upstream commit
allow LogLevel in sshd_config Match blocks; ok dtucker bz#2717 Upstream-ID: 662e303be63148f47db1aa78ab81c5c2e732baa8
This commit is contained in:
parent
277abcda3f
commit
54cd41a466
3
auth.c
3
auth.c
|
@ -1,4 +1,4 @@
|
||||||
/* $OpenBSD: auth.c,v 1.119 2016/12/15 21:29:05 dtucker Exp $ */
|
/* $OpenBSD: auth.c,v 1.120 2017/05/17 01:24:17 djm Exp $ */
|
||||||
/*
|
/*
|
||||||
* Copyright (c) 2000 Markus Friedl. All rights reserved.
|
* Copyright (c) 2000 Markus Friedl. All rights reserved.
|
||||||
*
|
*
|
||||||
|
@ -635,6 +635,7 @@ getpwnamallow(const char *user)
|
||||||
|
|
||||||
ci->user = user;
|
ci->user = user;
|
||||||
parse_server_match_config(&options, ci);
|
parse_server_match_config(&options, ci);
|
||||||
|
log_change_level(options.log_level);
|
||||||
|
|
||||||
#if defined(_AIX) && defined(HAVE_SETAUTHDB)
|
#if defined(_AIX) && defined(HAVE_SETAUTHDB)
|
||||||
aix_setauthdb(user);
|
aix_setauthdb(user);
|
||||||
|
|
35
log.c
35
log.c
|
@ -1,4 +1,4 @@
|
||||||
/* $OpenBSD: log.c,v 1.49 2017/03/10 03:15:58 djm Exp $ */
|
/* $OpenBSD: log.c,v 1.50 2017/05/17 01:24:17 djm Exp $ */
|
||||||
/*
|
/*
|
||||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||||
|
@ -256,18 +256,7 @@ log_init(char *av0, LogLevel level, SyslogFacility facility, int on_stderr)
|
||||||
|
|
||||||
argv0 = av0;
|
argv0 = av0;
|
||||||
|
|
||||||
switch (level) {
|
if (log_change_level(level) != 0) {
|
||||||
case SYSLOG_LEVEL_QUIET:
|
|
||||||
case SYSLOG_LEVEL_FATAL:
|
|
||||||
case SYSLOG_LEVEL_ERROR:
|
|
||||||
case SYSLOG_LEVEL_INFO:
|
|
||||||
case SYSLOG_LEVEL_VERBOSE:
|
|
||||||
case SYSLOG_LEVEL_DEBUG1:
|
|
||||||
case SYSLOG_LEVEL_DEBUG2:
|
|
||||||
case SYSLOG_LEVEL_DEBUG3:
|
|
||||||
log_level = level;
|
|
||||||
break;
|
|
||||||
default:
|
|
||||||
fprintf(stderr, "Unrecognized internal syslog level code %d\n",
|
fprintf(stderr, "Unrecognized internal syslog level code %d\n",
|
||||||
(int) level);
|
(int) level);
|
||||||
exit(1);
|
exit(1);
|
||||||
|
@ -340,13 +329,27 @@ log_init(char *av0, LogLevel level, SyslogFacility facility, int on_stderr)
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
void
|
int
|
||||||
log_change_level(LogLevel new_log_level)
|
log_change_level(LogLevel new_log_level)
|
||||||
{
|
{
|
||||||
/* no-op if log_init has not been called */
|
/* no-op if log_init has not been called */
|
||||||
if (argv0 == NULL)
|
if (argv0 == NULL)
|
||||||
return;
|
return 0;
|
||||||
log_init(argv0, new_log_level, log_facility, log_on_stderr);
|
|
||||||
|
switch (new_log_level) {
|
||||||
|
case SYSLOG_LEVEL_QUIET:
|
||||||
|
case SYSLOG_LEVEL_FATAL:
|
||||||
|
case SYSLOG_LEVEL_ERROR:
|
||||||
|
case SYSLOG_LEVEL_INFO:
|
||||||
|
case SYSLOG_LEVEL_VERBOSE:
|
||||||
|
case SYSLOG_LEVEL_DEBUG1:
|
||||||
|
case SYSLOG_LEVEL_DEBUG2:
|
||||||
|
case SYSLOG_LEVEL_DEBUG3:
|
||||||
|
log_level = new_log_level;
|
||||||
|
return 0;
|
||||||
|
default:
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
|
|
4
log.h
4
log.h
|
@ -1,4 +1,4 @@
|
||||||
/* $OpenBSD: log.h,v 1.21 2016/07/15 05:01:58 dtucker Exp $ */
|
/* $OpenBSD: log.h,v 1.22 2017/05/17 01:24:17 djm Exp $ */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||||
|
@ -49,7 +49,7 @@ typedef enum {
|
||||||
typedef void (log_handler_fn)(LogLevel, const char *, void *);
|
typedef void (log_handler_fn)(LogLevel, const char *, void *);
|
||||||
|
|
||||||
void log_init(char *, LogLevel, SyslogFacility, int);
|
void log_init(char *, LogLevel, SyslogFacility, int);
|
||||||
void log_change_level(LogLevel);
|
int log_change_level(LogLevel);
|
||||||
int log_is_on_stderr(void);
|
int log_is_on_stderr(void);
|
||||||
void log_redirect_stderr_to(const char *);
|
void log_redirect_stderr_to(const char *);
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
/* $OpenBSD: monitor_wrap.c,v 1.89 2016/08/13 17:47:41 markus Exp $ */
|
/* $OpenBSD: monitor_wrap.c,v 1.90 2017/05/17 01:24:17 djm Exp $ */
|
||||||
/*
|
/*
|
||||||
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
|
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
|
||||||
* Copyright 2002 Markus Friedl <markus@openbsd.org>
|
* Copyright 2002 Markus Friedl <markus@openbsd.org>
|
||||||
|
@ -295,6 +295,7 @@ out:
|
||||||
#undef M_CP_STRARRAYOPT
|
#undef M_CP_STRARRAYOPT
|
||||||
|
|
||||||
copy_set_server_options(&options, newopts, 1);
|
copy_set_server_options(&options, newopts, 1);
|
||||||
|
log_change_level(options.log_level);
|
||||||
free(newopts);
|
free(newopts);
|
||||||
|
|
||||||
buffer_free(&m);
|
buffer_free(&m);
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
|
|
||||||
/* $OpenBSD: servconf.c,v 1.307 2017/04/27 13:40:05 jsg Exp $ */
|
/* $OpenBSD: servconf.c,v 1.308 2017/05/17 01:24:17 djm Exp $ */
|
||||||
/*
|
/*
|
||||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||||
* All rights reserved
|
* All rights reserved
|
||||||
|
@ -449,7 +449,7 @@ static struct {
|
||||||
{ "keyregenerationinterval", sDeprecated, SSHCFG_GLOBAL },
|
{ "keyregenerationinterval", sDeprecated, SSHCFG_GLOBAL },
|
||||||
{ "permitrootlogin", sPermitRootLogin, SSHCFG_ALL },
|
{ "permitrootlogin", sPermitRootLogin, SSHCFG_ALL },
|
||||||
{ "syslogfacility", sLogFacility, SSHCFG_GLOBAL },
|
{ "syslogfacility", sLogFacility, SSHCFG_GLOBAL },
|
||||||
{ "loglevel", sLogLevel, SSHCFG_GLOBAL },
|
{ "loglevel", sLogLevel, SSHCFG_ALL },
|
||||||
{ "rhostsauthentication", sDeprecated, SSHCFG_GLOBAL },
|
{ "rhostsauthentication", sDeprecated, SSHCFG_GLOBAL },
|
||||||
{ "rhostsrsaauthentication", sDeprecated, SSHCFG_ALL },
|
{ "rhostsrsaauthentication", sDeprecated, SSHCFG_ALL },
|
||||||
{ "hostbasedauthentication", sHostbasedAuthentication, SSHCFG_ALL },
|
{ "hostbasedauthentication", sHostbasedAuthentication, SSHCFG_ALL },
|
||||||
|
@ -1345,7 +1345,7 @@ process_server_config_line(ServerOptions *options, char *line,
|
||||||
if (value == SYSLOG_LEVEL_NOT_SET)
|
if (value == SYSLOG_LEVEL_NOT_SET)
|
||||||
fatal("%.200s line %d: unsupported log level '%s'",
|
fatal("%.200s line %d: unsupported log level '%s'",
|
||||||
filename, linenum, arg ? arg : "<NONE>");
|
filename, linenum, arg ? arg : "<NONE>");
|
||||||
if (*log_level_ptr == -1)
|
if (*activep && *log_level_ptr == -1)
|
||||||
*log_level_ptr = (LogLevel) value;
|
*log_level_ptr = (LogLevel) value;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
@ -1989,6 +1989,7 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth)
|
||||||
M_CP_INTOPT(ip_qos_bulk);
|
M_CP_INTOPT(ip_qos_bulk);
|
||||||
M_CP_INTOPT(rekey_limit);
|
M_CP_INTOPT(rekey_limit);
|
||||||
M_CP_INTOPT(rekey_interval);
|
M_CP_INTOPT(rekey_interval);
|
||||||
|
M_CP_INTOPT(log_level);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* The bind_mask is a mode_t that may be unsigned, so we can't use
|
* The bind_mask is a mode_t that may be unsigned, so we can't use
|
||||||
|
|
|
@ -33,8 +33,8 @@
|
||||||
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||||
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
.\"
|
.\"
|
||||||
.\" $OpenBSD: sshd_config.5,v 1.244 2017/05/07 23:12:57 djm Exp $
|
.\" $OpenBSD: sshd_config.5,v 1.245 2017/05/17 01:24:17 djm Exp $
|
||||||
.Dd $Mdocdate: May 7 2017 $
|
.Dd $Mdocdate: May 17 2017 $
|
||||||
.Dt SSHD_CONFIG 5
|
.Dt SSHD_CONFIG 5
|
||||||
.Os
|
.Os
|
||||||
.Sh NAME
|
.Sh NAME
|
||||||
|
@ -1066,6 +1066,7 @@ Available keywords are
|
||||||
.Cm IPQoS ,
|
.Cm IPQoS ,
|
||||||
.Cm KbdInteractiveAuthentication ,
|
.Cm KbdInteractiveAuthentication ,
|
||||||
.Cm KerberosAuthentication ,
|
.Cm KerberosAuthentication ,
|
||||||
|
.Cm LogLevel ,
|
||||||
.Cm MaxAuthTries ,
|
.Cm MaxAuthTries ,
|
||||||
.Cm MaxSessions ,
|
.Cm MaxSessions ,
|
||||||
.Cm PasswordAuthentication ,
|
.Cm PasswordAuthentication ,
|
||||||
|
|
Loading…
Reference in New Issue