diff options
| -rw-r--r-- | readconf.c | 20 | ||||
| -rw-r--r-- | readconf.h | 3 | ||||
| -rw-r--r-- | ssh.c | 11 | ||||
| -rw-r--r-- | ssh_config.5 | 10 |
4 files changed, 35 insertions, 9 deletions
diff --git a/readconf.c b/readconf.c index 9d59493f0..013c19f59 100644 --- a/readconf.c +++ b/readconf.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: readconf.c,v 1.270 2017/03/10 04:27:32 djm Exp $ */ | 1 | /* $OpenBSD: readconf.c,v 1.271 2017/04/28 03:20:27 dtucker Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -152,7 +152,7 @@ typedef enum { | |||
| 152 | oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts, | 152 | oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts, |
| 153 | oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression, | 153 | oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression, |
| 154 | oCompressionLevel, oTCPKeepAlive, oNumberOfPasswordPrompts, | 154 | oCompressionLevel, oTCPKeepAlive, oNumberOfPasswordPrompts, |
| 155 | oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol, oMacs, | 155 | oUsePrivilegedPort, oLogFacility, oLogLevel, oCiphers, oProtocol, oMacs, |
| 156 | oPubkeyAuthentication, | 156 | oPubkeyAuthentication, |
| 157 | oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias, | 157 | oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias, |
| 158 | oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication, | 158 | oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication, |
| @@ -265,6 +265,7 @@ static struct { | |||
| 265 | { "tcpkeepalive", oTCPKeepAlive }, | 265 | { "tcpkeepalive", oTCPKeepAlive }, |
| 266 | { "keepalive", oTCPKeepAlive }, /* obsolete */ | 266 | { "keepalive", oTCPKeepAlive }, /* obsolete */ |
| 267 | { "numberofpasswordprompts", oNumberOfPasswordPrompts }, | 267 | { "numberofpasswordprompts", oNumberOfPasswordPrompts }, |
| 268 | { "syslogfacility", oLogFacility }, | ||
| 268 | { "loglevel", oLogLevel }, | 269 | { "loglevel", oLogLevel }, |
| 269 | { "dynamicforward", oDynamicForward }, | 270 | { "dynamicforward", oDynamicForward }, |
| 270 | { "preferredauthentications", oPreferredAuthentications }, | 271 | { "preferredauthentications", oPreferredAuthentications }, |
| @@ -830,6 +831,7 @@ process_config_line_depth(Options *options, struct passwd *pw, const char *host, | |||
| 830 | u_int i, *uintptr, max_entries = 0; | 831 | u_int i, *uintptr, max_entries = 0; |
| 831 | int r, oactive, negated, opcode, *intptr, value, value2, cmdline = 0; | 832 | int r, oactive, negated, opcode, *intptr, value, value2, cmdline = 0; |
| 832 | LogLevel *log_level_ptr; | 833 | LogLevel *log_level_ptr; |
| 834 | SyslogFacility *log_facility_ptr; | ||
| 833 | long long val64; | 835 | long long val64; |
| 834 | size_t len; | 836 | size_t len; |
| 835 | struct Forward fwd; | 837 | struct Forward fwd; |
| @@ -1264,6 +1266,17 @@ parse_keytypes: | |||
| 1264 | *log_level_ptr = (LogLevel) value; | 1266 | *log_level_ptr = (LogLevel) value; |
| 1265 | break; | 1267 | break; |
| 1266 | 1268 | ||
| 1269 | case oLogFacility: | ||
| 1270 | log_facility_ptr = &options->log_facility; | ||
| 1271 | arg = strdelim(&s); | ||
| 1272 | value = log_facility_number(arg); | ||
| 1273 | if (value == SYSLOG_FACILITY_NOT_SET) | ||
| 1274 | fatal("%.200s line %d: unsupported log facility '%s'", | ||
| 1275 | filename, linenum, arg ? arg : "<NONE>"); | ||
| 1276 | if (*log_facility_ptr == -1) | ||
| 1277 | *log_facility_ptr = (SyslogFacility) value; | ||
| 1278 | break; | ||
| 1279 | |||
| 1267 | case oLocalForward: | 1280 | case oLocalForward: |
| 1268 | case oRemoteForward: | 1281 | case oRemoteForward: |
| 1269 | case oDynamicForward: | 1282 | case oDynamicForward: |
| @@ -1838,6 +1851,7 @@ initialize_options(Options * options) | |||
| 1838 | options->num_local_forwards = 0; | 1851 | options->num_local_forwards = 0; |
| 1839 | options->remote_forwards = NULL; | 1852 | options->remote_forwards = NULL; |
| 1840 | options->num_remote_forwards = 0; | 1853 | options->num_remote_forwards = 0; |
| 1854 | options->log_facility = SYSLOG_FACILITY_NOT_SET; | ||
| 1841 | options->log_level = SYSLOG_LEVEL_NOT_SET; | 1855 | options->log_level = SYSLOG_LEVEL_NOT_SET; |
| 1842 | options->preferred_authentications = NULL; | 1856 | options->preferred_authentications = NULL; |
| 1843 | options->bind_address = NULL; | 1857 | options->bind_address = NULL; |
| @@ -2014,6 +2028,8 @@ fill_default_options(Options * options) | |||
| 2014 | } | 2028 | } |
| 2015 | if (options->log_level == SYSLOG_LEVEL_NOT_SET) | 2029 | if (options->log_level == SYSLOG_LEVEL_NOT_SET) |
| 2016 | options->log_level = SYSLOG_LEVEL_INFO; | 2030 | options->log_level = SYSLOG_LEVEL_INFO; |
| 2031 | if (options->log_facility == SYSLOG_FACILITY_NOT_SET) | ||
| 2032 | options->log_facility = SYSLOG_FACILITY_USER; | ||
| 2017 | if (options->no_host_authentication_for_localhost == - 1) | 2033 | if (options->no_host_authentication_for_localhost == - 1) |
| 2018 | options->no_host_authentication_for_localhost = 0; | 2034 | options->no_host_authentication_for_localhost = 0; |
| 2019 | if (options->identities_only == -1) | 2035 | if (options->identities_only == -1) |
diff --git a/readconf.h b/readconf.h index cef55f71c..d62428101 100644 --- a/readconf.h +++ b/readconf.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: readconf.h,v 1.117 2016/07/15 00:24:30 djm Exp $ */ | 1 | /* $OpenBSD: readconf.h,v 1.118 2017/04/28 03:20:27 dtucker Exp $ */ |
| 2 | 2 | ||
| 3 | /* | 3 | /* |
| 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| @@ -59,6 +59,7 @@ typedef struct { | |||
| 59 | int tcp_keep_alive; /* Set SO_KEEPALIVE. */ | 59 | int tcp_keep_alive; /* Set SO_KEEPALIVE. */ |
| 60 | int ip_qos_interactive; /* IP ToS/DSCP/class for interactive */ | 60 | int ip_qos_interactive; /* IP ToS/DSCP/class for interactive */ |
| 61 | int ip_qos_bulk; /* IP ToS/DSCP/class for bulk traffic */ | 61 | int ip_qos_bulk; /* IP ToS/DSCP/class for bulk traffic */ |
| 62 | SyslogFacility log_facility; /* Facility for system logging. */ | ||
| 62 | LogLevel log_level; /* Level for logging. */ | 63 | LogLevel log_level; /* Level for logging. */ |
| 63 | 64 | ||
| 64 | int port; /* Port to connect. */ | 65 | int port; /* Port to connect. */ |
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssh.c,v 1.451 2017/03/10 04:07:20 djm Exp $ */ | 1 | /* $OpenBSD: ssh.c,v 1.452 2017/04/28 03:20:27 dtucker Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -1007,8 +1007,11 @@ main(int ac, char **av) | |||
| 1007 | if (logfile != NULL) | 1007 | if (logfile != NULL) |
| 1008 | log_redirect_stderr_to(logfile); | 1008 | log_redirect_stderr_to(logfile); |
| 1009 | log_init(argv0, | 1009 | log_init(argv0, |
| 1010 | options.log_level == -1 ? SYSLOG_LEVEL_INFO : options.log_level, | 1010 | options.log_level == SYSLOG_LEVEL_NOT_SET ? |
| 1011 | SYSLOG_FACILITY_USER, !use_syslog); | 1011 | SYSLOG_LEVEL_INFO : options.log_level, |
| 1012 | options.log_facility == SYSLOG_FACILITY_NOT_SET ? | ||
| 1013 | SYSLOG_FACILITY_USER : options.log_facility, | ||
| 1014 | !use_syslog); | ||
| 1012 | 1015 | ||
| 1013 | if (debug_flag) | 1016 | if (debug_flag) |
| 1014 | logit("%s, %s", SSH_RELEASE, | 1017 | logit("%s, %s", SSH_RELEASE, |
| @@ -1150,7 +1153,7 @@ main(int ac, char **av) | |||
| 1150 | #endif | 1153 | #endif |
| 1151 | 1154 | ||
| 1152 | /* reinit */ | 1155 | /* reinit */ |
| 1153 | log_init(argv0, options.log_level, SYSLOG_FACILITY_USER, !use_syslog); | 1156 | log_init(argv0, options.log_level, options.log_facility, !use_syslog); |
| 1154 | 1157 | ||
| 1155 | if (options.request_tty == REQUEST_TTY_YES || | 1158 | if (options.request_tty == REQUEST_TTY_YES || |
| 1156 | options.request_tty == REQUEST_TTY_FORCE) | 1159 | options.request_tty == REQUEST_TTY_FORCE) |
diff --git a/ssh_config.5 b/ssh_config.5 index 532745b2f..dd088c5ad 100644 --- a/ssh_config.5 +++ b/ssh_config.5 | |||
| @@ -33,8 +33,8 @@ | |||
| 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
| 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 35 | .\" | 35 | .\" |
| 36 | .\" $OpenBSD: ssh_config.5,v 1.242 2017/02/27 14:30:33 jmc Exp $ | 36 | .\" $OpenBSD: ssh_config.5,v 1.243 2017/04/28 03:20:27 dtucker Exp $ |
| 37 | .Dd $Mdocdate: February 27 2017 $ | 37 | .Dd $Mdocdate: April 28 2017 $ |
| 38 | .Dt SSH_CONFIG 5 | 38 | .Dt SSH_CONFIG 5 |
| 39 | .Os | 39 | .Os |
| 40 | .Sh NAME | 40 | .Sh NAME |
| @@ -1101,6 +1101,12 @@ indicates that the listening port be bound for local use only, while an | |||
| 1101 | empty address or | 1101 | empty address or |
| 1102 | .Sq * | 1102 | .Sq * |
| 1103 | indicates that the port should be available from all interfaces. | 1103 | indicates that the port should be available from all interfaces. |
| 1104 | .It Cm SyslogFacility | ||
| 1105 | Gives the facility code that is used when logging messages from | ||
| 1106 | .Xr ssh 1 . | ||
| 1107 | The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2, | ||
| 1108 | LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. | ||
| 1109 | The default is USER. | ||
| 1104 | .It Cm LogLevel | 1110 | .It Cm LogLevel |
| 1105 | Gives the verbosity level that is used when logging messages from | 1111 | Gives the verbosity level that is used when logging messages from |
| 1106 | .Xr ssh 1 . | 1112 | .Xr ssh 1 . |