Description: Add "LogLevel SILENT" (-qq), suppressing even fatal errors It's not clear that this is as useful as originally intended, or implemented correctly, and there's no bug trail to be found for the original feature (although it has been tweaked by bug reports since it was added in Debian openssh 1:3.0.1p1-1). Needs review. . Jonathan says that this patch was originally meant to match the behaviour of non-free SSH, in which -q does not suppress fatal errors. Given that this was unintentionally broken in 1:4.6p1-2 and nobody's complained, we can probably drop most of this. The adjustment to "Pseudo-terminal will not be allocated ..." should be split out into a separate patch. Author: Jonathan David Amery Author: Matthew Vernon Author: Colin Watson Last-Update: 2010-02-27 Index: b/clientloop.c =================================================================== --- a/clientloop.c +++ b/clientloop.c @@ -1536,7 +1536,7 @@ * In interactive mode (with pseudo tty) display a message indicating * that the connection has been closed. */ - if (have_pty && options.log_level != SYSLOG_LEVEL_QUIET) { + if (have_pty && options.log_level > SYSLOG_LEVEL_QUIET) { snprintf(buf, sizeof buf, "Connection to %.64s closed.\r\n", host); buffer_append(&stderr_buffer, buf, strlen(buf)); Index: b/log.c =================================================================== --- a/log.c +++ b/log.c @@ -90,6 +90,7 @@ LogLevel val; } log_levels[] = { + { "SILENT", SYSLOG_LEVEL_SILENT }, { "QUIET", SYSLOG_LEVEL_QUIET }, { "FATAL", SYSLOG_LEVEL_FATAL }, { "ERROR", SYSLOG_LEVEL_ERROR }, @@ -244,6 +245,7 @@ argv0 = av0; switch (level) { + case SYSLOG_LEVEL_SILENT: case SYSLOG_LEVEL_QUIET: case SYSLOG_LEVEL_FATAL: case SYSLOG_LEVEL_ERROR: Index: b/log.h =================================================================== --- a/log.h +++ b/log.h @@ -35,6 +35,7 @@ } SyslogFacility; typedef enum { + SYSLOG_LEVEL_SILENT, SYSLOG_LEVEL_QUIET, SYSLOG_LEVEL_FATAL, SYSLOG_LEVEL_ERROR, Index: b/mux.c =================================================================== --- a/mux.c +++ b/mux.c @@ -1553,7 +1553,7 @@ } else debug2("Received exit status from master %d", exitval); - if (tty_flag && options.log_level != SYSLOG_LEVEL_QUIET) + if (tty_flag && options.log_level > SYSLOG_LEVEL_QUIET) fprintf(stderr, "Shared connection to %s closed.\r\n", host); exit(exitval); Index: b/sftp-server.8 =================================================================== --- a/sftp-server.8 +++ b/sftp-server.8 @@ -74,7 +74,7 @@ Specifies which messages will be logged by .Nm . The possible values are: -QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. +SILENT, QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. INFO and VERBOSE log transactions that .Nm performs on behalf of the client. Index: b/ssh.1 =================================================================== --- a/ssh.1 +++ b/ssh.1 @@ -504,6 +504,11 @@ .It Fl q Quiet mode. Causes most warning and diagnostic messages to be suppressed. +Only fatal errors are displayed. +If a second +.Fl q +is given then even fatal errors are suppressed, except for those produced +due solely to bad arguments. .It Fl R Xo .Sm off .Oo Ar bind_address : Oc Index: b/ssh.c =================================================================== --- a/ssh.c +++ b/ssh.c @@ -421,7 +421,12 @@ options.exit_on_forward_failure = 1; break; case 'q': - options.log_level = SYSLOG_LEVEL_QUIET; + if (options.log_level == SYSLOG_LEVEL_QUIET) { + options.log_level = SYSLOG_LEVEL_SILENT; + } + else if (options.log_level != SYSLOG_LEVEL_SILENT) { + options.log_level = SYSLOG_LEVEL_QUIET; + } break; case 'e': if (optarg[0] == '^' && optarg[2] == 0 && @@ -624,7 +629,7 @@ tty_flag = 0; /* Do not allocate a tty if stdin is not a tty. */ if ((!isatty(fileno(stdin)) || stdin_null_flag) && !force_tty_flag) { - if (tty_flag) + if (tty_flag && options.log_level > SYSLOG_LEVEL_QUIET) logit("Pseudo-terminal will not be allocated because " "stdin is not a terminal."); tty_flag = 0; Index: b/ssh_config.5 =================================================================== --- a/ssh_config.5 +++ b/ssh_config.5 @@ -698,7 +698,7 @@ Gives the verbosity level that is used when logging messages from .Xr ssh 1 . The possible values are: -QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. +SILENT, QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. The default is INFO. DEBUG and DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify higher levels of verbose output. Index: b/sshd.8 =================================================================== --- a/sshd.8 +++ b/sshd.8 @@ -217,9 +217,12 @@ option override command-line ports. .It Fl q Quiet mode. -Nothing is sent to the system log. +Only fatal errors are sent to the system log. Normally the beginning, authentication, and termination of each connection is logged. +If a second +.Fl q +is given then nothing is sent to the system log. .It Fl T Extended test mode. Check the validity of the configuration file, output the effective configuration Index: b/sshd.c =================================================================== --- a/sshd.c +++ b/sshd.c @@ -1370,7 +1370,12 @@ /* ignored */ break; case 'q': - options.log_level = SYSLOG_LEVEL_QUIET; + if (options.log_level == SYSLOG_LEVEL_QUIET) { + options.log_level = SYSLOG_LEVEL_SILENT; + } + else if (options.log_level != SYSLOG_LEVEL_SILENT) { + options.log_level = SYSLOG_LEVEL_QUIET; + } break; case 'b': options.server_key_bits = (int)strtonum(optarg, 256, Index: b/sshd_config.5 =================================================================== --- a/sshd_config.5 +++ b/sshd_config.5 @@ -575,7 +575,7 @@ Gives the verbosity level that is used when logging messages from .Xr sshd 8 . The possible values are: -QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. +SILENT, QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. The default is INFO. DEBUG and DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify higher levels of debugging output.