this patch adds a LogFile option to sshd_config. it just logs messages
directly to a file instead of stderr or syslog. the largest change
is an additional argument to log_init() in log.c for the log file name
(and then changes to the rest of the tools to add a NULL arg).
galt
-------------- next part --------------
diff -urN openssh-3.5p1-orig/log.c openssh-3.5p1/log.c
--- openssh-3.5p1-orig/log.c 2002-12-18 10:10:13.000000000 -0500
+++ openssh-3.5p1/log.c 2002-12-18 11:51:24.000000000 -0500
@@ -40,6 +40,7 @@
#include "xmalloc.h"
#include <syslog.h>
+#include <time.h>
static LogLevel log_level = SYSLOG_LEVEL_INFO;
static int log_on_stderr = 1;
@@ -48,6 +49,8 @@
extern char *__progname;
+FILE *logf;
+
/* textual representation of log-facilities/levels */
static struct {
@@ -261,7 +264,8 @@
*/
void
-log_init(char *av0, LogLevel level, SyslogFacility facility, int on_stderr)
+log_init(char *av0, LogLevel level, SyslogFacility facility, int on_stderr,
+char *logfile)
{
argv0 = av0;
@@ -331,6 +335,16 @@
(int) facility);
exit(1);
}
+ if(logfile != NULL) {
+ logf = fopen(logfile,"a");
+ if(logf == NULL) {
+ fprintf(stderr,"unable to open logfile \"%s\" for"
+ " writing\n",logfile);
+ exit(1);
+ }
+ } else {
+ logf = NULL;
+ }
}
#define MSGBUFSIZ 1024
@@ -342,6 +356,8 @@
char fmtbuf[MSGBUFSIZ];
char *txt = NULL;
int pri = LOG_INFO;
+ time_t t;
+ char *tm;
if (level > log_level)
return;
@@ -393,4 +409,11 @@
syslog(pri, "%.500s", msgbuf);
closelog();
}
+ if(logf != NULL) {
+ time(&t);
+ tm = ctime(&t);
+ tm[strlen(tm)-1] = 0;
+ fprintf(logf,"%s: %s\r\n",tm,msgbuf);
+ fflush(logf);
+ }
}
diff -urN openssh-3.5p1-orig/log.h openssh-3.5p1/log.h
--- openssh-3.5p1-orig/log.h 2002-12-18 10:10:13.000000000 -0500
+++ openssh-3.5p1/log.h 2002-12-18 10:38:48.000000000 -0500
@@ -48,7 +48,7 @@
SYSLOG_LEVEL_NOT_SET = -1
} LogLevel;
-void log_init(char *, LogLevel, SyslogFacility, int);
+void log_init(char *, LogLevel, SyslogFacility, int, char *);
SyslogFacility log_facility_number(char *);
LogLevel log_level_number(char *);
diff -urN openssh-3.5p1-orig/servconf.c openssh-3.5p1/servconf.c
--- openssh-3.5p1-orig/servconf.c 2002-12-18 10:10:13.000000000 -0500
+++ openssh-3.5p1/servconf.c 2002-12-18 10:20:33.000000000 -0500
@@ -64,6 +64,7 @@
options->listen_addrs = NULL;
options->num_host_key_files = 0;
options->pid_file = NULL;
+ options->log_file = NULL;
options->server_key_bits = -1;
options->login_grace_time = -1;
options->key_regeneration_time = -1;
@@ -302,6 +303,7 @@
sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
sUsePrivilegeSeparation,
+ sLogFile,
sDeprecated
} ServerOpCodes;
@@ -380,6 +382,7 @@
{ "authorizedkeysfile", sAuthorizedKeysFile },
{ "authorizedkeysfile2", sAuthorizedKeysFile2 },
{ "useprivilegeseparation", sUsePrivilegeSeparation},
+ { "logfile", sLogFile},
{ NULL, sBadOption }
};
@@ -909,6 +912,10 @@
intptr = &options->client_alive_count_max;
goto parse_int;
+ case sLogFile:
+ charptr = &options->log_file;
+ goto parse_filename;
+
case sDeprecated:
log("%s line %d: Deprecated option %s",
filename, linenum, arg);
diff -urN openssh-3.5p1-orig/servconf.h openssh-3.5p1/servconf.h
--- openssh-3.5p1-orig/servconf.h 2002-12-18 10:10:13.000000000 -0500
+++ openssh-3.5p1/servconf.h 2002-12-18 10:18:01.000000000 -0500
@@ -42,6 +42,7 @@
char *host_key_files[MAX_HOSTKEYS]; /* Files containing host keys. */
int num_host_key_files; /* Number of files for host keys. */
char *pid_file; /* Where to put our pid */
+ char *log_file;
int server_key_bits;/* Size of the server key. */
int login_grace_time; /* Disconnect if no auth in this time
* (sec). */
diff -urN openssh-3.5p1-orig/session.c openssh-3.5p1/session.c
--- openssh-3.5p1-orig/session.c 2002-12-18 10:10:13.000000000 -0500
+++ openssh-3.5p1/session.c 2002-12-18 10:42:37.000000000 -0500
@@ -466,7 +466,7 @@
fatal_remove_all_cleanups();
/* Child. Reinitialize the log since the pid has changed. */
- log_init(__progname, options.log_level, options.log_facility, log_stderr);
+ log_init(__progname, options.log_level, options.log_facility,
log_stderr,NULL);
/*
* Create a new session and process group since the 4.4BSD
@@ -590,7 +590,7 @@
fatal_remove_all_cleanups();
/* Child. Reinitialize the log because the pid has changed. */
- log_init(__progname, options.log_level, options.log_facility, log_stderr);
+ log_init(__progname, options.log_level, options.log_facility,
log_stderr,NULL);
/* Close the master side of the pseudo tty. */
close(ptyfd);
diff -urN openssh-3.5p1-orig/sftp-server.c openssh-3.5p1/sftp-server.c
--- openssh-3.5p1-orig/sftp-server.c 2002-12-18 10:10:13.000000000 -0500
+++ openssh-3.5p1/sftp-server.c 2002-12-18 10:42:50.000000000 -0500
@@ -1021,7 +1021,7 @@
handle_init();
#ifdef DEBUG_SFTP_SERVER
- log_init("sftp-server", SYSLOG_LEVEL_DEBUG1, SYSLOG_FACILITY_AUTH,
0);
+ log_init("sftp-server", SYSLOG_LEVEL_DEBUG1, SYSLOG_FACILITY_AUTH,
0,NULL);
#endif
in = dup(STDIN_FILENO);
diff -urN openssh-3.5p1-orig/sftp.c openssh-3.5p1/sftp.c
--- openssh-3.5p1-orig/sftp.c 2002-12-18 10:10:13.000000000 -0500
+++ openssh-3.5p1/sftp.c 2002-12-18 10:43:04.000000000 -0500
@@ -183,7 +183,7 @@
}
}
- log_init(argv[0], ll, SYSLOG_FACILITY_USER, 1);
+ log_init(argv[0], ll, SYSLOG_FACILITY_USER, 1, NULL);
if (sftp_direct == NULL) {
if (optind == argc || argc > (optind + 2))
diff -urN openssh-3.5p1-orig/ssh-agent.c openssh-3.5p1/ssh-agent.c
--- openssh-3.5p1-orig/ssh-agent.c 2002-12-18 10:10:13.000000000 -0500
+++ openssh-3.5p1/ssh-agent.c 2002-12-18 10:43:17.000000000 -0500
@@ -1074,7 +1074,7 @@
* the socket data. The child continues as the authentication agent.
*/
if (d_flag) {
- log_init(__progname, SYSLOG_LEVEL_DEBUG1, SYSLOG_FACILITY_AUTH, 1);
+ log_init(__progname, SYSLOG_LEVEL_DEBUG1, SYSLOG_FACILITY_AUTH, 1, NULL);
format = c_flag ? "setenv %s %s;\n" : "%s=%s; export
%s;\n";
printf(format, SSH_AUTHSOCKET_ENV_NAME, socket_name,
SSH_AUTHSOCKET_ENV_NAME);
@@ -1108,7 +1108,7 @@
exit(1);
}
/* child */
- log_init(__progname, SYSLOG_LEVEL_INFO, SYSLOG_FACILITY_AUTH, 0);
+ log_init(__progname, SYSLOG_LEVEL_INFO, SYSLOG_FACILITY_AUTH, 0, NULL);
if (setsid() == -1) {
error("setsid: %s", strerror(errno));
diff -urN openssh-3.5p1-orig/ssh-keyscan.c openssh-3.5p1/ssh-keyscan.c
--- openssh-3.5p1-orig/ssh-keyscan.c 2002-12-18 10:10:13.000000000 -0500
+++ openssh-3.5p1/ssh-keyscan.c 2002-12-18 10:43:29.000000000 -0500
@@ -773,7 +773,7 @@
if (optind == argc && !fopt_count)
usage();
- log_init("ssh-keyscan", log_level, SYSLOG_FACILITY_USER, 1);
+ log_init("ssh-keyscan", log_level, SYSLOG_FACILITY_USER, 1, NULL);
maxfd = fdlim_get(1);
if (maxfd < 0)
diff -urN openssh-3.5p1-orig/ssh-keysign.c openssh-3.5p1/ssh-keysign.c
--- openssh-3.5p1-orig/ssh-keysign.c 2002-12-18 10:10:13.000000000 -0500
+++ openssh-3.5p1/ssh-keysign.c 2002-12-18 10:43:40.000000000 -0500
@@ -160,7 +160,7 @@
arc4random_stir();
#ifdef DEBUG_SSH_KEYSIGN
- log_init("ssh-keysign", SYSLOG_LEVEL_DEBUG3, SYSLOG_FACILITY_AUTH,
0);
+ log_init("ssh-keysign", SYSLOG_LEVEL_DEBUG3, SYSLOG_FACILITY_AUTH,
0, NULL);
#endif
/* verify that ssh-keysign is enabled by the admin */
diff -urN openssh-3.5p1-orig/ssh-rand-helper.c openssh-3.5p1/ssh-rand-helper.c
--- openssh-3.5p1-orig/ssh-rand-helper.c 2002-12-18 10:10:13.000000000 -0500
+++ openssh-3.5p1/ssh-rand-helper.c 2002-12-18 10:44:28.000000000 -0500
@@ -768,7 +768,7 @@
LogLevel ll;
__progname = get_progname(argv[0]);
- log_init(argv[0], SYSLOG_LEVEL_INFO, SYSLOG_FACILITY_USER, 1);
+ log_init(argv[0], SYSLOG_LEVEL_INFO, SYSLOG_FACILITY_USER, 1, NULL);
ll = SYSLOG_LEVEL_INFO;
debug_level = output_hex = 0;
@@ -803,7 +803,7 @@
}
}
- log_init(argv[0], ll, SYSLOG_FACILITY_USER, 1);
+ log_init(argv[0], ll, SYSLOG_FACILITY_USER, 1, NULL);
#ifdef USE_SEED_FILES
prng_read_seedfile();
diff -urN openssh-3.5p1-orig/ssh.c openssh-3.5p1/ssh.c
--- openssh-3.5p1-orig/ssh.c 2002-12-18 10:10:13.000000000 -0500
+++ openssh-3.5p1/ssh.c 2002-12-18 10:44:46.000000000 -0500
@@ -569,7 +569,7 @@
* actually goes to stderr.
*/
log_init(av[0], options.log_level == -1 ? SYSLOG_LEVEL_INFO :
options.log_level,
- SYSLOG_FACILITY_USER, 1);
+ SYSLOG_FACILITY_USER, 1, NULL);
/*
* Read per-user configuration file. Ignore the system wide config
@@ -592,7 +592,7 @@
fill_default_options(&options);
/* reinit */
- log_init(av[0], options.log_level, SYSLOG_FACILITY_USER, 1);
+ log_init(av[0], options.log_level, SYSLOG_FACILITY_USER, 1, NULL);
seed_rng();
diff -urN openssh-3.5p1-orig/sshd.c openssh-3.5p1/sshd.c
--- openssh-3.5p1-orig/sshd.c 2002-12-18 10:10:13.000000000 -0500
+++ openssh-3.5p1/sshd.c 2002-12-18 10:51:30.000000000 -0500
@@ -944,7 +944,7 @@
SYSLOG_LEVEL_INFO : options.log_level,
options.log_facility == SYSLOG_FACILITY_NOT_SET ?
SYSLOG_FACILITY_AUTH : options.log_facility,
- !inetd_flag);
+ !inetd_flag, options.log_file);
#ifdef _UNICOS
/* Cray can define user privs drop all prives now!
@@ -1079,7 +1079,7 @@
/* Initialize the log (it is reinitialized below in case we forked). */
if (debug_flag && !inetd_flag)
log_stderr = 1;
- log_init(__progname, options.log_level, options.log_facility, log_stderr);
+ log_init(__progname, options.log_level, options.log_facility, log_stderr,
options.log_file);
/*
* If not in debugging mode, and not started from inetd, disconnect
@@ -1103,7 +1103,7 @@
#endif /* TIOCNOTTY */
}
/* Reinitialize the log (because of the fork above). */
- log_init(__progname, options.log_level, options.log_facility, log_stderr);
+ log_init(__progname, options.log_level, options.log_facility, log_stderr,
options.log_file);
/* Initialize the random number generator. */
arc4random_stir();
@@ -1352,7 +1352,7 @@
close_listen_socks();
sock_in = newsock;
sock_out = newsock;
- log_init(__progname, options.log_level, options.log_facility,
log_stderr);
+ log_init(__progname, options.log_level, options.log_facility, log_stderr,
options.log_file);
break;
}
}