From c8a49d743ae2ab739ca4266e7013bc9c3079aaee Mon Sep 17 00:00:00 2001 From: Ben Lindstrom Date: Wed, 2 Apr 2003 15:18:22 +0000 Subject: - (bal) if IP_TOS is not found or broken don't try to compile in packet_set_tos() function call. bug #527 --- packet.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'packet.c') diff --git a/packet.c b/packet.c index 3e21df722..254e452d0 100644 --- a/packet.c +++ b/packet.c @@ -1314,6 +1314,8 @@ packet_not_very_much_data_to_write(void) return buffer_len(&output) < 128 * 1024; } + +#if defined(IP_TOS) && !defined(IP_TOS_IS_BROKEN) static void packet_set_tos(int interactive) { @@ -1327,6 +1329,7 @@ packet_set_tos(int interactive) error("setsockopt IP_TOS %d: %.100s:", tos, strerror(errno)); } +#endif /* Informs that the current session is interactive. Sets IP flags for that. */ -- cgit v1.2.3 From a5539d2698ea83b4a7f9abe7cde8306e2fd76f33 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Wed, 9 Apr 2003 20:50:06 +1000 Subject: - (djm) OpenBSD CVS Sync - markus@cvs.openbsd.org 2003/04/02 09:48:07 [clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c] [readconf.h serverloop.c sshconnect2.c] reapply rekeying chage, tested by henning@, ok djm@ --- ChangeLog | 7 ++- clientloop.c | 7 ++- monitor.c | 14 ++++-- monitor_wrap.c | 14 ++++-- packet.c | 145 ++++++++++++++++++++++++++++++++++++++++++++++++--------- packet.h | 9 ++-- readconf.c | 33 ++++++++++++- readconf.h | 3 +- serverloop.c | 10 +++- sshconnect2.c | 5 +- 10 files changed, 205 insertions(+), 42 deletions(-) (limited to 'packet.c') diff --git a/ChangeLog b/ChangeLog index afc34a291..140a176f2 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,6 +2,11 @@ - (djm) Bug #539: Specify creation mode with O_CREAT for lastlog. Report from matth@eecs.berkeley.edu - (djm) Make the spec work with Redhat 9.0 (which renames sharutils) + - (djm) OpenBSD CVS Sync + - markus@cvs.openbsd.org 2003/04/02 09:48:07 + [clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c] + [readconf.h serverloop.c sshconnect2.c] + reapply rekeying chage, tested by henning@, ok djm@ 20030402 - (bal) if IP_TOS is not found or broken don't try to compile in @@ -1304,4 +1309,4 @@ save auth method before monitor_reset_key_state(); bugzilla bug #284; ok provos@ -$Id: ChangeLog,v 1.2651 2003/04/09 09:41:25 djm Exp $ +$Id: ChangeLog,v 1.2652 2003/04/09 10:50:06 djm Exp $ diff --git a/clientloop.c b/clientloop.c index af207c070..a40019d08 100644 --- a/clientloop.c +++ b/clientloop.c @@ -59,7 +59,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: clientloop.c,v 1.107 2003/04/01 10:22:21 markus Exp $"); +RCSID("$OpenBSD: clientloop.c,v 1.108 2003/04/02 09:48:07 markus Exp $"); #include "ssh.h" #include "ssh1.h" @@ -968,9 +968,8 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id) /* Do channel operations unless rekeying in progress. */ if (!rekeying) { channel_after_select(readset, writeset); - - if (need_rekeying) { - debug("user requests rekeying"); + if (need_rekeying || packet_need_rekeying()) { + debug("need rekeying"); xxx_kex->done = 0; kex_send_kexinit(xxx_kex); need_rekeying = 0; diff --git a/monitor.c b/monitor.c index bcd007e60..4cd10a108 100644 --- a/monitor.c +++ b/monitor.c @@ -25,7 +25,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: monitor.c,v 1.36 2003/04/01 10:22:21 markus Exp $"); +RCSID("$OpenBSD: monitor.c,v 1.37 2003/04/02 09:48:07 markus Exp $"); #include @@ -1497,6 +1497,8 @@ mm_get_keystate(struct monitor *pmonitor) Buffer m; u_char *blob, *p; u_int bloblen, plen; + u_int32_t seqnr, packets; + u_int64_t blocks; debug3("%s: Waiting for new keys", __func__); @@ -1526,8 +1528,14 @@ mm_get_keystate(struct monitor *pmonitor) xfree(blob); /* Now get sequence numbers for the packets */ - packet_set_seqnr(MODE_OUT, buffer_get_int(&m)); - packet_set_seqnr(MODE_IN, buffer_get_int(&m)); + seqnr = buffer_get_int(&m); + blocks = buffer_get_int64(&m); + packets = buffer_get_int(&m); + packet_set_state(MODE_OUT, seqnr, blocks, packets); + seqnr = buffer_get_int(&m); + blocks = buffer_get_int64(&m); + packets = buffer_get_int(&m); + packet_set_state(MODE_IN, seqnr, blocks, packets); skip: /* Get the key context */ diff --git a/monitor_wrap.c b/monitor_wrap.c index c9714138a..f674ef78d 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c @@ -25,7 +25,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: monitor_wrap.c,v 1.24 2003/04/01 10:22:21 markus Exp $"); +RCSID("$OpenBSD: monitor_wrap.c,v 1.25 2003/04/02 09:48:07 markus Exp $"); #include #include @@ -520,6 +520,8 @@ mm_send_keystate(struct monitor *pmonitor) Buffer m; u_char *blob, *p; u_int bloblen, plen; + u_int32_t seqnr, packets; + u_int64_t blocks; buffer_init(&m); @@ -568,8 +570,14 @@ mm_send_keystate(struct monitor *pmonitor) buffer_put_string(&m, blob, bloblen); xfree(blob); - buffer_put_int(&m, packet_get_seqnr(MODE_OUT)); - buffer_put_int(&m, packet_get_seqnr(MODE_IN)); + packet_get_state(MODE_OUT, &seqnr, &blocks, &packets); + buffer_put_int(&m, seqnr); + buffer_put_int64(&m, blocks); + buffer_put_int(&m, packets); + packet_get_state(MODE_OUT, &seqnr, &blocks, &packets); + buffer_put_int(&m, seqnr); + buffer_put_int64(&m, blocks); + buffer_put_int(&m, packets); debug3("%s: New keys have been sent", __func__); skip: diff --git a/packet.c b/packet.c index 254e452d0..9887d25af 100644 --- a/packet.c +++ b/packet.c @@ -37,7 +37,9 @@ */ #include "includes.h" -RCSID("$OpenBSD: packet.c,v 1.104 2003/04/01 10:22:21 markus Exp $"); +RCSID("$OpenBSD: packet.c,v 1.105 2003/04/02 09:48:07 markus Exp $"); + +#include #include "xmalloc.h" #include "buffer.h" @@ -116,8 +118,14 @@ static int interactive_mode = 0; /* Session key information for Encryption and MAC */ Newkeys *newkeys[MODE_MAX]; -static u_int32_t read_seqnr = 0; -static u_int32_t send_seqnr = 0; +static struct packet_state { + u_int32_t seqnr; + u_int32_t packets; + u_int64_t blocks; +} p_read, p_send; + +static u_int64_t max_blocks_in, max_blocks_out; +static u_int32_t rekey_limit; /* Session key for protocol v1 */ static u_char ssh1_key[SSH_SESSION_KEY_LENGTH]; @@ -126,6 +134,13 @@ static u_int ssh1_keylen; /* roundup current message to extra_pad bytes */ static u_char extra_pad = 0; +struct packet { + TAILQ_ENTRY(packet) next; + u_char type; + Buffer payload; +}; +TAILQ_HEAD(, packet) outgoing; + /* * Sets the descriptors used for communication. Disables encryption until * packet_set_encryption_key is called. @@ -148,6 +163,7 @@ packet_set_connection(int fd_in, int fd_out) buffer_init(&output); buffer_init(&outgoing_packet); buffer_init(&incoming_packet); + TAILQ_INIT(&outgoing); } /* Kludge: arrange the close function to be called from fatal(). */ fatal_add_cleanup((void (*) (void *)) packet_close, NULL); @@ -254,22 +270,26 @@ packet_get_ssh1_cipher() return (cipher_get_number(receive_context.cipher)); } - -u_int32_t -packet_get_seqnr(int mode) +void +packet_get_state(int mode, u_int32_t *seqnr, u_int64_t *blocks, u_int32_t *packets) { - return (mode == MODE_IN ? read_seqnr : send_seqnr); + struct packet_state *state; + + state = (mode == MODE_IN) ? &p_read : &p_send; + *seqnr = state->seqnr; + *blocks = state->blocks; + *packets = state->packets; } void -packet_set_seqnr(int mode, u_int32_t seqnr) +packet_set_state(int mode, u_int32_t seqnr, u_int64_t blocks, u_int32_t packets) { - if (mode == MODE_IN) - read_seqnr = seqnr; - else if (mode == MODE_OUT) - send_seqnr = seqnr; - else - fatal("packet_set_seqnr: bad mode %d", mode); + struct packet_state *state; + + state = (mode == MODE_IN) ? &p_read : &p_send; + state->seqnr = seqnr; + state->blocks = blocks; + state->packets = packets; } /* returns 1 if connection is via ipv4 */ @@ -562,6 +582,7 @@ set_newkeys(int mode) Mac *mac; Comp *comp; CipherContext *cc; + u_int64_t *max_blocks; int encrypt; debug2("set_newkeys: mode %d", mode); @@ -569,9 +590,13 @@ set_newkeys(int mode) if (mode == MODE_OUT) { cc = &send_context; encrypt = CIPHER_ENCRYPT; + p_send.packets = p_send.blocks = 0; + max_blocks = &max_blocks_out; } else { cc = &receive_context; encrypt = CIPHER_DECRYPT; + p_read.packets = p_read.blocks = 0; + max_blocks = &max_blocks_in; } if (newkeys[mode] != NULL) { debug("set_newkeys: rekeying"); @@ -610,13 +635,16 @@ set_newkeys(int mode) buffer_compress_init_recv(); comp->enabled = 1; } + *max_blocks = ((u_int64_t)1 << (enc->block_size*2)); + if (rekey_limit) + *max_blocks = MIN(*max_blocks, rekey_limit / enc->block_size); } /* * Finalize packet in SSH2 format (compress, mac, encrypt, enqueue) */ static void -packet_send2(void) +packet_send2_wrapped(void) { u_char type, *cp, *macbuf = NULL; u_char padlen, pad; @@ -698,10 +726,10 @@ packet_send2(void) /* compute MAC over seqnr and packet(length fields, payload, padding) */ if (mac && mac->enabled) { - macbuf = mac_compute(mac, send_seqnr, + macbuf = mac_compute(mac, p_send.seqnr, buffer_ptr(&outgoing_packet), buffer_len(&outgoing_packet)); - DBG(debug("done calc MAC out #%d", send_seqnr)); + DBG(debug("done calc MAC out #%d", p_send.seqnr)); } /* encrypt packet and append to output buffer. */ cp = buffer_append_space(&output, buffer_len(&outgoing_packet)); @@ -715,14 +743,64 @@ packet_send2(void) buffer_dump(&output); #endif /* increment sequence number for outgoing packets */ - if (++send_seqnr == 0) + if (++p_send.seqnr == 0) log("outgoing seqnr wraps around"); + if (++p_send.packets == 0) + if (!(datafellows & SSH_BUG_NOREKEY)) + fatal("XXX too many packets with same key"); + p_send.blocks += (packet_length + 4) / block_size; buffer_clear(&outgoing_packet); if (type == SSH2_MSG_NEWKEYS) set_newkeys(MODE_OUT); } +static void +packet_send2(void) +{ + static int rekeying = 0; + struct packet *p; + u_char type, *cp; + + cp = buffer_ptr(&outgoing_packet); + type = cp[5]; + + /* during rekeying we can only send key exchange messages */ + if (rekeying) { + if (!((type >= SSH2_MSG_TRANSPORT_MIN) && + (type <= SSH2_MSG_TRANSPORT_MAX))) { + debug("enqueue packet: %u", type); + p = xmalloc(sizeof(*p)); + p->type = type; + memcpy(&p->payload, &outgoing_packet, sizeof(Buffer)); + buffer_init(&outgoing_packet); + TAILQ_INSERT_TAIL(&outgoing, p, next); + return; + } + } + + /* rekeying starts with sending KEXINIT */ + if (type == SSH2_MSG_KEXINIT) + rekeying = 1; + + packet_send2_wrapped(); + + /* after a NEWKEYS message we can send the complete queue */ + if (type == SSH2_MSG_NEWKEYS) { + rekeying = 0; + while ((p = TAILQ_FIRST(&outgoing))) { + type = p->type; + debug("dequeue packet: %u", type); + buffer_free(&outgoing_packet); + memcpy(&outgoing_packet, &p->payload, + sizeof(Buffer)); + TAILQ_REMOVE(&outgoing, p, next); + xfree(p); + packet_send2_wrapped(); + } + } +} + void packet_send(void) { @@ -966,18 +1044,22 @@ packet_read_poll2(u_int32_t *seqnr_p) * increment sequence number for incoming packet */ if (mac && mac->enabled) { - macbuf = mac_compute(mac, read_seqnr, + macbuf = mac_compute(mac, p_read.seqnr, buffer_ptr(&incoming_packet), buffer_len(&incoming_packet)); if (memcmp(macbuf, buffer_ptr(&input), mac->mac_len) != 0) packet_disconnect("Corrupted MAC on input."); - DBG(debug("MAC #%d ok", read_seqnr)); + DBG(debug("MAC #%d ok", p_read.seqnr)); buffer_consume(&input, mac->mac_len); } if (seqnr_p != NULL) - *seqnr_p = read_seqnr; - if (++read_seqnr == 0) + *seqnr_p = p_read.seqnr; + if (++p_read.seqnr == 0) log("incoming seqnr wraps around"); + if (++p_read.packets == 0) + if (!(datafellows & SSH_BUG_NOREKEY)) + fatal("XXX too many packets with same key"); + p_read.blocks += (packet_length + 4) / block_size; /* get padlen */ cp = buffer_ptr(&incoming_packet); @@ -1416,3 +1498,22 @@ packet_send_ignore(int nbytes) rand >>= 8; } } + +#define MAX_PACKETS (1<<31) +int +packet_need_rekeying(void) +{ + if (datafellows & SSH_BUG_NOREKEY) + return 0; + return + (p_send.packets > MAX_PACKETS) || + (p_read.packets > MAX_PACKETS) || + (max_blocks_out && (p_send.blocks > max_blocks_out)) || + (max_blocks_in && (p_read.blocks > max_blocks_in)); +} + +void +packet_set_rekey_limit(u_int32_t bytes) +{ + rekey_limit = bytes; +} diff --git a/packet.h b/packet.h index 46830c3df..82ed7c747 100644 --- a/packet.h +++ b/packet.h @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.h,v 1.37 2003/04/01 10:22:21 markus Exp $ */ +/* $OpenBSD: packet.h,v 1.38 2003/04/02 09:48:07 markus Exp $ */ /* * Author: Tatu Ylonen @@ -62,8 +62,8 @@ int packet_get_keyiv_len(int); void packet_get_keyiv(int, u_char *, u_int); int packet_get_keycontext(int, u_char *); void packet_set_keycontext(int, u_char *); -u_int32_t packet_get_seqnr(int); -void packet_set_seqnr(int, u_int32_t); +void packet_get_state(int, u_int32_t *, u_int64_t *, u_int32_t *); +void packet_set_state(int, u_int32_t, u_int64_t, u_int32_t); int packet_get_ssh1_cipher(void); void packet_set_iv(int, u_char *); @@ -96,4 +96,7 @@ do { \ } \ } while (0) +int packet_need_rekeying(void); +void packet_set_rekey_limit(u_int32_t); + #endif /* PACKET_H */ diff --git a/readconf.c b/readconf.c index 1df5ce2d9..a10427086 100644 --- a/readconf.c +++ b/readconf.c @@ -12,7 +12,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: readconf.c,v 1.104 2003/04/01 10:22:21 markus Exp $"); +RCSID("$OpenBSD: readconf.c,v 1.105 2003/04/02 09:48:07 markus Exp $"); #include "ssh.h" #include "xmalloc.h" @@ -114,7 +114,7 @@ typedef enum { oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication, oHostKeyAlgorithms, oBindAddress, oSmartcardDevice, oClearAllForwardings, oNoHostAuthenticationForLocalhost, - oEnableSSHKeysign, + oEnableSSHKeysign, oRekeyLimit, oDeprecated } OpCodes; @@ -188,6 +188,7 @@ static struct { { "clearallforwardings", oClearAllForwardings }, { "enablesshkeysign", oEnableSSHKeysign }, { "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost }, + { "rekeylimit", oRekeyLimit }, { NULL, oBadOption } }; @@ -423,6 +424,31 @@ parse_flag: intptr = &options->compression_level; goto parse_int; + case oRekeyLimit: + intptr = &options->rekey_limit; + arg = strdelim(&s); + if (!arg || *arg == '\0') + fatal("%.200s line %d: Missing argument.", filename, linenum); + if (arg[0] < '0' || arg[0] > '9') + fatal("%.200s line %d: Bad number.", filename, linenum); + value = strtol(arg, &endofnumber, 10); + if (arg == endofnumber) + fatal("%.200s line %d: Bad number.", filename, linenum); + switch (toupper(*endofnumber)) { + case 'K': + value *= 1<<10; + break; + case 'M': + value *= 1<<20; + break; + case 'G': + value *= 1<<30; + break; + } + if (*activep && *intptr == -1) + *intptr = value; + break; + case oIdentityFile: arg = strdelim(&s); if (!arg || *arg == '\0') @@ -795,6 +821,7 @@ initialize_options(Options * options) options->smartcard_device = NULL; options->enable_ssh_keysign = - 1; options->no_host_authentication_for_localhost = - 1; + options->rekey_limit = - 1; } /* @@ -911,6 +938,8 @@ fill_default_options(Options * options) options->no_host_authentication_for_localhost = 0; if (options->enable_ssh_keysign == -1) options->enable_ssh_keysign = 0; + if (options->rekey_limit == -1) + options->rekey_limit = 0; /* options->proxy_command should not be set by default */ /* options->user will be set in the main program if appropriate */ /* options->hostname will be set in the main program if appropriate */ diff --git a/readconf.h b/readconf.h index 78e04fedf..d35472117 100644 --- a/readconf.h +++ b/readconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.h,v 1.46 2003/04/01 10:22:21 markus Exp $ */ +/* $OpenBSD: readconf.h,v 1.47 2003/04/02 09:48:07 markus Exp $ */ /* * Author: Tatu Ylonen @@ -101,6 +101,7 @@ typedef struct { int clear_forwardings; int enable_ssh_keysign; + int rekey_limit; int no_host_authentication_for_localhost; } Options; diff --git a/serverloop.c b/serverloop.c index f4df9cccb..187afc716 100644 --- a/serverloop.c +++ b/serverloop.c @@ -35,7 +35,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: serverloop.c,v 1.106 2003/04/01 10:22:21 markus Exp $"); +RCSID("$OpenBSD: serverloop.c,v 1.107 2003/04/02 09:48:07 markus Exp $"); #include "xmalloc.h" #include "packet.h" @@ -771,8 +771,14 @@ server_loop2(Authctxt *authctxt) &nalloc, 0); collect_children(); - if (!rekeying) + if (!rekeying) { channel_after_select(readset, writeset); + if (packet_need_rekeying()) { + debug("need rekeying"); + xxx_kex->done = 0; + kex_send_kexinit(xxx_kex); + } + } process_input(readset); if (connection_closed) break; diff --git a/sshconnect2.c b/sshconnect2.c index 642b34b9e..41768bf05 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect2.c,v 1.114 2003/04/01 10:22:21 markus Exp $"); +RCSID("$OpenBSD: sshconnect2.c,v 1.115 2003/04/02 09:48:07 markus Exp $"); #include "ssh.h" #include "ssh2.h" @@ -108,6 +108,9 @@ ssh_kex2(char *host, struct sockaddr *hostaddr) myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = options.hostkeyalgorithms; + if (options.rekey_limit) + packet_set_rekey_limit(options.rekey_limit); + /* start key exchange */ kex = kex_setup(myproposal); kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client; -- cgit v1.2.3 From 996acd2476d9d34b18bb4f99012ea0927458f418 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Wed, 9 Apr 2003 20:59:48 +1000 Subject: *** empty log message *** --- auth-krb4.c | 22 +++++++++---------- auth-krb5.c | 8 +++---- auth-options.c | 4 ++-- auth-pam.c | 8 +++---- auth-rh-rsa.c | 2 +- auth-rhosts.c | 6 ++--- auth-rsa.c | 4 ++-- auth.c | 30 ++++++++++++------------- auth1.c | 2 +- auth2-hostbased.c | 4 ++-- auth2-passwd.c | 2 +- auth2-pubkey.c | 4 ++-- auth2.c | 2 +- authfd.c | 10 ++++----- bufaux.c | 2 +- canohost.c | 8 +++---- channels.c | 38 ++++++++++++++++---------------- clientloop.c | 14 ++++++------ compat.c | 2 +- dh.c | 8 +++---- dispatch.c | 4 ++-- groupaccess.c | 2 +- hostfile.c | 4 ++-- log.c | 2 +- log.h | 2 +- loginrec.c | 66 +++++++++++++++++++++++++++---------------------------- monitor.c | 4 ++-- nchan.c | 4 ++-- packet.c | 16 +++++++------- packet.h | 2 +- scard-opensc.c | 8 +++---- scard.c | 4 ++-- servconf.c | 2 +- session.c | 10 ++++----- sftp-client.c | 2 +- sftp-server.c | 4 ++-- ssh-agent.c | 4 ++-- ssh-keygen.c | 2 +- ssh.c | 16 +++++++------- sshconnect.c | 20 ++++++++--------- sshconnect1.c | 22 +++++++++---------- sshconnect2.c | 12 +++++----- sshd.c | 28 +++++++++++------------ sshpty.c | 4 ++-- ttymodes.c | 12 +++++----- 45 files changed, 218 insertions(+), 218 deletions(-) (limited to 'packet.c') diff --git a/auth-krb4.c b/auth-krb4.c index b28df469f..0cc058387 100644 --- a/auth-krb4.c +++ b/auth-krb4.c @@ -78,7 +78,7 @@ krb4_init(void *context) return (1); } /* Failure - cancel cleanup function, leaving ticket for inspection. */ - log("WARNING: bad ticket file %s", authctxt->krb4_ticket_file); + logit("WARNING: bad ticket file %s", authctxt->krb4_ticket_file); fatal_remove_cleanup(krb4_cleanup_proc, authctxt); cleanup_registered = 0; @@ -114,7 +114,7 @@ auth_krb4_password(Authctxt *authctxt, const char *password) if (pw->pw_uid != 0 && krb_get_lrealm(realm, 1) == KSUCCESS) { /* Set up our ticket file. */ if (!krb4_init(authctxt)) { - log("Couldn't initialize Kerberos ticket file for %s!", + logit("Couldn't initialize Kerberos ticket file for %s!", pw->pw_name); goto failure; } @@ -141,7 +141,7 @@ auth_krb4_password(Authctxt *authctxt, const char *password) if (r == KSUCCESS) { if ((hp = gethostbyname(localhost)) == NULL) { - log("Couldn't get local host address!"); + logit("Couldn't get local host address!"); goto failure; } memmove((void *)&faddr, (void *)hp->h_addr, @@ -155,12 +155,12 @@ auth_krb4_password(Authctxt *authctxt, const char *password) * Probably didn't have a srvtab on * localhost. Disallow login. */ - log("Kerberos v4 TGT for %s unverifiable, " + logit("Kerberos v4 TGT for %s unverifiable, " "no srvtab installed? krb_rd_req: %s", pw->pw_name, krb_err_txt[r]); goto failure; } else if (r != KSUCCESS) { - log("Kerberos v4 %s ticket unverifiable: %s", + logit("Kerberos v4 %s ticket unverifiable: %s", KRB4_SERVICE_NAME, krb_err_txt[r]); goto failure; } @@ -169,7 +169,7 @@ auth_krb4_password(Authctxt *authctxt, const char *password) * Disallow login if no rcmd service exists, and * log the error. */ - log("Kerberos v4 TGT for %s unverifiable: %s; %s.%s " + logit("Kerberos v4 TGT for %s unverifiable: %s; %s.%s " "not registered, or srvtab is wrong?", pw->pw_name, krb_err_txt[r], KRB4_SERVICE_NAME, phost); goto failure; @@ -249,7 +249,7 @@ auth_krb4(Authctxt *authctxt, KTEXT auth, char **client, KTEXT reply) /* Check ~/.klogin authorization now. */ if (kuserok(&adat, authctxt->user) != KSUCCESS) { - log("Kerberos v4 .klogin authorization failed for %s to " + logit("Kerberos v4 .klogin authorization failed for %s to " "account %s", *client, authctxt->user); xfree(*client); *client = NULL; @@ -289,14 +289,14 @@ auth_krb4_tgt(Authctxt *authctxt, const char *string) temporarily_use_uid(pw); if (!radix_to_creds(string, &creds)) { - log("Protocol error decoding Kerberos v4 TGT"); + logit("Protocol error decoding Kerberos v4 TGT"); goto failure; } if (strncmp(creds.service, "", 1) == 0) /* backward compatibility */ strlcpy(creds.service, "krbtgt", sizeof creds.service); if (strcmp(creds.service, "krbtgt")) { - log("Kerberos v4 TGT (%s%s%s@%s) rejected for %s", + logit("Kerberos v4 TGT (%s%s%s@%s) rejected for %s", creds.pname, creds.pinst[0] ? "." : "", creds.pinst, creds.realm, pw->pw_name); goto failure; @@ -343,7 +343,7 @@ auth_afs_token(Authctxt *authctxt, const char *token_string) return (0); if (!radix_to_creds(token_string, &creds)) { - log("Protocol error decoding AFS token"); + logit("Protocol error decoding AFS token"); return (0); } if (strncmp(creds.service, "", 1) == 0) /* backward compatibility */ @@ -355,7 +355,7 @@ auth_afs_token(Authctxt *authctxt, const char *token_string) uid = pw->pw_uid; if (kafs_settoken(creds.realm, uid, &creds)) { - log("AFS token (%s@%s) rejected for %s", + logit("AFS token (%s@%s) rejected for %s", creds.pname, creds.realm, pw->pw_name); memset(&creds, 0, sizeof(creds)); return (0); diff --git a/auth-krb5.c b/auth-krb5.c index e3e2d9751..34b9d661a 100644 --- a/auth-krb5.c +++ b/auth-krb5.c @@ -189,12 +189,12 @@ auth_krb5_tgt(Authctxt *authctxt, krb5_data *tgt) snprintf(ccname,sizeof(ccname),"FILE:/tmp/krb5cc_%d_XXXXXX",geteuid()); if ((tmpfd = mkstemp(ccname+strlen("FILE:")))==-1) { - log("mkstemp(): %.100s", strerror(errno)); + logit("mkstemp(): %.100s", strerror(errno)); problem = errno; goto fail; } if (fchmod(tmpfd,S_IRUSR | S_IWUSR) == -1) { - log("fchmod(): %.100s", strerror(errno)); + logit("fchmod(): %.100s", strerror(errno)); close(tmpfd); problem = errno; goto fail; @@ -326,13 +326,13 @@ auth_krb5_password(Authctxt *authctxt, const char *password) snprintf(ccname,sizeof(ccname),"FILE:/tmp/krb5cc_%d_XXXXXX",geteuid()); if ((tmpfd = mkstemp(ccname+strlen("FILE:")))==-1) { - log("mkstemp(): %.100s", strerror(errno)); + logit("mkstemp(): %.100s", strerror(errno)); problem = errno; goto out; } if (fchmod(tmpfd,S_IRUSR | S_IWUSR) == -1) { - log("fchmod(): %.100s", strerror(errno)); + logit("fchmod(): %.100s", strerror(errno)); close(tmpfd); problem = errno; goto out; diff --git a/auth-options.c b/auth-options.c index 8595fdc14..a3845f6b0 100644 --- a/auth-options.c +++ b/auth-options.c @@ -201,7 +201,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) if (match_host_and_ip(remote_host, remote_ip, patterns) != 1) { xfree(patterns); - log("Authentication tried for %.100s with " + logit("Authentication tried for %.100s with " "correct key but not from a permitted " "host (host=%.200s, ip=%.200s).", pw->pw_name, remote_host, remote_ip); @@ -287,7 +287,7 @@ next_option: return 1; bad_option: - log("Bad options in %.100s file, line %lu: %.50s", + logit("Bad options in %.100s file, line %lu: %.50s", file, linenum, opts); auth_debug_add("Bad options in %.100s file, line %lu: %.50s", file, linenum, opts); diff --git a/auth-pam.c b/auth-pam.c index fe9570f92..b29444e89 100644 --- a/auth-pam.c +++ b/auth-pam.c @@ -38,7 +38,7 @@ extern char *__progname; extern int use_privsep; -RCSID("$Id: auth-pam.c,v 1.55 2003/01/22 04:42:26 djm Exp $"); +RCSID("$Id: auth-pam.c,v 1.56 2003/04/09 10:59:48 djm Exp $"); #define NEW_AUTHTOK_MSG \ "Warning: Your password has expired, please change it now." @@ -182,7 +182,7 @@ void do_pam_cleanup_proc(void *context) if (__pamh && session_opened) { pam_retval = pam_close_session(__pamh, 0); if (pam_retval != PAM_SUCCESS) - log("Cannot close PAM session[%d]: %.200s", + logit("Cannot close PAM session[%d]: %.200s", pam_retval, PAM_STRERROR(__pamh, pam_retval)); } @@ -196,7 +196,7 @@ void do_pam_cleanup_proc(void *context) if (__pamh) { pam_retval = pam_end(__pamh, pam_retval); if (pam_retval != PAM_SUCCESS) - log("Cannot release PAM authentication[%d]: %.200s", + logit("Cannot release PAM authentication[%d]: %.200s", pam_retval, PAM_STRERROR(__pamh, pam_retval)); } } @@ -261,7 +261,7 @@ int do_pam_account(char *username, char *remote_user) break; #endif default: - log("PAM rejected by account configuration[%d]: " + logit("PAM rejected by account configuration[%d]: " "%.200s", pam_retval, PAM_STRERROR(__pamh, pam_retval)); return(0); diff --git a/auth-rh-rsa.c b/auth-rh-rsa.c index d7848d04c..8675de580 100644 --- a/auth-rh-rsa.c +++ b/auth-rh-rsa.c @@ -75,7 +75,7 @@ auth_rhosts_rsa(struct passwd *pw, char *cuser, Key *client_host_key) /* Perform the challenge-response dialog with the client for the host key. */ if (!auth_rsa_challenge_dialog(client_host_key)) { - log("Client on %.800s failed to respond correctly to host authentication.", + logit("Client on %.800s failed to respond correctly to host authentication.", chost); return 0; } diff --git a/auth-rhosts.c b/auth-rhosts.c index afca1f7c6..9b651bacd 100644 --- a/auth-rhosts.c +++ b/auth-rhosts.c @@ -220,7 +220,7 @@ auth_rhosts2_raw(struct passwd *pw, const char *client_user, const char *hostnam * not group or world writable. */ if (stat(pw->pw_dir, &st) < 0) { - log("Rhosts authentication refused for %.100s: " + logit("Rhosts authentication refused for %.100s: " "no home directory %.200s", pw->pw_name, pw->pw_dir); auth_debug_add("Rhosts authentication refused for %.100s: " "no home directory %.200s", pw->pw_name, pw->pw_dir); @@ -229,7 +229,7 @@ auth_rhosts2_raw(struct passwd *pw, const char *client_user, const char *hostnam if (options.strict_modes && ((st.st_uid != 0 && st.st_uid != pw->pw_uid) || (st.st_mode & 022) != 0)) { - log("Rhosts authentication refused for %.100s: " + logit("Rhosts authentication refused for %.100s: " "bad ownership or modes for home directory.", pw->pw_name); auth_debug_add("Rhosts authentication refused for %.100s: " "bad ownership or modes for home directory.", pw->pw_name); @@ -256,7 +256,7 @@ auth_rhosts2_raw(struct passwd *pw, const char *client_user, const char *hostnam if (options.strict_modes && ((st.st_uid != 0 && st.st_uid != pw->pw_uid) || (st.st_mode & 022) != 0)) { - log("Rhosts authentication refused for %.100s: bad modes for %.200s", + logit("Rhosts authentication refused for %.100s: bad modes for %.200s", pw->pw_name, buf); auth_debug_add("Bad file modes for %.200s", buf); continue; diff --git a/auth-rsa.c b/auth-rsa.c index 92f6277f9..bb2c91741 100644 --- a/auth-rsa.c +++ b/auth-rsa.c @@ -187,7 +187,7 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey) secure_filename(f, file, pw, line, sizeof(line)) != 0) { xfree(file); fclose(f); - log("Authentication refused: %s", line); + logit("Authentication refused: %s", line); restore_uid(); return (0); } @@ -246,7 +246,7 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey) /* check the real bits */ if (bits != BN_num_bits(key->rsa->n)) - log("Warning: %s, line %lu: keysize mismatch: " + logit("Warning: %s, line %lu: keysize mismatch: " "actual %d vs. announced %d.", file, linenum, BN_num_bits(key->rsa->n), bits); diff --git a/auth.c b/auth.c index 1268accb1..514b0b456 100644 --- a/auth.c +++ b/auth.c @@ -102,19 +102,19 @@ allowed_user(struct passwd * pw) * day after the day specified. */ if (spw->sp_expire != -1 && today > spw->sp_expire) { - log("Account %.100s has expired", pw->pw_name); + logit("Account %.100s has expired", pw->pw_name); return 0; } if (spw->sp_lstchg == 0) { - log("User %.100s password has expired (root forced)", + logit("User %.100s password has expired (root forced)", pw->pw_name); return 0; } if (spw->sp_max != -1 && today > spw->sp_lstchg + spw->sp_max) { - log("User %.100s password has expired (password aged)", + logit("User %.100s password has expired (password aged)", pw->pw_name); return 0; } @@ -129,13 +129,13 @@ allowed_user(struct passwd * pw) /* deny if shell does not exists or is not executable */ if (stat(shell, &st) != 0) { - log("User %.100s not allowed because shell %.100s does not exist", + logit("User %.100s not allowed because shell %.100s does not exist", pw->pw_name, shell); return 0; } if (S_ISREG(st.st_mode) == 0 || (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)) == 0) { - log("User %.100s not allowed because shell %.100s is not executable", + logit("User %.100s not allowed because shell %.100s is not executable", pw->pw_name, shell); return 0; } @@ -150,7 +150,7 @@ allowed_user(struct passwd * pw) for (i = 0; i < options.num_deny_users; i++) if (match_user(pw->pw_name, hostname, ipaddr, options.deny_users[i])) { - log("User %.100s not allowed because listed in DenyUsers", + logit("User %.100s not allowed because listed in DenyUsers", pw->pw_name); return 0; } @@ -163,7 +163,7 @@ allowed_user(struct passwd * pw) break; /* i < options.num_allow_users iff we break for loop */ if (i >= options.num_allow_users) { - log("User %.100s not allowed because not listed in AllowUsers", + logit("User %.100s not allowed because not listed in AllowUsers", pw->pw_name); return 0; } @@ -171,7 +171,7 @@ allowed_user(struct passwd * pw) if (options.num_deny_groups > 0 || options.num_allow_groups > 0) { /* Get the user's group access list (primary and supplementary) */ if (ga_init(pw->pw_name, pw->pw_gid) == 0) { - log("User %.100s not allowed because not in any group", + logit("User %.100s not allowed because not in any group", pw->pw_name); return 0; } @@ -181,7 +181,7 @@ allowed_user(struct passwd * pw) if (ga_match(options.deny_groups, options.num_deny_groups)) { ga_free(); - log("User %.100s not allowed because a group is listed in DenyGroups", + logit("User %.100s not allowed because a group is listed in DenyGroups", pw->pw_name); return 0; } @@ -193,7 +193,7 @@ allowed_user(struct passwd * pw) if (!ga_match(options.allow_groups, options.num_allow_groups)) { ga_free(); - log("User %.100s not allowed because none of user's groups are listed in AllowGroups", + logit("User %.100s not allowed because none of user's groups are listed in AllowGroups", pw->pw_name); return 0; } @@ -219,7 +219,7 @@ allowed_user(struct passwd * pw) } /* Remove trailing newline */ *--p = '\0'; - log("Login restricted for %s: %.100s", pw->pw_name, + logit("Login restricted for %s: %.100s", pw->pw_name, loginmsg); } /* Don't fail if /etc/nologin set */ @@ -293,12 +293,12 @@ auth_root_allowed(char *method) break; case PERMIT_FORCED_ONLY: if (forced_command) { - log("Root login accepted for forced command."); + logit("Root login accepted for forced command."); return 1; } break; } - log("ROOT LOGIN REFUSED FROM %.200s", get_remote_ipaddr()); + logit("ROOT LOGIN REFUSED FROM %.200s", get_remote_ipaddr()); return 0; } @@ -390,7 +390,7 @@ check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host, (stat(user_hostfile, &st) == 0) && ((st.st_uid != 0 && st.st_uid != pw->pw_uid) || (st.st_mode & 022) != 0)) { - log("Authentication refused for %.100s: " + logit("Authentication refused for %.100s: " "bad owner or modes for %.200s", pw->pw_name, user_hostfile); } else { @@ -494,7 +494,7 @@ getpwnamallow(const char *user) pw = getpwnam(user); if (pw == NULL) { - log("Illegal user %.100s from %.100s", + logit("Illegal user %.100s from %.100s", user, get_remote_ipaddr()); #ifdef WITH_AIXAUTHENTICATE loginfailed(user, diff --git a/auth1.c b/auth1.c index c273f2fb6..03a54a9cd 100644 --- a/auth1.c +++ b/auth1.c @@ -297,7 +297,7 @@ do_authloop(Authctxt *authctxt) * Any unknown messages will be ignored (and failure * returned) during authentication. */ - log("Unknown message during authentication: type %d", type); + logit("Unknown message during authentication: type %d", type); break; } #ifdef BSD_AUTH diff --git a/auth2-hostbased.c b/auth2-hostbased.c index 2bde7bb79..72df83bd4 100644 --- a/auth2-hostbased.c +++ b/auth2-hostbased.c @@ -77,7 +77,7 @@ userauth_hostbased(Authctxt *authctxt) pktype = key_type_from_name(pkalg); if (pktype == KEY_UNSPEC) { /* this is perfectly legal */ - log("userauth_hostbased: unsupported " + logit("userauth_hostbased: unsupported " "public key algorithm: %s", pkalg); goto done; } @@ -152,7 +152,7 @@ hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost, chost[len - 1] = '\0'; } if (strcasecmp(resolvedname, chost) != 0) - log("userauth_hostbased mismatch: " + logit("userauth_hostbased mismatch: " "client sends %s, but we resolve %s to %s", chost, ipaddr, resolvedname); if (auth_rhosts2(pw, cuser, resolvedname, ipaddr) == 0) diff --git a/auth2-passwd.c b/auth2-passwd.c index ffa279594..a8f15161a 100644 --- a/auth2-passwd.c +++ b/auth2-passwd.c @@ -44,7 +44,7 @@ userauth_passwd(Authctxt *authctxt) u_int len; change = packet_get_char(); if (change) - log("password change not supported"); + logit("password change not supported"); password = packet_get_string(&len); packet_check_eom(); if (authctxt->valid && diff --git a/auth2-pubkey.c b/auth2-pubkey.c index 947bfed0b..8c5436e35 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c @@ -78,7 +78,7 @@ userauth_pubkey(Authctxt *authctxt) pktype = key_type_from_name(pkalg); if (pktype == KEY_UNSPEC) { /* this is perfectly legal */ - log("userauth_pubkey: unsupported public key algorithm: %s", + logit("userauth_pubkey: unsupported public key algorithm: %s", pkalg); goto done; } @@ -199,7 +199,7 @@ user_key_allowed2(struct passwd *pw, Key *key, char *file) if (options.strict_modes && secure_filename(f, file, pw, line, sizeof(line)) != 0) { fclose(f); - log("Authentication refused: %s", line); + logit("Authentication refused: %s", line); restore_uid(); return 0; } diff --git a/auth2.c b/auth2.c index 1b21eb2da..cfaac5f72 100644 --- a/auth2.c +++ b/auth2.c @@ -160,7 +160,7 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt) PRIVSEP(start_pam(authctxt->pw->pw_name)); #endif } else { - log("input_userauth_request: illegal user %s", user); + logit("input_userauth_request: illegal user %s", user); #ifdef USE_PAM PRIVSEP(start_pam("NOUSER")); #endif diff --git a/authfd.c b/authfd.c index a186e0117..3d20da8be 100644 --- a/authfd.c +++ b/authfd.c @@ -332,7 +332,7 @@ ssh_get_next_identity(AuthenticationConnection *auth, char **comment, int versio buffer_get_bignum(&auth->identities, key->rsa->n); *comment = buffer_get_string(&auth->identities, NULL); if (bits != BN_num_bits(key->rsa->n)) - log("Warning: identity keysize mismatch: actual %d, announced %u", + logit("Warning: identity keysize mismatch: actual %d, announced %u", BN_num_bits(key->rsa->n), bits); break; case 2: @@ -373,7 +373,7 @@ ssh_decrypt_challenge(AuthenticationConnection *auth, if (key->type != KEY_RSA1) return 0; if (response_type == 0) { - log("Compatibility with ssh protocol version 1.0 no longer supported."); + logit("Compatibility with ssh protocol version 1.0 no longer supported."); return 0; } buffer_init(&buffer); @@ -392,7 +392,7 @@ ssh_decrypt_challenge(AuthenticationConnection *auth, type = buffer_get_char(&buffer); if (agent_failed(type)) { - log("Agent admitted failure to authenticate using the key."); + logit("Agent admitted failure to authenticate using the key."); } else if (type != SSH_AGENT_RSA_RESPONSE) { fatal("Bad authentication response: %d", type); } else { @@ -441,7 +441,7 @@ ssh_agent_sign(AuthenticationConnection *auth, } type = buffer_get_char(&msg); if (agent_failed(type)) { - log("Agent admitted failure to sign using the key."); + logit("Agent admitted failure to sign using the key."); } else if (type != SSH2_AGENT_SIGN_RESPONSE) { fatal("Bad authentication response: %d", type); } else { @@ -641,7 +641,7 @@ decode_reply(int type) case SSH_AGENT_FAILURE: case SSH_COM_AGENT2_FAILURE: case SSH2_AGENT_FAILURE: - log("SSH_AGENT_FAILURE"); + logit("SSH_AGENT_FAILURE"); return 0; case SSH_AGENT_SUCCESS: return 1; diff --git a/bufaux.c b/bufaux.c index 3c276b810..8066f77b5 100644 --- a/bufaux.c +++ b/bufaux.c @@ -119,7 +119,7 @@ buffer_put_bignum2(Buffer *buffer, BIGNUM *value) /**XXX should be two's-complement */ int i, carry; u_char *uc = buf; - log("negativ!"); + logit("negativ!"); for (i = bytes-1, carry = 1; i>=0; i--) { uc[i] ^= 0xff; if (carry) diff --git a/canohost.c b/canohost.c index 941db23b6..21a7eba85 100644 --- a/canohost.c +++ b/canohost.c @@ -81,7 +81,7 @@ get_remote_hostname(int socket, int verify_reverse_mapping) NULL, 0, NI_NAMEREQD) != 0) { /* Host name not found. Use ip address. */ #if 0 - log("Could not reverse map address %.100s.", ntop); + logit("Could not reverse map address %.100s.", ntop); #endif return xstrdup(ntop); } @@ -111,7 +111,7 @@ get_remote_hostname(int socket, int verify_reverse_mapping) hints.ai_family = from.ss_family; hints.ai_socktype = SOCK_STREAM; if (getaddrinfo(name, NULL, &hints, &aitop) != 0) { - log("reverse mapping checking getaddrinfo for %.700s " + logit("reverse mapping checking getaddrinfo for %.700s " "failed - POSSIBLE BREAKIN ATTEMPT!", name); return xstrdup(ntop); } @@ -126,7 +126,7 @@ get_remote_hostname(int socket, int verify_reverse_mapping) /* If we reached the end of the list, the address was not there. */ if (!ai) { /* Address not found for the host name. */ - log("Address %.100s maps to %.600s, but this does not " + logit("Address %.100s maps to %.600s, but this does not " "map back to the address - POSSIBLE BREAKIN ATTEMPT!", ntop, name); return xstrdup(ntop); @@ -166,7 +166,7 @@ check_ip_options(int socket, char *ipaddr) for (i = 0; i < option_size; i++) snprintf(text + i*3, sizeof(text) - i*3, " %2.2x", options[i]); - log("Connection from %.100s with IP options:%.800s", + logit("Connection from %.100s with IP options:%.800s", ipaddr, text); packet_disconnect("Connection from %.100s with IP options:%.800s", ipaddr, text); diff --git a/channels.c b/channels.c index 1937b0244..e27ae1fa3 100644 --- a/channels.c +++ b/channels.c @@ -142,12 +142,12 @@ channel_lookup(int id) Channel *c; if (id < 0 || id >= channels_alloc) { - log("channel_lookup: %d: bad id", id); + logit("channel_lookup: %d: bad id", id); return NULL; } c = channels[id]; if (c == NULL) { - log("channel_lookup: %d: bad id: channel free", id); + logit("channel_lookup: %d: bad id: channel free", id); return NULL; } return c; @@ -575,7 +575,7 @@ channel_send_open(int id) Channel *c = channel_lookup(id); if (c == NULL) { - log("channel_send_open: %d: bad id", id); + logit("channel_send_open: %d: bad id", id); return; } debug2("channel %d: send open", id); @@ -593,7 +593,7 @@ channel_request_start(int id, char *service, int wantconfirm) Channel *c = channel_lookup(id); if (c == NULL) { - log("channel_request_start: %d: unknown channel id", id); + logit("channel_request_start: %d: unknown channel id", id); return; } debug("channel %d: request %s", id, service) ; @@ -608,7 +608,7 @@ channel_register_confirm(int id, channel_callback_fn *fn) Channel *c = channel_lookup(id); if (c == NULL) { - log("channel_register_comfirm: %d: bad id", id); + logit("channel_register_comfirm: %d: bad id", id); return; } c->confirm = fn; @@ -619,7 +619,7 @@ channel_register_cleanup(int id, channel_callback_fn *fn) Channel *c = channel_lookup(id); if (c == NULL) { - log("channel_register_cleanup: %d: bad id", id); + logit("channel_register_cleanup: %d: bad id", id); return; } c->detach_user = fn; @@ -630,7 +630,7 @@ channel_cancel_cleanup(int id) Channel *c = channel_lookup(id); if (c == NULL) { - log("channel_cancel_cleanup: %d: bad id", id); + logit("channel_cancel_cleanup: %d: bad id", id); return; } c->detach_user = NULL; @@ -641,7 +641,7 @@ channel_register_filter(int id, channel_filter_fn *fn) Channel *c = channel_lookup(id); if (c == NULL) { - log("channel_register_filter: %d: bad id", id); + logit("channel_register_filter: %d: bad id", id); return; } c->input_filter = fn; @@ -833,7 +833,7 @@ channel_pre_x11_open_13(Channel *c, fd_set * readset, fd_set * writeset) * We have received an X11 connection that has bad * authentication information. */ - log("X11 connection rejected because of wrong authentication."); + logit("X11 connection rejected because of wrong authentication."); buffer_clear(&c->input); buffer_clear(&c->output); channel_close_fd(&c->sock); @@ -856,7 +856,7 @@ channel_pre_x11_open(Channel *c, fd_set * readset, fd_set * writeset) c->type = SSH_CHANNEL_OPEN; channel_pre_open(c, readset, writeset); } else if (ret == -1) { - log("X11 connection rejected because of wrong authentication."); + logit("X11 connection rejected because of wrong authentication."); debug("X11 rejected %d i%d/o%d", c->self, c->istate, c->ostate); chan_read_failed(c); buffer_clear(&c->input); @@ -1717,11 +1717,11 @@ channel_input_data(int type, u_int32_t seq, void *ctxt) if (compat20) { if (data_len > c->local_maxpacket) { - log("channel %d: rcvd big packet %d, maxpack %d", + logit("channel %d: rcvd big packet %d, maxpack %d", c->self, data_len, c->local_maxpacket); } if (data_len > c->local_window) { - log("channel %d: rcvd too much data %d, win %d", + logit("channel %d: rcvd too much data %d, win %d", c->self, data_len, c->local_window); xfree(data); return; @@ -1748,7 +1748,7 @@ channel_input_extended_data(int type, u_int32_t seq, void *ctxt) if (c == NULL) packet_disconnect("Received extended_data for bad channel %d.", id); if (c->type != SSH_CHANNEL_OPEN) { - log("channel %d: ext data for non open", id); + logit("channel %d: ext data for non open", id); return; } if (c->flags & CHAN_EOF_RCVD) { @@ -1762,13 +1762,13 @@ channel_input_extended_data(int type, u_int32_t seq, void *ctxt) if (c->efd == -1 || c->extended_usage != CHAN_EXTENDED_WRITE || tcode != SSH2_EXTENDED_DATA_STDERR) { - log("channel %d: bad ext data", c->self); + logit("channel %d: bad ext data", c->self); return; } data = packet_get_string(&data_len); packet_check_eom(); if (data_len > c->local_window) { - log("channel %d: rcvd too much extended_data %d, win %d", + logit("channel %d: rcvd too much extended_data %d, win %d", c->self, data_len, c->local_window); xfree(data); return; @@ -1934,7 +1934,7 @@ channel_input_open_failure(int type, u_int32_t seq, void *ctxt) msg = packet_get_string(NULL); lang = packet_get_string(NULL); } - log("channel %d: open failed: %s%s%s", id, + logit("channel %d: open failed: %s%s%s", id, reason2txt(reason), msg ? ": ": "", msg ? msg : ""); if (msg != NULL) xfree(msg); @@ -1961,7 +1961,7 @@ channel_input_window_adjust(int type, u_int32_t seq, void *ctxt) c = channel_lookup(id); if (c == NULL || c->type != SSH_CHANNEL_OPEN) { - log("Received window adjust for " + logit("Received window adjust for " "non-open channel %d.", id); return; } @@ -2167,7 +2167,7 @@ channel_request_remote_forwarding(u_short listen_port, success = 1; break; case SSH_SMSG_FAILURE: - log("Warning: Server denied remote port forwarding."); + logit("Warning: Server denied remote port forwarding."); break; default: /* Unknown packet */ @@ -2340,7 +2340,7 @@ channel_connect_to(const char *host, u_short port) } if (!permit) { - log("Received request to connect to host %.100s port %d, " + logit("Received request to connect to host %.100s port %d, " "but the request was denied.", host, port); return -1; } diff --git a/clientloop.c b/clientloop.c index a40019d08..f07725bbc 100644 --- a/clientloop.c +++ b/clientloop.c @@ -490,13 +490,13 @@ process_cmdline(void) if (*s == 0) goto out; if (strlen(s) < 2 || s[0] != '-' || !(s[1] == 'L' || s[1] == 'R')) { - log("Invalid command."); + logit("Invalid command."); goto out; } if (s[1] == 'L') local = 1; if (!local && !compat20) { - log("Not supported for SSH protocol version 1."); + logit("Not supported for SSH protocol version 1."); goto out; } s += 2; @@ -507,24 +507,24 @@ process_cmdline(void) sfwd_port, buf, sfwd_host_port) != 3 && sscanf(s, "%5[0-9]/%255[^/]/%5[0-9]", sfwd_port, buf, sfwd_host_port) != 3) { - log("Bad forwarding specification."); + logit("Bad forwarding specification."); goto out; } if ((fwd_port = a2port(sfwd_port)) == 0 || (fwd_host_port = a2port(sfwd_host_port)) == 0) { - log("Bad forwarding port(s)."); + logit("Bad forwarding port(s)."); goto out; } if (local) { if (channel_setup_local_fwd_listener(fwd_port, buf, fwd_host_port, options.gateway_ports) < 0) { - log("Port forwarding failed."); + logit("Port forwarding failed."); goto out; } } else channel_request_remote_forwarding(fwd_port, buf, fwd_host_port); - log("Forwarding port."); + logit("Forwarding port."); out: signal(SIGINT, handler); enter_raw_mode(); @@ -577,7 +577,7 @@ process_escapes(Buffer *bin, Buffer *bout, Buffer *berr, char *buf, int len) case 'R': if (compat20) { if (datafellows & SSH_BUG_NOREKEY) - log("Server does not support re-keying"); + logit("Server does not support re-keying"); else need_rekeying = 1; } diff --git a/compat.c b/compat.c index 5e1774ab6..a5241c491 100644 --- a/compat.c +++ b/compat.c @@ -188,7 +188,7 @@ proto_spec(const char *spec) ret |= SSH_PROTO_2; break; default: - log("ignoring bad proto spec: '%s'.", p); + logit("ignoring bad proto spec: '%s'.", p); break; } } diff --git a/dh.c b/dh.c index 1be51953c..fd41e2102 100644 --- a/dh.c +++ b/dh.c @@ -112,7 +112,7 @@ choose_dh(int min, int wantbits, int max) if ((f = fopen(_PATH_DH_MODULI, "r")) == NULL && (f = fopen(_PATH_DH_PRIMES, "r")) == NULL) { - log("WARNING: %s does not exist, using old modulus", _PATH_DH_MODULI); + logit("WARNING: %s does not exist, using old modulus", _PATH_DH_MODULI); return (dh_new_group1()); } @@ -140,7 +140,7 @@ choose_dh(int min, int wantbits, int max) if (bestcount == 0) { fclose(f); - log("WARNING: no suitable primes in %s", _PATH_DH_PRIMES); + logit("WARNING: no suitable primes in %s", _PATH_DH_PRIMES); return (NULL); } @@ -176,7 +176,7 @@ dh_pub_is_valid(DH *dh, BIGNUM *dh_pub) int bits_set = 0; if (dh_pub->neg) { - log("invalid public DH value: negativ"); + logit("invalid public DH value: negativ"); return 0; } for (i = 0; i <= n; i++) @@ -187,7 +187,7 @@ dh_pub_is_valid(DH *dh, BIGNUM *dh_pub) /* if g==2 and bits_set==1 then computing log_g(dh_pub) is trivial */ if (bits_set > 1 && (BN_cmp(dh_pub, dh->p) == -1)) return 1; - log("invalid public DH value (%d/%d)", bits_set, BN_num_bits(dh->p)); + logit("invalid public DH value (%d/%d)", bits_set, BN_num_bits(dh->p)); return 0; } diff --git a/dispatch.c b/dispatch.c index ce32bc22f..e962fb34b 100644 --- a/dispatch.c +++ b/dispatch.c @@ -39,7 +39,7 @@ dispatch_fn *dispatch[DISPATCH_MAX]; void dispatch_protocol_error(int type, u_int32_t seq, void *ctxt) { - log("dispatch_protocol_error: type %d seq %u", type, seq); + logit("dispatch_protocol_error: type %d seq %u", type, seq); if (!compat20) fatal("protocol error"); packet_start(SSH2_MSG_UNIMPLEMENTED); @@ -50,7 +50,7 @@ dispatch_protocol_error(int type, u_int32_t seq, void *ctxt) void dispatch_protocol_ignore(int type, u_int32_t seq, void *ctxt) { - log("dispatch_protocol_ignore: type %d seq %u", type, seq); + logit("dispatch_protocol_ignore: type %d seq %u", type, seq); } void dispatch_init(dispatch_fn *dflt) diff --git a/groupaccess.c b/groupaccess.c index 66dfa68fe..b90791832 100644 --- a/groupaccess.c +++ b/groupaccess.c @@ -49,7 +49,7 @@ ga_init(const char *user, gid_t base) ngroups = sizeof(groups_bygid) / sizeof(gid_t); if (getgrouplist(user, base, groups_bygid, &ngroups) == -1) - log("getgrouplist: groups list too small"); + logit("getgrouplist: groups list too small"); for (i = 0, j = 0; i < ngroups; i++) if ((gr = getgrgid(groups_bygid[i])) != NULL) groups_byname[j++] = xstrdup(gr->gr_name); diff --git a/hostfile.c b/hostfile.c index dcee03448..31147cba1 100644 --- a/hostfile.c +++ b/hostfile.c @@ -77,10 +77,10 @@ hostfile_check_key(int bits, Key *key, const char *host, const char *filename, i if (key == NULL || key->type != KEY_RSA1 || key->rsa == NULL) return 1; if (bits != BN_num_bits(key->rsa->n)) { - log("Warning: %s, line %d: keysize mismatch for host %s: " + logit("Warning: %s, line %d: keysize mismatch for host %s: " "actual %d vs. announced %d.", filename, linenum, host, BN_num_bits(key->rsa->n), bits); - log("Warning: replace %d with %d in %s, line %d.", + logit("Warning: replace %d with %d in %s, line %d.", bits, BN_num_bits(key->rsa->n), filename, linenum); } return 1; diff --git a/log.c b/log.c index 84e4ce0ac..685717aef 100644 --- a/log.c +++ b/log.c @@ -127,7 +127,7 @@ error(const char *fmt,...) /* Log this message (information that usually should go to the log). */ void -log(const char *fmt,...) +logit(const char *fmt,...) { va_list args; diff --git a/log.h b/log.h index 917fafa69..4aad9ac7c 100644 --- a/log.h +++ b/log.h @@ -55,7 +55,7 @@ LogLevel log_level_number(char *); void fatal(const char *, ...) __attribute__((format(printf, 1, 2))); void error(const char *, ...) __attribute__((format(printf, 1, 2))); -void log(const char *, ...) __attribute__((format(printf, 1, 2))); +void logit(const char *, ...) __attribute__((format(printf, 1, 2))); void verbose(const char *, ...) __attribute__((format(printf, 1, 2))); void debug(const char *, ...) __attribute__((format(printf, 1, 2))); void debug2(const char *, ...) __attribute__((format(printf, 1, 2))); diff --git a/loginrec.c b/loginrec.c index db2528a79..38e1d8e82 100644 --- a/loginrec.c +++ b/loginrec.c @@ -163,7 +163,7 @@ #include "log.h" #include "atomicio.h" -RCSID("$Id: loginrec.c,v 1.48 2003/04/09 09:40:34 djm Exp $"); +RCSID("$Id: loginrec.c,v 1.49 2003/04/09 10:59:49 djm Exp $"); #ifdef HAVE_UTIL_H # include @@ -413,7 +413,7 @@ login_write (struct logininfo *li) { #ifndef HAVE_CYGWIN if ((int)geteuid() != 0) { - log("Attempt to write login records by non-root user (aborting)"); + logit("Attempt to write login records by non-root user (aborting)"); return 1; } #endif @@ -818,7 +818,7 @@ utmp_write_direct(struct logininfo *li, struct utmp *ut) endttyent(); if((struct ttyent *)0 == ty) { - log("utmp_write_entry: tty not found"); + logit("utmp_write_entry: tty not found"); return(1); } #else /* FIXME */ @@ -843,7 +843,7 @@ utmp_write_direct(struct logininfo *li, struct utmp *ut) (void)lseek(fd, (off_t)(tty * sizeof(struct utmp)), SEEK_SET); if (atomicio(write, fd, ut, sizeof(*ut)) != sizeof(*ut)) - log("utmp_write_direct: error writing %s: %s", + logit("utmp_write_direct: error writing %s: %s", UTMP_FILE, strerror(errno)); (void)close(fd); @@ -862,12 +862,12 @@ utmp_perform_login(struct logininfo *li) construct_utmp(li, &ut); # ifdef UTMP_USE_LIBRARY if (!utmp_write_library(li, &ut)) { - log("utmp_perform_login: utmp_write_library() failed"); + logit("utmp_perform_login: utmp_write_library() failed"); return 0; } # else if (!utmp_write_direct(li, &ut)) { - log("utmp_perform_login: utmp_write_direct() failed"); + logit("utmp_perform_login: utmp_write_direct() failed"); return 0; } # endif @@ -883,12 +883,12 @@ utmp_perform_logout(struct logininfo *li) construct_utmp(li, &ut); # ifdef UTMP_USE_LIBRARY if (!utmp_write_library(li, &ut)) { - log("utmp_perform_logout: utmp_write_library() failed"); + logit("utmp_perform_logout: utmp_write_library() failed"); return 0; } # else if (!utmp_write_direct(li, &ut)) { - log("utmp_perform_logout: utmp_write_direct() failed"); + logit("utmp_perform_logout: utmp_write_direct() failed"); return 0; } # endif @@ -907,7 +907,7 @@ utmp_write_entry(struct logininfo *li) return utmp_perform_logout(li); default: - log("utmp_write_entry: invalid type field"); + logit("utmp_write_entry: invalid type field"); return 0; } } @@ -948,7 +948,7 @@ utmpx_write_library(struct logininfo *li, struct utmpx *utx) static int utmpx_write_direct(struct logininfo *li, struct utmpx *utx) { - log("utmpx_write_direct: not implemented!"); + logit("utmpx_write_direct: not implemented!"); return 0; } # endif /* UTMPX_USE_LIBRARY */ @@ -961,12 +961,12 @@ utmpx_perform_login(struct logininfo *li) construct_utmpx(li, &utx); # ifdef UTMPX_USE_LIBRARY if (!utmpx_write_library(li, &utx)) { - log("utmpx_perform_login: utmp_write_library() failed"); + logit("utmpx_perform_login: utmp_write_library() failed"); return 0; } # else if (!utmpx_write_direct(li, &ut)) { - log("utmpx_perform_login: utmp_write_direct() failed"); + logit("utmpx_perform_login: utmp_write_direct() failed"); return 0; } # endif @@ -1004,7 +1004,7 @@ utmpx_write_entry(struct logininfo *li) case LTYPE_LOGOUT: return utmpx_perform_logout(li); default: - log("utmpx_write_entry: invalid type field"); + logit("utmpx_write_entry: invalid type field"); return 0; } } @@ -1026,14 +1026,14 @@ wtmp_write(struct logininfo *li, struct utmp *ut) int fd, ret = 1; if ((fd = open(WTMP_FILE, O_WRONLY|O_APPEND, 0)) < 0) { - log("wtmp_write: problem writing %s: %s", + logit("wtmp_write: problem writing %s: %s", WTMP_FILE, strerror(errno)); return 0; } if (fstat(fd, &buf) == 0) if (atomicio(write, fd, ut, sizeof(*ut)) != sizeof(*ut)) { ftruncate(fd, buf.st_size); - log("wtmp_write: problem writing %s: %s", + logit("wtmp_write: problem writing %s: %s", WTMP_FILE, strerror(errno)); ret = 0; } @@ -1070,7 +1070,7 @@ wtmp_write_entry(struct logininfo *li) case LTYPE_LOGOUT: return wtmp_perform_logout(li); default: - log("wtmp_write_entry: invalid type field"); + logit("wtmp_write_entry: invalid type field"); return 0; } } @@ -1119,12 +1119,12 @@ wtmp_get_entry(struct logininfo *li) li->tv_sec = li->tv_usec = 0; if ((fd = open(WTMP_FILE, O_RDONLY)) < 0) { - log("wtmp_get_entry: problem opening %s: %s", + logit("wtmp_get_entry: problem opening %s: %s", WTMP_FILE, strerror(errno)); return 0; } if (fstat(fd, &st) != 0) { - log("wtmp_get_entry: couldn't stat %s: %s", + logit("wtmp_get_entry: couldn't stat %s: %s", WTMP_FILE, strerror(errno)); close(fd); return 0; @@ -1139,7 +1139,7 @@ wtmp_get_entry(struct logininfo *li) while (!found) { if (atomicio(read, fd, &ut, sizeof(ut)) != sizeof(ut)) { - log("wtmp_get_entry: read of %s failed: %s", + logit("wtmp_get_entry: read of %s failed: %s", WTMP_FILE, strerror(errno)); close (fd); return 0; @@ -1192,7 +1192,7 @@ wtmpx_write(struct logininfo *li, struct utmpx *utx) int fd, ret = 1; if ((fd = open(WTMPX_FILE, O_WRONLY|O_APPEND, 0)) < 0) { - log("wtmpx_write: problem opening %s: %s", + logit("wtmpx_write: problem opening %s: %s", WTMPX_FILE, strerror(errno)); return 0; } @@ -1200,7 +1200,7 @@ wtmpx_write(struct logininfo *li, struct utmpx *utx) if (fstat(fd, &buf) == 0) if (atomicio(write, fd, utx, sizeof(*utx)) != sizeof(*utx)) { ftruncate(fd, buf.st_size); - log("wtmpx_write: problem writing %s: %s", + logit("wtmpx_write: problem writing %s: %s", WTMPX_FILE, strerror(errno)); ret = 0; } @@ -1239,7 +1239,7 @@ wtmpx_write_entry(struct logininfo *li) case LTYPE_LOGOUT: return wtmpx_perform_logout(li); default: - log("wtmpx_write_entry: invalid type field"); + logit("wtmpx_write_entry: invalid type field"); return 0; } } @@ -1275,12 +1275,12 @@ wtmpx_get_entry(struct logininfo *li) li->tv_sec = li->tv_usec = 0; if ((fd = open(WTMPX_FILE, O_RDONLY)) < 0) { - log("wtmpx_get_entry: problem opening %s: %s", + logit("wtmpx_get_entry: problem opening %s: %s", WTMPX_FILE, strerror(errno)); return 0; } if (fstat(fd, &st) != 0) { - log("wtmpx_get_entry: couldn't stat %s: %s", + logit("wtmpx_get_entry: couldn't stat %s: %s", WTMPX_FILE, strerror(errno)); close(fd); return 0; @@ -1295,7 +1295,7 @@ wtmpx_get_entry(struct logininfo *li) while (!found) { if (atomicio(read, fd, &utx, sizeof(utx)) != sizeof(utx)) { - log("wtmpx_get_entry: read of %s failed: %s", + logit("wtmpx_get_entry: read of %s failed: %s", WTMPX_FILE, strerror(errno)); close (fd); return 0; @@ -1340,7 +1340,7 @@ syslogin_perform_login(struct logininfo *li) struct utmp *ut; if (! (ut = (struct utmp *)malloc(sizeof(*ut)))) { - log("syslogin_perform_login: couldn't malloc()"); + logit("syslogin_perform_login: couldn't malloc()"); return 0; } construct_utmp(li, ut); @@ -1359,7 +1359,7 @@ syslogin_perform_logout(struct logininfo *li) (void)line_stripname(line, li->line, sizeof(line)); if (!logout(line)) { - log("syslogin_perform_logout: logout() returned an error"); + logit("syslogin_perform_logout: logout() returned an error"); # ifdef HAVE_LOGWTMP } else { logwtmp(line, "", ""); @@ -1382,7 +1382,7 @@ syslogin_write_entry(struct logininfo *li) case LTYPE_LOGOUT: return syslogin_perform_logout(li); default: - log("syslogin_write_entry: Invalid type field"); + logit("syslogin_write_entry: Invalid type field"); return 0; } } @@ -1417,7 +1417,7 @@ lastlog_filetype(char *filename) struct stat st; if (stat(LASTLOG_FILE, &st) != 0) { - log("lastlog_perform_login: Couldn't stat %s: %s", LASTLOG_FILE, + logit("lastlog_perform_login: Couldn't stat %s: %s", LASTLOG_FILE, strerror(errno)); return 0; } @@ -1448,7 +1448,7 @@ lastlog_openseek(struct logininfo *li, int *fd, int filemode) LASTLOG_FILE, li->username); break; default: - log("lastlog_openseek: %.100s is not a file or directory!", + logit("lastlog_openseek: %.100s is not a file or directory!", LASTLOG_FILE); return 0; } @@ -1465,7 +1465,7 @@ lastlog_openseek(struct logininfo *li, int *fd, int filemode) offset = (off_t) ((long)li->uid * sizeof(struct lastlog)); if ( lseek(*fd, offset, SEEK_SET) != offset ) { - log("lastlog_openseek: %s->lseek(): %s", + logit("lastlog_openseek: %s->lseek(): %s", lastlog_file, strerror(errno)); return 0; } @@ -1489,7 +1489,7 @@ lastlog_perform_login(struct logininfo *li) /* write the entry */ if (atomicio(write, fd, &last, sizeof(last)) != sizeof(last)) { close(fd); - log("lastlog_write_filemode: Error writing to %s: %s", + logit("lastlog_write_filemode: Error writing to %s: %s", LASTLOG_FILE, strerror(errno)); return 0; } @@ -1505,7 +1505,7 @@ lastlog_write_entry(struct logininfo *li) case LTYPE_LOGIN: return lastlog_perform_login(li); default: - log("lastlog_write_entry: Invalid type field"); + logit("lastlog_write_entry: Invalid type field"); return 0; } } diff --git a/monitor.c b/monitor.c index 4cd10a108..46db0e9b0 100644 --- a/monitor.c +++ b/monitor.c @@ -870,7 +870,7 @@ monitor_valid_userblob(u_char *data, u_int datalen) fail++; p = buffer_get_string(&b, NULL); if (strcmp(authctxt->user, p) != 0) { - log("wrong user name passed to monitor: expected %s != %.100s", + logit("wrong user name passed to monitor: expected %s != %.100s", authctxt->user, p); fail++; } @@ -918,7 +918,7 @@ monitor_valid_hostbasedblob(u_char *data, u_int datalen, char *cuser, fail++; p = buffer_get_string(&b, NULL); if (strcmp(authctxt->user, p) != 0) { - log("wrong user name passed to monitor: expected %s != %.100s", + logit("wrong user name passed to monitor: expected %s != %.100s", authctxt->user, p); fail++; } diff --git a/nchan.c b/nchan.c index bce7325b3..c358e6aaa 100644 --- a/nchan.c +++ b/nchan.c @@ -451,7 +451,7 @@ chan_shutdown_write(Channel *c) c->self, c->sock, strerror(errno)); } else { if (channel_close_fd(&c->wfd) < 0) - log("channel %d: chan_shutdown_write: " + logit("channel %d: chan_shutdown_write: " "close() failed for fd%d: %.100s", c->self, c->wfd, strerror(errno)); } @@ -476,7 +476,7 @@ chan_shutdown_read(Channel *c) strerror(errno)); } else { if (channel_close_fd(&c->rfd) < 0) - log("channel %d: chan_shutdown_read: " + logit("channel %d: chan_shutdown_read: " "close() failed for fd%d: %.100s", c->self, c->rfd, strerror(errno)); } diff --git a/packet.c b/packet.c index 9887d25af..81e402232 100644 --- a/packet.c +++ b/packet.c @@ -744,7 +744,7 @@ packet_send2_wrapped(void) #endif /* increment sequence number for outgoing packets */ if (++p_send.seqnr == 0) - log("outgoing seqnr wraps around"); + logit("outgoing seqnr wraps around"); if (++p_send.packets == 0) if (!(datafellows & SSH_BUG_NOREKEY)) fatal("XXX too many packets with same key"); @@ -862,7 +862,7 @@ packet_read_seqnr(u_int32_t *seqnr_p) /* Read data from the socket. */ len = read(connection_in, buf, sizeof(buf)); if (len == 0) { - log("Connection closed by %.200s", get_remote_ipaddr()); + logit("Connection closed by %.200s", get_remote_ipaddr()); fatal_cleanup(); } if (len < 0) @@ -1055,7 +1055,7 @@ packet_read_poll2(u_int32_t *seqnr_p) if (seqnr_p != NULL) *seqnr_p = p_read.seqnr; if (++p_read.seqnr == 0) - log("incoming seqnr wraps around"); + logit("incoming seqnr wraps around"); if (++p_read.packets == 0) if (!(datafellows & SSH_BUG_NOREKEY)) fatal("XXX too many packets with same key"); @@ -1124,7 +1124,7 @@ packet_read_poll_seqnr(u_int32_t *seqnr_p) case SSH2_MSG_DISCONNECT: reason = packet_get_int(); msg = packet_get_string(NULL); - log("Received disconnect from %s: %u: %.400s", + logit("Received disconnect from %s: %u: %.400s", get_remote_ipaddr(), reason, msg); xfree(msg); fatal_cleanup(); @@ -1150,7 +1150,7 @@ packet_read_poll_seqnr(u_int32_t *seqnr_p) break; case SSH_MSG_DISCONNECT: msg = packet_get_string(NULL); - log("Received disconnect from %s: %.400s", + logit("Received disconnect from %s: %.400s", get_remote_ipaddr(), msg); fatal_cleanup(); xfree(msg); @@ -1309,7 +1309,7 @@ packet_disconnect(const char *fmt,...) va_end(args); /* Display the error locally */ - log("Disconnecting: %.100s", buf); + logit("Disconnecting: %.100s", buf); /* Send the disconnect message to the other side, and wait for it to get sent. */ if (compat20) { @@ -1451,12 +1451,12 @@ packet_set_maxsize(int s) static int called = 0; if (called) { - log("packet_set_maxsize: called twice: old %d new %d", + logit("packet_set_maxsize: called twice: old %d new %d", max_packet_size, s); return -1; } if (s < 4 * 1024 || s > 1024 * 1024) { - log("packet_set_maxsize: bad size %d", s); + logit("packet_set_maxsize: bad size %d", s); return -1; } called = 1; diff --git a/packet.h b/packet.h index 82ed7c747..7b2de6349 100644 --- a/packet.h +++ b/packet.h @@ -90,7 +90,7 @@ int packet_set_maxsize(int); do { \ int _len = packet_remaining(); \ if (_len > 0) { \ - log("Packet integrity error (%d bytes remaining) at %s:%d", \ + logit("Packet integrity error (%d bytes remaining) at %s:%d", \ _len ,__FILE__, __LINE__); \ packet_disconnect("Packet integrity error."); \ } \ diff --git a/scard-opensc.c b/scard-opensc.c index dd21de39a..e91bc25ba 100644 --- a/scard-opensc.c +++ b/scard-opensc.c @@ -321,7 +321,7 @@ sc_read_pubkey(Key * k, const struct sc_pkcs15_object *cert_obj) debug("sc_read_pubkey() with cert id %02X", cinfo->id.value[0]); r = sc_pkcs15_read_certificate(p15card, cinfo, &cert); if (r) { - log("Certificate read failed: %s", sc_strerror(r)); + logit("Certificate read failed: %s", sc_strerror(r)); goto err; } x509 = X509_new(); @@ -331,7 +331,7 @@ sc_read_pubkey(Key * k, const struct sc_pkcs15_object *cert_obj) } p = cert->data; if (!d2i_X509(&x509, &p, cert->data_len)) { - log("Unable to parse X.509 certificate"); + logit("Unable to parse X.509 certificate"); r = -1; goto err; } @@ -341,7 +341,7 @@ sc_read_pubkey(Key * k, const struct sc_pkcs15_object *cert_obj) X509_free(x509); x509 = NULL; if (pubkey->type != EVP_PKEY_RSA) { - log("Public key is of unknown type"); + logit("Public key is of unknown type"); r = -1; goto err; } @@ -413,7 +413,7 @@ sc_get_keys(const char *id, const char *pin) r = sc_pkcs15_get_objects(p15card, SC_PKCS15_TYPE_CERT_X509, certs, 32); if (r == 0) { - log("No certificates found on smartcard"); + logit("No certificates found on smartcard"); r = -1; goto err; } else if (r < 0) { diff --git a/scard.c b/scard.c index 9791938c0..d23aa5b52 100644 --- a/scard.c +++ b/scard.c @@ -526,7 +526,7 @@ sc_put_key(Key *prv, const char *id) } if (!sectok_swOK(sw)) goto done; - log("cyberflex_load_rsa_priv done"); + logit("cyberflex_load_rsa_priv done"); key_fid[0] = 0x73; key_fid[1] = 0x68; if (cyberflex_load_rsa_pub(fd, cla, key_fid, len, elements[5], @@ -536,7 +536,7 @@ sc_put_key(Key *prv, const char *id) } if (!sectok_swOK(sw)) goto done; - log("cyberflex_load_rsa_pub done"); + logit("cyberflex_load_rsa_pub done"); status = 0; done: diff --git a/servconf.c b/servconf.c index 2510659ee..c6fe371b2 100644 --- a/servconf.c +++ b/servconf.c @@ -910,7 +910,7 @@ parse_flag: goto parse_int; case sDeprecated: - log("%s line %d: Deprecated option %s", + logit("%s line %d: Deprecated option %s", filename, linenum, arg); while (arg) arg = strdelim(&cp); diff --git a/session.c b/session.c index c75fea966..9e1dd914a 100644 --- a/session.c +++ b/session.c @@ -412,7 +412,7 @@ do_authenticated1(Authctxt *authctxt) * Any unknown messages in this phase are ignored, * and a failure message is returned. */ - log("Unknown packet type received after authentication: %d", type); + logit("Unknown packet type received after authentication: %d", type); } packet_start(success ? SSH_SMSG_SUCCESS : SSH_SMSG_FAILURE); packet_send(); @@ -1192,7 +1192,7 @@ do_nologin(struct passwd *pw) #endif if (f) { /* /etc/nologin exists. Print its contents and exit. */ - log("User %.100s not allowed because %s exists", + logit("User %.100s not allowed because %s exists", pw->pw_name, _PATH_NOLOGIN); while (fgets(buf, sizeof(buf), f)) fputs(buf, stderr); @@ -1672,7 +1672,7 @@ session_subsystem_req(Session *s) int i; packet_check_eom(); - log("subsystem request for %.100s", subsys); + logit("subsystem request for %.100s", subsys); for (i = 0; i < options.num_subsystems; i++) { if (strcmp(subsys, options.subsystem_name[i]) == 0) { @@ -1691,7 +1691,7 @@ session_subsystem_req(Session *s) } if (!success) - log("subsystem request for %.100s failed, subsystem not found", + logit("subsystem request for %.100s failed, subsystem not found", subsys); xfree(subsys); @@ -1762,7 +1762,7 @@ session_input_channel_req(Channel *c, const char *rtype) Session *s; if ((s = session_by_channel(c->self)) == NULL) { - log("session_input_channel_req: no session %d req %.100s", + logit("session_input_channel_req: no session %d req %.100s", c->self, rtype); return 0; } diff --git a/sftp-client.c b/sftp-client.c index 3b3279e65..4ad6be8bd 100644 --- a/sftp-client.c +++ b/sftp-client.c @@ -507,7 +507,7 @@ do_lstat(struct sftp_conn *conn, char *path, int quiet) if (quiet) debug("Server version does not support lstat operation"); else - log("Server version does not support lstat operation"); + logit("Server version does not support lstat operation"); return(do_stat(conn, path, quiet)); } diff --git a/sftp-server.c b/sftp-server.c index 9a66b4de7..9c332ec86 100644 --- a/sftp-server.c +++ b/sftp-server.c @@ -442,7 +442,7 @@ process_read(void) (u_int64_t)off, len); if (len > sizeof buf) { len = sizeof buf; - log("read change len %d", len); + logit("read change len %d", len); } fd = handle_to_fd(handle); if (fd >= 0) { @@ -495,7 +495,7 @@ process_write(void) } else if (ret == len) { status = SSH2_FX_OK; } else { - log("nothing at all written"); + logit("nothing at all written"); } } } diff --git a/ssh-agent.c b/ssh-agent.c index eb593de73..5dee9df45 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -261,7 +261,7 @@ process_authentication_challenge1(SocketEntry *e) /* The response is MD5 of decrypted challenge plus session id. */ len = BN_num_bytes(challenge); if (len <= 0 || len > 32) { - log("process_authentication_challenge: bad challenge length %d", len); + logit("process_authentication_challenge: bad challenge length %d", len); goto failure; } memset(buf, 0, 32); @@ -350,7 +350,7 @@ process_remove_identity(SocketEntry *e, int version) buffer_get_bignum(&e->request, key->rsa->n); if (bits != key_size(key)) - log("Warning: identity keysize mismatch: actual %u, announced %u", + logit("Warning: identity keysize mismatch: actual %u, announced %u", key_size(key), bits); break; case 2: diff --git a/ssh-keygen.c b/ssh-keygen.c index 6a872bcfd..a264f099f 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -415,7 +415,7 @@ do_upload(struct passwd *pw, const char *sc_reader_id) key_free(prv); if (ret < 0) exit(1); - log("loading key done"); + logit("loading key done"); exit(0); } diff --git a/ssh.c b/ssh.c index 720604394..21bfc56e3 100644 --- a/ssh.c +++ b/ssh.c @@ -253,7 +253,7 @@ main(int ac, char **av) /* Get user data. */ pw = getpwuid(original_real_uid); if (!pw) { - log("You don't exist, go away!"); + logit("You don't exist, go away!"); exit(1); } /* Take a copy of the returned structure. */ @@ -559,7 +559,7 @@ again: /* Do not allocate a tty if stdin is not a tty. */ if (!isatty(fileno(stdin)) && !force_tty_flag) { if (tty_flag) - log("Pseudo-terminal will not be allocated because stdin is not a terminal."); + logit("Pseudo-terminal will not be allocated because stdin is not a terminal."); tty_flag = 0; } @@ -793,7 +793,7 @@ x11_get_proto(char **_proto, char **_data) if (!got_data) { u_int32_t rand = 0; - log("Warning: No xauth data; using fake authentication data for X11 forwarding."); + logit("Warning: No xauth data; using fake authentication data for X11 forwarding."); strlcpy(proto, "MIT-MAGIC-COOKIE-1", sizeof proto); for (i = 0; i < 16; i++) { if (i % 4 == 0) @@ -873,7 +873,7 @@ ssh_session(void) if (type == SSH_SMSG_SUCCESS) packet_start_compression(options.compression_level); else if (type == SSH_SMSG_FAILURE) - log("Warning: Remote host refused compression."); + logit("Warning: Remote host refused compression."); else packet_disconnect("Protocol error waiting for compression response."); } @@ -912,7 +912,7 @@ ssh_session(void) interactive = 1; have_tty = 1; } else if (type == SSH_SMSG_FAILURE) - log("Warning: Remote host failed or refused to allocate a pseudo tty."); + logit("Warning: Remote host failed or refused to allocate a pseudo tty."); else packet_disconnect("Protocol error waiting for pty request response."); } @@ -930,7 +930,7 @@ ssh_session(void) if (type == SSH_SMSG_SUCCESS) { interactive = 1; } else if (type == SSH_SMSG_FAILURE) { - log("Warning: Remote host denied X11 forwarding."); + logit("Warning: Remote host denied X11 forwarding."); } else { packet_disconnect("Protocol error waiting for X11 forwarding"); } @@ -949,7 +949,7 @@ ssh_session(void) type = packet_read(); packet_check_eom(); if (type != SSH_SMSG_SUCCESS) - log("Warning: Remote host denied authentication agent forwarding."); + logit("Warning: Remote host denied authentication agent forwarding."); } /* Initiate port forwardings. */ @@ -1017,7 +1017,7 @@ client_global_request_reply(int type, u_int32_t seq, void *ctxt) options.remote_forwards[i].host, options.remote_forwards[i].host_port); if (type == SSH2_MSG_REQUEST_FAILURE) - log("Warning: remote port forwarding failed for listen port %d", + logit("Warning: remote port forwarding failed for listen port %d", options.remote_forwards[i].port); } diff --git a/sshconnect.c b/sshconnect.c index dae25969a..b0ba3f0c6 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -332,7 +332,7 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr, /* Return failure if we didn't get a successful connection. */ if (attempt >= connection_attempts) { - log("ssh: connect to host %s port %s: %s", + logit("ssh: connect to host %s port %s: %s", host, strport, strerror(errno)); return full_failure ? ECONNABORTED : ECONNREFUSED; } @@ -421,7 +421,7 @@ ssh_exchange_identification(void) enable_compat13(); minor1 = 3; if (options.forward_agent) { - log("Agent forwarding disabled for protocol 1.3"); + logit("Agent forwarding disabled for protocol 1.3"); options.forward_agent = 0; } } @@ -612,16 +612,16 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, debug("Found key in %s:%d", host_file, host_line); if (options.check_host_ip && ip_status == HOST_NEW) { if (readonly) - log("%s host key for IP address " + logit("%s host key for IP address " "'%.128s' not in list of known hosts.", type, ip); else if (!add_host_to_hostfile(user_hostfile, ip, host_key)) - log("Failed to add the %s host key for IP " + logit("Failed to add the %s host key for IP " "address '%.128s' to the list of known " "hosts (%.30s).", type, ip, user_hostfile); else - log("Warning: Permanently added the %s host " + logit("Warning: Permanently added the %s host " "key for IP address '%.128s' to the list " "of known hosts.", type, ip); } @@ -668,10 +668,10 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, * local known_hosts file. */ if (!add_host_to_hostfile(user_hostfile, hostp, host_key)) - log("Failed to add the host to the list of known " + logit("Failed to add the host to the list of known " "hosts (%.500s).", user_hostfile); else - log("Warning: Permanently added '%.200s' (%s) to the " + logit("Warning: Permanently added '%.200s' (%s) to the " "list of known hosts.", hostp, type); break; case HOST_CHANGED: @@ -774,7 +774,7 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, host_file, host_line); } if (options.strict_host_key_checking == 1) { - log(msg); + logit(msg); error("Exiting, you have requested strict checking."); goto fail; } else if (options.strict_host_key_checking == 2) { @@ -783,7 +783,7 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, if (!confirm(msg)) goto fail; } else { - log(msg); + logit(msg); } } @@ -881,7 +881,7 @@ show_key_from_file(const char *file, const char *host, int keytype) if ((ret = lookup_key_in_hostfile_by_type(file, host, keytype, found, &line))) { fp = key_fingerprint(found, SSH_FP_MD5, SSH_FP_HEX); - log("WARNING: %s key found for host %s\n" + logit("WARNING: %s key found for host %s\n" "in %s:%d\n" "%s key fingerprint %s.", key_type(found), host, file, line, diff --git a/sshconnect1.c b/sshconnect1.c index 2fc9a981a..491b4f67d 100644 --- a/sshconnect1.c +++ b/sshconnect1.c @@ -122,7 +122,7 @@ try_agent_authentication(void) * although it advertised it supports this. Just * return a wrong value. */ - log("Authentication agent failed to decrypt challenge."); + logit("Authentication agent failed to decrypt challenge."); memset(response, 0, sizeof(response)); } key_free(key); @@ -890,7 +890,7 @@ try_challenge_response_authentication(void) if (i != 0) error("Permission denied, please try again."); if (options.cipher == SSH_CIPHER_NONE) - log("WARNING: Encryption is disabled! " + logit("WARNING: Encryption is disabled! " "Response will be transmitted in clear text."); response = read_passphrase(prompt, 0); if (strcmp(response, "") == 0) { @@ -925,7 +925,7 @@ try_password_authentication(char *prompt) debug("Doing password authentication."); if (options.cipher == SSH_CIPHER_NONE) - log("WARNING: Encryption is disabled! Password will be transmitted in clear text."); + logit("WARNING: Encryption is disabled! Password will be transmitted in clear text."); for (i = 0; i < options.number_of_password_prompts; i++) { if (i != 0) error("Permission denied, please try again."); @@ -981,9 +981,9 @@ ssh_kex(char *host, struct sockaddr *hostaddr) rbits = BN_num_bits(server_key->rsa->n); if (bits != rbits) { - log("Warning: Server lies about size of server public key: " + logit("Warning: Server lies about size of server public key: " "actual size is %d bits vs. announced %d.", rbits, bits); - log("Warning: This may be due to an old implementation of ssh."); + logit("Warning: This may be due to an old implementation of ssh."); } /* Get the host key. */ host_key = key_new(KEY_RSA1); @@ -993,9 +993,9 @@ ssh_kex(char *host, struct sockaddr *hostaddr) rbits = BN_num_bits(host_key->rsa->n); if (bits != rbits) { - log("Warning: Server lies about size of server host key: " + logit("Warning: Server lies about size of server host key: " "actual size is %d bits vs. announced %d.", rbits, bits); - log("Warning: This may be due to an old implementation of ssh."); + logit("Warning: This may be due to an old implementation of ssh."); } /* Get protocol flags. */ @@ -1086,7 +1086,7 @@ ssh_kex(char *host, struct sockaddr *hostaddr) options.cipher = ssh_cipher_default; } else if (options.cipher == SSH_CIPHER_ILLEGAL || !(cipher_mask_ssh1(1) & (1 << options.cipher))) { - log("No valid SSH1 cipher, using %.100s instead.", + logit("No valid SSH1 cipher, using %.100s instead.", cipher_name(ssh_cipher_default)); options.cipher = ssh_cipher_default; } @@ -1276,7 +1276,7 @@ ssh_userauth1(const char *local_user, const char *server_user, char *host, if ((supported_authentications & (1 << SSH_PASS_KERBEROS_TGT)) && options.kerberos_tgt_passing && context && auth_context) { if (options.cipher == SSH_CIPHER_NONE) - log("WARNING: Encryption is disabled! Ticket will be transmitted in the clear!"); + logit("WARNING: Encryption is disabled! Ticket will be transmitted in the clear!"); send_krb5_tgt(context, auth_context); } if (auth_context) @@ -1290,14 +1290,14 @@ ssh_userauth1(const char *local_user, const char *server_user, char *host, if ((supported_authentications & (1 << SSH_PASS_KERBEROS_TGT)) && options.kerberos_tgt_passing) { if (options.cipher == SSH_CIPHER_NONE) - log("WARNING: Encryption is disabled! Ticket will be transmitted in the clear!"); + logit("WARNING: Encryption is disabled! Ticket will be transmitted in the clear!"); send_krb4_tgt(); } /* Try AFS token passing if the server supports it. */ if ((supported_authentications & (1 << SSH_PASS_AFS_TOKEN)) && options.afs_token_passing && k_hasafs()) { if (options.cipher == SSH_CIPHER_NONE) - log("WARNING: Encryption is disabled! Token will be transmitted in the clear!"); + logit("WARNING: Encryption is disabled! Token will be transmitted in the clear!"); send_afs_tokens(); } #endif /* AFS */ diff --git a/sshconnect2.c b/sshconnect2.c index 41768bf05..90b884a39 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -82,7 +82,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr) xxx_hostaddr = hostaddr; if (options.ciphers == (char *)-1) { - log("No valid ciphers for protocol version 2 given, using defaults."); + logit("No valid ciphers for protocol version 2 given, using defaults."); options.ciphers = NULL; } if (options.ciphers != NULL) { @@ -349,7 +349,7 @@ input_userauth_failure(int type, u_int32_t seq, void *ctxt) packet_check_eom(); if (partial != 0) - log("Authenticated with partial success."); + logit("Authenticated with partial success."); debug("Authentications that can continue: %s", authlist); clear_auth_state(authctxt); @@ -494,7 +494,7 @@ input_userauth_passwd_changereq(int type, u_int32_t seqnr, void *ctxt) info = packet_get_string(NULL); lang = packet_get_string(NULL); if (strlen(info) > 0) - log("%s", info); + logit("%s", info); xfree(info); xfree(lang); packet_start(SSH2_MSG_USERAUTH_REQUEST); @@ -526,7 +526,7 @@ input_userauth_passwd_changereq(int type, u_int32_t seqnr, void *ctxt) if (strcmp(password, retype) != 0) { memset(password, 0, strlen(password)); xfree(password); - log("Mismatch; try again, EOF to quit."); + logit("Mismatch; try again, EOF to quit."); password = NULL; } memset(retype, 0, strlen(retype)); @@ -865,9 +865,9 @@ input_userauth_info_req(int type, u_int32_t seq, void *ctxt) inst = packet_get_string(NULL); lang = packet_get_string(NULL); if (strlen(name) > 0) - log("%s", name); + logit("%s", name); if (strlen(inst) > 0) - log("%s", inst); + logit("%s", inst); xfree(name); xfree(inst); xfree(lang); diff --git a/sshd.c b/sshd.c index 0f2b2a3ce..62b4f45f4 100644 --- a/sshd.c +++ b/sshd.c @@ -258,11 +258,11 @@ sighup_handler(int sig) static void sighup_restart(void) { - log("Received SIGHUP; restarting."); + logit("Received SIGHUP; restarting."); close_listen_socks(); close_startup_pipes(); execv(saved_argv[0], saved_argv); - log("RESTART FAILED: av[0]='%.100s', error: %.100s.", saved_argv[0], + logit("RESTART FAILED: av[0]='%.100s', error: %.100s.", saved_argv[0], strerror(errno)); exit(1); } @@ -376,7 +376,7 @@ sshd_exchange_identification(int sock_in, int sock_out) if (atomicio(write, sock_out, server_version_string, strlen(server_version_string)) != strlen(server_version_string)) { - log("Could not write ident string to %s", get_remote_ipaddr()); + logit("Could not write ident string to %s", get_remote_ipaddr()); fatal_cleanup(); } @@ -384,7 +384,7 @@ sshd_exchange_identification(int sock_in, int sock_out) memset(buf, 0, sizeof(buf)); for (i = 0; i < sizeof(buf) - 1; i++) { if (atomicio(read, sock_in, &buf[i], 1) != 1) { - log("Did not receive identification string from %s", + logit("Did not receive identification string from %s", get_remote_ipaddr()); fatal_cleanup(); } @@ -415,7 +415,7 @@ sshd_exchange_identification(int sock_in, int sock_out) (void) atomicio(write, sock_out, s, strlen(s)); close(sock_in); close(sock_out); - log("Bad protocol version identification '%.100s' from %s", + logit("Bad protocol version identification '%.100s' from %s", client_version_string, get_remote_ipaddr()); fatal_cleanup(); } @@ -425,13 +425,13 @@ sshd_exchange_identification(int sock_in, int sock_out) compat_datafellows(remote_version); if (datafellows & SSH_BUG_PROBE) { - log("probed from %s with %s. Don't panic.", + logit("probed from %s with %s. Don't panic.", get_remote_ipaddr(), client_version_string); fatal_cleanup(); } if (datafellows & SSH_BUG_SCANNER) { - log("scanned from %s with %s. Don't panic.", + logit("scanned from %s with %s. Don't panic.", get_remote_ipaddr(), client_version_string); fatal_cleanup(); } @@ -476,7 +476,7 @@ sshd_exchange_identification(int sock_in, int sock_out) (void) atomicio(write, sock_out, s, strlen(s)); close(sock_in); close(sock_out); - log("Protocol major versions differ for %s: %.200s vs. %.200s", + logit("Protocol major versions differ for %s: %.200s vs. %.200s", get_remote_ipaddr(), server_version_string, client_version_string); fatal_cleanup(); @@ -1010,15 +1010,15 @@ main(int ac, char **av) key_type(key)); } if ((options.protocol & SSH_PROTO_1) && !sensitive_data.have_ssh1_key) { - log("Disabling protocol version 1. Could not load host key"); + logit("Disabling protocol version 1. Could not load host key"); options.protocol &= ~SSH_PROTO_1; } if ((options.protocol & SSH_PROTO_2) && !sensitive_data.have_ssh2_key) { - log("Disabling protocol version 2. Could not load host key"); + logit("Disabling protocol version 2. Could not load host key"); options.protocol &= ~SSH_PROTO_2; } if (!(options.protocol & (SSH_PROTO_1|SSH_PROTO_2))) { - log("sshd: no hostkeys available -- exiting."); + logit("sshd: no hostkeys available -- exiting."); exit(1); } @@ -1186,7 +1186,7 @@ main(int ac, char **av) num_listen_socks++; /* Start listening on the port. */ - log("Server listening on %s port %s.", ntop, strport); + logit("Server listening on %s port %s.", ntop, strport); if (listen(listen_sock, 5) < 0) fatal("listen: %.100s", strerror(errno)); @@ -1262,7 +1262,7 @@ main(int ac, char **av) if (ret < 0 && errno != EINTR) error("select: %.100s", strerror(errno)); if (received_sigterm) { - log("Received signal %d; terminating.", + logit("Received signal %d; terminating.", (int) received_sigterm); close_listen_socks(); unlink(options.pid_file); @@ -1750,7 +1750,7 @@ do_ssh1_kex(void) u_char *buf = xmalloc(bytes); MD5_CTX md; - log("do_connection: generating a fake encryption key"); + logit("do_connection: generating a fake encryption key"); BN_bn2bin(session_key_int, buf); MD5_Init(&md); MD5_Update(&md, buf, bytes); diff --git a/sshpty.c b/sshpty.c index d28947f62..0cac10d3f 100644 --- a/sshpty.c +++ b/sshpty.c @@ -226,7 +226,7 @@ pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen) } /* set tty modes to a sane state for broken clients */ if (tcgetattr(*ptyfd, &tio) < 0) - log("Getting tty modes for pty failed: %.100s", strerror(errno)); + logit("Getting tty modes for pty failed: %.100s", strerror(errno)); else { tio.c_lflag |= (ECHO | ISIG | ICANON); tio.c_oflag |= (OPOST | ONLCR); @@ -234,7 +234,7 @@ pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen) /* Set the new modes for the terminal. */ if (tcsetattr(*ptyfd, TCSANOW, &tio) < 0) - log("Setting tty modes for pty failed: %.100s", strerror(errno)); + logit("Setting tty modes for pty failed: %.100s", strerror(errno)); } return 1; diff --git a/ttymodes.c b/ttymodes.c index 5cc13dcd5..ee752ebba 100644 --- a/ttymodes.c +++ b/ttymodes.c @@ -267,7 +267,7 @@ tty_make_modes(int fd, struct termios *tiop) if (tiop == NULL) { if (tcgetattr(fd, &tio) == -1) { - log("tcgetattr: %.100s", strerror(errno)); + logit("tcgetattr: %.100s", strerror(errno)); goto end; } } else @@ -341,7 +341,7 @@ tty_parse_modes(int fd, int *n_bytes_ptr) * modes, they will initially have reasonable values. */ if (tcgetattr(fd, &tio) == -1) { - log("tcgetattr: %.100s", strerror(errno)); + logit("tcgetattr: %.100s", strerror(errno)); failure = -1; } @@ -420,7 +420,7 @@ tty_parse_modes(int fd, int *n_bytes_ptr) * left in the packet; hopefully there is nothing * more coming after the mode data. */ - log("parse_tty_modes: unknown opcode %d", opcode); + logit("parse_tty_modes: unknown opcode %d", opcode); goto set; } } else { @@ -436,7 +436,7 @@ tty_parse_modes(int fd, int *n_bytes_ptr) (void) packet_get_int(); break; } else { - log("parse_tty_modes: unknown opcode %d", opcode); + logit("parse_tty_modes: unknown opcode %d", opcode); goto set; } } @@ -446,7 +446,7 @@ tty_parse_modes(int fd, int *n_bytes_ptr) set: if (*n_bytes_ptr != n_bytes) { *n_bytes_ptr = n_bytes; - log("parse_tty_modes: n_bytes_ptr != n_bytes: %d %d", + logit("parse_tty_modes: n_bytes_ptr != n_bytes: %d %d", *n_bytes_ptr, n_bytes); return; /* Don't process bytes passed */ } @@ -455,5 +455,5 @@ set: /* Set the new modes for the terminal. */ if (tcsetattr(fd, TCSANOW, &tio) == -1) - log("Setting tty modes failed: %.100s", strerror(errno)); + logit("Setting tty modes failed: %.100s", strerror(errno)); } -- cgit v1.2.3 From a0898b850538c127980454000c3759fadf15df12 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Wed, 9 Apr 2003 21:05:52 +1000 Subject: - itojun@cvs.openbsd.org 2003/04/08 20:21:29 [*.c *.h] rename log() into logit() to avoid name conflict. markus ok, from netbsd - (djm) XXX - Performed locally using: "perl -p -i -e 's/(\s|^)log\(/$1logit\(/g' *.c *.h" - (djm) Fix up missing include for packet.c --- ChangeLog | 14 +++++++++++++- packet.c | 2 +- 2 files changed, 14 insertions(+), 2 deletions(-) (limited to 'packet.c') diff --git a/ChangeLog b/ChangeLog index 5d94ea480..0fd7bc916 100644 --- a/ChangeLog +++ b/ChangeLog @@ -19,6 +19,18 @@ - markus@cvs.openbsd.org 2003/04/07 08:29:57 [monitor_wrap.c] typo: get correct counters; introduced during rekeying change. + - millert@cvs.openbsd.org 2003/04/07 21:58:05 + [progressmeter.c] + The UCB copyright here is incorrect. This code did not originate + at UCB, it was written by Luke Mewburn. Updated the copyright at + the author's request. markus@ OK + - itojun@cvs.openbsd.org 2003/04/08 20:21:29 + [*.c *.h] + rename log() into logit() to avoid name conflict. markus ok, from + netbsd + - (djm) XXX - Performed locally using: + "perl -p -i -e 's/(\s|^)log\(/$1logit\(/g' *.c *.h" + - (djm) Fix up missing include for packet.c 20030402 - (bal) if IP_TOS is not found or broken don't try to compile in @@ -1321,4 +1333,4 @@ save auth method before monitor_reset_key_state(); bugzilla bug #284; ok provos@ -$Id: ChangeLog,v 1.2655 2003/04/09 10:51:24 djm Exp $ +$Id: ChangeLog,v 1.2656 2003/04/09 11:05:52 djm Exp $ diff --git a/packet.c b/packet.c index 81e402232..47e795db9 100644 --- a/packet.c +++ b/packet.c @@ -39,7 +39,7 @@ #include "includes.h" RCSID("$OpenBSD: packet.c,v 1.105 2003/04/02 09:48:07 markus Exp $"); -#include +#include "openbsd-compat/sys-queue.h" #include "xmalloc.h" #include "buffer.h" -- cgit v1.2.3 From 93b6b776ad34ea49f18d5ab380cc83ff5ef22d8f Mon Sep 17 00:00:00 2001 From: Ben Lindstrom Date: Sun, 27 Apr 2003 17:55:33 +0000 Subject: - (bal) Bug #541: return; was dropped by mistake. Reported by furrier@iglou.com --- ChangeLog | 6 +++++- packet.c | 1 + 2 files changed, 6 insertions(+), 1 deletion(-) (limited to 'packet.c') diff --git a/ChangeLog b/ChangeLog index fe76077fd..484a50d8d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +20030427 + - (bal) Bug #541: return; was dropped by mistake. Reported by + furrier@iglou.com + 20030409 - (djm) Bug #539: Specify creation mode with O_CREAT for lastlog. Report from matth@eecs.berkeley.edu @@ -1337,4 +1341,4 @@ save auth method before monitor_reset_key_state(); bugzilla bug #284; ok provos@ -$Id: ChangeLog,v 1.2658 2003/04/09 11:12:11 djm Exp $ +$Id: ChangeLog,v 1.2659 2003/04/27 17:55:33 mouring Exp $ diff --git a/packet.c b/packet.c index 47e795db9..2abfeddb8 100644 --- a/packet.c +++ b/packet.c @@ -1429,6 +1429,7 @@ packet_set_interactive(int interactive) /* Only set socket options if using a socket. */ if (!packet_connection_is_on_socket()) + return; if (interactive) set_nodelay(connection_in); #if defined(IP_TOS) && !defined(IP_TOS_IS_BROKEN) -- cgit v1.2.3