summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--auth-krb4.c22
-rw-r--r--auth-krb5.c8
-rw-r--r--auth-options.c4
-rw-r--r--auth-pam.c8
-rw-r--r--auth-rh-rsa.c2
-rw-r--r--auth-rhosts.c6
-rw-r--r--auth-rsa.c4
-rw-r--r--auth.c30
-rw-r--r--auth1.c2
-rw-r--r--auth2-hostbased.c4
-rw-r--r--auth2-passwd.c2
-rw-r--r--auth2-pubkey.c4
-rw-r--r--auth2.c2
-rw-r--r--authfd.c10
-rw-r--r--bufaux.c2
-rw-r--r--canohost.c8
-rw-r--r--channels.c38
-rw-r--r--clientloop.c14
-rw-r--r--compat.c2
-rw-r--r--dh.c8
-rw-r--r--dispatch.c4
-rw-r--r--groupaccess.c2
-rw-r--r--hostfile.c4
-rw-r--r--log.c2
-rw-r--r--log.h2
-rw-r--r--loginrec.c66
-rw-r--r--monitor.c4
-rw-r--r--nchan.c4
-rw-r--r--packet.c16
-rw-r--r--packet.h2
-rw-r--r--scard-opensc.c8
-rw-r--r--scard.c4
-rw-r--r--servconf.c2
-rw-r--r--session.c10
-rw-r--r--sftp-client.c2
-rw-r--r--sftp-server.c4
-rw-r--r--ssh-agent.c4
-rw-r--r--ssh-keygen.c2
-rw-r--r--ssh.c16
-rw-r--r--sshconnect.c20
-rw-r--r--sshconnect1.c22
-rw-r--r--sshconnect2.c12
-rw-r--r--sshd.c28
-rw-r--r--sshpty.c4
-rw-r--r--ttymodes.c12
45 files changed, 218 insertions, 218 deletions
diff --git a/auth-krb4.c b/auth-krb4.c
index b28df469f..0cc058387 100644
--- a/auth-krb4.c
+++ b/auth-krb4.c
@@ -78,7 +78,7 @@ krb4_init(void *context)
78 return (1); 78 return (1);
79 } 79 }
80 /* Failure - cancel cleanup function, leaving ticket for inspection. */ 80 /* Failure - cancel cleanup function, leaving ticket for inspection. */
81 log("WARNING: bad ticket file %s", authctxt->krb4_ticket_file); 81 logit("WARNING: bad ticket file %s", authctxt->krb4_ticket_file);
82 82
83 fatal_remove_cleanup(krb4_cleanup_proc, authctxt); 83 fatal_remove_cleanup(krb4_cleanup_proc, authctxt);
84 cleanup_registered = 0; 84 cleanup_registered = 0;
@@ -114,7 +114,7 @@ auth_krb4_password(Authctxt *authctxt, const char *password)
114 if (pw->pw_uid != 0 && krb_get_lrealm(realm, 1) == KSUCCESS) { 114 if (pw->pw_uid != 0 && krb_get_lrealm(realm, 1) == KSUCCESS) {
115 /* Set up our ticket file. */ 115 /* Set up our ticket file. */
116 if (!krb4_init(authctxt)) { 116 if (!krb4_init(authctxt)) {
117 log("Couldn't initialize Kerberos ticket file for %s!", 117 logit("Couldn't initialize Kerberos ticket file for %s!",
118 pw->pw_name); 118 pw->pw_name);
119 goto failure; 119 goto failure;
120 } 120 }
@@ -141,7 +141,7 @@ auth_krb4_password(Authctxt *authctxt, const char *password)
141 141
142 if (r == KSUCCESS) { 142 if (r == KSUCCESS) {
143 if ((hp = gethostbyname(localhost)) == NULL) { 143 if ((hp = gethostbyname(localhost)) == NULL) {
144 log("Couldn't get local host address!"); 144 logit("Couldn't get local host address!");
145 goto failure; 145 goto failure;
146 } 146 }
147 memmove((void *)&faddr, (void *)hp->h_addr, 147 memmove((void *)&faddr, (void *)hp->h_addr,
@@ -155,12 +155,12 @@ auth_krb4_password(Authctxt *authctxt, const char *password)
155 * Probably didn't have a srvtab on 155 * Probably didn't have a srvtab on
156 * localhost. Disallow login. 156 * localhost. Disallow login.
157 */ 157 */
158 log("Kerberos v4 TGT for %s unverifiable, " 158 logit("Kerberos v4 TGT for %s unverifiable, "
159 "no srvtab installed? krb_rd_req: %s", 159 "no srvtab installed? krb_rd_req: %s",
160 pw->pw_name, krb_err_txt[r]); 160 pw->pw_name, krb_err_txt[r]);
161 goto failure; 161 goto failure;
162 } else if (r != KSUCCESS) { 162 } else if (r != KSUCCESS) {
163 log("Kerberos v4 %s ticket unverifiable: %s", 163 logit("Kerberos v4 %s ticket unverifiable: %s",
164 KRB4_SERVICE_NAME, krb_err_txt[r]); 164 KRB4_SERVICE_NAME, krb_err_txt[r]);
165 goto failure; 165 goto failure;
166 } 166 }
@@ -169,7 +169,7 @@ auth_krb4_password(Authctxt *authctxt, const char *password)
169 * Disallow login if no rcmd service exists, and 169 * Disallow login if no rcmd service exists, and
170 * log the error. 170 * log the error.
171 */ 171 */
172 log("Kerberos v4 TGT for %s unverifiable: %s; %s.%s " 172 logit("Kerberos v4 TGT for %s unverifiable: %s; %s.%s "
173 "not registered, or srvtab is wrong?", pw->pw_name, 173 "not registered, or srvtab is wrong?", pw->pw_name,
174 krb_err_txt[r], KRB4_SERVICE_NAME, phost); 174 krb_err_txt[r], KRB4_SERVICE_NAME, phost);
175 goto failure; 175 goto failure;
@@ -249,7 +249,7 @@ auth_krb4(Authctxt *authctxt, KTEXT auth, char **client, KTEXT reply)
249 249
250 /* Check ~/.klogin authorization now. */ 250 /* Check ~/.klogin authorization now. */
251 if (kuserok(&adat, authctxt->user) != KSUCCESS) { 251 if (kuserok(&adat, authctxt->user) != KSUCCESS) {
252 log("Kerberos v4 .klogin authorization failed for %s to " 252 logit("Kerberos v4 .klogin authorization failed for %s to "
253 "account %s", *client, authctxt->user); 253 "account %s", *client, authctxt->user);
254 xfree(*client); 254 xfree(*client);
255 *client = NULL; 255 *client = NULL;
@@ -289,14 +289,14 @@ auth_krb4_tgt(Authctxt *authctxt, const char *string)
289 temporarily_use_uid(pw); 289 temporarily_use_uid(pw);
290 290
291 if (!radix_to_creds(string, &creds)) { 291 if (!radix_to_creds(string, &creds)) {
292 log("Protocol error decoding Kerberos v4 TGT"); 292 logit("Protocol error decoding Kerberos v4 TGT");
293 goto failure; 293 goto failure;
294 } 294 }
295 if (strncmp(creds.service, "", 1) == 0) /* backward compatibility */ 295 if (strncmp(creds.service, "", 1) == 0) /* backward compatibility */
296 strlcpy(creds.service, "krbtgt", sizeof creds.service); 296 strlcpy(creds.service, "krbtgt", sizeof creds.service);
297 297
298 if (strcmp(creds.service, "krbtgt")) { 298 if (strcmp(creds.service, "krbtgt")) {
299 log("Kerberos v4 TGT (%s%s%s@%s) rejected for %s", 299 logit("Kerberos v4 TGT (%s%s%s@%s) rejected for %s",
300 creds.pname, creds.pinst[0] ? "." : "", creds.pinst, 300 creds.pname, creds.pinst[0] ? "." : "", creds.pinst,
301 creds.realm, pw->pw_name); 301 creds.realm, pw->pw_name);
302 goto failure; 302 goto failure;
@@ -343,7 +343,7 @@ auth_afs_token(Authctxt *authctxt, const char *token_string)
343 return (0); 343 return (0);
344 344
345 if (!radix_to_creds(token_string, &creds)) { 345 if (!radix_to_creds(token_string, &creds)) {
346 log("Protocol error decoding AFS token"); 346 logit("Protocol error decoding AFS token");
347 return (0); 347 return (0);
348 } 348 }
349 if (strncmp(creds.service, "", 1) == 0) /* backward compatibility */ 349 if (strncmp(creds.service, "", 1) == 0) /* backward compatibility */
@@ -355,7 +355,7 @@ auth_afs_token(Authctxt *authctxt, const char *token_string)
355 uid = pw->pw_uid; 355 uid = pw->pw_uid;
356 356
357 if (kafs_settoken(creds.realm, uid, &creds)) { 357 if (kafs_settoken(creds.realm, uid, &creds)) {
358 log("AFS token (%s@%s) rejected for %s", 358 logit("AFS token (%s@%s) rejected for %s",
359 creds.pname, creds.realm, pw->pw_name); 359 creds.pname, creds.realm, pw->pw_name);
360 memset(&creds, 0, sizeof(creds)); 360 memset(&creds, 0, sizeof(creds));
361 return (0); 361 return (0);
diff --git a/auth-krb5.c b/auth-krb5.c
index e3e2d9751..34b9d661a 100644
--- a/auth-krb5.c
+++ b/auth-krb5.c
@@ -189,12 +189,12 @@ auth_krb5_tgt(Authctxt *authctxt, krb5_data *tgt)
189 snprintf(ccname,sizeof(ccname),"FILE:/tmp/krb5cc_%d_XXXXXX",geteuid()); 189 snprintf(ccname,sizeof(ccname),"FILE:/tmp/krb5cc_%d_XXXXXX",geteuid());
190 190
191 if ((tmpfd = mkstemp(ccname+strlen("FILE:")))==-1) { 191 if ((tmpfd = mkstemp(ccname+strlen("FILE:")))==-1) {
192 log("mkstemp(): %.100s", strerror(errno)); 192 logit("mkstemp(): %.100s", strerror(errno));
193 problem = errno; 193 problem = errno;
194 goto fail; 194 goto fail;
195 } 195 }
196 if (fchmod(tmpfd,S_IRUSR | S_IWUSR) == -1) { 196 if (fchmod(tmpfd,S_IRUSR | S_IWUSR) == -1) {
197 log("fchmod(): %.100s", strerror(errno)); 197 logit("fchmod(): %.100s", strerror(errno));
198 close(tmpfd); 198 close(tmpfd);
199 problem = errno; 199 problem = errno;
200 goto fail; 200 goto fail;
@@ -326,13 +326,13 @@ auth_krb5_password(Authctxt *authctxt, const char *password)
326 snprintf(ccname,sizeof(ccname),"FILE:/tmp/krb5cc_%d_XXXXXX",geteuid()); 326 snprintf(ccname,sizeof(ccname),"FILE:/tmp/krb5cc_%d_XXXXXX",geteuid());
327 327
328 if ((tmpfd = mkstemp(ccname+strlen("FILE:")))==-1) { 328 if ((tmpfd = mkstemp(ccname+strlen("FILE:")))==-1) {
329 log("mkstemp(): %.100s", strerror(errno)); 329 logit("mkstemp(): %.100s", strerror(errno));
330 problem = errno; 330 problem = errno;
331 goto out; 331 goto out;
332 } 332 }
333 333
334 if (fchmod(tmpfd,S_IRUSR | S_IWUSR) == -1) { 334 if (fchmod(tmpfd,S_IRUSR | S_IWUSR) == -1) {
335 log("fchmod(): %.100s", strerror(errno)); 335 logit("fchmod(): %.100s", strerror(errno));
336 close(tmpfd); 336 close(tmpfd);
337 problem = errno; 337 problem = errno;
338 goto out; 338 goto out;
diff --git a/auth-options.c b/auth-options.c
index 8595fdc14..a3845f6b0 100644
--- a/auth-options.c
+++ b/auth-options.c
@@ -201,7 +201,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
201 if (match_host_and_ip(remote_host, remote_ip, 201 if (match_host_and_ip(remote_host, remote_ip,
202 patterns) != 1) { 202 patterns) != 1) {
203 xfree(patterns); 203 xfree(patterns);
204 log("Authentication tried for %.100s with " 204 logit("Authentication tried for %.100s with "
205 "correct key but not from a permitted " 205 "correct key but not from a permitted "
206 "host (host=%.200s, ip=%.200s).", 206 "host (host=%.200s, ip=%.200s).",
207 pw->pw_name, remote_host, remote_ip); 207 pw->pw_name, remote_host, remote_ip);
@@ -287,7 +287,7 @@ next_option:
287 return 1; 287 return 1;
288 288
289bad_option: 289bad_option:
290 log("Bad options in %.100s file, line %lu: %.50s", 290 logit("Bad options in %.100s file, line %lu: %.50s",
291 file, linenum, opts); 291 file, linenum, opts);
292 auth_debug_add("Bad options in %.100s file, line %lu: %.50s", 292 auth_debug_add("Bad options in %.100s file, line %lu: %.50s",
293 file, linenum, opts); 293 file, linenum, opts);
diff --git a/auth-pam.c b/auth-pam.c
index fe9570f92..b29444e89 100644
--- a/auth-pam.c
+++ b/auth-pam.c
@@ -38,7 +38,7 @@ extern char *__progname;
38 38
39extern int use_privsep; 39extern int use_privsep;
40 40
41RCSID("$Id: auth-pam.c,v 1.55 2003/01/22 04:42:26 djm Exp $"); 41RCSID("$Id: auth-pam.c,v 1.56 2003/04/09 10:59:48 djm Exp $");
42 42
43#define NEW_AUTHTOK_MSG \ 43#define NEW_AUTHTOK_MSG \
44 "Warning: Your password has expired, please change it now." 44 "Warning: Your password has expired, please change it now."
@@ -182,7 +182,7 @@ void do_pam_cleanup_proc(void *context)
182 if (__pamh && session_opened) { 182 if (__pamh && session_opened) {
183 pam_retval = pam_close_session(__pamh, 0); 183 pam_retval = pam_close_session(__pamh, 0);
184 if (pam_retval != PAM_SUCCESS) 184 if (pam_retval != PAM_SUCCESS)
185 log("Cannot close PAM session[%d]: %.200s", 185 logit("Cannot close PAM session[%d]: %.200s",
186 pam_retval, PAM_STRERROR(__pamh, pam_retval)); 186 pam_retval, PAM_STRERROR(__pamh, pam_retval));
187 } 187 }
188 188
@@ -196,7 +196,7 @@ void do_pam_cleanup_proc(void *context)
196 if (__pamh) { 196 if (__pamh) {
197 pam_retval = pam_end(__pamh, pam_retval); 197 pam_retval = pam_end(__pamh, pam_retval);
198 if (pam_retval != PAM_SUCCESS) 198 if (pam_retval != PAM_SUCCESS)
199 log("Cannot release PAM authentication[%d]: %.200s", 199 logit("Cannot release PAM authentication[%d]: %.200s",
200 pam_retval, PAM_STRERROR(__pamh, pam_retval)); 200 pam_retval, PAM_STRERROR(__pamh, pam_retval));
201 } 201 }
202} 202}
@@ -261,7 +261,7 @@ int do_pam_account(char *username, char *remote_user)
261 break; 261 break;
262#endif 262#endif
263 default: 263 default:
264 log("PAM rejected by account configuration[%d]: " 264 logit("PAM rejected by account configuration[%d]: "
265 "%.200s", pam_retval, PAM_STRERROR(__pamh, 265 "%.200s", pam_retval, PAM_STRERROR(__pamh,
266 pam_retval)); 266 pam_retval));
267 return(0); 267 return(0);
diff --git a/auth-rh-rsa.c b/auth-rh-rsa.c
index d7848d04c..8675de580 100644
--- a/auth-rh-rsa.c
+++ b/auth-rh-rsa.c
@@ -75,7 +75,7 @@ auth_rhosts_rsa(struct passwd *pw, char *cuser, Key *client_host_key)
75 75
76 /* Perform the challenge-response dialog with the client for the host key. */ 76 /* Perform the challenge-response dialog with the client for the host key. */
77 if (!auth_rsa_challenge_dialog(client_host_key)) { 77 if (!auth_rsa_challenge_dialog(client_host_key)) {
78 log("Client on %.800s failed to respond correctly to host authentication.", 78 logit("Client on %.800s failed to respond correctly to host authentication.",
79 chost); 79 chost);
80 return 0; 80 return 0;
81 } 81 }
diff --git a/auth-rhosts.c b/auth-rhosts.c
index afca1f7c6..9b651bacd 100644
--- a/auth-rhosts.c
+++ b/auth-rhosts.c
@@ -220,7 +220,7 @@ auth_rhosts2_raw(struct passwd *pw, const char *client_user, const char *hostnam
220 * not group or world writable. 220 * not group or world writable.
221 */ 221 */
222 if (stat(pw->pw_dir, &st) < 0) { 222 if (stat(pw->pw_dir, &st) < 0) {
223 log("Rhosts authentication refused for %.100s: " 223 logit("Rhosts authentication refused for %.100s: "
224 "no home directory %.200s", pw->pw_name, pw->pw_dir); 224 "no home directory %.200s", pw->pw_name, pw->pw_dir);
225 auth_debug_add("Rhosts authentication refused for %.100s: " 225 auth_debug_add("Rhosts authentication refused for %.100s: "
226 "no home directory %.200s", pw->pw_name, pw->pw_dir); 226 "no home directory %.200s", pw->pw_name, pw->pw_dir);
@@ -229,7 +229,7 @@ auth_rhosts2_raw(struct passwd *pw, const char *client_user, const char *hostnam
229 if (options.strict_modes && 229 if (options.strict_modes &&
230 ((st.st_uid != 0 && st.st_uid != pw->pw_uid) || 230 ((st.st_uid != 0 && st.st_uid != pw->pw_uid) ||
231 (st.st_mode & 022) != 0)) { 231 (st.st_mode & 022) != 0)) {
232 log("Rhosts authentication refused for %.100s: " 232 logit("Rhosts authentication refused for %.100s: "
233 "bad ownership or modes for home directory.", pw->pw_name); 233 "bad ownership or modes for home directory.", pw->pw_name);
234 auth_debug_add("Rhosts authentication refused for %.100s: " 234 auth_debug_add("Rhosts authentication refused for %.100s: "
235 "bad ownership or modes for home directory.", pw->pw_name); 235 "bad ownership or modes for home directory.", pw->pw_name);
@@ -256,7 +256,7 @@ auth_rhosts2_raw(struct passwd *pw, const char *client_user, const char *hostnam
256 if (options.strict_modes && 256 if (options.strict_modes &&
257 ((st.st_uid != 0 && st.st_uid != pw->pw_uid) || 257 ((st.st_uid != 0 && st.st_uid != pw->pw_uid) ||
258 (st.st_mode & 022) != 0)) { 258 (st.st_mode & 022) != 0)) {
259 log("Rhosts authentication refused for %.100s: bad modes for %.200s", 259 logit("Rhosts authentication refused for %.100s: bad modes for %.200s",
260 pw->pw_name, buf); 260 pw->pw_name, buf);
261 auth_debug_add("Bad file modes for %.200s", buf); 261 auth_debug_add("Bad file modes for %.200s", buf);
262 continue; 262 continue;
diff --git a/auth-rsa.c b/auth-rsa.c
index 92f6277f9..bb2c91741 100644
--- a/auth-rsa.c
+++ b/auth-rsa.c
@@ -187,7 +187,7 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey)
187 secure_filename(f, file, pw, line, sizeof(line)) != 0) { 187 secure_filename(f, file, pw, line, sizeof(line)) != 0) {
188 xfree(file); 188 xfree(file);
189 fclose(f); 189 fclose(f);
190 log("Authentication refused: %s", line); 190 logit("Authentication refused: %s", line);
191 restore_uid(); 191 restore_uid();
192 return (0); 192 return (0);
193 } 193 }
@@ -246,7 +246,7 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey)
246 246
247 /* check the real bits */ 247 /* check the real bits */
248 if (bits != BN_num_bits(key->rsa->n)) 248 if (bits != BN_num_bits(key->rsa->n))
249 log("Warning: %s, line %lu: keysize mismatch: " 249 logit("Warning: %s, line %lu: keysize mismatch: "
250 "actual %d vs. announced %d.", 250 "actual %d vs. announced %d.",
251 file, linenum, BN_num_bits(key->rsa->n), bits); 251 file, linenum, BN_num_bits(key->rsa->n), bits);
252 252
diff --git a/auth.c b/auth.c
index 1268accb1..514b0b456 100644
--- a/auth.c
+++ b/auth.c
@@ -102,19 +102,19 @@ allowed_user(struct passwd * pw)
102 * day after the day specified. 102 * day after the day specified.
103 */ 103 */
104 if (spw->sp_expire != -1 && today > spw->sp_expire) { 104 if (spw->sp_expire != -1 && today > spw->sp_expire) {
105 log("Account %.100s has expired", pw->pw_name); 105 logit("Account %.100s has expired", pw->pw_name);
106 return 0; 106 return 0;
107 } 107 }
108 108
109 if (spw->sp_lstchg == 0) { 109 if (spw->sp_lstchg == 0) {
110 log("User %.100s password has expired (root forced)", 110 logit("User %.100s password has expired (root forced)",
111 pw->pw_name); 111 pw->pw_name);
112 return 0; 112 return 0;
113 } 113 }
114 114
115 if (spw->sp_max != -1 && 115 if (spw->sp_max != -1 &&
116 today > spw->sp_lstchg + spw->sp_max) { 116 today > spw->sp_lstchg + spw->sp_max) {
117 log("User %.100s password has expired (password aged)", 117 logit("User %.100s password has expired (password aged)",
118 pw->pw_name); 118 pw->pw_name);
119 return 0; 119 return 0;
120 } 120 }
@@ -129,13 +129,13 @@ allowed_user(struct passwd * pw)
129 129
130 /* deny if shell does not exists or is not executable */ 130 /* deny if shell does not exists or is not executable */
131 if (stat(shell, &st) != 0) { 131 if (stat(shell, &st) != 0) {
132 log("User %.100s not allowed because shell %.100s does not exist", 132 logit("User %.100s not allowed because shell %.100s does not exist",
133 pw->pw_name, shell); 133 pw->pw_name, shell);
134 return 0; 134 return 0;
135 } 135 }
136 if (S_ISREG(st.st_mode) == 0 || 136 if (S_ISREG(st.st_mode) == 0 ||
137 (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)) == 0) { 137 (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)) == 0) {
138 log("User %.100s not allowed because shell %.100s is not executable", 138 logit("User %.100s not allowed because shell %.100s is not executable",
139 pw->pw_name, shell); 139 pw->pw_name, shell);
140 return 0; 140 return 0;
141 } 141 }
@@ -150,7 +150,7 @@ allowed_user(struct passwd * pw)
150 for (i = 0; i < options.num_deny_users; i++) 150 for (i = 0; i < options.num_deny_users; i++)
151 if (match_user(pw->pw_name, hostname, ipaddr, 151 if (match_user(pw->pw_name, hostname, ipaddr,
152 options.deny_users[i])) { 152 options.deny_users[i])) {
153 log("User %.100s not allowed because listed in DenyUsers", 153 logit("User %.100s not allowed because listed in DenyUsers",
154 pw->pw_name); 154 pw->pw_name);
155 return 0; 155 return 0;
156 } 156 }
@@ -163,7 +163,7 @@ allowed_user(struct passwd * pw)
163 break; 163 break;
164 /* i < options.num_allow_users iff we break for loop */ 164 /* i < options.num_allow_users iff we break for loop */
165 if (i >= options.num_allow_users) { 165 if (i >= options.num_allow_users) {
166 log("User %.100s not allowed because not listed in AllowUsers", 166 logit("User %.100s not allowed because not listed in AllowUsers",
167 pw->pw_name); 167 pw->pw_name);
168 return 0; 168 return 0;
169 } 169 }
@@ -171,7 +171,7 @@ allowed_user(struct passwd * pw)
171 if (options.num_deny_groups > 0 || options.num_allow_groups > 0) { 171 if (options.num_deny_groups > 0 || options.num_allow_groups > 0) {
172 /* Get the user's group access list (primary and supplementary) */ 172 /* Get the user's group access list (primary and supplementary) */
173 if (ga_init(pw->pw_name, pw->pw_gid) == 0) { 173 if (ga_init(pw->pw_name, pw->pw_gid) == 0) {
174 log("User %.100s not allowed because not in any group", 174 logit("User %.100s not allowed because not in any group",
175 pw->pw_name); 175 pw->pw_name);
176 return 0; 176 return 0;
177 } 177 }
@@ -181,7 +181,7 @@ allowed_user(struct passwd * pw)
181 if (ga_match(options.deny_groups, 181 if (ga_match(options.deny_groups,
182 options.num_deny_groups)) { 182 options.num_deny_groups)) {
183 ga_free(); 183 ga_free();
184 log("User %.100s not allowed because a group is listed in DenyGroups", 184 logit("User %.100s not allowed because a group is listed in DenyGroups",
185 pw->pw_name); 185 pw->pw_name);
186 return 0; 186 return 0;
187 } 187 }
@@ -193,7 +193,7 @@ allowed_user(struct passwd * pw)
193 if (!ga_match(options.allow_groups, 193 if (!ga_match(options.allow_groups,
194 options.num_allow_groups)) { 194 options.num_allow_groups)) {
195 ga_free(); 195 ga_free();
196 log("User %.100s not allowed because none of user's groups are listed in AllowGroups", 196 logit("User %.100s not allowed because none of user's groups are listed in AllowGroups",
197 pw->pw_name); 197 pw->pw_name);
198 return 0; 198 return 0;
199 } 199 }
@@ -219,7 +219,7 @@ allowed_user(struct passwd * pw)
219 } 219 }
220 /* Remove trailing newline */ 220 /* Remove trailing newline */
221 *--p = '\0'; 221 *--p = '\0';
222 log("Login restricted for %s: %.100s", pw->pw_name, 222 logit("Login restricted for %s: %.100s", pw->pw_name,
223 loginmsg); 223 loginmsg);
224 } 224 }
225 /* Don't fail if /etc/nologin set */ 225 /* Don't fail if /etc/nologin set */
@@ -293,12 +293,12 @@ auth_root_allowed(char *method)
293 break; 293 break;
294 case PERMIT_FORCED_ONLY: 294 case PERMIT_FORCED_ONLY:
295 if (forced_command) { 295 if (forced_command) {
296 log("Root login accepted for forced command."); 296 logit("Root login accepted for forced command.");
297 return 1; 297 return 1;
298 } 298 }
299 break; 299 break;
300 } 300 }
301 log("ROOT LOGIN REFUSED FROM %.200s", get_remote_ipaddr()); 301 logit("ROOT LOGIN REFUSED FROM %.200s", get_remote_ipaddr());
302 return 0; 302 return 0;
303} 303}
304 304
@@ -390,7 +390,7 @@ check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host,
390 (stat(user_hostfile, &st) == 0) && 390 (stat(user_hostfile, &st) == 0) &&
391 ((st.st_uid != 0 && st.st_uid != pw->pw_uid) || 391 ((st.st_uid != 0 && st.st_uid != pw->pw_uid) ||
392 (st.st_mode & 022) != 0)) { 392 (st.st_mode & 022) != 0)) {
393 log("Authentication refused for %.100s: " 393 logit("Authentication refused for %.100s: "
394 "bad owner or modes for %.200s", 394 "bad owner or modes for %.200s",
395 pw->pw_name, user_hostfile); 395 pw->pw_name, user_hostfile);
396 } else { 396 } else {
@@ -494,7 +494,7 @@ getpwnamallow(const char *user)
494 494
495 pw = getpwnam(user); 495 pw = getpwnam(user);
496 if (pw == NULL) { 496 if (pw == NULL) {
497 log("Illegal user %.100s from %.100s", 497 logit("Illegal user %.100s from %.100s",
498 user, get_remote_ipaddr()); 498 user, get_remote_ipaddr());
499#ifdef WITH_AIXAUTHENTICATE 499#ifdef WITH_AIXAUTHENTICATE
500 loginfailed(user, 500 loginfailed(user,
diff --git a/auth1.c b/auth1.c
index c273f2fb6..03a54a9cd 100644
--- a/auth1.c
+++ b/auth1.c
@@ -297,7 +297,7 @@ do_authloop(Authctxt *authctxt)
297 * Any unknown messages will be ignored (and failure 297 * Any unknown messages will be ignored (and failure
298 * returned) during authentication. 298 * returned) during authentication.
299 */ 299 */
300 log("Unknown message during authentication: type %d", type); 300 logit("Unknown message during authentication: type %d", type);
301 break; 301 break;
302 } 302 }
303#ifdef BSD_AUTH 303#ifdef BSD_AUTH
diff --git a/auth2-hostbased.c b/auth2-hostbased.c
index 2bde7bb79..72df83bd4 100644
--- a/auth2-hostbased.c
+++ b/auth2-hostbased.c
@@ -77,7 +77,7 @@ userauth_hostbased(Authctxt *authctxt)
77 pktype = key_type_from_name(pkalg); 77 pktype = key_type_from_name(pkalg);
78 if (pktype == KEY_UNSPEC) { 78 if (pktype == KEY_UNSPEC) {
79 /* this is perfectly legal */ 79 /* this is perfectly legal */
80 log("userauth_hostbased: unsupported " 80 logit("userauth_hostbased: unsupported "
81 "public key algorithm: %s", pkalg); 81 "public key algorithm: %s", pkalg);
82 goto done; 82 goto done;
83 } 83 }
@@ -152,7 +152,7 @@ hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost,
152 chost[len - 1] = '\0'; 152 chost[len - 1] = '\0';
153 } 153 }
154 if (strcasecmp(resolvedname, chost) != 0) 154 if (strcasecmp(resolvedname, chost) != 0)
155 log("userauth_hostbased mismatch: " 155 logit("userauth_hostbased mismatch: "
156 "client sends %s, but we resolve %s to %s", 156 "client sends %s, but we resolve %s to %s",
157 chost, ipaddr, resolvedname); 157 chost, ipaddr, resolvedname);
158 if (auth_rhosts2(pw, cuser, resolvedname, ipaddr) == 0) 158 if (auth_rhosts2(pw, cuser, resolvedname, ipaddr) == 0)
diff --git a/auth2-passwd.c b/auth2-passwd.c
index ffa279594..a8f15161a 100644
--- a/auth2-passwd.c
+++ b/auth2-passwd.c
@@ -44,7 +44,7 @@ userauth_passwd(Authctxt *authctxt)
44 u_int len; 44 u_int len;
45 change = packet_get_char(); 45 change = packet_get_char();
46 if (change) 46 if (change)
47 log("password change not supported"); 47 logit("password change not supported");
48 password = packet_get_string(&len); 48 password = packet_get_string(&len);
49 packet_check_eom(); 49 packet_check_eom();
50 if (authctxt->valid && 50 if (authctxt->valid &&
diff --git a/auth2-pubkey.c b/auth2-pubkey.c
index 947bfed0b..8c5436e35 100644
--- a/auth2-pubkey.c
+++ b/auth2-pubkey.c
@@ -78,7 +78,7 @@ userauth_pubkey(Authctxt *authctxt)
78 pktype = key_type_from_name(pkalg); 78 pktype = key_type_from_name(pkalg);
79 if (pktype == KEY_UNSPEC) { 79 if (pktype == KEY_UNSPEC) {
80 /* this is perfectly legal */ 80 /* this is perfectly legal */
81 log("userauth_pubkey: unsupported public key algorithm: %s", 81 logit("userauth_pubkey: unsupported public key algorithm: %s",
82 pkalg); 82 pkalg);
83 goto done; 83 goto done;
84 } 84 }
@@ -199,7 +199,7 @@ user_key_allowed2(struct passwd *pw, Key *key, char *file)
199 if (options.strict_modes && 199 if (options.strict_modes &&
200 secure_filename(f, file, pw, line, sizeof(line)) != 0) { 200 secure_filename(f, file, pw, line, sizeof(line)) != 0) {
201 fclose(f); 201 fclose(f);
202 log("Authentication refused: %s", line); 202 logit("Authentication refused: %s", line);
203 restore_uid(); 203 restore_uid();
204 return 0; 204 return 0;
205 } 205 }
diff --git a/auth2.c b/auth2.c
index 1b21eb2da..cfaac5f72 100644
--- a/auth2.c
+++ b/auth2.c
@@ -160,7 +160,7 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt)
160 PRIVSEP(start_pam(authctxt->pw->pw_name)); 160 PRIVSEP(start_pam(authctxt->pw->pw_name));
161#endif 161#endif
162 } else { 162 } else {
163 log("input_userauth_request: illegal user %s", user); 163 logit("input_userauth_request: illegal user %s", user);
164#ifdef USE_PAM 164#ifdef USE_PAM
165 PRIVSEP(start_pam("NOUSER")); 165 PRIVSEP(start_pam("NOUSER"));
166#endif 166#endif
diff --git a/authfd.c b/authfd.c
index a186e0117..3d20da8be 100644
--- a/authfd.c
+++ b/authfd.c
@@ -332,7 +332,7 @@ ssh_get_next_identity(AuthenticationConnection *auth, char **comment, int versio
332 buffer_get_bignum(&auth->identities, key->rsa->n); 332 buffer_get_bignum(&auth->identities, key->rsa->n);
333 *comment = buffer_get_string(&auth->identities, NULL); 333 *comment = buffer_get_string(&auth->identities, NULL);
334 if (bits != BN_num_bits(key->rsa->n)) 334 if (bits != BN_num_bits(key->rsa->n))
335 log("Warning: identity keysize mismatch: actual %d, announced %u", 335 logit("Warning: identity keysize mismatch: actual %d, announced %u",
336 BN_num_bits(key->rsa->n), bits); 336 BN_num_bits(key->rsa->n), bits);
337 break; 337 break;
338 case 2: 338 case 2:
@@ -373,7 +373,7 @@ ssh_decrypt_challenge(AuthenticationConnection *auth,
373 if (key->type != KEY_RSA1) 373 if (key->type != KEY_RSA1)
374 return 0; 374 return 0;
375 if (response_type == 0) { 375 if (response_type == 0) {
376 log("Compatibility with ssh protocol version 1.0 no longer supported."); 376 logit("Compatibility with ssh protocol version 1.0 no longer supported.");
377 return 0; 377 return 0;
378 } 378 }
379 buffer_init(&buffer); 379 buffer_init(&buffer);
@@ -392,7 +392,7 @@ ssh_decrypt_challenge(AuthenticationConnection *auth,
392 type = buffer_get_char(&buffer); 392 type = buffer_get_char(&buffer);
393 393
394 if (agent_failed(type)) { 394 if (agent_failed(type)) {
395 log("Agent admitted failure to authenticate using the key."); 395 logit("Agent admitted failure to authenticate using the key.");
396 } else if (type != SSH_AGENT_RSA_RESPONSE) { 396 } else if (type != SSH_AGENT_RSA_RESPONSE) {
397 fatal("Bad authentication response: %d", type); 397 fatal("Bad authentication response: %d", type);
398 } else { 398 } else {
@@ -441,7 +441,7 @@ ssh_agent_sign(AuthenticationConnection *auth,
441 } 441 }
442 type = buffer_get_char(&msg); 442 type = buffer_get_char(&msg);
443 if (agent_failed(type)) { 443 if (agent_failed(type)) {
444 log("Agent admitted failure to sign using the key."); 444 logit("Agent admitted failure to sign using the key.");
445 } else if (type != SSH2_AGENT_SIGN_RESPONSE) { 445 } else if (type != SSH2_AGENT_SIGN_RESPONSE) {
446 fatal("Bad authentication response: %d", type); 446 fatal("Bad authentication response: %d", type);
447 } else { 447 } else {
@@ -641,7 +641,7 @@ decode_reply(int type)
641 case SSH_AGENT_FAILURE: 641 case SSH_AGENT_FAILURE:
642 case SSH_COM_AGENT2_FAILURE: 642 case SSH_COM_AGENT2_FAILURE:
643 case SSH2_AGENT_FAILURE: 643 case SSH2_AGENT_FAILURE:
644 log("SSH_AGENT_FAILURE"); 644 logit("SSH_AGENT_FAILURE");
645 return 0; 645 return 0;
646 case SSH_AGENT_SUCCESS: 646 case SSH_AGENT_SUCCESS:
647 return 1; 647 return 1;
diff --git a/bufaux.c b/bufaux.c
index 3c276b810..8066f77b5 100644
--- a/bufaux.c
+++ b/bufaux.c
@@ -119,7 +119,7 @@ buffer_put_bignum2(Buffer *buffer, BIGNUM *value)
119 /**XXX should be two's-complement */ 119 /**XXX should be two's-complement */
120 int i, carry; 120 int i, carry;
121 u_char *uc = buf; 121 u_char *uc = buf;
122 log("negativ!"); 122 logit("negativ!");
123 for (i = bytes-1, carry = 1; i>=0; i--) { 123 for (i = bytes-1, carry = 1; i>=0; i--) {
124 uc[i] ^= 0xff; 124 uc[i] ^= 0xff;
125 if (carry) 125 if (carry)
diff --git a/canohost.c b/canohost.c
index 941db23b6..21a7eba85 100644
--- a/canohost.c
+++ b/canohost.c
@@ -81,7 +81,7 @@ get_remote_hostname(int socket, int verify_reverse_mapping)
81 NULL, 0, NI_NAMEREQD) != 0) { 81 NULL, 0, NI_NAMEREQD) != 0) {
82 /* Host name not found. Use ip address. */ 82 /* Host name not found. Use ip address. */
83#if 0 83#if 0
84 log("Could not reverse map address %.100s.", ntop); 84 logit("Could not reverse map address %.100s.", ntop);
85#endif 85#endif
86 return xstrdup(ntop); 86 return xstrdup(ntop);
87 } 87 }
@@ -111,7 +111,7 @@ get_remote_hostname(int socket, int verify_reverse_mapping)
111 hints.ai_family = from.ss_family; 111 hints.ai_family = from.ss_family;
112 hints.ai_socktype = SOCK_STREAM; 112 hints.ai_socktype = SOCK_STREAM;
113 if (getaddrinfo(name, NULL, &hints, &aitop) != 0) { 113 if (getaddrinfo(name, NULL, &hints, &aitop) != 0) {
114 log("reverse mapping checking getaddrinfo for %.700s " 114 logit("reverse mapping checking getaddrinfo for %.700s "
115 "failed - POSSIBLE BREAKIN ATTEMPT!", name); 115 "failed - POSSIBLE BREAKIN ATTEMPT!", name);
116 return xstrdup(ntop); 116 return xstrdup(ntop);
117 } 117 }
@@ -126,7 +126,7 @@ get_remote_hostname(int socket, int verify_reverse_mapping)
126 /* If we reached the end of the list, the address was not there. */ 126 /* If we reached the end of the list, the address was not there. */
127 if (!ai) { 127 if (!ai) {
128 /* Address not found for the host name. */ 128 /* Address not found for the host name. */
129 log("Address %.100s maps to %.600s, but this does not " 129 logit("Address %.100s maps to %.600s, but this does not "
130 "map back to the address - POSSIBLE BREAKIN ATTEMPT!", 130 "map back to the address - POSSIBLE BREAKIN ATTEMPT!",
131 ntop, name); 131 ntop, name);
132 return xstrdup(ntop); 132 return xstrdup(ntop);
@@ -166,7 +166,7 @@ check_ip_options(int socket, char *ipaddr)
166 for (i = 0; i < option_size; i++) 166 for (i = 0; i < option_size; i++)
167 snprintf(text + i*3, sizeof(text) - i*3, 167 snprintf(text + i*3, sizeof(text) - i*3,
168 " %2.2x", options[i]); 168 " %2.2x", options[i]);
169 log("Connection from %.100s with IP options:%.800s", 169 logit("Connection from %.100s with IP options:%.800s",
170 ipaddr, text); 170 ipaddr, text);
171 packet_disconnect("Connection from %.100s with IP options:%.800s", 171 packet_disconnect("Connection from %.100s with IP options:%.800s",
172 ipaddr, text); 172 ipaddr, text);
diff --git a/channels.c b/channels.c
index 1937b0244..e27ae1fa3 100644
--- a/channels.c
+++ b/channels.c
@@ -142,12 +142,12 @@ channel_lookup(int id)
142 Channel *c; 142 Channel *c;
143 143
144 if (id < 0 || id >= channels_alloc) { 144 if (id < 0 || id >= channels_alloc) {
145 log("channel_lookup: %d: bad id", id); 145 logit("channel_lookup: %d: bad id", id);
146 return NULL; 146 return NULL;
147 } 147 }
148 c = channels[id]; 148 c = channels[id];
149 if (c == NULL) { 149 if (c == NULL) {
150 log("channel_lookup: %d: bad id: channel free", id); 150 logit("channel_lookup: %d: bad id: channel free", id);
151 return NULL; 151 return NULL;
152 } 152 }
153 return c; 153 return c;
@@ -575,7 +575,7 @@ channel_send_open(int id)
575 Channel *c = channel_lookup(id); 575 Channel *c = channel_lookup(id);
576 576
577 if (c == NULL) { 577 if (c == NULL) {
578 log("channel_send_open: %d: bad id", id); 578 logit("channel_send_open: %d: bad id", id);
579 return; 579 return;
580 } 580 }
581 debug2("channel %d: send open", id); 581 debug2("channel %d: send open", id);
@@ -593,7 +593,7 @@ channel_request_start(int id, char *service, int wantconfirm)
593 Channel *c = channel_lookup(id); 593 Channel *c = channel_lookup(id);
594 594
595 if (c == NULL) { 595 if (c == NULL) {
596 log("channel_request_start: %d: unknown channel id", id); 596 logit("channel_request_start: %d: unknown channel id", id);
597 return; 597 return;
598 } 598 }
599 debug("channel %d: request %s", id, service) ; 599 debug("channel %d: request %s", id, service) ;
@@ -608,7 +608,7 @@ channel_register_confirm(int id, channel_callback_fn *fn)
608 Channel *c = channel_lookup(id); 608 Channel *c = channel_lookup(id);
609 609
610 if (c == NULL) { 610 if (c == NULL) {
611 log("channel_register_comfirm: %d: bad id", id); 611 logit("channel_register_comfirm: %d: bad id", id);
612 return; 612 return;
613 } 613 }
614 c->confirm = fn; 614 c->confirm = fn;
@@ -619,7 +619,7 @@ channel_register_cleanup(int id, channel_callback_fn *fn)
619 Channel *c = channel_lookup(id); 619 Channel *c = channel_lookup(id);
620 620
621 if (c == NULL) { 621 if (c == NULL) {
622 log("channel_register_cleanup: %d: bad id", id); 622 logit("channel_register_cleanup: %d: bad id", id);
623 return; 623 return;
624 } 624 }
625 c->detach_user = fn; 625 c->detach_user = fn;
@@ -630,7 +630,7 @@ channel_cancel_cleanup(int id)
630 Channel *c = channel_lookup(id); 630 Channel *c = channel_lookup(id);
631 631
632 if (c == NULL) { 632 if (c == NULL) {
633 log("channel_cancel_cleanup: %d: bad id", id); 633 logit("channel_cancel_cleanup: %d: bad id", id);
634 return; 634 return;
635 } 635 }
636 c->detach_user = NULL; 636 c->detach_user = NULL;
@@ -641,7 +641,7 @@ channel_register_filter(int id, channel_filter_fn *fn)
641 Channel *c = channel_lookup(id); 641 Channel *c = channel_lookup(id);
642 642
643 if (c == NULL) { 643 if (c == NULL) {
644 log("channel_register_filter: %d: bad id", id); 644 logit("channel_register_filter: %d: bad id", id);
645 return; 645 return;
646 } 646 }
647 c->input_filter = fn; 647 c->input_filter = fn;
@@ -833,7 +833,7 @@ channel_pre_x11_open_13(Channel *c, fd_set * readset, fd_set * writeset)
833 * We have received an X11 connection that has bad 833 * We have received an X11 connection that has bad
834 * authentication information. 834 * authentication information.
835 */ 835 */
836 log("X11 connection rejected because of wrong authentication."); 836 logit("X11 connection rejected because of wrong authentication.");
837 buffer_clear(&c->input); 837 buffer_clear(&c->input);
838 buffer_clear(&c->output); 838 buffer_clear(&c->output);
839 channel_close_fd(&c->sock); 839 channel_close_fd(&c->sock);
@@ -856,7 +856,7 @@ channel_pre_x11_open(Channel *c, fd_set * readset, fd_set * writeset)
856 c->type = SSH_CHANNEL_OPEN; 856 c->type = SSH_CHANNEL_OPEN;
857 channel_pre_open(c, readset, writeset); 857 channel_pre_open(c, readset, writeset);
858 } else if (ret == -1) { 858 } else if (ret == -1) {
859 log("X11 connection rejected because of wrong authentication."); 859 logit("X11 connection rejected because of wrong authentication.");
860 debug("X11 rejected %d i%d/o%d", c->self, c->istate, c->ostate); 860 debug("X11 rejected %d i%d/o%d", c->self, c->istate, c->ostate);
861 chan_read_failed(c); 861 chan_read_failed(c);
862 buffer_clear(&c->input); 862 buffer_clear(&c->input);
@@ -1717,11 +1717,11 @@ channel_input_data(int type, u_int32_t seq, void *ctxt)
1717 1717
1718 if (compat20) { 1718 if (compat20) {
1719 if (data_len > c->local_maxpacket) { 1719 if (data_len > c->local_maxpacket) {
1720 log("channel %d: rcvd big packet %d, maxpack %d", 1720 logit("channel %d: rcvd big packet %d, maxpack %d",
1721 c->self, data_len, c->local_maxpacket); 1721 c->self, data_len, c->local_maxpacket);
1722 } 1722 }
1723 if (data_len > c->local_window) { 1723 if (data_len > c->local_window) {
1724 log("channel %d: rcvd too much data %d, win %d", 1724 logit("channel %d: rcvd too much data %d, win %d",
1725 c->self, data_len, c->local_window); 1725 c->self, data_len, c->local_window);
1726 xfree(data); 1726 xfree(data);
1727 return; 1727 return;
@@ -1748,7 +1748,7 @@ channel_input_extended_data(int type, u_int32_t seq, void *ctxt)
1748 if (c == NULL) 1748 if (c == NULL)
1749 packet_disconnect("Received extended_data for bad channel %d.", id); 1749 packet_disconnect("Received extended_data for bad channel %d.", id);
1750 if (c->type != SSH_CHANNEL_OPEN) { 1750 if (c->type != SSH_CHANNEL_OPEN) {
1751 log("channel %d: ext data for non open", id); 1751 logit("channel %d: ext data for non open", id);
1752 return; 1752 return;
1753 } 1753 }
1754 if (c->flags & CHAN_EOF_RCVD) { 1754 if (c->flags & CHAN_EOF_RCVD) {
@@ -1762,13 +1762,13 @@ channel_input_extended_data(int type, u_int32_t seq, void *ctxt)
1762 if (c->efd == -1 || 1762 if (c->efd == -1 ||
1763 c->extended_usage != CHAN_EXTENDED_WRITE || 1763 c->extended_usage != CHAN_EXTENDED_WRITE ||
1764 tcode != SSH2_EXTENDED_DATA_STDERR) { 1764 tcode != SSH2_EXTENDED_DATA_STDERR) {
1765 log("channel %d: bad ext data", c->self); 1765 logit("channel %d: bad ext data", c->self);
1766 return; 1766 return;
1767 } 1767 }
1768 data = packet_get_string(&data_len); 1768 data = packet_get_string(&data_len);
1769 packet_check_eom(); 1769 packet_check_eom();
1770 if (data_len > c->local_window) { 1770 if (data_len > c->local_window) {
1771 log("channel %d: rcvd too much extended_data %d, win %d", 1771 logit("channel %d: rcvd too much extended_data %d, win %d",
1772 c->self, data_len, c->local_window); 1772 c->self, data_len, c->local_window);
1773 xfree(data); 1773 xfree(data);
1774 return; 1774 return;
@@ -1934,7 +1934,7 @@ channel_input_open_failure(int type, u_int32_t seq, void *ctxt)
1934 msg = packet_get_string(NULL); 1934 msg = packet_get_string(NULL);
1935 lang = packet_get_string(NULL); 1935 lang = packet_get_string(NULL);
1936 } 1936 }
1937 log("channel %d: open failed: %s%s%s", id, 1937 logit("channel %d: open failed: %s%s%s", id,
1938 reason2txt(reason), msg ? ": ": "", msg ? msg : ""); 1938 reason2txt(reason), msg ? ": ": "", msg ? msg : "");
1939 if (msg != NULL) 1939 if (msg != NULL)
1940 xfree(msg); 1940 xfree(msg);
@@ -1961,7 +1961,7 @@ channel_input_window_adjust(int type, u_int32_t seq, void *ctxt)
1961 c = channel_lookup(id); 1961 c = channel_lookup(id);
1962 1962
1963 if (c == NULL || c->type != SSH_CHANNEL_OPEN) { 1963 if (c == NULL || c->type != SSH_CHANNEL_OPEN) {
1964 log("Received window adjust for " 1964 logit("Received window adjust for "
1965 "non-open channel %d.", id); 1965 "non-open channel %d.", id);
1966 return; 1966 return;
1967 } 1967 }
@@ -2167,7 +2167,7 @@ channel_request_remote_forwarding(u_short listen_port,
2167 success = 1; 2167 success = 1;
2168 break; 2168 break;
2169 case SSH_SMSG_FAILURE: 2169 case SSH_SMSG_FAILURE:
2170 log("Warning: Server denied remote port forwarding."); 2170 logit("Warning: Server denied remote port forwarding.");
2171 break; 2171 break;
2172 default: 2172 default:
2173 /* Unknown packet */ 2173 /* Unknown packet */
@@ -2340,7 +2340,7 @@ channel_connect_to(const char *host, u_short port)
2340 2340
2341 } 2341 }
2342 if (!permit) { 2342 if (!permit) {
2343 log("Received request to connect to host %.100s port %d, " 2343 logit("Received request to connect to host %.100s port %d, "
2344 "but the request was denied.", host, port); 2344 "but the request was denied.", host, port);
2345 return -1; 2345 return -1;
2346 } 2346 }
diff --git a/clientloop.c b/clientloop.c
index a40019d08..f07725bbc 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -490,13 +490,13 @@ process_cmdline(void)
490 if (*s == 0) 490 if (*s == 0)
491 goto out; 491 goto out;
492 if (strlen(s) < 2 || s[0] != '-' || !(s[1] == 'L' || s[1] == 'R')) { 492 if (strlen(s) < 2 || s[0] != '-' || !(s[1] == 'L' || s[1] == 'R')) {
493 log("Invalid command."); 493 logit("Invalid command.");
494 goto out; 494 goto out;
495 } 495 }
496 if (s[1] == 'L') 496 if (s[1] == 'L')
497 local = 1; 497 local = 1;
498 if (!local && !compat20) { 498 if (!local && !compat20) {
499 log("Not supported for SSH protocol version 1."); 499 logit("Not supported for SSH protocol version 1.");
500 goto out; 500 goto out;
501 } 501 }
502 s += 2; 502 s += 2;
@@ -507,24 +507,24 @@ process_cmdline(void)
507 sfwd_port, buf, sfwd_host_port) != 3 && 507 sfwd_port, buf, sfwd_host_port) != 3 &&
508 sscanf(s, "%5[0-9]/%255[^/]/%5[0-9]", 508 sscanf(s, "%5[0-9]/%255[^/]/%5[0-9]",
509 sfwd_port, buf, sfwd_host_port) != 3) { 509 sfwd_port, buf, sfwd_host_port) != 3) {
510 log("Bad forwarding specification."); 510 logit("Bad forwarding specification.");
511 goto out; 511 goto out;
512 } 512 }
513 if ((fwd_port = a2port(sfwd_port)) == 0 || 513 if ((fwd_port = a2port(sfwd_port)) == 0 ||
514 (fwd_host_port = a2port(sfwd_host_port)) == 0) { 514 (fwd_host_port = a2port(sfwd_host_port)) == 0) {
515 log("Bad forwarding port(s)."); 515 logit("Bad forwarding port(s).");
516 goto out; 516 goto out;
517 } 517 }
518 if (local) { 518 if (local) {
519 if (channel_setup_local_fwd_listener(fwd_port, buf, 519 if (channel_setup_local_fwd_listener(fwd_port, buf,
520 fwd_host_port, options.gateway_ports) < 0) { 520 fwd_host_port, options.gateway_ports) < 0) {
521 log("Port forwarding failed."); 521 logit("Port forwarding failed.");
522 goto out; 522 goto out;
523 } 523 }
524 } else 524 } else
525 channel_request_remote_forwarding(fwd_port, buf, 525 channel_request_remote_forwarding(fwd_port, buf,
526 fwd_host_port); 526 fwd_host_port);
527 log("Forwarding port."); 527 logit("Forwarding port.");
528out: 528out:
529 signal(SIGINT, handler); 529 signal(SIGINT, handler);
530 enter_raw_mode(); 530 enter_raw_mode();
@@ -577,7 +577,7 @@ process_escapes(Buffer *bin, Buffer *bout, Buffer *berr, char *buf, int len)
577 case 'R': 577 case 'R':
578 if (compat20) { 578 if (compat20) {
579 if (datafellows & SSH_BUG_NOREKEY) 579 if (datafellows & SSH_BUG_NOREKEY)
580 log("Server does not support re-keying"); 580 logit("Server does not support re-keying");
581 else 581 else
582 need_rekeying = 1; 582 need_rekeying = 1;
583 } 583 }
diff --git a/compat.c b/compat.c
index 5e1774ab6..a5241c491 100644
--- a/compat.c
+++ b/compat.c
@@ -188,7 +188,7 @@ proto_spec(const char *spec)
188 ret |= SSH_PROTO_2; 188 ret |= SSH_PROTO_2;
189 break; 189 break;
190 default: 190 default:
191 log("ignoring bad proto spec: '%s'.", p); 191 logit("ignoring bad proto spec: '%s'.", p);
192 break; 192 break;
193 } 193 }
194 } 194 }
diff --git a/dh.c b/dh.c
index 1be51953c..fd41e2102 100644
--- a/dh.c
+++ b/dh.c
@@ -112,7 +112,7 @@ choose_dh(int min, int wantbits, int max)
112 112
113 if ((f = fopen(_PATH_DH_MODULI, "r")) == NULL && 113 if ((f = fopen(_PATH_DH_MODULI, "r")) == NULL &&
114 (f = fopen(_PATH_DH_PRIMES, "r")) == NULL) { 114 (f = fopen(_PATH_DH_PRIMES, "r")) == NULL) {
115 log("WARNING: %s does not exist, using old modulus", _PATH_DH_MODULI); 115 logit("WARNING: %s does not exist, using old modulus", _PATH_DH_MODULI);
116 return (dh_new_group1()); 116 return (dh_new_group1());
117 } 117 }
118 118
@@ -140,7 +140,7 @@ choose_dh(int min, int wantbits, int max)
140 140
141 if (bestcount == 0) { 141 if (bestcount == 0) {
142 fclose(f); 142 fclose(f);
143 log("WARNING: no suitable primes in %s", _PATH_DH_PRIMES); 143 logit("WARNING: no suitable primes in %s", _PATH_DH_PRIMES);
144 return (NULL); 144 return (NULL);
145 } 145 }
146 146
@@ -176,7 +176,7 @@ dh_pub_is_valid(DH *dh, BIGNUM *dh_pub)
176 int bits_set = 0; 176 int bits_set = 0;
177 177
178 if (dh_pub->neg) { 178 if (dh_pub->neg) {
179 log("invalid public DH value: negativ"); 179 logit("invalid public DH value: negativ");
180 return 0; 180 return 0;
181 } 181 }
182 for (i = 0; i <= n; i++) 182 for (i = 0; i <= n; i++)
@@ -187,7 +187,7 @@ dh_pub_is_valid(DH *dh, BIGNUM *dh_pub)
187 /* if g==2 and bits_set==1 then computing log_g(dh_pub) is trivial */ 187 /* if g==2 and bits_set==1 then computing log_g(dh_pub) is trivial */
188 if (bits_set > 1 && (BN_cmp(dh_pub, dh->p) == -1)) 188 if (bits_set > 1 && (BN_cmp(dh_pub, dh->p) == -1))
189 return 1; 189 return 1;
190 log("invalid public DH value (%d/%d)", bits_set, BN_num_bits(dh->p)); 190 logit("invalid public DH value (%d/%d)", bits_set, BN_num_bits(dh->p));
191 return 0; 191 return 0;
192} 192}
193 193
diff --git a/dispatch.c b/dispatch.c
index ce32bc22f..e962fb34b 100644
--- a/dispatch.c
+++ b/dispatch.c
@@ -39,7 +39,7 @@ dispatch_fn *dispatch[DISPATCH_MAX];
39void 39void
40dispatch_protocol_error(int type, u_int32_t seq, void *ctxt) 40dispatch_protocol_error(int type, u_int32_t seq, void *ctxt)
41{ 41{
42 log("dispatch_protocol_error: type %d seq %u", type, seq); 42 logit("dispatch_protocol_error: type %d seq %u", type, seq);
43 if (!compat20) 43 if (!compat20)
44 fatal("protocol error"); 44 fatal("protocol error");
45 packet_start(SSH2_MSG_UNIMPLEMENTED); 45 packet_start(SSH2_MSG_UNIMPLEMENTED);
@@ -50,7 +50,7 @@ dispatch_protocol_error(int type, u_int32_t seq, void *ctxt)
50void 50void
51dispatch_protocol_ignore(int type, u_int32_t seq, void *ctxt) 51dispatch_protocol_ignore(int type, u_int32_t seq, void *ctxt)
52{ 52{
53 log("dispatch_protocol_ignore: type %d seq %u", type, seq); 53 logit("dispatch_protocol_ignore: type %d seq %u", type, seq);
54} 54}
55void 55void
56dispatch_init(dispatch_fn *dflt) 56dispatch_init(dispatch_fn *dflt)
diff --git a/groupaccess.c b/groupaccess.c
index 66dfa68fe..b90791832 100644
--- a/groupaccess.c
+++ b/groupaccess.c
@@ -49,7 +49,7 @@ ga_init(const char *user, gid_t base)
49 49
50 ngroups = sizeof(groups_bygid) / sizeof(gid_t); 50 ngroups = sizeof(groups_bygid) / sizeof(gid_t);
51 if (getgrouplist(user, base, groups_bygid, &ngroups) == -1) 51 if (getgrouplist(user, base, groups_bygid, &ngroups) == -1)
52 log("getgrouplist: groups list too small"); 52 logit("getgrouplist: groups list too small");
53 for (i = 0, j = 0; i < ngroups; i++) 53 for (i = 0, j = 0; i < ngroups; i++)
54 if ((gr = getgrgid(groups_bygid[i])) != NULL) 54 if ((gr = getgrgid(groups_bygid[i])) != NULL)
55 groups_byname[j++] = xstrdup(gr->gr_name); 55 groups_byname[j++] = xstrdup(gr->gr_name);
diff --git a/hostfile.c b/hostfile.c
index dcee03448..31147cba1 100644
--- a/hostfile.c
+++ b/hostfile.c
@@ -77,10 +77,10 @@ hostfile_check_key(int bits, Key *key, const char *host, const char *filename, i
77 if (key == NULL || key->type != KEY_RSA1 || key->rsa == NULL) 77 if (key == NULL || key->type != KEY_RSA1 || key->rsa == NULL)
78 return 1; 78 return 1;
79 if (bits != BN_num_bits(key->rsa->n)) { 79 if (bits != BN_num_bits(key->rsa->n)) {
80 log("Warning: %s, line %d: keysize mismatch for host %s: " 80 logit("Warning: %s, line %d: keysize mismatch for host %s: "
81 "actual %d vs. announced %d.", 81 "actual %d vs. announced %d.",
82 filename, linenum, host, BN_num_bits(key->rsa->n), bits); 82 filename, linenum, host, BN_num_bits(key->rsa->n), bits);
83 log("Warning: replace %d with %d in %s, line %d.", 83 logit("Warning: replace %d with %d in %s, line %d.",
84 bits, BN_num_bits(key->rsa->n), filename, linenum); 84 bits, BN_num_bits(key->rsa->n), filename, linenum);
85 } 85 }
86 return 1; 86 return 1;
diff --git a/log.c b/log.c
index 84e4ce0ac..685717aef 100644
--- a/log.c
+++ b/log.c
@@ -127,7 +127,7 @@ error(const char *fmt,...)
127/* Log this message (information that usually should go to the log). */ 127/* Log this message (information that usually should go to the log). */
128 128
129void 129void
130log(const char *fmt,...) 130logit(const char *fmt,...)
131{ 131{
132 va_list args; 132 va_list args;
133 133
diff --git a/log.h b/log.h
index 917fafa69..4aad9ac7c 100644
--- a/log.h
+++ b/log.h
@@ -55,7 +55,7 @@ LogLevel log_level_number(char *);
55 55
56void fatal(const char *, ...) __attribute__((format(printf, 1, 2))); 56void fatal(const char *, ...) __attribute__((format(printf, 1, 2)));
57void error(const char *, ...) __attribute__((format(printf, 1, 2))); 57void error(const char *, ...) __attribute__((format(printf, 1, 2)));
58void log(const char *, ...) __attribute__((format(printf, 1, 2))); 58void logit(const char *, ...) __attribute__((format(printf, 1, 2)));
59void verbose(const char *, ...) __attribute__((format(printf, 1, 2))); 59void verbose(const char *, ...) __attribute__((format(printf, 1, 2)));
60void debug(const char *, ...) __attribute__((format(printf, 1, 2))); 60void debug(const char *, ...) __attribute__((format(printf, 1, 2)));
61void debug2(const char *, ...) __attribute__((format(printf, 1, 2))); 61void debug2(const char *, ...) __attribute__((format(printf, 1, 2)));
diff --git a/loginrec.c b/loginrec.c
index db2528a79..38e1d8e82 100644
--- a/loginrec.c
+++ b/loginrec.c
@@ -163,7 +163,7 @@
163#include "log.h" 163#include "log.h"
164#include "atomicio.h" 164#include "atomicio.h"
165 165
166RCSID("$Id: loginrec.c,v 1.48 2003/04/09 09:40:34 djm Exp $"); 166RCSID("$Id: loginrec.c,v 1.49 2003/04/09 10:59:49 djm Exp $");
167 167
168#ifdef HAVE_UTIL_H 168#ifdef HAVE_UTIL_H
169# include <util.h> 169# include <util.h>
@@ -413,7 +413,7 @@ login_write (struct logininfo *li)
413{ 413{
414#ifndef HAVE_CYGWIN 414#ifndef HAVE_CYGWIN
415 if ((int)geteuid() != 0) { 415 if ((int)geteuid() != 0) {
416 log("Attempt to write login records by non-root user (aborting)"); 416 logit("Attempt to write login records by non-root user (aborting)");
417 return 1; 417 return 1;
418 } 418 }
419#endif 419#endif
@@ -818,7 +818,7 @@ utmp_write_direct(struct logininfo *li, struct utmp *ut)
818 endttyent(); 818 endttyent();
819 819
820 if((struct ttyent *)0 == ty) { 820 if((struct ttyent *)0 == ty) {
821 log("utmp_write_entry: tty not found"); 821 logit("utmp_write_entry: tty not found");
822 return(1); 822 return(1);
823 } 823 }
824#else /* FIXME */ 824#else /* FIXME */
@@ -843,7 +843,7 @@ utmp_write_direct(struct logininfo *li, struct utmp *ut)
843 843
844 (void)lseek(fd, (off_t)(tty * sizeof(struct utmp)), SEEK_SET); 844 (void)lseek(fd, (off_t)(tty * sizeof(struct utmp)), SEEK_SET);
845 if (atomicio(write, fd, ut, sizeof(*ut)) != sizeof(*ut)) 845 if (atomicio(write, fd, ut, sizeof(*ut)) != sizeof(*ut))
846 log("utmp_write_direct: error writing %s: %s", 846 logit("utmp_write_direct: error writing %s: %s",
847 UTMP_FILE, strerror(errno)); 847 UTMP_FILE, strerror(errno));
848 848
849 (void)close(fd); 849 (void)close(fd);
@@ -862,12 +862,12 @@ utmp_perform_login(struct logininfo *li)
862 construct_utmp(li, &ut); 862 construct_utmp(li, &ut);
863# ifdef UTMP_USE_LIBRARY 863# ifdef UTMP_USE_LIBRARY
864 if (!utmp_write_library(li, &ut)) { 864 if (!utmp_write_library(li, &ut)) {
865 log("utmp_perform_login: utmp_write_library() failed"); 865 logit("utmp_perform_login: utmp_write_library() failed");
866 return 0; 866 return 0;
867 } 867 }
868# else 868# else
869 if (!utmp_write_direct(li, &ut)) { 869 if (!utmp_write_direct(li, &ut)) {
870 log("utmp_perform_login: utmp_write_direct() failed"); 870 logit("utmp_perform_login: utmp_write_direct() failed");
871 return 0; 871 return 0;
872 } 872 }
873# endif 873# endif
@@ -883,12 +883,12 @@ utmp_perform_logout(struct logininfo *li)
883 construct_utmp(li, &ut); 883 construct_utmp(li, &ut);
884# ifdef UTMP_USE_LIBRARY 884# ifdef UTMP_USE_LIBRARY
885 if (!utmp_write_library(li, &ut)) { 885 if (!utmp_write_library(li, &ut)) {
886 log("utmp_perform_logout: utmp_write_library() failed"); 886 logit("utmp_perform_logout: utmp_write_library() failed");
887 return 0; 887 return 0;
888 } 888 }
889# else 889# else
890 if (!utmp_write_direct(li, &ut)) { 890 if (!utmp_write_direct(li, &ut)) {
891 log("utmp_perform_logout: utmp_write_direct() failed"); 891 logit("utmp_perform_logout: utmp_write_direct() failed");
892 return 0; 892 return 0;
893 } 893 }
894# endif 894# endif
@@ -907,7 +907,7 @@ utmp_write_entry(struct logininfo *li)
907 return utmp_perform_logout(li); 907 return utmp_perform_logout(li);
908 908
909 default: 909 default:
910 log("utmp_write_entry: invalid type field"); 910 logit("utmp_write_entry: invalid type field");
911 return 0; 911 return 0;
912 } 912 }
913} 913}
@@ -948,7 +948,7 @@ utmpx_write_library(struct logininfo *li, struct utmpx *utx)
948static int 948static int
949utmpx_write_direct(struct logininfo *li, struct utmpx *utx) 949utmpx_write_direct(struct logininfo *li, struct utmpx *utx)
950{ 950{
951 log("utmpx_write_direct: not implemented!"); 951 logit("utmpx_write_direct: not implemented!");
952 return 0; 952 return 0;
953} 953}
954# endif /* UTMPX_USE_LIBRARY */ 954# endif /* UTMPX_USE_LIBRARY */
@@ -961,12 +961,12 @@ utmpx_perform_login(struct logininfo *li)
961 construct_utmpx(li, &utx); 961 construct_utmpx(li, &utx);
962# ifdef UTMPX_USE_LIBRARY 962# ifdef UTMPX_USE_LIBRARY
963 if (!utmpx_write_library(li, &utx)) { 963 if (!utmpx_write_library(li, &utx)) {
964 log("utmpx_perform_login: utmp_write_library() failed"); 964 logit("utmpx_perform_login: utmp_write_library() failed");
965 return 0; 965 return 0;
966 } 966 }
967# else 967# else
968 if (!utmpx_write_direct(li, &ut)) { 968 if (!utmpx_write_direct(li, &ut)) {
969 log("utmpx_perform_login: utmp_write_direct() failed"); 969 logit("utmpx_perform_login: utmp_write_direct() failed");
970 return 0; 970 return 0;
971 } 971 }
972# endif 972# endif
@@ -1004,7 +1004,7 @@ utmpx_write_entry(struct logininfo *li)
1004 case LTYPE_LOGOUT: 1004 case LTYPE_LOGOUT:
1005 return utmpx_perform_logout(li); 1005 return utmpx_perform_logout(li);
1006 default: 1006 default:
1007 log("utmpx_write_entry: invalid type field"); 1007 logit("utmpx_write_entry: invalid type field");
1008 return 0; 1008 return 0;
1009 } 1009 }
1010} 1010}
@@ -1026,14 +1026,14 @@ wtmp_write(struct logininfo *li, struct utmp *ut)
1026 int fd, ret = 1; 1026 int fd, ret = 1;
1027 1027
1028 if ((fd = open(WTMP_FILE, O_WRONLY|O_APPEND, 0)) < 0) { 1028 if ((fd = open(WTMP_FILE, O_WRONLY|O_APPEND, 0)) < 0) {
1029 log("wtmp_write: problem writing %s: %s", 1029 logit("wtmp_write: problem writing %s: %s",
1030 WTMP_FILE, strerror(errno)); 1030 WTMP_FILE, strerror(errno));
1031 return 0; 1031 return 0;
1032 } 1032 }
1033 if (fstat(fd, &buf) == 0) 1033 if (fstat(fd, &buf) == 0)
1034 if (atomicio(write, fd, ut, sizeof(*ut)) != sizeof(*ut)) { 1034 if (atomicio(write, fd, ut, sizeof(*ut)) != sizeof(*ut)) {
1035 ftruncate(fd, buf.st_size); 1035 ftruncate(fd, buf.st_size);
1036 log("wtmp_write: problem writing %s: %s", 1036 logit("wtmp_write: problem writing %s: %s",
1037 WTMP_FILE, strerror(errno)); 1037 WTMP_FILE, strerror(errno));
1038 ret = 0; 1038 ret = 0;
1039 } 1039 }
@@ -1070,7 +1070,7 @@ wtmp_write_entry(struct logininfo *li)
1070 case LTYPE_LOGOUT: 1070 case LTYPE_LOGOUT:
1071 return wtmp_perform_logout(li); 1071 return wtmp_perform_logout(li);
1072 default: 1072 default:
1073 log("wtmp_write_entry: invalid type field"); 1073 logit("wtmp_write_entry: invalid type field");
1074 return 0; 1074 return 0;
1075 } 1075 }
1076} 1076}
@@ -1119,12 +1119,12 @@ wtmp_get_entry(struct logininfo *li)
1119 li->tv_sec = li->tv_usec = 0; 1119 li->tv_sec = li->tv_usec = 0;
1120 1120
1121 if ((fd = open(WTMP_FILE, O_RDONLY)) < 0) { 1121 if ((fd = open(WTMP_FILE, O_RDONLY)) < 0) {
1122 log("wtmp_get_entry: problem opening %s: %s", 1122 logit("wtmp_get_entry: problem opening %s: %s",
1123 WTMP_FILE, strerror(errno)); 1123 WTMP_FILE, strerror(errno));
1124 return 0; 1124 return 0;
1125 } 1125 }
1126 if (fstat(fd, &st) != 0) { 1126 if (fstat(fd, &st) != 0) {
1127 log("wtmp_get_entry: couldn't stat %s: %s", 1127 logit("wtmp_get_entry: couldn't stat %s: %s",
1128 WTMP_FILE, strerror(errno)); 1128 WTMP_FILE, strerror(errno));
1129 close(fd); 1129 close(fd);
1130 return 0; 1130 return 0;
@@ -1139,7 +1139,7 @@ wtmp_get_entry(struct logininfo *li)
1139 1139
1140 while (!found) { 1140 while (!found) {
1141 if (atomicio(read, fd, &ut, sizeof(ut)) != sizeof(ut)) { 1141 if (atomicio(read, fd, &ut, sizeof(ut)) != sizeof(ut)) {
1142 log("wtmp_get_entry: read of %s failed: %s", 1142 logit("wtmp_get_entry: read of %s failed: %s",
1143 WTMP_FILE, strerror(errno)); 1143 WTMP_FILE, strerror(errno));
1144 close (fd); 1144 close (fd);
1145 return 0; 1145 return 0;
@@ -1192,7 +1192,7 @@ wtmpx_write(struct logininfo *li, struct utmpx *utx)
1192 int fd, ret = 1; 1192 int fd, ret = 1;
1193 1193
1194 if ((fd = open(WTMPX_FILE, O_WRONLY|O_APPEND, 0)) < 0) { 1194 if ((fd = open(WTMPX_FILE, O_WRONLY|O_APPEND, 0)) < 0) {
1195 log("wtmpx_write: problem opening %s: %s", 1195 logit("wtmpx_write: problem opening %s: %s",
1196 WTMPX_FILE, strerror(errno)); 1196 WTMPX_FILE, strerror(errno));
1197 return 0; 1197 return 0;
1198 } 1198 }
@@ -1200,7 +1200,7 @@ wtmpx_write(struct logininfo *li, struct utmpx *utx)
1200 if (fstat(fd, &buf) == 0) 1200 if (fstat(fd, &buf) == 0)
1201 if (atomicio(write, fd, utx, sizeof(*utx)) != sizeof(*utx)) { 1201 if (atomicio(write, fd, utx, sizeof(*utx)) != sizeof(*utx)) {
1202 ftruncate(fd, buf.st_size); 1202 ftruncate(fd, buf.st_size);
1203 log("wtmpx_write: problem writing %s: %s", 1203 logit("wtmpx_write: problem writing %s: %s",
1204 WTMPX_FILE, strerror(errno)); 1204 WTMPX_FILE, strerror(errno));
1205 ret = 0; 1205 ret = 0;
1206 } 1206 }
@@ -1239,7 +1239,7 @@ wtmpx_write_entry(struct logininfo *li)
1239 case LTYPE_LOGOUT: 1239 case LTYPE_LOGOUT:
1240 return wtmpx_perform_logout(li); 1240 return wtmpx_perform_logout(li);
1241 default: 1241 default:
1242 log("wtmpx_write_entry: invalid type field"); 1242 logit("wtmpx_write_entry: invalid type field");
1243 return 0; 1243 return 0;
1244 } 1244 }
1245} 1245}
@@ -1275,12 +1275,12 @@ wtmpx_get_entry(struct logininfo *li)
1275 li->tv_sec = li->tv_usec = 0; 1275 li->tv_sec = li->tv_usec = 0;
1276 1276
1277 if ((fd = open(WTMPX_FILE, O_RDONLY)) < 0) { 1277 if ((fd = open(WTMPX_FILE, O_RDONLY)) < 0) {
1278 log("wtmpx_get_entry: problem opening %s: %s", 1278 logit("wtmpx_get_entry: problem opening %s: %s",
1279 WTMPX_FILE, strerror(errno)); 1279 WTMPX_FILE, strerror(errno));
1280 return 0; 1280 return 0;
1281 } 1281 }
1282 if (fstat(fd, &st) != 0) { 1282 if (fstat(fd, &st) != 0) {
1283 log("wtmpx_get_entry: couldn't stat %s: %s", 1283 logit("wtmpx_get_entry: couldn't stat %s: %s",
1284 WTMPX_FILE, strerror(errno)); 1284 WTMPX_FILE, strerror(errno));
1285 close(fd); 1285 close(fd);
1286 return 0; 1286 return 0;
@@ -1295,7 +1295,7 @@ wtmpx_get_entry(struct logininfo *li)
1295 1295
1296 while (!found) { 1296 while (!found) {
1297 if (atomicio(read, fd, &utx, sizeof(utx)) != sizeof(utx)) { 1297 if (atomicio(read, fd, &utx, sizeof(utx)) != sizeof(utx)) {
1298 log("wtmpx_get_entry: read of %s failed: %s", 1298 logit("wtmpx_get_entry: read of %s failed: %s",
1299 WTMPX_FILE, strerror(errno)); 1299 WTMPX_FILE, strerror(errno));
1300 close (fd); 1300 close (fd);
1301 return 0; 1301 return 0;
@@ -1340,7 +1340,7 @@ syslogin_perform_login(struct logininfo *li)
1340 struct utmp *ut; 1340 struct utmp *ut;
1341 1341
1342 if (! (ut = (struct utmp *)malloc(sizeof(*ut)))) { 1342 if (! (ut = (struct utmp *)malloc(sizeof(*ut)))) {
1343 log("syslogin_perform_login: couldn't malloc()"); 1343 logit("syslogin_perform_login: couldn't malloc()");
1344 return 0; 1344 return 0;
1345 } 1345 }
1346 construct_utmp(li, ut); 1346 construct_utmp(li, ut);
@@ -1359,7 +1359,7 @@ syslogin_perform_logout(struct logininfo *li)
1359 (void)line_stripname(line, li->line, sizeof(line)); 1359 (void)line_stripname(line, li->line, sizeof(line));
1360 1360
1361 if (!logout(line)) { 1361 if (!logout(line)) {
1362 log("syslogin_perform_logout: logout() returned an error"); 1362 logit("syslogin_perform_logout: logout() returned an error");
1363# ifdef HAVE_LOGWTMP 1363# ifdef HAVE_LOGWTMP
1364 } else { 1364 } else {
1365 logwtmp(line, "", ""); 1365 logwtmp(line, "", "");
@@ -1382,7 +1382,7 @@ syslogin_write_entry(struct logininfo *li)
1382 case LTYPE_LOGOUT: 1382 case LTYPE_LOGOUT:
1383 return syslogin_perform_logout(li); 1383 return syslogin_perform_logout(li);
1384 default: 1384 default:
1385 log("syslogin_write_entry: Invalid type field"); 1385 logit("syslogin_write_entry: Invalid type field");
1386 return 0; 1386 return 0;
1387 } 1387 }
1388} 1388}
@@ -1417,7 +1417,7 @@ lastlog_filetype(char *filename)
1417 struct stat st; 1417 struct stat st;
1418 1418
1419 if (stat(LASTLOG_FILE, &st) != 0) { 1419 if (stat(LASTLOG_FILE, &st) != 0) {
1420 log("lastlog_perform_login: Couldn't stat %s: %s", LASTLOG_FILE, 1420 logit("lastlog_perform_login: Couldn't stat %s: %s", LASTLOG_FILE,
1421 strerror(errno)); 1421 strerror(errno));
1422 return 0; 1422 return 0;
1423 } 1423 }
@@ -1448,7 +1448,7 @@ lastlog_openseek(struct logininfo *li, int *fd, int filemode)
1448 LASTLOG_FILE, li->username); 1448 LASTLOG_FILE, li->username);
1449 break; 1449 break;
1450 default: 1450 default:
1451 log("lastlog_openseek: %.100s is not a file or directory!", 1451 logit("lastlog_openseek: %.100s is not a file or directory!",
1452 LASTLOG_FILE); 1452 LASTLOG_FILE);
1453 return 0; 1453 return 0;
1454 } 1454 }
@@ -1465,7 +1465,7 @@ lastlog_openseek(struct logininfo *li, int *fd, int filemode)
1465 offset = (off_t) ((long)li->uid * sizeof(struct lastlog)); 1465 offset = (off_t) ((long)li->uid * sizeof(struct lastlog));
1466 1466
1467 if ( lseek(*fd, offset, SEEK_SET) != offset ) { 1467 if ( lseek(*fd, offset, SEEK_SET) != offset ) {
1468 log("lastlog_openseek: %s->lseek(): %s", 1468 logit("lastlog_openseek: %s->lseek(): %s",
1469 lastlog_file, strerror(errno)); 1469 lastlog_file, strerror(errno));
1470 return 0; 1470 return 0;
1471 } 1471 }
@@ -1489,7 +1489,7 @@ lastlog_perform_login(struct logininfo *li)
1489 /* write the entry */ 1489 /* write the entry */
1490 if (atomicio(write, fd, &last, sizeof(last)) != sizeof(last)) { 1490 if (atomicio(write, fd, &last, sizeof(last)) != sizeof(last)) {
1491 close(fd); 1491 close(fd);
1492 log("lastlog_write_filemode: Error writing to %s: %s", 1492 logit("lastlog_write_filemode: Error writing to %s: %s",
1493 LASTLOG_FILE, strerror(errno)); 1493 LASTLOG_FILE, strerror(errno));
1494 return 0; 1494 return 0;
1495 } 1495 }
@@ -1505,7 +1505,7 @@ lastlog_write_entry(struct logininfo *li)
1505 case LTYPE_LOGIN: 1505 case LTYPE_LOGIN:
1506 return lastlog_perform_login(li); 1506 return lastlog_perform_login(li);
1507 default: 1507 default:
1508 log("lastlog_write_entry: Invalid type field"); 1508 logit("lastlog_write_entry: Invalid type field");
1509 return 0; 1509 return 0;
1510 } 1510 }
1511} 1511}
diff --git a/monitor.c b/monitor.c
index 4cd10a108..46db0e9b0 100644
--- a/monitor.c
+++ b/monitor.c
@@ -870,7 +870,7 @@ monitor_valid_userblob(u_char *data, u_int datalen)
870 fail++; 870 fail++;
871 p = buffer_get_string(&b, NULL); 871 p = buffer_get_string(&b, NULL);
872 if (strcmp(authctxt->user, p) != 0) { 872 if (strcmp(authctxt->user, p) != 0) {
873 log("wrong user name passed to monitor: expected %s != %.100s", 873 logit("wrong user name passed to monitor: expected %s != %.100s",
874 authctxt->user, p); 874 authctxt->user, p);
875 fail++; 875 fail++;
876 } 876 }
@@ -918,7 +918,7 @@ monitor_valid_hostbasedblob(u_char *data, u_int datalen, char *cuser,
918 fail++; 918 fail++;
919 p = buffer_get_string(&b, NULL); 919 p = buffer_get_string(&b, NULL);
920 if (strcmp(authctxt->user, p) != 0) { 920 if (strcmp(authctxt->user, p) != 0) {
921 log("wrong user name passed to monitor: expected %s != %.100s", 921 logit("wrong user name passed to monitor: expected %s != %.100s",
922 authctxt->user, p); 922 authctxt->user, p);
923 fail++; 923 fail++;
924 } 924 }
diff --git a/nchan.c b/nchan.c
index bce7325b3..c358e6aaa 100644
--- a/nchan.c
+++ b/nchan.c
@@ -451,7 +451,7 @@ chan_shutdown_write(Channel *c)
451 c->self, c->sock, strerror(errno)); 451 c->self, c->sock, strerror(errno));
452 } else { 452 } else {
453 if (channel_close_fd(&c->wfd) < 0) 453 if (channel_close_fd(&c->wfd) < 0)
454 log("channel %d: chan_shutdown_write: " 454 logit("channel %d: chan_shutdown_write: "
455 "close() failed for fd%d: %.100s", 455 "close() failed for fd%d: %.100s",
456 c->self, c->wfd, strerror(errno)); 456 c->self, c->wfd, strerror(errno));
457 } 457 }
@@ -476,7 +476,7 @@ chan_shutdown_read(Channel *c)
476 strerror(errno)); 476 strerror(errno));
477 } else { 477 } else {
478 if (channel_close_fd(&c->rfd) < 0) 478 if (channel_close_fd(&c->rfd) < 0)
479 log("channel %d: chan_shutdown_read: " 479 logit("channel %d: chan_shutdown_read: "
480 "close() failed for fd%d: %.100s", 480 "close() failed for fd%d: %.100s",
481 c->self, c->rfd, strerror(errno)); 481 c->self, c->rfd, strerror(errno));
482 } 482 }
diff --git a/packet.c b/packet.c
index 9887d25af..81e402232 100644
--- a/packet.c
+++ b/packet.c
@@ -744,7 +744,7 @@ packet_send2_wrapped(void)
744#endif 744#endif
745 /* increment sequence number for outgoing packets */ 745 /* increment sequence number for outgoing packets */
746 if (++p_send.seqnr == 0) 746 if (++p_send.seqnr == 0)
747 log("outgoing seqnr wraps around"); 747 logit("outgoing seqnr wraps around");
748 if (++p_send.packets == 0) 748 if (++p_send.packets == 0)
749 if (!(datafellows & SSH_BUG_NOREKEY)) 749 if (!(datafellows & SSH_BUG_NOREKEY))
750 fatal("XXX too many packets with same key"); 750 fatal("XXX too many packets with same key");
@@ -862,7 +862,7 @@ packet_read_seqnr(u_int32_t *seqnr_p)
862 /* Read data from the socket. */ 862 /* Read data from the socket. */
863 len = read(connection_in, buf, sizeof(buf)); 863 len = read(connection_in, buf, sizeof(buf));
864 if (len == 0) { 864 if (len == 0) {
865 log("Connection closed by %.200s", get_remote_ipaddr()); 865 logit("Connection closed by %.200s", get_remote_ipaddr());
866 fatal_cleanup(); 866 fatal_cleanup();
867 } 867 }
868 if (len < 0) 868 if (len < 0)
@@ -1055,7 +1055,7 @@ packet_read_poll2(u_int32_t *seqnr_p)
1055 if (seqnr_p != NULL) 1055 if (seqnr_p != NULL)
1056 *seqnr_p = p_read.seqnr; 1056 *seqnr_p = p_read.seqnr;
1057 if (++p_read.seqnr == 0) 1057 if (++p_read.seqnr == 0)
1058 log("incoming seqnr wraps around"); 1058 logit("incoming seqnr wraps around");
1059 if (++p_read.packets == 0) 1059 if (++p_read.packets == 0)
1060 if (!(datafellows & SSH_BUG_NOREKEY)) 1060 if (!(datafellows & SSH_BUG_NOREKEY))
1061 fatal("XXX too many packets with same key"); 1061 fatal("XXX too many packets with same key");
@@ -1124,7 +1124,7 @@ packet_read_poll_seqnr(u_int32_t *seqnr_p)
1124 case SSH2_MSG_DISCONNECT: 1124 case SSH2_MSG_DISCONNECT:
1125 reason = packet_get_int(); 1125 reason = packet_get_int();
1126 msg = packet_get_string(NULL); 1126 msg = packet_get_string(NULL);
1127 log("Received disconnect from %s: %u: %.400s", 1127 logit("Received disconnect from %s: %u: %.400s",
1128 get_remote_ipaddr(), reason, msg); 1128 get_remote_ipaddr(), reason, msg);
1129 xfree(msg); 1129 xfree(msg);
1130 fatal_cleanup(); 1130 fatal_cleanup();
@@ -1150,7 +1150,7 @@ packet_read_poll_seqnr(u_int32_t *seqnr_p)
1150 break; 1150 break;
1151 case SSH_MSG_DISCONNECT: 1151 case SSH_MSG_DISCONNECT:
1152 msg = packet_get_string(NULL); 1152 msg = packet_get_string(NULL);
1153 log("Received disconnect from %s: %.400s", 1153 logit("Received disconnect from %s: %.400s",
1154 get_remote_ipaddr(), msg); 1154 get_remote_ipaddr(), msg);
1155 fatal_cleanup(); 1155 fatal_cleanup();
1156 xfree(msg); 1156 xfree(msg);
@@ -1309,7 +1309,7 @@ packet_disconnect(const char *fmt,...)
1309 va_end(args); 1309 va_end(args);
1310 1310
1311 /* Display the error locally */ 1311 /* Display the error locally */
1312 log("Disconnecting: %.100s", buf); 1312 logit("Disconnecting: %.100s", buf);
1313 1313
1314 /* Send the disconnect message to the other side, and wait for it to get sent. */ 1314 /* Send the disconnect message to the other side, and wait for it to get sent. */
1315 if (compat20) { 1315 if (compat20) {
@@ -1451,12 +1451,12 @@ packet_set_maxsize(int s)
1451 static int called = 0; 1451 static int called = 0;
1452 1452
1453 if (called) { 1453 if (called) {
1454 log("packet_set_maxsize: called twice: old %d new %d", 1454 logit("packet_set_maxsize: called twice: old %d new %d",
1455 max_packet_size, s); 1455 max_packet_size, s);
1456 return -1; 1456 return -1;
1457 } 1457 }
1458 if (s < 4 * 1024 || s > 1024 * 1024) { 1458 if (s < 4 * 1024 || s > 1024 * 1024) {
1459 log("packet_set_maxsize: bad size %d", s); 1459 logit("packet_set_maxsize: bad size %d", s);
1460 return -1; 1460 return -1;
1461 } 1461 }
1462 called = 1; 1462 called = 1;
diff --git a/packet.h b/packet.h
index 82ed7c747..7b2de6349 100644
--- a/packet.h
+++ b/packet.h
@@ -90,7 +90,7 @@ int packet_set_maxsize(int);
90do { \ 90do { \
91 int _len = packet_remaining(); \ 91 int _len = packet_remaining(); \
92 if (_len > 0) { \ 92 if (_len > 0) { \
93 log("Packet integrity error (%d bytes remaining) at %s:%d", \ 93 logit("Packet integrity error (%d bytes remaining) at %s:%d", \
94 _len ,__FILE__, __LINE__); \ 94 _len ,__FILE__, __LINE__); \
95 packet_disconnect("Packet integrity error."); \ 95 packet_disconnect("Packet integrity error."); \
96 } \ 96 } \
diff --git a/scard-opensc.c b/scard-opensc.c
index dd21de39a..e91bc25ba 100644
--- a/scard-opensc.c
+++ b/scard-opensc.c
@@ -321,7 +321,7 @@ sc_read_pubkey(Key * k, const struct sc_pkcs15_object *cert_obj)
321 debug("sc_read_pubkey() with cert id %02X", cinfo->id.value[0]); 321 debug("sc_read_pubkey() with cert id %02X", cinfo->id.value[0]);
322 r = sc_pkcs15_read_certificate(p15card, cinfo, &cert); 322 r = sc_pkcs15_read_certificate(p15card, cinfo, &cert);
323 if (r) { 323 if (r) {
324 log("Certificate read failed: %s", sc_strerror(r)); 324 logit("Certificate read failed: %s", sc_strerror(r));
325 goto err; 325 goto err;
326 } 326 }
327 x509 = X509_new(); 327 x509 = X509_new();
@@ -331,7 +331,7 @@ sc_read_pubkey(Key * k, const struct sc_pkcs15_object *cert_obj)
331 } 331 }
332 p = cert->data; 332 p = cert->data;
333 if (!d2i_X509(&x509, &p, cert->data_len)) { 333 if (!d2i_X509(&x509, &p, cert->data_len)) {
334 log("Unable to parse X.509 certificate"); 334 logit("Unable to parse X.509 certificate");
335 r = -1; 335 r = -1;
336 goto err; 336 goto err;
337 } 337 }
@@ -341,7 +341,7 @@ sc_read_pubkey(Key * k, const struct sc_pkcs15_object *cert_obj)
341 X509_free(x509); 341 X509_free(x509);
342 x509 = NULL; 342 x509 = NULL;
343 if (pubkey->type != EVP_PKEY_RSA) { 343 if (pubkey->type != EVP_PKEY_RSA) {
344 log("Public key is of unknown type"); 344 logit("Public key is of unknown type");
345 r = -1; 345 r = -1;
346 goto err; 346 goto err;
347 } 347 }
@@ -413,7 +413,7 @@ sc_get_keys(const char *id, const char *pin)
413 r = sc_pkcs15_get_objects(p15card, SC_PKCS15_TYPE_CERT_X509, 413 r = sc_pkcs15_get_objects(p15card, SC_PKCS15_TYPE_CERT_X509,
414 certs, 32); 414 certs, 32);
415 if (r == 0) { 415 if (r == 0) {
416 log("No certificates found on smartcard"); 416 logit("No certificates found on smartcard");
417 r = -1; 417 r = -1;
418 goto err; 418 goto err;
419 } else if (r < 0) { 419 } else if (r < 0) {
diff --git a/scard.c b/scard.c
index 9791938c0..d23aa5b52 100644
--- a/scard.c
+++ b/scard.c
@@ -526,7 +526,7 @@ sc_put_key(Key *prv, const char *id)
526 } 526 }
527 if (!sectok_swOK(sw)) 527 if (!sectok_swOK(sw))
528 goto done; 528 goto done;
529 log("cyberflex_load_rsa_priv done"); 529 logit("cyberflex_load_rsa_priv done");
530 key_fid[0] = 0x73; 530 key_fid[0] = 0x73;
531 key_fid[1] = 0x68; 531 key_fid[1] = 0x68;
532 if (cyberflex_load_rsa_pub(fd, cla, key_fid, len, elements[5], 532 if (cyberflex_load_rsa_pub(fd, cla, key_fid, len, elements[5],
@@ -536,7 +536,7 @@ sc_put_key(Key *prv, const char *id)
536 } 536 }
537 if (!sectok_swOK(sw)) 537 if (!sectok_swOK(sw))
538 goto done; 538 goto done;
539 log("cyberflex_load_rsa_pub done"); 539 logit("cyberflex_load_rsa_pub done");
540 status = 0; 540 status = 0;
541 541
542done: 542done:
diff --git a/servconf.c b/servconf.c
index 2510659ee..c6fe371b2 100644
--- a/servconf.c
+++ b/servconf.c
@@ -910,7 +910,7 @@ parse_flag:
910 goto parse_int; 910 goto parse_int;
911 911
912 case sDeprecated: 912 case sDeprecated:
913 log("%s line %d: Deprecated option %s", 913 logit("%s line %d: Deprecated option %s",
914 filename, linenum, arg); 914 filename, linenum, arg);
915 while (arg) 915 while (arg)
916 arg = strdelim(&cp); 916 arg = strdelim(&cp);
diff --git a/session.c b/session.c
index c75fea966..9e1dd914a 100644
--- a/session.c
+++ b/session.c
@@ -412,7 +412,7 @@ do_authenticated1(Authctxt *authctxt)
412 * Any unknown messages in this phase are ignored, 412 * Any unknown messages in this phase are ignored,
413 * and a failure message is returned. 413 * and a failure message is returned.
414 */ 414 */
415 log("Unknown packet type received after authentication: %d", type); 415 logit("Unknown packet type received after authentication: %d", type);
416 } 416 }
417 packet_start(success ? SSH_SMSG_SUCCESS : SSH_SMSG_FAILURE); 417 packet_start(success ? SSH_SMSG_SUCCESS : SSH_SMSG_FAILURE);
418 packet_send(); 418 packet_send();
@@ -1192,7 +1192,7 @@ do_nologin(struct passwd *pw)
1192#endif 1192#endif
1193 if (f) { 1193 if (f) {
1194 /* /etc/nologin exists. Print its contents and exit. */ 1194 /* /etc/nologin exists. Print its contents and exit. */
1195 log("User %.100s not allowed because %s exists", 1195 logit("User %.100s not allowed because %s exists",
1196 pw->pw_name, _PATH_NOLOGIN); 1196 pw->pw_name, _PATH_NOLOGIN);
1197 while (fgets(buf, sizeof(buf), f)) 1197 while (fgets(buf, sizeof(buf), f))
1198 fputs(buf, stderr); 1198 fputs(buf, stderr);
@@ -1672,7 +1672,7 @@ session_subsystem_req(Session *s)
1672 int i; 1672 int i;
1673 1673
1674 packet_check_eom(); 1674 packet_check_eom();
1675 log("subsystem request for %.100s", subsys); 1675 logit("subsystem request for %.100s", subsys);
1676 1676
1677 for (i = 0; i < options.num_subsystems; i++) { 1677 for (i = 0; i < options.num_subsystems; i++) {
1678 if (strcmp(subsys, options.subsystem_name[i]) == 0) { 1678 if (strcmp(subsys, options.subsystem_name[i]) == 0) {
@@ -1691,7 +1691,7 @@ session_subsystem_req(Session *s)
1691 } 1691 }
1692 1692
1693 if (!success) 1693 if (!success)
1694 log("subsystem request for %.100s failed, subsystem not found", 1694 logit("subsystem request for %.100s failed, subsystem not found",
1695 subsys); 1695 subsys);
1696 1696
1697 xfree(subsys); 1697 xfree(subsys);
@@ -1762,7 +1762,7 @@ session_input_channel_req(Channel *c, const char *rtype)
1762 Session *s; 1762 Session *s;
1763 1763
1764 if ((s = session_by_channel(c->self)) == NULL) { 1764 if ((s = session_by_channel(c->self)) == NULL) {
1765 log("session_input_channel_req: no session %d req %.100s", 1765 logit("session_input_channel_req: no session %d req %.100s",
1766 c->self, rtype); 1766 c->self, rtype);
1767 return 0; 1767 return 0;
1768 } 1768 }
diff --git a/sftp-client.c b/sftp-client.c
index 3b3279e65..4ad6be8bd 100644
--- a/sftp-client.c
+++ b/sftp-client.c
@@ -507,7 +507,7 @@ do_lstat(struct sftp_conn *conn, char *path, int quiet)
507 if (quiet) 507 if (quiet)
508 debug("Server version does not support lstat operation"); 508 debug("Server version does not support lstat operation");
509 else 509 else
510 log("Server version does not support lstat operation"); 510 logit("Server version does not support lstat operation");
511 return(do_stat(conn, path, quiet)); 511 return(do_stat(conn, path, quiet));
512 } 512 }
513 513
diff --git a/sftp-server.c b/sftp-server.c
index 9a66b4de7..9c332ec86 100644
--- a/sftp-server.c
+++ b/sftp-server.c
@@ -442,7 +442,7 @@ process_read(void)
442 (u_int64_t)off, len); 442 (u_int64_t)off, len);
443 if (len > sizeof buf) { 443 if (len > sizeof buf) {
444 len = sizeof buf; 444 len = sizeof buf;
445 log("read change len %d", len); 445 logit("read change len %d", len);
446 } 446 }
447 fd = handle_to_fd(handle); 447 fd = handle_to_fd(handle);
448 if (fd >= 0) { 448 if (fd >= 0) {
@@ -495,7 +495,7 @@ process_write(void)
495 } else if (ret == len) { 495 } else if (ret == len) {
496 status = SSH2_FX_OK; 496 status = SSH2_FX_OK;
497 } else { 497 } else {
498 log("nothing at all written"); 498 logit("nothing at all written");
499 } 499 }
500 } 500 }
501 } 501 }
diff --git a/ssh-agent.c b/ssh-agent.c
index eb593de73..5dee9df45 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -261,7 +261,7 @@ process_authentication_challenge1(SocketEntry *e)
261 /* The response is MD5 of decrypted challenge plus session id. */ 261 /* The response is MD5 of decrypted challenge plus session id. */
262 len = BN_num_bytes(challenge); 262 len = BN_num_bytes(challenge);
263 if (len <= 0 || len > 32) { 263 if (len <= 0 || len > 32) {
264 log("process_authentication_challenge: bad challenge length %d", len); 264 logit("process_authentication_challenge: bad challenge length %d", len);
265 goto failure; 265 goto failure;
266 } 266 }
267 memset(buf, 0, 32); 267 memset(buf, 0, 32);
@@ -350,7 +350,7 @@ process_remove_identity(SocketEntry *e, int version)
350 buffer_get_bignum(&e->request, key->rsa->n); 350 buffer_get_bignum(&e->request, key->rsa->n);
351 351
352 if (bits != key_size(key)) 352 if (bits != key_size(key))
353 log("Warning: identity keysize mismatch: actual %u, announced %u", 353 logit("Warning: identity keysize mismatch: actual %u, announced %u",
354 key_size(key), bits); 354 key_size(key), bits);
355 break; 355 break;
356 case 2: 356 case 2:
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 6a872bcfd..a264f099f 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -415,7 +415,7 @@ do_upload(struct passwd *pw, const char *sc_reader_id)
415 key_free(prv); 415 key_free(prv);
416 if (ret < 0) 416 if (ret < 0)
417 exit(1); 417 exit(1);
418 log("loading key done"); 418 logit("loading key done");
419 exit(0); 419 exit(0);
420} 420}
421 421
diff --git a/ssh.c b/ssh.c
index 720604394..21bfc56e3 100644
--- a/ssh.c
+++ b/ssh.c
@@ -253,7 +253,7 @@ main(int ac, char **av)
253 /* Get user data. */ 253 /* Get user data. */
254 pw = getpwuid(original_real_uid); 254 pw = getpwuid(original_real_uid);
255 if (!pw) { 255 if (!pw) {
256 log("You don't exist, go away!"); 256 logit("You don't exist, go away!");
257 exit(1); 257 exit(1);
258 } 258 }
259 /* Take a copy of the returned structure. */ 259 /* Take a copy of the returned structure. */
@@ -559,7 +559,7 @@ again:
559 /* Do not allocate a tty if stdin is not a tty. */ 559 /* Do not allocate a tty if stdin is not a tty. */
560 if (!isatty(fileno(stdin)) && !force_tty_flag) { 560 if (!isatty(fileno(stdin)) && !force_tty_flag) {
561 if (tty_flag) 561 if (tty_flag)
562 log("Pseudo-terminal will not be allocated because stdin is not a terminal."); 562 logit("Pseudo-terminal will not be allocated because stdin is not a terminal.");
563 tty_flag = 0; 563 tty_flag = 0;
564 } 564 }
565 565
@@ -793,7 +793,7 @@ x11_get_proto(char **_proto, char **_data)
793 if (!got_data) { 793 if (!got_data) {
794 u_int32_t rand = 0; 794 u_int32_t rand = 0;
795 795
796 log("Warning: No xauth data; using fake authentication data for X11 forwarding."); 796 logit("Warning: No xauth data; using fake authentication data for X11 forwarding.");
797 strlcpy(proto, "MIT-MAGIC-COOKIE-1", sizeof proto); 797 strlcpy(proto, "MIT-MAGIC-COOKIE-1", sizeof proto);
798 for (i = 0; i < 16; i++) { 798 for (i = 0; i < 16; i++) {
799 if (i % 4 == 0) 799 if (i % 4 == 0)
@@ -873,7 +873,7 @@ ssh_session(void)
873 if (type == SSH_SMSG_SUCCESS) 873 if (type == SSH_SMSG_SUCCESS)
874 packet_start_compression(options.compression_level); 874 packet_start_compression(options.compression_level);
875 else if (type == SSH_SMSG_FAILURE) 875 else if (type == SSH_SMSG_FAILURE)
876 log("Warning: Remote host refused compression."); 876 logit("Warning: Remote host refused compression.");
877 else 877 else
878 packet_disconnect("Protocol error waiting for compression response."); 878 packet_disconnect("Protocol error waiting for compression response.");
879 } 879 }
@@ -912,7 +912,7 @@ ssh_session(void)
912 interactive = 1; 912 interactive = 1;
913 have_tty = 1; 913 have_tty = 1;
914 } else if (type == SSH_SMSG_FAILURE) 914 } else if (type == SSH_SMSG_FAILURE)
915 log("Warning: Remote host failed or refused to allocate a pseudo tty."); 915 logit("Warning: Remote host failed or refused to allocate a pseudo tty.");
916 else 916 else
917 packet_disconnect("Protocol error waiting for pty request response."); 917 packet_disconnect("Protocol error waiting for pty request response.");
918 } 918 }
@@ -930,7 +930,7 @@ ssh_session(void)
930 if (type == SSH_SMSG_SUCCESS) { 930 if (type == SSH_SMSG_SUCCESS) {
931 interactive = 1; 931 interactive = 1;
932 } else if (type == SSH_SMSG_FAILURE) { 932 } else if (type == SSH_SMSG_FAILURE) {
933 log("Warning: Remote host denied X11 forwarding."); 933 logit("Warning: Remote host denied X11 forwarding.");
934 } else { 934 } else {
935 packet_disconnect("Protocol error waiting for X11 forwarding"); 935 packet_disconnect("Protocol error waiting for X11 forwarding");
936 } 936 }
@@ -949,7 +949,7 @@ ssh_session(void)
949 type = packet_read(); 949 type = packet_read();
950 packet_check_eom(); 950 packet_check_eom();
951 if (type != SSH_SMSG_SUCCESS) 951 if (type != SSH_SMSG_SUCCESS)
952 log("Warning: Remote host denied authentication agent forwarding."); 952 logit("Warning: Remote host denied authentication agent forwarding.");
953 } 953 }
954 954
955 /* Initiate port forwardings. */ 955 /* Initiate port forwardings. */
@@ -1017,7 +1017,7 @@ client_global_request_reply(int type, u_int32_t seq, void *ctxt)
1017 options.remote_forwards[i].host, 1017 options.remote_forwards[i].host,
1018 options.remote_forwards[i].host_port); 1018 options.remote_forwards[i].host_port);
1019 if (type == SSH2_MSG_REQUEST_FAILURE) 1019 if (type == SSH2_MSG_REQUEST_FAILURE)
1020 log("Warning: remote port forwarding failed for listen port %d", 1020 logit("Warning: remote port forwarding failed for listen port %d",
1021 options.remote_forwards[i].port); 1021 options.remote_forwards[i].port);
1022} 1022}
1023 1023
diff --git a/sshconnect.c b/sshconnect.c
index dae25969a..b0ba3f0c6 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -332,7 +332,7 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
332 332
333 /* Return failure if we didn't get a successful connection. */ 333 /* Return failure if we didn't get a successful connection. */
334 if (attempt >= connection_attempts) { 334 if (attempt >= connection_attempts) {
335 log("ssh: connect to host %s port %s: %s", 335 logit("ssh: connect to host %s port %s: %s",
336 host, strport, strerror(errno)); 336 host, strport, strerror(errno));
337 return full_failure ? ECONNABORTED : ECONNREFUSED; 337 return full_failure ? ECONNABORTED : ECONNREFUSED;
338 } 338 }
@@ -421,7 +421,7 @@ ssh_exchange_identification(void)
421 enable_compat13(); 421 enable_compat13();
422 minor1 = 3; 422 minor1 = 3;
423 if (options.forward_agent) { 423 if (options.forward_agent) {
424 log("Agent forwarding disabled for protocol 1.3"); 424 logit("Agent forwarding disabled for protocol 1.3");
425 options.forward_agent = 0; 425 options.forward_agent = 0;
426 } 426 }
427 } 427 }
@@ -612,16 +612,16 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
612 debug("Found key in %s:%d", host_file, host_line); 612 debug("Found key in %s:%d", host_file, host_line);
613 if (options.check_host_ip && ip_status == HOST_NEW) { 613 if (options.check_host_ip && ip_status == HOST_NEW) {
614 if (readonly) 614 if (readonly)
615 log("%s host key for IP address " 615 logit("%s host key for IP address "
616 "'%.128s' not in list of known hosts.", 616 "'%.128s' not in list of known hosts.",
617 type, ip); 617 type, ip);
618 else if (!add_host_to_hostfile(user_hostfile, ip, 618 else if (!add_host_to_hostfile(user_hostfile, ip,
619 host_key)) 619 host_key))
620 log("Failed to add the %s host key for IP " 620 logit("Failed to add the %s host key for IP "
621 "address '%.128s' to the list of known " 621 "address '%.128s' to the list of known "
622 "hosts (%.30s).", type, ip, user_hostfile); 622 "hosts (%.30s).", type, ip, user_hostfile);
623 else 623 else
624 log("Warning: Permanently added the %s host " 624 logit("Warning: Permanently added the %s host "
625 "key for IP address '%.128s' to the list " 625 "key for IP address '%.128s' to the list "
626 "of known hosts.", type, ip); 626 "of known hosts.", type, ip);
627 } 627 }
@@ -668,10 +668,10 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
668 * local known_hosts file. 668 * local known_hosts file.
669 */ 669 */
670 if (!add_host_to_hostfile(user_hostfile, hostp, host_key)) 670 if (!add_host_to_hostfile(user_hostfile, hostp, host_key))
671 log("Failed to add the host to the list of known " 671 logit("Failed to add the host to the list of known "
672 "hosts (%.500s).", user_hostfile); 672 "hosts (%.500s).", user_hostfile);
673 else 673 else
674 log("Warning: Permanently added '%.200s' (%s) to the " 674 logit("Warning: Permanently added '%.200s' (%s) to the "
675 "list of known hosts.", hostp, type); 675 "list of known hosts.", hostp, type);
676 break; 676 break;
677 case HOST_CHANGED: 677 case HOST_CHANGED:
@@ -774,7 +774,7 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
774 host_file, host_line); 774 host_file, host_line);
775 } 775 }
776 if (options.strict_host_key_checking == 1) { 776 if (options.strict_host_key_checking == 1) {
777 log(msg); 777 logit(msg);
778 error("Exiting, you have requested strict checking."); 778 error("Exiting, you have requested strict checking.");
779 goto fail; 779 goto fail;
780 } else if (options.strict_host_key_checking == 2) { 780 } else if (options.strict_host_key_checking == 2) {
@@ -783,7 +783,7 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
783 if (!confirm(msg)) 783 if (!confirm(msg))
784 goto fail; 784 goto fail;
785 } else { 785 } else {
786 log(msg); 786 logit(msg);
787 } 787 }
788 } 788 }
789 789
@@ -881,7 +881,7 @@ show_key_from_file(const char *file, const char *host, int keytype)
881 if ((ret = lookup_key_in_hostfile_by_type(file, host, 881 if ((ret = lookup_key_in_hostfile_by_type(file, host,
882 keytype, found, &line))) { 882 keytype, found, &line))) {
883 fp = key_fingerprint(found, SSH_FP_MD5, SSH_FP_HEX); 883 fp = key_fingerprint(found, SSH_FP_MD5, SSH_FP_HEX);
884 log("WARNING: %s key found for host %s\n" 884 logit("WARNING: %s key found for host %s\n"
885 "in %s:%d\n" 885 "in %s:%d\n"
886 "%s key fingerprint %s.", 886 "%s key fingerprint %s.",
887 key_type(found), host, file, line, 887 key_type(found), host, file, line,
diff --git a/sshconnect1.c b/sshconnect1.c
index 2fc9a981a..491b4f67d 100644
--- a/sshconnect1.c
+++ b/sshconnect1.c
@@ -122,7 +122,7 @@ try_agent_authentication(void)
122 * although it advertised it supports this. Just 122 * although it advertised it supports this. Just
123 * return a wrong value. 123 * return a wrong value.
124 */ 124 */
125 log("Authentication agent failed to decrypt challenge."); 125 logit("Authentication agent failed to decrypt challenge.");
126 memset(response, 0, sizeof(response)); 126 memset(response, 0, sizeof(response));
127 } 127 }
128 key_free(key); 128 key_free(key);
@@ -890,7 +890,7 @@ try_challenge_response_authentication(void)
890 if (i != 0) 890 if (i != 0)
891 error("Permission denied, please try again."); 891 error("Permission denied, please try again.");
892 if (options.cipher == SSH_CIPHER_NONE) 892 if (options.cipher == SSH_CIPHER_NONE)
893 log("WARNING: Encryption is disabled! " 893 logit("WARNING: Encryption is disabled! "
894 "Response will be transmitted in clear text."); 894 "Response will be transmitted in clear text.");
895 response = read_passphrase(prompt, 0); 895 response = read_passphrase(prompt, 0);
896 if (strcmp(response, "") == 0) { 896 if (strcmp(response, "") == 0) {
@@ -925,7 +925,7 @@ try_password_authentication(char *prompt)
925 925
926 debug("Doing password authentication."); 926 debug("Doing password authentication.");
927 if (options.cipher == SSH_CIPHER_NONE) 927 if (options.cipher == SSH_CIPHER_NONE)
928 log("WARNING: Encryption is disabled! Password will be transmitted in clear text."); 928 logit("WARNING: Encryption is disabled! Password will be transmitted in clear text.");
929 for (i = 0; i < options.number_of_password_prompts; i++) { 929 for (i = 0; i < options.number_of_password_prompts; i++) {
930 if (i != 0) 930 if (i != 0)
931 error("Permission denied, please try again."); 931 error("Permission denied, please try again.");
@@ -981,9 +981,9 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
981 981
982 rbits = BN_num_bits(server_key->rsa->n); 982 rbits = BN_num_bits(server_key->rsa->n);
983 if (bits != rbits) { 983 if (bits != rbits) {
984 log("Warning: Server lies about size of server public key: " 984 logit("Warning: Server lies about size of server public key: "
985 "actual size is %d bits vs. announced %d.", rbits, bits); 985 "actual size is %d bits vs. announced %d.", rbits, bits);
986 log("Warning: This may be due to an old implementation of ssh."); 986 logit("Warning: This may be due to an old implementation of ssh.");
987 } 987 }
988 /* Get the host key. */ 988 /* Get the host key. */
989 host_key = key_new(KEY_RSA1); 989 host_key = key_new(KEY_RSA1);
@@ -993,9 +993,9 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
993 993
994 rbits = BN_num_bits(host_key->rsa->n); 994 rbits = BN_num_bits(host_key->rsa->n);
995 if (bits != rbits) { 995 if (bits != rbits) {
996 log("Warning: Server lies about size of server host key: " 996 logit("Warning: Server lies about size of server host key: "
997 "actual size is %d bits vs. announced %d.", rbits, bits); 997 "actual size is %d bits vs. announced %d.", rbits, bits);
998 log("Warning: This may be due to an old implementation of ssh."); 998 logit("Warning: This may be due to an old implementation of ssh.");
999 } 999 }
1000 1000
1001 /* Get protocol flags. */ 1001 /* Get protocol flags. */
@@ -1086,7 +1086,7 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
1086 options.cipher = ssh_cipher_default; 1086 options.cipher = ssh_cipher_default;
1087 } else if (options.cipher == SSH_CIPHER_ILLEGAL || 1087 } else if (options.cipher == SSH_CIPHER_ILLEGAL ||
1088 !(cipher_mask_ssh1(1) & (1 << options.cipher))) { 1088 !(cipher_mask_ssh1(1) & (1 << options.cipher))) {
1089 log("No valid SSH1 cipher, using %.100s instead.", 1089 logit("No valid SSH1 cipher, using %.100s instead.",
1090 cipher_name(ssh_cipher_default)); 1090 cipher_name(ssh_cipher_default));
1091 options.cipher = ssh_cipher_default; 1091 options.cipher = ssh_cipher_default;
1092 } 1092 }
@@ -1276,7 +1276,7 @@ ssh_userauth1(const char *local_user, const char *server_user, char *host,
1276 if ((supported_authentications & (1 << SSH_PASS_KERBEROS_TGT)) && 1276 if ((supported_authentications & (1 << SSH_PASS_KERBEROS_TGT)) &&
1277 options.kerberos_tgt_passing && context && auth_context) { 1277 options.kerberos_tgt_passing && context && auth_context) {
1278 if (options.cipher == SSH_CIPHER_NONE) 1278 if (options.cipher == SSH_CIPHER_NONE)
1279 log("WARNING: Encryption is disabled! Ticket will be transmitted in the clear!"); 1279 logit("WARNING: Encryption is disabled! Ticket will be transmitted in the clear!");
1280 send_krb5_tgt(context, auth_context); 1280 send_krb5_tgt(context, auth_context);
1281 } 1281 }
1282 if (auth_context) 1282 if (auth_context)
@@ -1290,14 +1290,14 @@ ssh_userauth1(const char *local_user, const char *server_user, char *host,
1290 if ((supported_authentications & (1 << SSH_PASS_KERBEROS_TGT)) && 1290 if ((supported_authentications & (1 << SSH_PASS_KERBEROS_TGT)) &&
1291 options.kerberos_tgt_passing) { 1291 options.kerberos_tgt_passing) {
1292 if (options.cipher == SSH_CIPHER_NONE) 1292 if (options.cipher == SSH_CIPHER_NONE)
1293 log("WARNING: Encryption is disabled! Ticket will be transmitted in the clear!"); 1293 logit("WARNING: Encryption is disabled! Ticket will be transmitted in the clear!");
1294 send_krb4_tgt(); 1294 send_krb4_tgt();
1295 } 1295 }
1296 /* Try AFS token passing if the server supports it. */ 1296 /* Try AFS token passing if the server supports it. */
1297 if ((supported_authentications & (1 << SSH_PASS_AFS_TOKEN)) && 1297 if ((supported_authentications & (1 << SSH_PASS_AFS_TOKEN)) &&
1298 options.afs_token_passing && k_hasafs()) { 1298 options.afs_token_passing && k_hasafs()) {
1299 if (options.cipher == SSH_CIPHER_NONE) 1299 if (options.cipher == SSH_CIPHER_NONE)
1300 log("WARNING: Encryption is disabled! Token will be transmitted in the clear!"); 1300 logit("WARNING: Encryption is disabled! Token will be transmitted in the clear!");
1301 send_afs_tokens(); 1301 send_afs_tokens();
1302 } 1302 }
1303#endif /* AFS */ 1303#endif /* AFS */
diff --git a/sshconnect2.c b/sshconnect2.c
index 41768bf05..90b884a39 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -82,7 +82,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
82 xxx_hostaddr = hostaddr; 82 xxx_hostaddr = hostaddr;
83 83
84 if (options.ciphers == (char *)-1) { 84 if (options.ciphers == (char *)-1) {
85 log("No valid ciphers for protocol version 2 given, using defaults."); 85 logit("No valid ciphers for protocol version 2 given, using defaults.");
86 options.ciphers = NULL; 86 options.ciphers = NULL;
87 } 87 }
88 if (options.ciphers != NULL) { 88 if (options.ciphers != NULL) {
@@ -349,7 +349,7 @@ input_userauth_failure(int type, u_int32_t seq, void *ctxt)
349 packet_check_eom(); 349 packet_check_eom();
350 350
351 if (partial != 0) 351 if (partial != 0)
352 log("Authenticated with partial success."); 352 logit("Authenticated with partial success.");
353 debug("Authentications that can continue: %s", authlist); 353 debug("Authentications that can continue: %s", authlist);
354 354
355 clear_auth_state(authctxt); 355 clear_auth_state(authctxt);
@@ -494,7 +494,7 @@ input_userauth_passwd_changereq(int type, u_int32_t seqnr, void *ctxt)
494 info = packet_get_string(NULL); 494 info = packet_get_string(NULL);
495 lang = packet_get_string(NULL); 495 lang = packet_get_string(NULL);
496 if (strlen(info) > 0) 496 if (strlen(info) > 0)
497 log("%s", info); 497 logit("%s", info);
498 xfree(info); 498 xfree(info);
499 xfree(lang); 499 xfree(lang);
500 packet_start(SSH2_MSG_USERAUTH_REQUEST); 500 packet_start(SSH2_MSG_USERAUTH_REQUEST);
@@ -526,7 +526,7 @@ input_userauth_passwd_changereq(int type, u_int32_t seqnr, void *ctxt)
526 if (strcmp(password, retype) != 0) { 526 if (strcmp(password, retype) != 0) {
527 memset(password, 0, strlen(password)); 527 memset(password, 0, strlen(password));
528 xfree(password); 528 xfree(password);
529 log("Mismatch; try again, EOF to quit."); 529 logit("Mismatch; try again, EOF to quit.");
530 password = NULL; 530 password = NULL;
531 } 531 }
532 memset(retype, 0, strlen(retype)); 532 memset(retype, 0, strlen(retype));
@@ -865,9 +865,9 @@ input_userauth_info_req(int type, u_int32_t seq, void *ctxt)
865 inst = packet_get_string(NULL); 865 inst = packet_get_string(NULL);
866 lang = packet_get_string(NULL); 866 lang = packet_get_string(NULL);
867 if (strlen(name) > 0) 867 if (strlen(name) > 0)
868 log("%s", name); 868 logit("%s", name);
869 if (strlen(inst) > 0) 869 if (strlen(inst) > 0)
870 log("%s", inst); 870 logit("%s", inst);
871 xfree(name); 871 xfree(name);
872 xfree(inst); 872 xfree(inst);
873 xfree(lang); 873 xfree(lang);
diff --git a/sshd.c b/sshd.c
index 0f2b2a3ce..62b4f45f4 100644
--- a/sshd.c
+++ b/sshd.c
@@ -258,11 +258,11 @@ sighup_handler(int sig)
258static void 258static void
259sighup_restart(void) 259sighup_restart(void)
260{ 260{
261 log("Received SIGHUP; restarting."); 261 logit("Received SIGHUP; restarting.");
262 close_listen_socks(); 262 close_listen_socks();
263 close_startup_pipes(); 263 close_startup_pipes();
264 execv(saved_argv[0], saved_argv); 264 execv(saved_argv[0], saved_argv);
265 log("RESTART FAILED: av[0]='%.100s', error: %.100s.", saved_argv[0], 265 logit("RESTART FAILED: av[0]='%.100s', error: %.100s.", saved_argv[0],
266 strerror(errno)); 266 strerror(errno));
267 exit(1); 267 exit(1);
268} 268}
@@ -376,7 +376,7 @@ sshd_exchange_identification(int sock_in, int sock_out)
376 if (atomicio(write, sock_out, server_version_string, 376 if (atomicio(write, sock_out, server_version_string,
377 strlen(server_version_string)) 377 strlen(server_version_string))
378 != strlen(server_version_string)) { 378 != strlen(server_version_string)) {
379 log("Could not write ident string to %s", get_remote_ipaddr()); 379 logit("Could not write ident string to %s", get_remote_ipaddr());
380 fatal_cleanup(); 380 fatal_cleanup();
381 } 381 }
382 382
@@ -384,7 +384,7 @@ sshd_exchange_identification(int sock_in, int sock_out)
384 memset(buf, 0, sizeof(buf)); 384 memset(buf, 0, sizeof(buf));
385 for (i = 0; i < sizeof(buf) - 1; i++) { 385 for (i = 0; i < sizeof(buf) - 1; i++) {
386 if (atomicio(read, sock_in, &buf[i], 1) != 1) { 386 if (atomicio(read, sock_in, &buf[i], 1) != 1) {
387 log("Did not receive identification string from %s", 387 logit("Did not receive identification string from %s",
388 get_remote_ipaddr()); 388 get_remote_ipaddr());
389 fatal_cleanup(); 389 fatal_cleanup();
390 } 390 }
@@ -415,7 +415,7 @@ sshd_exchange_identification(int sock_in, int sock_out)
415 (void) atomicio(write, sock_out, s, strlen(s)); 415 (void) atomicio(write, sock_out, s, strlen(s));
416 close(sock_in); 416 close(sock_in);
417 close(sock_out); 417 close(sock_out);
418 log("Bad protocol version identification '%.100s' from %s", 418 logit("Bad protocol version identification '%.100s' from %s",
419 client_version_string, get_remote_ipaddr()); 419 client_version_string, get_remote_ipaddr());
420 fatal_cleanup(); 420 fatal_cleanup();
421 } 421 }
@@ -425,13 +425,13 @@ sshd_exchange_identification(int sock_in, int sock_out)
425 compat_datafellows(remote_version); 425 compat_datafellows(remote_version);
426 426
427 if (datafellows & SSH_BUG_PROBE) { 427 if (datafellows & SSH_BUG_PROBE) {
428 log("probed from %s with %s. Don't panic.", 428 logit("probed from %s with %s. Don't panic.",
429 get_remote_ipaddr(), client_version_string); 429 get_remote_ipaddr(), client_version_string);
430 fatal_cleanup(); 430 fatal_cleanup();
431 } 431 }
432 432
433 if (datafellows & SSH_BUG_SCANNER) { 433 if (datafellows & SSH_BUG_SCANNER) {
434 log("scanned from %s with %s. Don't panic.", 434 logit("scanned from %s with %s. Don't panic.",
435 get_remote_ipaddr(), client_version_string); 435 get_remote_ipaddr(), client_version_string);
436 fatal_cleanup(); 436 fatal_cleanup();
437 } 437 }
@@ -476,7 +476,7 @@ sshd_exchange_identification(int sock_in, int sock_out)
476 (void) atomicio(write, sock_out, s, strlen(s)); 476 (void) atomicio(write, sock_out, s, strlen(s));
477 close(sock_in); 477 close(sock_in);
478 close(sock_out); 478 close(sock_out);
479 log("Protocol major versions differ for %s: %.200s vs. %.200s", 479 logit("Protocol major versions differ for %s: %.200s vs. %.200s",
480 get_remote_ipaddr(), 480 get_remote_ipaddr(),
481 server_version_string, client_version_string); 481 server_version_string, client_version_string);
482 fatal_cleanup(); 482 fatal_cleanup();
@@ -1010,15 +1010,15 @@ main(int ac, char **av)
1010 key_type(key)); 1010 key_type(key));
1011 } 1011 }
1012 if ((options.protocol & SSH_PROTO_1) && !sensitive_data.have_ssh1_key) { 1012 if ((options.protocol & SSH_PROTO_1) && !sensitive_data.have_ssh1_key) {
1013 log("Disabling protocol version 1. Could not load host key"); 1013 logit("Disabling protocol version 1. Could not load host key");
1014 options.protocol &= ~SSH_PROTO_1; 1014 options.protocol &= ~SSH_PROTO_1;
1015 } 1015 }
1016 if ((options.protocol & SSH_PROTO_2) && !sensitive_data.have_ssh2_key) { 1016 if ((options.protocol & SSH_PROTO_2) && !sensitive_data.have_ssh2_key) {
1017 log("Disabling protocol version 2. Could not load host key"); 1017 logit("Disabling protocol version 2. Could not load host key");
1018 options.protocol &= ~SSH_PROTO_2; 1018 options.protocol &= ~SSH_PROTO_2;
1019 } 1019 }
1020 if (!(options.protocol & (SSH_PROTO_1|SSH_PROTO_2))) { 1020 if (!(options.protocol & (SSH_PROTO_1|SSH_PROTO_2))) {
1021 log("sshd: no hostkeys available -- exiting."); 1021 logit("sshd: no hostkeys available -- exiting.");
1022 exit(1); 1022 exit(1);
1023 } 1023 }
1024 1024
@@ -1186,7 +1186,7 @@ main(int ac, char **av)
1186 num_listen_socks++; 1186 num_listen_socks++;
1187 1187
1188 /* Start listening on the port. */ 1188 /* Start listening on the port. */
1189 log("Server listening on %s port %s.", ntop, strport); 1189 logit("Server listening on %s port %s.", ntop, strport);
1190 if (listen(listen_sock, 5) < 0) 1190 if (listen(listen_sock, 5) < 0)
1191 fatal("listen: %.100s", strerror(errno)); 1191 fatal("listen: %.100s", strerror(errno));
1192 1192
@@ -1262,7 +1262,7 @@ main(int ac, char **av)
1262 if (ret < 0 && errno != EINTR) 1262 if (ret < 0 && errno != EINTR)
1263 error("select: %.100s", strerror(errno)); 1263 error("select: %.100s", strerror(errno));
1264 if (received_sigterm) { 1264 if (received_sigterm) {
1265 log("Received signal %d; terminating.", 1265 logit("Received signal %d; terminating.",
1266 (int) received_sigterm); 1266 (int) received_sigterm);
1267 close_listen_socks(); 1267 close_listen_socks();
1268 unlink(options.pid_file); 1268 unlink(options.pid_file);
@@ -1750,7 +1750,7 @@ do_ssh1_kex(void)
1750 u_char *buf = xmalloc(bytes); 1750 u_char *buf = xmalloc(bytes);
1751 MD5_CTX md; 1751 MD5_CTX md;
1752 1752
1753 log("do_connection: generating a fake encryption key"); 1753 logit("do_connection: generating a fake encryption key");
1754 BN_bn2bin(session_key_int, buf); 1754 BN_bn2bin(session_key_int, buf);
1755 MD5_Init(&md); 1755 MD5_Init(&md);
1756 MD5_Update(&md, buf, bytes); 1756 MD5_Update(&md, buf, bytes);
diff --git a/sshpty.c b/sshpty.c
index d28947f62..0cac10d3f 100644
--- a/sshpty.c
+++ b/sshpty.c
@@ -226,7 +226,7 @@ pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen)
226 } 226 }
227 /* set tty modes to a sane state for broken clients */ 227 /* set tty modes to a sane state for broken clients */
228 if (tcgetattr(*ptyfd, &tio) < 0) 228 if (tcgetattr(*ptyfd, &tio) < 0)
229 log("Getting tty modes for pty failed: %.100s", strerror(errno)); 229 logit("Getting tty modes for pty failed: %.100s", strerror(errno));
230 else { 230 else {
231 tio.c_lflag |= (ECHO | ISIG | ICANON); 231 tio.c_lflag |= (ECHO | ISIG | ICANON);
232 tio.c_oflag |= (OPOST | ONLCR); 232 tio.c_oflag |= (OPOST | ONLCR);
@@ -234,7 +234,7 @@ pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen)
234 234
235 /* Set the new modes for the terminal. */ 235 /* Set the new modes for the terminal. */
236 if (tcsetattr(*ptyfd, TCSANOW, &tio) < 0) 236 if (tcsetattr(*ptyfd, TCSANOW, &tio) < 0)
237 log("Setting tty modes for pty failed: %.100s", strerror(errno)); 237 logit("Setting tty modes for pty failed: %.100s", strerror(errno));
238 } 238 }
239 239
240 return 1; 240 return 1;
diff --git a/ttymodes.c b/ttymodes.c
index 5cc13dcd5..ee752ebba 100644
--- a/ttymodes.c
+++ b/ttymodes.c
@@ -267,7 +267,7 @@ tty_make_modes(int fd, struct termios *tiop)
267 267
268 if (tiop == NULL) { 268 if (tiop == NULL) {
269 if (tcgetattr(fd, &tio) == -1) { 269 if (tcgetattr(fd, &tio) == -1) {
270 log("tcgetattr: %.100s", strerror(errno)); 270 logit("tcgetattr: %.100s", strerror(errno));
271 goto end; 271 goto end;
272 } 272 }
273 } else 273 } else
@@ -341,7 +341,7 @@ tty_parse_modes(int fd, int *n_bytes_ptr)
341 * modes, they will initially have reasonable values. 341 * modes, they will initially have reasonable values.
342 */ 342 */
343 if (tcgetattr(fd, &tio) == -1) { 343 if (tcgetattr(fd, &tio) == -1) {
344 log("tcgetattr: %.100s", strerror(errno)); 344 logit("tcgetattr: %.100s", strerror(errno));
345 failure = -1; 345 failure = -1;
346 } 346 }
347 347
@@ -420,7 +420,7 @@ tty_parse_modes(int fd, int *n_bytes_ptr)
420 * left in the packet; hopefully there is nothing 420 * left in the packet; hopefully there is nothing
421 * more coming after the mode data. 421 * more coming after the mode data.
422 */ 422 */
423 log("parse_tty_modes: unknown opcode %d", opcode); 423 logit("parse_tty_modes: unknown opcode %d", opcode);
424 goto set; 424 goto set;
425 } 425 }
426 } else { 426 } else {
@@ -436,7 +436,7 @@ tty_parse_modes(int fd, int *n_bytes_ptr)
436 (void) packet_get_int(); 436 (void) packet_get_int();
437 break; 437 break;
438 } else { 438 } else {
439 log("parse_tty_modes: unknown opcode %d", opcode); 439 logit("parse_tty_modes: unknown opcode %d", opcode);
440 goto set; 440 goto set;
441 } 441 }
442 } 442 }
@@ -446,7 +446,7 @@ tty_parse_modes(int fd, int *n_bytes_ptr)
446set: 446set:
447 if (*n_bytes_ptr != n_bytes) { 447 if (*n_bytes_ptr != n_bytes) {
448 *n_bytes_ptr = n_bytes; 448 *n_bytes_ptr = n_bytes;
449 log("parse_tty_modes: n_bytes_ptr != n_bytes: %d %d", 449 logit("parse_tty_modes: n_bytes_ptr != n_bytes: %d %d",
450 *n_bytes_ptr, n_bytes); 450 *n_bytes_ptr, n_bytes);
451 return; /* Don't process bytes passed */ 451 return; /* Don't process bytes passed */
452 } 452 }
@@ -455,5 +455,5 @@ set:
455 455
456 /* Set the new modes for the terminal. */ 456 /* Set the new modes for the terminal. */
457 if (tcsetattr(fd, TCSANOW, &tio) == -1) 457 if (tcsetattr(fd, TCSANOW, &tio) == -1)
458 log("Setting tty modes failed: %.100s", strerror(errno)); 458 logit("Setting tty modes failed: %.100s", strerror(errno));
459} 459}
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-18 12:39:49 +0000