diff options
author | Damien Miller <djm@mindrot.org> | 1999-11-11 17:57:39 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 1999-11-11 17:57:39 +1100 |
commit | 5ce662a9202240a2f5fa6a9334d58186bdaba50c (patch) | |
tree | 9fe37122fa27f070abc3c9c28531877d43673b7f /sshd.c | |
parent | ab5e0d0c27e00dca463c67395c2b5941e778836e (diff) |
- Merged more OpenBSD CVS changes:
- [auth-krb4.c auth-passwd.c] remove x11- and krb-cleanup from fatal()
+ krb-cleanup cleanup
- [clientloop.c log-client.c log-server.c ]
[readconf.c readconf.h servconf.c servconf.h ]
[ssh.1 ssh.c ssh.h sshd.8]
add LogLevel {QUIET, FATAL, ERROR, INFO, CHAT, DEBUG} to ssh/sshd,
obsoletes QuietMode and FascistLogging in sshd.
Diffstat (limited to 'sshd.c')
-rw-r--r-- | sshd.c | 66 |
1 files changed, 38 insertions, 28 deletions
@@ -18,7 +18,7 @@ agent connections. */ #include "includes.h" -RCSID("$Id: sshd.c,v 1.12 1999/11/08 05:15:55 damien Exp $"); +RCSID("$Id: sshd.c,v 1.13 1999/11/11 06:57:40 damien Exp $"); #include "xmalloc.h" #include "rsa.h" @@ -43,12 +43,8 @@ int deny_severity = LOG_WARNING; #define O_NOCTTY 0 #endif -#ifdef KRB4 -char *ticket = NULL; -#endif /* KRB4 */ - /* Local Xauthority file. */ -char *xauthfile = NULL; +static char *xauthfile = NULL; /* Server configuration options. */ ServerOptions options; @@ -65,6 +61,9 @@ int debug_flag = 0; /* Flag indicating that the daemon is being started from inetd. */ int inetd_flag = 0; +/* debug goes to stderr unless inetd_flag is set */ +int log_stderr = 0; + /* argv[0] without path. */ char *av0; @@ -400,6 +399,7 @@ main(int ac, char **av) break; case 'd': debug_flag = 1; + options.log_level = SYSLOG_LEVEL_DEBUG; break; case 'i': inetd_flag = 1; @@ -408,7 +408,7 @@ main(int ac, char **av) silentrsa = 1; break; case 'q': - options.quiet_mode = 1; + options.log_level = SYSLOG_LEVEL_QUIET; break; case 'b': options.server_key_bits = atoi(optarg); @@ -479,9 +479,11 @@ main(int ac, char **av) } /* Initialize the log (it is reinitialized below in case we forked). */ - log_init(av0, debug_flag && !inetd_flag, - debug_flag || options.fascist_logging, - options.quiet_mode, options.log_facility); + + if (debug_flag && !inetd_flag) + log_stderr = 1; + + log_init(av0, options.log_level, options.log_facility, log_stderr); debug("sshd version %.100s", SSH_VERSION); @@ -496,7 +498,8 @@ main(int ac, char **av) else { int err = errno; - log_init(av0, !inetd_flag, 1, 0, options.log_facility); + /* force logging */ + log_init(av0, SYSLOG_LEVEL_DEBUG, options.log_facility, log_stderr); error("Could not load host key: %.200s: %.100s", options.host_key_file, strerror(err)); } @@ -526,9 +529,7 @@ main(int ac, char **av) } /* Reinitialize the log (because of the fork above). */ - log_init(av0, debug_flag && !inetd_flag, - debug_flag || options.fascist_logging, - options.quiet_mode, options.log_facility); + log_init(av0, options.log_level, options.log_facility, log_stderr); /* Check that server and host key lengths differ sufficiently. This is necessary to make double encryption work with rsaref. Oh, I hate @@ -696,9 +697,7 @@ main(int ac, char **av) close(listen_sock); sock_in = newsock; sock_out = newsock; - log_init(av0, debug_flag && !inetd_flag, - options.fascist_logging || debug_flag, - options.quiet_mode, options.log_facility); + log_init(av0, options.log_level, options.log_facility, log_stderr); break; } } @@ -1605,6 +1604,19 @@ void eat_packets_and_disconnect(const char *user) abort(); } +/* Remove local Xauthority file. */ +static void +xauthfile_cleanup_proc(void *ignore) +{ + debug("xauthfile_cleanup_proc called"); + + if (xauthfile != NULL) { + unlink(xauthfile); + xfree(xauthfile); + xauthfile = NULL; + } +} + /* Prepares for an interactive session. This is called after the user has been successfully authenticated. During this message exchange, pseudo terminals are allocated, X11, TCP/IP, and authentication agent forwardings @@ -1760,6 +1772,7 @@ void do_authenticated(struct passwd *pw) if ((xauthfd = mkstemp(xauthfile)) != -1) { fchown(xauthfd, pw->pw_uid, pw->pw_gid); close(xauthfd); + fatal_add_cleanup(xauthfile_cleanup_proc, NULL); } else { xfree(xauthfile); @@ -1905,8 +1918,7 @@ void do_exec_no_pty(const char *command, struct passwd *pw, if ((pid = fork()) == 0) { /* Child. Reinitialize the log since the pid has changed. */ - log_init(av0, debug_flag && !inetd_flag, debug_flag, - options.quiet_mode, options.log_facility); + log_init(av0, options.log_level, options.log_facility, log_stderr); /* Create a new session and process group since the 4.4BSD setlogin() affects the entire process group. */ @@ -1988,11 +2000,6 @@ void pty_cleanup_proc(void *context) debug("pty_cleanup_proc called"); -#if defined(KRB4) - /* Destroy user's ticket cache file. */ - (void) dest_tkt(); -#endif /* KRB4 */ - /* Record that the user has logged out. */ record_logout(cu->pid, cu->ttyname); @@ -2040,8 +2047,7 @@ void do_exec_pty(const char *command, int ptyfd, int ttyfd, pid = getpid(); /* Child. Reinitialize the log because the pid has changed. */ - log_init(av0, debug_flag && !inetd_flag, debug_flag, options.quiet_mode, - options.log_facility); + log_init(av0, options.log_level, options.log_facility, log_stderr); /* Close the master side of the pseudo tty. */ close(ptyfd); @@ -2395,8 +2401,12 @@ void do_child(const char *command, struct passwd *pw, const char *term, child_set_env(&env, &envsize, "DISPLAY", display); #ifdef KRB4 - if (ticket) - child_set_env(&env, &envsize, "KRBTKFILE", ticket); + { + extern char *ticket; + + if (ticket) + child_set_env(&env, &envsize, "KRBTKFILE", ticket); + } #endif /* KRB4 */ #ifdef HAVE_LIBPAM |