5 files changed, 84 insertions, 16 deletions
diff --git a/ssh-add.1 b/ssh-add.1
index 90826f667..d4e1c603b 100644
--- a/ssh-add.1
+++ b/ssh-add.1
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: ssh-add.1,v 1.68 2019/01/21 07:09:10 jmc Exp $
+.\"     $OpenBSD: ssh-add.1,v 1.69 2019/01/21 12:53:35 djm Exp $
 .\"
 .\" Author: Tatu Ylonen <ylo@cs.hut.fi>
 .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -43,7 +43,7 @@
 .Nd adds private key identities to the authentication agent
 .Sh SYNOPSIS
 .Nm ssh-add
-.Op Fl cDdkLlqXx
+.Op Fl cDdkLlqvXx
 .Op Fl E Ar fingerprint_hash
 .Op Fl t Ar life
 .Op Ar
@@ -143,6 +143,16 @@ Set a maximum lifetime when adding identities to an agent.
 The lifetime may be specified in seconds or in a time format
 specified in
 .Xr sshd_config 5 .
+.It Fl v
+Verbose mode.
+Causes
+.Nm
+to print debugging messages about its progress.
+This is helpful in debugging problems.
+Multiple
+.Fl v
+options increase the verbosity.
+The maximum is 3.
 .It Fl X
 Unlock the agent.
 .It Fl x
diff --git a/ssh-add.c b/ssh-add.c
index eb2552ad5..ac9c808dd 100644
--- a/ssh-add.c
+++ b/ssh-add.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-add.c,v 1.137 2019/01/20 22:03:29 djm Exp $ */
+/* $OpenBSD: ssh-add.c,v 1.138 2019/01/21 12:53:35 djm Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -560,6 +560,7 @@ usage(void)
        fprintf(stderr, "  -e pkcs11   Remove keys provided by PKCS#11 provider.\n");
        fprintf(stderr, "  -T pubkey   Test if ssh-agent can access matching private key.\n");
        fprintf(stderr, "  -q          Be quiet after a successful operation.\n");
+        fprintf(stderr, "  -v          Be more verbose.\n");
 }
 int
@@ -571,6 +572,8 @@ main(int argc, char **argv)
        char *pkcs11provider = NULL;
        int r, i, ch, deleting = 0, ret = 0, key_only = 0;
        int xflag = 0, lflag = 0, Dflag = 0, qflag = 0, Tflag = 0;
+        SyslogFacility log_facility = SYSLOG_FACILITY_AUTH;
+        LogLevel log_level = SYSLOG_LEVEL_INFO;
        ssh_malloc_init();      /* must be called before any mallocs */
        /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
@@ -579,6 +582,8 @@ main(int argc, char **argv)
        __progname = ssh_get_progname(argv[0]);
        seed_rng();
+        log_init(__progname, log_level, log_facility, 1);
        setvbuf(stdout, NULL, _IOLBF, 0);
        /* First, get a connection to the authentication agent. */
@@ -594,8 +599,14 @@ main(int argc, char **argv)
                exit(2);
        }
-        while ((ch = getopt(argc, argv, "klLcdDTxXE:e:M:m:qs:t:")) != -1) {
+        while ((ch = getopt(argc, argv, "vklLcdDTxXE:e:M:m:qs:t:")) != -1) {
                switch (ch) {
+                case 'v':
+                        if (log_level == SYSLOG_LEVEL_INFO)
+                                log_level = SYSLOG_LEVEL_DEBUG1;
+                        else if (log_level < SYSLOG_LEVEL_DEBUG3)
+                                log_level++;
+                        break;
                case 'E':
                        fingerprint_hash = ssh_digest_alg_by_name(optarg);
                        if (fingerprint_hash == -1)
@@ -667,6 +678,7 @@ main(int argc, char **argv)
                        goto done;
                }
        }
+        log_init(__progname, log_level, log_facility, 1);
        if ((xflag != 0) + (lflag != 0) + (Dflag != 0) > 1)
                fatal("Invalid combination of actions");
diff --git a/ssh-pkcs11-client.c b/ssh-pkcs11-client.c
index 5ba33332a..e7860de89 100644
--- a/ssh-pkcs11-client.c
+++ b/ssh-pkcs11-client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-pkcs11-client.c,v 1.14 2019/01/20 22:57:45 djm Exp $ */
+/* $OpenBSD: ssh-pkcs11-client.c,v 1.15 2019/01/21 12:53:35 djm Exp $ */
 /*
 * Copyright (c) 2010 Markus Friedl.  All rights reserved.
 * Copyright (c) 2014 Pedro Martelletto. All rights reserved.
@@ -49,8 +49,8 @@
 /* borrows code from sftp-server and ssh-agent */
-int fd = -1;
+static int fd = -1;
-pid_t pid = -1;
+static pid_t pid = -1;
 static void
 send_msg(struct sshbuf *m)
@@ -272,7 +272,10 @@ static int
 pkcs11_start_helper(void)
 {
        int pair[2];
-        char *helper;
+        char *helper, *verbosity = NULL;
+        if (log_level_get() >= SYSLOG_LEVEL_DEBUG1)
+                verbosity = "-vvv";
        if (pkcs11_start_helper_methods() == -1) {
                error("pkcs11_start_helper_methods failed");
@@ -297,7 +300,9 @@ pkcs11_start_helper(void)
                helper = getenv("SSH_PKCS11_HELPER");
                if (helper == NULL || strlen(helper) == 0)
                        helper = _PATH_SSH_PKCS11_HELPER;
-                execlp(helper, helper, (char *)NULL);
+                debug("%s: starting %s %s", __func__, helper,
+                    verbosity == NULL ? "" : verbosity);
+                execlp(helper, helper, verbosity, (char *)NULL);
                fprintf(stderr, "exec: %s: %s\n", helper, strerror(errno));
                _exit(1);
        }
diff --git a/ssh-pkcs11-helper.8 b/ssh-pkcs11-helper.8
index 3728c4e4e..ba5c30fa0 100644
--- a/ssh-pkcs11-helper.8
+++ b/ssh-pkcs11-helper.8
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ssh-pkcs11-helper.8,v 1.4 2013/07/16 00:07:52 schwarze Exp $
+.\" $OpenBSD: ssh-pkcs11-helper.8,v 1.5 2019/01/21 12:53:35 djm Exp $
 .\"
 .\" Copyright (c) 2010 Markus Friedl.  All rights reserved.
 .\"
@@ -14,7 +14,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: July 16 2013 $
+.Dd $Mdocdate: January 21 2019 $
 .Dt SSH-PKCS11-HELPER 8
 .Os
 .Sh NAME
@@ -22,6 +22,7 @@
 .Nd ssh-agent helper program for PKCS#11 support
 .Sh SYNOPSIS
 .Nm
+.Op Fl v
 .Sh DESCRIPTION
 .Nm
 is used by
@@ -31,6 +32,28 @@ to access keys provided by a PKCS#11 token.
 .Nm
 is not intended to be invoked by the user, but from
 .Xr ssh-agent 1 .
+.Pp
+A single option is supported:
+.Bl -tag -width Ds
+.It Fl v
+Verbose mode.
+Causes
+.Nm
+to print debugging messages about its progress.
+This is helpful in debugging problems.
+Multiple
+.Fl v
+options increase the verbosity.
+The maximum is 3.
+.Pp
+Note that
+.Xr ssh-agent 1
+will automatically pass the
+.Fl v
+flag to
+.Nm
+when it has itself been placed in debug mode.
+.El
 .Sh SEE ALSO
 .Xr ssh 1 ,
 .Xr ssh-add 1 ,
diff --git a/ssh-pkcs11-helper.c b/ssh-pkcs11-helper.c
index 92c6728ba..c7dfea279 100644
--- a/ssh-pkcs11-helper.c
+++ b/ssh-pkcs11-helper.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-pkcs11-helper.c,v 1.15 2019/01/20 22:51:37 djm Exp $ */
+/* $OpenBSD: ssh-pkcs11-helper.c,v 1.16 2019/01/21 12:53:35 djm Exp $ */
 /*
 * Copyright (c) 2010 Markus Friedl.  All rights reserved.
 *
@@ -307,11 +307,12 @@ cleanup_exit(int i)
        _exit(i);
 }
 int
 main(int argc, char **argv)
 {
        fd_set *rset, *wset;
-        int r, in, out, max, log_stderr = 0;
+        int r, ch, in, out, max, log_stderr = 0;
        ssize_t len, olen, set_size;
        SyslogFacility log_facility = SYSLOG_FACILITY_AUTH;
        LogLevel log_level = SYSLOG_LEVEL_ERROR;
@@ -320,14 +321,31 @@ main(int argc, char **argv)
        extern char *__progname;
        ssh_malloc_init();      /* must be called before any mallocs */
+        __progname = ssh_get_progname(argv[0]);
+        seed_rng();
        TAILQ_INIT(&pkcs11_keylist);
-        pkcs11_init(0);
-        seed_rng();
+        log_init(__progname, log_level, log_facility, log_stderr);
-        __progname = ssh_get_progname(argv[0]);
+        while ((ch = getopt(argc, argv, "v")) != -1) {
+                switch (ch) {
+                case 'v':
+                        log_stderr = 1;
+                        if (log_level == SYSLOG_LEVEL_ERROR)
+                                log_level = SYSLOG_LEVEL_DEBUG1;
+                        else if (log_level < SYSLOG_LEVEL_DEBUG3)
+                                log_level++;
+                        break;
+                default:
+                        fprintf(stderr, "usage: %s [-v]\n", __progname);
+                        exit(1);
+                }
+        }
        log_init(__progname, log_level, log_facility, log_stderr);
+        pkcs11_init(0);
        in = STDIN_FILENO;
        out = STDOUT_FILENO;

diff --git a/ssh-add.1 b/ssh-add.1 index 90826f667..d4e1c603b 100644 --- a/ssh-add.1 +++ b/ssh-add.1
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: ssh-add.1,v 1.68 2019/01/21 07:09:10 jmc Exp $	1	.\" $OpenBSD: ssh-add.1,v 1.69 2019/01/21 12:53:35 djm Exp $
2	.\"	2	.\"
3	.\" Author: Tatu Ylonen <ylo@cs.hut.fi>	3	.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
4	.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	4	.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -43,7 +43,7 @@
43	.Nd adds private key identities to the authentication agent	43	.Nd adds private key identities to the authentication agent
44	.Sh SYNOPSIS	44	.Sh SYNOPSIS
45	.Nm ssh-add	45	.Nm ssh-add
46	.Op Fl cDdkLlqXx	46	.Op Fl cDdkLlqvXx
47	.Op Fl E Ar fingerprint_hash	47	.Op Fl E Ar fingerprint_hash
48	.Op Fl t Ar life	48	.Op Fl t Ar life
49	.Op Ar	49	.Op Ar
@@ -143,6 +143,16 @@ Set a maximum lifetime when adding identities to an agent.
143	The lifetime may be specified in seconds or in a time format	143	The lifetime may be specified in seconds or in a time format
144	specified in	144	specified in
145	.Xr sshd_config 5 .	145	.Xr sshd_config 5 .
		146	.It Fl v
		147	Verbose mode.
		148	Causes
		149	.Nm
		150	to print debugging messages about its progress.
		151	This is helpful in debugging problems.
		152	Multiple
		153	.Fl v
		154	options increase the verbosity.
		155	The maximum is 3.
146	.It Fl X	156	.It Fl X
147	Unlock the agent.	157	Unlock the agent.
148	.It Fl x	158	.It Fl x


diff --git a/ssh-add.c b/ssh-add.c index eb2552ad5..ac9c808dd 100644 --- a/ssh-add.c +++ b/ssh-add.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssh-add.c,v 1.137 2019/01/20 22:03:29 djm Exp $ */	1	/* $OpenBSD: ssh-add.c,v 1.138 2019/01/21 12:53:35 djm Exp $ */
2	/*	2	/*
3	* Author: Tatu Ylonen <ylo@cs.hut.fi>	3	* Author: Tatu Ylonen <ylo@cs.hut.fi>
4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -560,6 +560,7 @@ usage(void)
560	fprintf(stderr, " -e pkcs11 Remove keys provided by PKCS#11 provider.\n");	560	fprintf(stderr, " -e pkcs11 Remove keys provided by PKCS#11 provider.\n");
561	fprintf(stderr, " -T pubkey Test if ssh-agent can access matching private key.\n");	561	fprintf(stderr, " -T pubkey Test if ssh-agent can access matching private key.\n");
562	fprintf(stderr, " -q Be quiet after a successful operation.\n");	562	fprintf(stderr, " -q Be quiet after a successful operation.\n");
		563	fprintf(stderr, " -v Be more verbose.\n");
563	}	564	}
564		565
565	int	566	int
@@ -571,6 +572,8 @@ main(int argc, char **argv)
571	char *pkcs11provider = NULL;	572	char *pkcs11provider = NULL;
572	int r, i, ch, deleting = 0, ret = 0, key_only = 0;	573	int r, i, ch, deleting = 0, ret = 0, key_only = 0;
573	int xflag = 0, lflag = 0, Dflag = 0, qflag = 0, Tflag = 0;	574	int xflag = 0, lflag = 0, Dflag = 0, qflag = 0, Tflag = 0;
		575	SyslogFacility log_facility = SYSLOG_FACILITY_AUTH;
		576	LogLevel log_level = SYSLOG_LEVEL_INFO;
574		577
575	ssh_malloc_init(); /* must be called before any mallocs */	578	ssh_malloc_init(); /* must be called before any mallocs */
576	/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */	579	/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
@@ -579,6 +582,8 @@ main(int argc, char **argv)
579	__progname = ssh_get_progname(argv[0]);	582	__progname = ssh_get_progname(argv[0]);
580	seed_rng();	583	seed_rng();
581		584
		585	log_init(__progname, log_level, log_facility, 1);
		586
582	setvbuf(stdout, NULL, _IOLBF, 0);	587	setvbuf(stdout, NULL, _IOLBF, 0);
583		588
584	/* First, get a connection to the authentication agent. */	589	/* First, get a connection to the authentication agent. */
@@ -594,8 +599,14 @@ main(int argc, char **argv)
594	exit(2);	599	exit(2);
595	}	600	}
596		601
597	while ((ch = getopt(argc, argv, "klLcdDTxXE:e:M:m:qs:t:")) != -1) {	602	while ((ch = getopt(argc, argv, "vklLcdDTxXE:e:M:m:qs:t:")) != -1) {
598	switch (ch) {	603	switch (ch) {
		604	case 'v':
		605	if (log_level == SYSLOG_LEVEL_INFO)
		606	log_level = SYSLOG_LEVEL_DEBUG1;
		607	else if (log_level < SYSLOG_LEVEL_DEBUG3)
		608	log_level++;
		609	break;
599	case 'E':	610	case 'E':
600	fingerprint_hash = ssh_digest_alg_by_name(optarg);	611	fingerprint_hash = ssh_digest_alg_by_name(optarg);
601	if (fingerprint_hash == -1)	612	if (fingerprint_hash == -1)
@@ -667,6 +678,7 @@ main(int argc, char **argv)
667	goto done;	678	goto done;
668	}	679	}
669	}	680	}
		681	log_init(__progname, log_level, log_facility, 1);
670		682
671	if ((xflag != 0) + (lflag != 0) + (Dflag != 0) > 1)	683	if ((xflag != 0) + (lflag != 0) + (Dflag != 0) > 1)
672	fatal("Invalid combination of actions");	684	fatal("Invalid combination of actions");


diff --git a/ssh-pkcs11-client.c b/ssh-pkcs11-client.c index 5ba33332a..e7860de89 100644 --- a/ssh-pkcs11-client.c +++ b/ssh-pkcs11-client.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssh-pkcs11-client.c,v 1.14 2019/01/20 22:57:45 djm Exp $ */	1	/* $OpenBSD: ssh-pkcs11-client.c,v 1.15 2019/01/21 12:53:35 djm Exp $ */
2	/*	2	/*
3	* Copyright (c) 2010 Markus Friedl. All rights reserved.	3	* Copyright (c) 2010 Markus Friedl. All rights reserved.
4	* Copyright (c) 2014 Pedro Martelletto. All rights reserved.	4	* Copyright (c) 2014 Pedro Martelletto. All rights reserved.
@@ -49,8 +49,8 @@
49		49
50	/* borrows code from sftp-server and ssh-agent */	50	/* borrows code from sftp-server and ssh-agent */
51		51
52	int fd = -1;	52	static int fd = -1;
53	pid_t pid = -1;	53	static pid_t pid = -1;
54		54
55	static void	55	static void
56	send_msg(struct sshbuf *m)	56	send_msg(struct sshbuf *m)
@@ -272,7 +272,10 @@ static int
272	pkcs11_start_helper(void)	272	pkcs11_start_helper(void)
273	{	273	{
274	int pair[2];	274	int pair[2];
275	char *helper;	275	char helper, verbosity = NULL;
		276
		277	if (log_level_get() >= SYSLOG_LEVEL_DEBUG1)
		278	verbosity = "-vvv";
276		279
277	if (pkcs11_start_helper_methods() == -1) {	280	if (pkcs11_start_helper_methods() == -1) {
278	error("pkcs11_start_helper_methods failed");	281	error("pkcs11_start_helper_methods failed");
@@ -297,7 +300,9 @@ pkcs11_start_helper(void)
297	helper = getenv("SSH_PKCS11_HELPER");	300	helper = getenv("SSH_PKCS11_HELPER");
298	if (helper == NULL \|\| strlen(helper) == 0)	301	if (helper == NULL \|\| strlen(helper) == 0)
299	helper = _PATH_SSH_PKCS11_HELPER;	302	helper = _PATH_SSH_PKCS11_HELPER;
300	execlp(helper, helper, (char *)NULL);	303	debug("%s: starting %s %s", __func__, helper,
		304	verbosity == NULL ? "" : verbosity);
		305	execlp(helper, helper, verbosity, (char *)NULL);
301	fprintf(stderr, "exec: %s: %s\n", helper, strerror(errno));	306	fprintf(stderr, "exec: %s: %s\n", helper, strerror(errno));
302	_exit(1);	307	_exit(1);
303	}	308	}


diff --git a/ssh-pkcs11-helper.8 b/ssh-pkcs11-helper.8 index 3728c4e4e..ba5c30fa0 100644 --- a/ssh-pkcs11-helper.8 +++ b/ssh-pkcs11-helper.8
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: ssh-pkcs11-helper.8,v 1.4 2013/07/16 00:07:52 schwarze Exp $	1	.\" $OpenBSD: ssh-pkcs11-helper.8,v 1.5 2019/01/21 12:53:35 djm Exp $
2	.\"	2	.\"
3	.\" Copyright (c) 2010 Markus Friedl. All rights reserved.	3	.\" Copyright (c) 2010 Markus Friedl. All rights reserved.
4	.\"	4	.\"
@@ -14,7 +14,7 @@
14	.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF	14	.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15	.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.	15	.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16	.\"	16	.\"
17	.Dd $Mdocdate: July 16 2013 $	17	.Dd $Mdocdate: January 21 2019 $
18	.Dt SSH-PKCS11-HELPER 8	18	.Dt SSH-PKCS11-HELPER 8
19	.Os	19	.Os
20	.Sh NAME	20	.Sh NAME
@@ -22,6 +22,7 @@
22	.Nd ssh-agent helper program for PKCS#11 support	22	.Nd ssh-agent helper program for PKCS#11 support
23	.Sh SYNOPSIS	23	.Sh SYNOPSIS
24	.Nm	24	.Nm
		25	.Op Fl v
25	.Sh DESCRIPTION	26	.Sh DESCRIPTION
26	.Nm	27	.Nm
27	is used by	28	is used by
@@ -31,6 +32,28 @@ to access keys provided by a PKCS#11 token.
31	.Nm	32	.Nm
32	is not intended to be invoked by the user, but from	33	is not intended to be invoked by the user, but from
33	.Xr ssh-agent 1 .	34	.Xr ssh-agent 1 .
		35	.Pp
		36	A single option is supported:
		37	.Bl -tag -width Ds
		38	.It Fl v
		39	Verbose mode.
		40	Causes
		41	.Nm
		42	to print debugging messages about its progress.
		43	This is helpful in debugging problems.
		44	Multiple
		45	.Fl v
		46	options increase the verbosity.
		47	The maximum is 3.
		48	.Pp
		49	Note that
		50	.Xr ssh-agent 1
		51	will automatically pass the
		52	.Fl v
		53	flag to
		54	.Nm
		55	when it has itself been placed in debug mode.
		56	.El
34	.Sh SEE ALSO	57	.Sh SEE ALSO
35	.Xr ssh 1 ,	58	.Xr ssh 1 ,
36	.Xr ssh-add 1 ,	59	.Xr ssh-add 1 ,


diff --git a/ssh-pkcs11-helper.c b/ssh-pkcs11-helper.c index 92c6728ba..c7dfea279 100644 --- a/ssh-pkcs11-helper.c +++ b/ssh-pkcs11-helper.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssh-pkcs11-helper.c,v 1.15 2019/01/20 22:51:37 djm Exp $ */	1	/* $OpenBSD: ssh-pkcs11-helper.c,v 1.16 2019/01/21 12:53:35 djm Exp $ */
2	/*	2	/*
3	* Copyright (c) 2010 Markus Friedl. All rights reserved.	3	* Copyright (c) 2010 Markus Friedl. All rights reserved.
4	*	4	*
@@ -307,11 +307,12 @@ cleanup_exit(int i)
307	_exit(i);	307	_exit(i);
308	}	308	}
309		309
		310
310	int	311	int
311	main(int argc, char **argv)	312	main(int argc, char **argv)
312	{	313	{
313	fd_set rset, wset;	314	fd_set rset, wset;
314	int r, in, out, max, log_stderr = 0;	315	int r, ch, in, out, max, log_stderr = 0;
315	ssize_t len, olen, set_size;	316	ssize_t len, olen, set_size;
316	SyslogFacility log_facility = SYSLOG_FACILITY_AUTH;	317	SyslogFacility log_facility = SYSLOG_FACILITY_AUTH;
317	LogLevel log_level = SYSLOG_LEVEL_ERROR;	318	LogLevel log_level = SYSLOG_LEVEL_ERROR;
@@ -320,14 +321,31 @@ main(int argc, char **argv)
320	extern char *__progname;	321	extern char *__progname;
321		322
322	ssh_malloc_init(); /* must be called before any mallocs */	323	ssh_malloc_init(); /* must be called before any mallocs */
		324	__progname = ssh_get_progname(argv[0]);
		325	seed_rng();
323	TAILQ_INIT(&pkcs11_keylist);	326	TAILQ_INIT(&pkcs11_keylist);
324	pkcs11_init(0);
325		327
326	seed_rng();	328	log_init(__progname, log_level, log_facility, log_stderr);
327	__progname = ssh_get_progname(argv[0]);	329
		330	while ((ch = getopt(argc, argv, "v")) != -1) {
		331	switch (ch) {
		332	case 'v':
		333	log_stderr = 1;
		334	if (log_level == SYSLOG_LEVEL_ERROR)
		335	log_level = SYSLOG_LEVEL_DEBUG1;
		336	else if (log_level < SYSLOG_LEVEL_DEBUG3)
		337	log_level++;
		338	break;
		339	default:
		340	fprintf(stderr, "usage: %s [-v]\n", __progname);
		341	exit(1);
		342	}
		343	}
328		344
329	log_init(__progname, log_level, log_facility, log_stderr);	345	log_init(__progname, log_level, log_facility, log_stderr);
330		346
		347	pkcs11_init(0);
		348
331	in = STDIN_FILENO;	349	in = STDIN_FILENO;
332	out = STDOUT_FILENO;	350	out = STDOUT_FILENO;
333		351