
/*
|
/*
|
||||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||||
|
@ -900,8 +900,9 @@ usage(void)
|
||||||
SSH_RELEASE, SSLeay_version(SSLEAY_VERSION));
|
SSH_RELEASE, SSLeay_version(SSLEAY_VERSION));
|
||||||
fprintf(stderr,
|
fprintf(stderr,
|
||||||
"usage: sshd [-46DdeiqTt] [-b bits] [-C connection_spec] [-c host_cert_file]\n"
|
"usage: sshd [-46DdeiqTt] [-b bits] [-C connection_spec] [-c host_cert_file]\n"
|
||||||
" [-f config_file] [-g login_grace_time] [-h host_key_file]\n"
|
" [-E log_file] [-f config_file] [-g login_grace_time]\n"
|
||||||
" [-k key_gen_time] [-o option] [-p port] [-u len]\n"
|
" [-h host_key_file] [-k key_gen_time] [-o option] [-p port]\n"
|
||||||
|
" [-u len]\n"
|
||||||
);
|
);
|
||||||
exit(1);
|
exit(1);
|
||||||
}
|
}
|
||||||
|
@ -1335,7 +1336,7 @@ main(int ac, char **av)
|
||||||
int sock_in = -1, sock_out = -1, newsock = -1;
|
int sock_in = -1, sock_out = -1, newsock = -1;
|
||||||
const char *remote_ip;
|
const char *remote_ip;
|
||||||
int remote_port;
|
int remote_port;
|
||||||
char *line;
|
char *line, *logfile = NULL;
|
||||||
int config_s[2] = { -1 , -1 };
|
int config_s[2] = { -1 , -1 };
|
||||||
u_int n;
|
u_int n;
|
||||||
u_int64_t ibytes, obytes;
|
u_int64_t ibytes, obytes;
|
||||||
|
@ -1373,7 +1374,7 @@ main(int ac, char **av)
|
||||||
initialize_server_options(&options);
|
initialize_server_options(&options);
|
||||||
|
|
||||||
/* Parse command-line arguments. */
|
/* Parse command-line arguments. */
|
||||||
while ((opt = getopt(ac, av, "f:p:b:k:h:g:u:o:C:dDeiqrtQRT46")) != -1) {
|
while ((opt = getopt(ac, av, "f:p:b:k:h:g:u:o:C:dDeE:iqrtQRT46")) != -1) {
|
||||||
switch (opt) {
|
switch (opt) {
|
||||||
case '4':
|
case '4':
|
||||||
options.address_family = AF_INET;
|
options.address_family = AF_INET;
|
||||||
|
@ -1402,6 +1403,9 @@ main(int ac, char **av)
|
||||||
case 'D':
|
case 'D':
|
||||||
no_daemon_flag = 1;
|
no_daemon_flag = 1;
|
||||||
break;
|
break;
|
||||||
|
case 'E':
|
||||||
|
logfile = xstrdup(optarg);
|
||||||
|
/* FALLTHROUGH */
|
||||||
case 'e':
|
case 'e':
|
||||||
log_stderr = 1;
|
log_stderr = 1;
|
||||||
break;
|
break;
|
||||||
|
@ -1499,6 +1503,11 @@ main(int ac, char **av)
|
||||||
|
|
||||||
OpenSSL_add_all_algorithms();
|
OpenSSL_add_all_algorithms();
|
||||||
|
|
||||||
|
/* If requested, redirect the logs to the specified logfile. */
|
||||||
|
if (logfile != NULL) {
|
||||||
|
log_redirect_stderr_to(logfile);
|
||||||
|
xfree(logfile);
|
||||||
|
}
|
||||||
/*
|
/*
|
||||||
* Force logging to stderr until we have loaded the private host
|
* Force logging to stderr until we have loaded the private host
|
||||||
* key (unless started from inetd)
|
* key (unless started from inetd)
|
||||||
|
|
Loading…
Reference in New Issue