diff options
-rw-r--r-- | auth.c | 3 | ||||
-rw-r--r-- | log.c | 35 | ||||
-rw-r--r-- | log.h | 4 | ||||
-rw-r--r-- | monitor_wrap.c | 3 | ||||
-rw-r--r-- | servconf.c | 7 | ||||
-rw-r--r-- | sshd_config.5 | 5 |
6 files changed, 32 insertions, 25 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: auth.c,v 1.119 2016/12/15 21:29:05 dtucker Exp $ */ +/* $OpenBSD: auth.c,v 1.120 2017/05/17 01:24:17 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -635,6 +635,7 @@ getpwnamallow(const char *user) ci->user = user; parse_server_match_config(&options, ci); + log_change_level(options.log_level); #if defined(_AIX) && defined(HAVE_SETAUTHDB) aix_setauthdb(user); @@ -1,4 +1,4 @@ -/* $OpenBSD: log.c,v 1.49 2017/03/10 03:15:58 djm Exp $ */ +/* $OpenBSD: log.c,v 1.50 2017/05/17 01:24:17 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -256,18 +256,7 @@ log_init(char *av0, LogLevel level, SyslogFacility facility, int on_stderr) argv0 = av0; - switch (level) { - case SYSLOG_LEVEL_QUIET: - case SYSLOG_LEVEL_FATAL: - case SYSLOG_LEVEL_ERROR: - case SYSLOG_LEVEL_INFO: - case SYSLOG_LEVEL_VERBOSE: - case SYSLOG_LEVEL_DEBUG1: - case SYSLOG_LEVEL_DEBUG2: - case SYSLOG_LEVEL_DEBUG3: - log_level = level; - break; - default: + if (log_change_level(level) != 0) { fprintf(stderr, "Unrecognized internal syslog level code %d\n", (int) level); exit(1); @@ -340,13 +329,27 @@ log_init(char *av0, LogLevel level, SyslogFacility facility, int on_stderr) #endif } -void +int log_change_level(LogLevel new_log_level) { /* no-op if log_init has not been called */ if (argv0 == NULL) - return; - log_init(argv0, new_log_level, log_facility, log_on_stderr); + return 0; + + switch (new_log_level) { + case SYSLOG_LEVEL_QUIET: + case SYSLOG_LEVEL_FATAL: + case SYSLOG_LEVEL_ERROR: + case SYSLOG_LEVEL_INFO: + case SYSLOG_LEVEL_VERBOSE: + case SYSLOG_LEVEL_DEBUG1: + case SYSLOG_LEVEL_DEBUG2: + case SYSLOG_LEVEL_DEBUG3: + log_level = new_log_level; + return 0; + default: + return -1; + } } int @@ -1,4 +1,4 @@ -/* $OpenBSD: log.h,v 1.21 2016/07/15 05:01:58 dtucker Exp $ */ +/* $OpenBSD: log.h,v 1.22 2017/05/17 01:24:17 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -49,7 +49,7 @@ typedef enum { typedef void (log_handler_fn)(LogLevel, const char *, void *); void log_init(char *, LogLevel, SyslogFacility, int); -void log_change_level(LogLevel); +int log_change_level(LogLevel); int log_is_on_stderr(void); void log_redirect_stderr_to(const char *); diff --git a/monitor_wrap.c b/monitor_wrap.c index 64ff9288..f2eec5a7 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_wrap.c,v 1.89 2016/08/13 17:47:41 markus Exp $ */ +/* $OpenBSD: monitor_wrap.c,v 1.90 2017/05/17 01:24:17 djm Exp $ */ /* * Copyright 2002 Niels Provos <provos@citi.umich.edu> * Copyright 2002 Markus Friedl <markus@openbsd.org> @@ -295,6 +295,7 @@ out: #undef M_CP_STRARRAYOPT copy_set_server_options(&options, newopts, 1); + log_change_level(options.log_level); free(newopts); buffer_free(&m); @@ -1,5 +1,5 @@ -/* $OpenBSD: servconf.c,v 1.307 2017/04/27 13:40:05 jsg Exp $ */ +/* $OpenBSD: servconf.c,v 1.308 2017/05/17 01:24:17 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * All rights reserved @@ -449,7 +449,7 @@ static struct { { "keyregenerationinterval", sDeprecated, SSHCFG_GLOBAL }, { "permitrootlogin", sPermitRootLogin, SSHCFG_ALL }, { "syslogfacility", sLogFacility, SSHCFG_GLOBAL }, - { "loglevel", sLogLevel, SSHCFG_GLOBAL }, + { "loglevel", sLogLevel, SSHCFG_ALL }, { "rhostsauthentication", sDeprecated, SSHCFG_GLOBAL }, { "rhostsrsaauthentication", sDeprecated, SSHCFG_ALL }, { "hostbasedauthentication", sHostbasedAuthentication, SSHCFG_ALL }, @@ -1345,7 +1345,7 @@ process_server_config_line(ServerOptions *options, char *line, if (value == SYSLOG_LEVEL_NOT_SET) fatal("%.200s line %d: unsupported log level '%s'", filename, linenum, arg ? arg : "<NONE>"); - if (*log_level_ptr == -1) + if (*activep && *log_level_ptr == -1) *log_level_ptr = (LogLevel) value; break; @@ -1989,6 +1989,7 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) M_CP_INTOPT(ip_qos_bulk); M_CP_INTOPT(rekey_limit); M_CP_INTOPT(rekey_interval); + M_CP_INTOPT(log_level); /* * The bind_mask is a mode_t that may be unsigned, so we can't use diff --git a/sshd_config.5 b/sshd_config.5 index 7ccf6fd4..7b4cb1d9 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.244 2017/05/07 23:12:57 djm Exp $ -.Dd $Mdocdate: May 7 2017 $ +.\" $OpenBSD: sshd_config.5,v 1.245 2017/05/17 01:24:17 djm Exp $ +.Dd $Mdocdate: May 17 2017 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -1066,6 +1066,7 @@ Available keywords are .Cm IPQoS , .Cm KbdInteractiveAuthentication , .Cm KerberosAuthentication , +.Cm LogLevel , .Cm MaxAuthTries , .Cm MaxSessions , .Cm PasswordAuthentication , |