From 21653cc01f15857ec36fc5ec24aecf1d39c2855f Mon Sep 17 00:00:00 2001 From: Colin Watson Date: Wed, 31 Mar 2010 11:34:21 +0100 Subject: Drop most of our "LogLevel SILENT" (-qq) patch. This was originally introduced to match the behaviour of non-free SSH, in which -q does not suppress fatal errors, but matching the behaviour of OpenSSH upstream is much more important nowadays. We no longer document that -q does not suppress fatal errors (closes: #280609). Migrate "LogLevel SILENT" to "LogLevel QUIET" in sshd_config on upgrade. --- clientloop.c | 2 +- debian/changelog | 6 + debian/openssh-server.postinst | 12 ++ debian/patches/doc-connection-sharing.patch | 2 +- debian/patches/openbsd-docs.patch | 6 +- debian/patches/ssh-argv0.patch | 2 +- debian/patches/syslog-level-silent.patch | 177 ++-------------------------- debian/patches/user-group-modes.patch | 2 +- log.c | 3 +- log.h | 1 - mux.c | 2 +- sftp-server.8 | 2 +- ssh.1 | 5 - ssh.c | 9 +- ssh_config.5 | 2 +- sshd.8 | 5 +- sshd.c | 7 +- sshd_config.5 | 2 +- 18 files changed, 45 insertions(+), 202 deletions(-) diff --git a/clientloop.c b/clientloop.c index a55fe9995..56f8dd2f8 100644 --- a/clientloop.c +++ b/clientloop.c @@ -1538,7 +1538,7 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id) * In interactive mode (with pseudo tty) display a message indicating * that the connection has been closed. */ - if (have_pty && options.log_level > SYSLOG_LEVEL_QUIET) { + if (have_pty && options.log_level != SYSLOG_LEVEL_QUIET) { snprintf(buf, sizeof buf, "Connection to %.64s closed.\r\n", host); buffer_append(&stderr_buffer, buf, strlen(buf)); diff --git a/debian/changelog b/debian/changelog index 603ca1a3e..b27270e0e 100644 --- a/debian/changelog +++ b/debian/changelog @@ -56,6 +56,12 @@ openssh (1:5.4p1-1) UNRELEASED; urgency=low name. (We'd still lose if the status nybble were ever changed, but that would mean somebody had packaged a development/beta version rather than a proper release, which doesn't appear to be normal practice.) + * Drop most of our "LogLevel SILENT" (-qq) patch. This was originally + introduced to match the behaviour of non-free SSH, in which -q does not + suppress fatal errors, but matching the behaviour of OpenSSH upstream is + much more important nowadays. We no longer document that -q does not + suppress fatal errors (closes: #280609). Migrate "LogLevel SILENT" to + "LogLevel QUIET" in sshd_config on upgrade. -- Colin Watson Mon, 01 Mar 2010 12:24:41 +0000 diff --git a/debian/openssh-server.postinst b/debian/openssh-server.postinst index 557bf2b23..d415f3f0d 100644 --- a/debian/openssh-server.postinst +++ b/debian/openssh-server.postinst @@ -234,6 +234,13 @@ move_subsystem_sftp() { } +fix_loglevel_silent() { + if [ "$(get_config_option LogLevel)" = SILENT ]; then + set_config_option LogLevel QUIET + fi +} + + create_sshdconfig() { if [ -e /etc/ssh/sshd_config ] ; then # Upgrade an existing sshd configuration. @@ -284,6 +291,11 @@ create_sshdconfig() { rename_config_option KeepAlive TCPKeepAlive fi + # 'LogLevel SILENT' is now equivalent to QUIET. + if dpkg --compare-versions "$oldversion" lt 1:5.4p1-1; then + fix_loglevel_silent + fi + return 0 fi diff --git a/debian/patches/doc-connection-sharing.patch b/debian/patches/doc-connection-sharing.patch index 759f86b30..d08f3d01f 100644 --- a/debian/patches/doc-connection-sharing.patch +++ b/debian/patches/doc-connection-sharing.patch @@ -9,7 +9,7 @@ Index: b/ssh.1 =================================================================== --- a/ssh.1 +++ b/ssh.1 -@@ -563,7 +563,10 @@ +@@ -558,7 +558,10 @@ the listen port will be dynamically allocated on the server and reported to the client at run time. .It Fl S Ar ctl_path diff --git a/debian/patches/openbsd-docs.patch b/debian/patches/openbsd-docs.patch index e98938c15..0898c6ed3 100644 --- a/debian/patches/openbsd-docs.patch +++ b/debian/patches/openbsd-docs.patch @@ -60,7 +60,7 @@ Index: b/ssh.1 =================================================================== --- a/ssh.1 +++ b/ssh.1 -@@ -764,6 +764,10 @@ +@@ -759,6 +759,10 @@ .Sx HISTORY section of .Xr ssl 8 @@ -84,7 +84,7 @@ Index: b/sshd.8 It forks a new daemon for each incoming connection. The forked daemons handle -@@ -838,7 +838,7 @@ +@@ -835,7 +835,7 @@ .Xr ssh 1 ) . It should only be writable by root. .Pp @@ -93,7 +93,7 @@ Index: b/sshd.8 Contains Diffie-Hellman groups used for the "Diffie-Hellman Group Exchange". The file format is described in .Xr moduli 5 . -@@ -934,7 +934,6 @@ +@@ -931,7 +931,6 @@ .Xr ssh-vulnkey 1 , .Xr chroot 2 , .Xr hosts_access 5 , diff --git a/debian/patches/ssh-argv0.patch b/debian/patches/ssh-argv0.patch index c0b747e84..7caeff704 100644 --- a/debian/patches/ssh-argv0.patch +++ b/debian/patches/ssh-argv0.patch @@ -11,7 +11,7 @@ Index: b/ssh.1 =================================================================== --- a/ssh.1 +++ b/ssh.1 -@@ -1432,6 +1432,7 @@ +@@ -1427,6 +1427,7 @@ .Xr sftp 1 , .Xr ssh-add 1 , .Xr ssh-agent 1 , diff --git a/debian/patches/syslog-level-silent.patch b/debian/patches/syslog-level-silent.patch index 3ed46c8f8..2dc912b8e 100644 --- a/debian/patches/syslog-level-silent.patch +++ b/debian/patches/syslog-level-silent.patch @@ -1,32 +1,15 @@ -Description: Add "LogLevel SILENT" (-qq), suppressing even fatal errors - It's not clear that this is as useful as originally intended, or - implemented correctly, and there's no bug trail to be found for the - original feature (although it has been tweaked by bug reports since it was - added in Debian openssh 1:3.0.1p1-1). Needs review. - . - Jonathan says that this patch was originally meant to match the behaviour - of non-free SSH, in which -q does not suppress fatal errors. Given that - this was unintentionally broken in 1:4.6p1-2 and nobody's complained, we - can probably drop most of this. The adjustment to "Pseudo-terminal will - not be allocated ..." should be split out into a separate patch. +Description: "LogLevel SILENT" compatibility + "LogLevel SILENT" (-qq) was introduced in Debian openssh 1:3.0.1p1-1 to + match the behaviour of non-free SSH, in which -q does not suppress fatal + errors. However, this was unintentionally broken in 1:4.6p1-2 and nobody + complained, so we've dropped most of it. The parts that remain are basic + configuration file compatibility, and an adjustment to "Pseudo-terminal + will not be allocated ..." which should be split out into a separate patch. Author: Jonathan David Amery Author: Matthew Vernon Author: Colin Watson -Last-Update: 2010-02-27 +Last-Update: 2010-03-31 -Index: b/clientloop.c -=================================================================== ---- a/clientloop.c -+++ b/clientloop.c -@@ -1536,7 +1536,7 @@ - * In interactive mode (with pseudo tty) display a message indicating - * that the connection has been closed. - */ -- if (have_pty && options.log_level != SYSLOG_LEVEL_QUIET) { -+ if (have_pty && options.log_level > SYSLOG_LEVEL_QUIET) { - snprintf(buf, sizeof buf, - "Connection to %.64s closed.\r\n", host); - buffer_append(&stderr_buffer, buf, strlen(buf)); Index: b/log.c =================================================================== --- a/log.c @@ -35,158 +18,20 @@ Index: b/log.c LogLevel val; } log_levels[] = { -+ { "SILENT", SYSLOG_LEVEL_SILENT }, ++ { "SILENT", SYSLOG_LEVEL_QUIET }, /* compatibility */ { "QUIET", SYSLOG_LEVEL_QUIET }, { "FATAL", SYSLOG_LEVEL_FATAL }, { "ERROR", SYSLOG_LEVEL_ERROR }, -@@ -244,6 +245,7 @@ - argv0 = av0; - - switch (level) { -+ case SYSLOG_LEVEL_SILENT: - case SYSLOG_LEVEL_QUIET: - case SYSLOG_LEVEL_FATAL: - case SYSLOG_LEVEL_ERROR: -Index: b/log.h -=================================================================== ---- a/log.h -+++ b/log.h -@@ -35,6 +35,7 @@ - } SyslogFacility; - - typedef enum { -+ SYSLOG_LEVEL_SILENT, - SYSLOG_LEVEL_QUIET, - SYSLOG_LEVEL_FATAL, - SYSLOG_LEVEL_ERROR, -Index: b/mux.c -=================================================================== ---- a/mux.c -+++ b/mux.c -@@ -1553,7 +1553,7 @@ - } else - debug2("Received exit status from master %d", exitval); - -- if (tty_flag && options.log_level != SYSLOG_LEVEL_QUIET) -+ if (tty_flag && options.log_level > SYSLOG_LEVEL_QUIET) - fprintf(stderr, "Shared connection to %s closed.\r\n", host); - - exit(exitval); -Index: b/sftp-server.8 -=================================================================== ---- a/sftp-server.8 -+++ b/sftp-server.8 -@@ -74,7 +74,7 @@ - Specifies which messages will be logged by - .Nm . - The possible values are: --QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. -+SILENT, QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. - INFO and VERBOSE log transactions that - .Nm - performs on behalf of the client. -Index: b/ssh.1 -=================================================================== ---- a/ssh.1 -+++ b/ssh.1 -@@ -504,6 +504,11 @@ - .It Fl q - Quiet mode. - Causes most warning and diagnostic messages to be suppressed. -+Only fatal errors are displayed. -+If a second -+.Fl q -+is given then even fatal errors are suppressed, except for those produced -+due solely to bad arguments. - .It Fl R Xo - .Sm off - .Oo Ar bind_address : Oc Index: b/ssh.c =================================================================== --- a/ssh.c +++ b/ssh.c -@@ -421,7 +421,12 @@ - options.exit_on_forward_failure = 1; - break; - case 'q': -- options.log_level = SYSLOG_LEVEL_QUIET; -+ if (options.log_level == SYSLOG_LEVEL_QUIET) { -+ options.log_level = SYSLOG_LEVEL_SILENT; -+ } -+ else if (options.log_level != SYSLOG_LEVEL_SILENT) { -+ options.log_level = SYSLOG_LEVEL_QUIET; -+ } - break; - case 'e': - if (optarg[0] == '^' && optarg[2] == 0 && -@@ -624,7 +629,7 @@ +@@ -624,7 +624,7 @@ tty_flag = 0; /* Do not allocate a tty if stdin is not a tty. */ if ((!isatty(fileno(stdin)) || stdin_null_flag) && !force_tty_flag) { - if (tty_flag) -+ if (tty_flag && options.log_level > SYSLOG_LEVEL_QUIET) ++ if (tty_flag && options.log_level != SYSLOG_LEVEL_QUIET) logit("Pseudo-terminal will not be allocated because " "stdin is not a terminal."); tty_flag = 0; -Index: b/ssh_config.5 -=================================================================== ---- a/ssh_config.5 -+++ b/ssh_config.5 -@@ -698,7 +698,7 @@ - Gives the verbosity level that is used when logging messages from - .Xr ssh 1 . - The possible values are: --QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. -+SILENT, QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. - The default is INFO. - DEBUG and DEBUG1 are equivalent. - DEBUG2 and DEBUG3 each specify higher levels of verbose output. -Index: b/sshd.8 -=================================================================== ---- a/sshd.8 -+++ b/sshd.8 -@@ -217,9 +217,12 @@ - option override command-line ports. - .It Fl q - Quiet mode. --Nothing is sent to the system log. -+Only fatal errors are sent to the system log. - Normally the beginning, - authentication, and termination of each connection is logged. -+If a second -+.Fl q -+is given then nothing is sent to the system log. - .It Fl T - Extended test mode. - Check the validity of the configuration file, output the effective configuration -Index: b/sshd.c -=================================================================== ---- a/sshd.c -+++ b/sshd.c -@@ -1370,7 +1370,12 @@ - /* ignored */ - break; - case 'q': -- options.log_level = SYSLOG_LEVEL_QUIET; -+ if (options.log_level == SYSLOG_LEVEL_QUIET) { -+ options.log_level = SYSLOG_LEVEL_SILENT; -+ } -+ else if (options.log_level != SYSLOG_LEVEL_SILENT) { -+ options.log_level = SYSLOG_LEVEL_QUIET; -+ } - break; - case 'b': - options.server_key_bits = (int)strtonum(optarg, 256, -Index: b/sshd_config.5 -=================================================================== ---- a/sshd_config.5 -+++ b/sshd_config.5 -@@ -575,7 +575,7 @@ - Gives the verbosity level that is used when logging messages from - .Xr sshd 8 . - The possible values are: --QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. -+SILENT, QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. - The default is INFO. - DEBUG and DEBUG1 are equivalent. - DEBUG2 and DEBUG3 each specify higher levels of debugging output. diff --git a/debian/patches/user-group-modes.patch b/debian/patches/user-group-modes.patch index 375a098f9..22cb3084a 100644 --- a/debian/patches/user-group-modes.patch +++ b/debian/patches/user-group-modes.patch @@ -60,7 +60,7 @@ Index: b/ssh.1 =================================================================== --- a/ssh.1 +++ b/ssh.1 -@@ -1326,6 +1326,8 @@ +@@ -1321,6 +1321,8 @@ .Xr ssh_config 5 . Because of the potential for abuse, this file must have strict permissions: read/write for the user, and not accessible by others. diff --git a/log.c b/log.c index 249913785..d8a1f734e 100644 --- a/log.c +++ b/log.c @@ -90,7 +90,7 @@ static struct { LogLevel val; } log_levels[] = { - { "SILENT", SYSLOG_LEVEL_SILENT }, + { "SILENT", SYSLOG_LEVEL_QUIET }, /* compatibility */ { "QUIET", SYSLOG_LEVEL_QUIET }, { "FATAL", SYSLOG_LEVEL_FATAL }, { "ERROR", SYSLOG_LEVEL_ERROR }, @@ -245,7 +245,6 @@ log_init(char *av0, LogLevel level, SyslogFacility facility, int on_stderr) argv0 = av0; switch (level) { - case SYSLOG_LEVEL_SILENT: case SYSLOG_LEVEL_QUIET: case SYSLOG_LEVEL_FATAL: case SYSLOG_LEVEL_ERROR: diff --git a/log.h b/log.h index 257a3a0c1..650582791 100644 --- a/log.h +++ b/log.h @@ -35,7 +35,6 @@ typedef enum { } SyslogFacility; typedef enum { - SYSLOG_LEVEL_SILENT, SYSLOG_LEVEL_QUIET, SYSLOG_LEVEL_FATAL, SYSLOG_LEVEL_ERROR, diff --git a/mux.c b/mux.c index 5df5245f6..825fb7a9a 100644 --- a/mux.c +++ b/mux.c @@ -1553,7 +1553,7 @@ mux_client_request_session(int fd) } else debug2("Received exit status from master %d", exitval); - if (tty_flag && options.log_level > SYSLOG_LEVEL_QUIET) + if (tty_flag && options.log_level != SYSLOG_LEVEL_QUIET) fprintf(stderr, "Shared connection to %s closed.\r\n", host); exit(exitval); diff --git a/sftp-server.8 b/sftp-server.8 index 69ad8beb1..bb19c15e1 100644 --- a/sftp-server.8 +++ b/sftp-server.8 @@ -74,7 +74,7 @@ usage information. Specifies which messages will be logged by .Nm . The possible values are: -SILENT, QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. +QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. INFO and VERBOSE log transactions that .Nm performs on behalf of the client. diff --git a/ssh.1 b/ssh.1 index 48c11c733..7426c7180 100644 --- a/ssh.1 +++ b/ssh.1 @@ -504,11 +504,6 @@ per-host basis in the configuration file. .It Fl q Quiet mode. Causes most warning and diagnostic messages to be suppressed. -Only fatal errors are displayed. -If a second -.Fl q -is given then even fatal errors are suppressed, except for those produced -due solely to bad arguments. .It Fl R Xo .Sm off .Oo Ar bind_address : Oc diff --git a/ssh.c b/ssh.c index 68178ff95..0afeb3b3a 100644 --- a/ssh.c +++ b/ssh.c @@ -421,12 +421,7 @@ main(int ac, char **av) options.exit_on_forward_failure = 1; break; case 'q': - if (options.log_level == SYSLOG_LEVEL_QUIET) { - options.log_level = SYSLOG_LEVEL_SILENT; - } - else if (options.log_level != SYSLOG_LEVEL_SILENT) { - options.log_level = SYSLOG_LEVEL_QUIET; - } + options.log_level = SYSLOG_LEVEL_QUIET; break; case 'e': if (optarg[0] == '^' && optarg[2] == 0 && @@ -629,7 +624,7 @@ main(int ac, char **av) tty_flag = 0; /* Do not allocate a tty if stdin is not a tty. */ if ((!isatty(fileno(stdin)) || stdin_null_flag) && !force_tty_flag) { - if (tty_flag && options.log_level > SYSLOG_LEVEL_QUIET) + if (tty_flag && options.log_level != SYSLOG_LEVEL_QUIET) logit("Pseudo-terminal will not be allocated because " "stdin is not a terminal."); tty_flag = 0; diff --git a/ssh_config.5 b/ssh_config.5 index 0ce851aa8..91c0e1bb0 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -718,7 +718,7 @@ indicates that the port should be available from all interfaces. Gives the verbosity level that is used when logging messages from .Xr ssh 1 . The possible values are: -SILENT, QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. +QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. The default is INFO. DEBUG and DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify higher levels of verbose output. diff --git a/sshd.8 b/sshd.8 index 5df48a005..d784c0630 100644 --- a/sshd.8 +++ b/sshd.8 @@ -217,12 +217,9 @@ Ports specified using the option override command-line ports. .It Fl q Quiet mode. -Only fatal errors are sent to the system log. +Nothing is sent to the system log. Normally the beginning, authentication, and termination of each connection is logged. -If a second -.Fl q -is given then nothing is sent to the system log. .It Fl T Extended test mode. Check the validity of the configuration file, output the effective configuration diff --git a/sshd.c b/sshd.c index df6c9d24e..75e267793 100644 --- a/sshd.c +++ b/sshd.c @@ -1371,12 +1371,7 @@ main(int ac, char **av) /* ignored */ break; case 'q': - if (options.log_level == SYSLOG_LEVEL_QUIET) { - options.log_level = SYSLOG_LEVEL_SILENT; - } - else if (options.log_level != SYSLOG_LEVEL_SILENT) { - options.log_level = SYSLOG_LEVEL_QUIET; - } + options.log_level = SYSLOG_LEVEL_QUIET; break; case 'b': options.server_key_bits = (int)strtonum(optarg, 256, diff --git a/sshd_config.5 b/sshd_config.5 index 39ef781ff..de447bce5 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -606,7 +606,7 @@ The default is 120 seconds. Gives the verbosity level that is used when logging messages from .Xr sshd 8 . The possible values are: -SILENT, QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. +QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. The default is INFO. DEBUG and DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify higher levels of debugging output. -- cgit v1.2.3