bool log_write(int level, const char *msg, ...) {
char *p, *limit;
int n;
va_list val;
if (log_filter >= level)
return true;
if (log_msg_lost) {
log_msg_lost++;
return false;
}
p= log_buffer + log_buf_pos;
limit= log_buffer + sizeof(log_buffer);
n= snprintf(p , limit - p, "%s: ", log_level_name(level));
if (n >= limit - p) {
log_msg_lost++;
return false;
}
p+= n;
va_start(val, msg);
n= vsnprintf(p, limit - p, msg, val);
va_end(val);
if (n >= limit - p) {
log_msg_lost++;
return false;
}
p+= n;
*p++ = '\n';
log_buf_pos= p - log_buffer;
log_flush();
return true;
}
static int
monitor_read_log(struct monitor *pmonitor)
{
struct sshbuf *logmsg;
u_int len, level;
u_char *p;
char *msg;
int r;
if ((logmsg = sshbuf_new()) == NULL)
fatal("%s: sshbuf_new failed", __func__);
/* Read length */
if ((r = sshbuf_reserve(logmsg, 4, &p)) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r));
if (atomicio(read, pmonitor->m_log_recvfd, p, 4) != 4) {
if (errno == EPIPE) {
sshbuf_free(logmsg);
debug("%s: child log fd closed", __func__);
close(pmonitor->m_log_recvfd);
pmonitor->m_log_recvfd = -1;
return -1;
}
fatal("%s: log fd read: %s", __func__, strerror(errno));
}
if ((r = sshbuf_get_u32(logmsg, &len)) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r));
if (len <= 4 || len > 8192)
fatal("%s: invalid log message length %u", __func__, len);
/* Read severity, message */
sshbuf_reset(logmsg);
if ((r = sshbuf_reserve(logmsg, len, &p)) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r));
if (atomicio(read, pmonitor->m_log_recvfd, p, len) != len)
fatal("%s: log fd read: %s", __func__, strerror(errno));
/* Log it */
if ((r = sshbuf_get_u32(logmsg, &level)) != 0 ||
(r = sshbuf_get_cstring(logmsg, &msg, NULL)) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r));
if (log_level_name(level) == NULL)
fatal("%s: invalid log level %u (corrupted message?)",
__func__, level);
do_log2(level, "%s [preauth]", msg);
sshbuf_free(logmsg);
free(msg);
return 0;
}
static void
log_handler(const gchar *log_domain, GLogLevelFlags log_level, const gchar *message, gpointer user_data)
{
time_t t = time(NULL);
struct tm tm;
char timestr[26];
FILE *log_out = (FILE*) user_data;
localtime_r(&t, &tm);
strftime(timestr, 26, "%b-%d %H:%M:%S ", &tm);
gchar *msg = g_strjoin("", log_level_name(log_level), " ",
timestr, message, "\n", NULL);
fwrite(msg, strlen(msg), 1, log_out);
fflush(log_out);
g_free(msg);
}
static int cmd_log_level(struct re_printf *pf, void *unused)
{
int level;
(void)unused;
level = log_level_get();
--level;
if (level < LEVEL_DEBUG)
level = LEVEL_ERROR;
log_level_set(level);
return re_hprintf(pf, "Log level '%s'\n", log_level_name(level));
}
static int
monitor_read_log(struct monitor *pmonitor)
{
Buffer logmsg;
u_int len, level;
char *msg;
buffer_init(&logmsg);
/* Read length */
buffer_append_space(&logmsg, 4);
if (atomicio(read, pmonitor->m_log_recvfd,
buffer_ptr(&logmsg), buffer_len(&logmsg)) != buffer_len(&logmsg)) {
if (errno == EPIPE) {
buffer_free(&logmsg);
debug("%s: child log fd closed", __func__);
close(pmonitor->m_log_recvfd);
pmonitor->m_log_recvfd = -1;
return -1;
}
fatal("%s: log fd read: %s", __func__, strerror(errno));
}
len = buffer_get_int(&logmsg);
if (len <= 4 || len > 8192)
fatal("%s: invalid log message length %u", __func__, len);
/* Read severity, message */
buffer_clear(&logmsg);
buffer_append_space(&logmsg, len);
if (atomicio(read, pmonitor->m_log_recvfd,
buffer_ptr(&logmsg), buffer_len(&logmsg)) != buffer_len(&logmsg))
fatal("%s: log fd read: %s", __func__, strerror(errno));
/* Log it */
level = buffer_get_int(&logmsg);
msg = buffer_get_string(&logmsg, NULL);
if (log_level_name(level) == NULL)
fatal("%s: invalid log level %u (corrupted message?)",
__func__, level);
do_log2(level, "%s [preauth]", msg);
buffer_free(&logmsg);
free(msg);
return 0;
}
void log_message_v(int level, const char *category, LogAttributes *attr, void *reserved, const char *fmt, va_list args) {
const log_message_callback_type msg_callback = log_msg_callback;
if (!msg_callback && (!log_compat_callback || level < log_compat_level)) {
return;
}
// Set default attributes
if (!attr->has_time) {
LOG_ATTR_SET(*attr, time, HAL_Timer_Get_Milli_Seconds());
}
char buf[LOG_MAX_STRING_LENGTH];
if (msg_callback) {
const int n = vsnprintf(buf, sizeof(buf), fmt, args);
if (n > (int)sizeof(buf) - 1) {
buf[sizeof(buf) - 2] = '~';
}
msg_callback(buf, level, category, attr, 0);
} else {
// Using compatibility callback
const char* const levelName = log_level_name(level, 0);
int n = 0;
if (attr->has_file && attr->has_line && attr->has_function) {
n = snprintf(buf, sizeof(buf), "%010u %s:%d, %s: %s", (unsigned)attr->time, attr->file, attr->line,
attr->function, levelName);
} else {
n = snprintf(buf, sizeof(buf), "%010u %s", (unsigned)attr->time, levelName);
}
if (n > (int)sizeof(buf) - 1) {
buf[sizeof(buf) - 2] = '~';
}
log_compat_callback(buf);
log_compat_callback(": ");
n = vsnprintf(buf, sizeof(buf), fmt, args);
if (n > (int)sizeof(buf) - 1) {
buf[sizeof(buf) - 2] = '~';
}
log_compat_callback(buf);
log_compat_callback("\r\n");
}
}
void
dump_config(ServerOptions *o)
{
u_int i;
int ret;
struct addrinfo *ai;
char addr[NI_MAXHOST], port[NI_MAXSERV], *s = NULL;
/* these are usually at the top of the config */
for (i = 0; i < o->num_ports; i++)
printf("port %d\n", o->ports[i]);
dump_cfg_fmtint(sProtocol, o->protocol);
dump_cfg_fmtint(sAddressFamily, o->address_family);
/* ListenAddress must be after Port */
for (ai = o->listen_addrs; ai; ai = ai->ai_next) {
if ((ret = getnameinfo(ai->ai_addr, ai->ai_addrlen, addr,
sizeof(addr), port, sizeof(port),
NI_NUMERICHOST|NI_NUMERICSERV)) != 0) {
error("getnameinfo failed: %.100s",
(ret != EAI_SYSTEM) ? gai_strerror(ret) :
strerror(errno));
} else {
if (ai->ai_family == AF_INET6)
printf("listenaddress [%s]:%s\n", addr, port);
else
printf("listenaddress %s:%s\n", addr, port);
}
}
/* integer arguments */
#ifdef USE_PAM
dump_cfg_int(sUsePAM, o->use_pam);
#endif
dump_cfg_int(sServerKeyBits, o->server_key_bits);
dump_cfg_int(sLoginGraceTime, o->login_grace_time);
dump_cfg_int(sKeyRegenerationTime, o->key_regeneration_time);
dump_cfg_int(sX11DisplayOffset, o->x11_display_offset);
dump_cfg_int(sMaxAuthTries, o->max_authtries);
dump_cfg_int(sMaxSessions, o->max_sessions);
dump_cfg_int(sClientAliveInterval, o->client_alive_interval);
dump_cfg_int(sClientAliveCountMax, o->client_alive_count_max);
/* formatted integer arguments */
dump_cfg_fmtint(sPermitRootLogin, o->permit_root_login);
dump_cfg_fmtint(sIgnoreRhosts, o->ignore_rhosts);
dump_cfg_fmtint(sIgnoreUserKnownHosts, o->ignore_user_known_hosts);
dump_cfg_fmtint(sRhostsRSAAuthentication, o->rhosts_rsa_authentication);
dump_cfg_fmtint(sHostbasedAuthentication, o->hostbased_authentication);
dump_cfg_fmtint(sHostbasedUsesNameFromPacketOnly,
o->hostbased_uses_name_from_packet_only);
dump_cfg_fmtint(sRSAAuthentication, o->rsa_authentication);
dump_cfg_fmtint(sPubkeyAuthentication, o->pubkey_authentication);
#ifdef KRB5
dump_cfg_fmtint(sKerberosAuthentication, o->kerberos_authentication);
dump_cfg_fmtint(sKerberosOrLocalPasswd, o->kerberos_or_local_passwd);
dump_cfg_fmtint(sKerberosTicketCleanup, o->kerberos_ticket_cleanup);
# ifdef USE_AFS
dump_cfg_fmtint(sKerberosGetAFSToken, o->kerberos_get_afs_token);
# endif
#endif
#ifdef GSSAPI
dump_cfg_fmtint(sGssAuthentication, o->gss_authentication);
dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds);
#endif
#ifdef JPAKE
dump_cfg_fmtint(sZeroKnowledgePasswordAuthentication,
o->zero_knowledge_password_authentication);
#endif
dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication);
dump_cfg_fmtint(sKbdInteractiveAuthentication,
o->kbd_interactive_authentication);
dump_cfg_fmtint(sChallengeResponseAuthentication,
o->challenge_response_authentication);
dump_cfg_fmtint(sPrintMotd, o->print_motd);
dump_cfg_fmtint(sPrintLastLog, o->print_lastlog);
dump_cfg_fmtint(sX11Forwarding, o->x11_forwarding);
dump_cfg_fmtint(sX11UseLocalhost, o->x11_use_localhost);
dump_cfg_fmtint(sStrictModes, o->strict_modes);
dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive);
dump_cfg_fmtint(sEmptyPasswd, o->permit_empty_passwd);
dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env);
dump_cfg_fmtint(sUseLogin, o->use_login);
dump_cfg_fmtint(sCompression, o->compression);
dump_cfg_fmtint(sGatewayPorts, o->gateway_ports);
dump_cfg_fmtint(sUseDNS, o->use_dns);
dump_cfg_fmtint(sAllowTcpForwarding, o->allow_tcp_forwarding);
dump_cfg_fmtint(sUsePrivilegeSeparation, use_privsep);
/* string arguments */
dump_cfg_string(sPidFile, o->pid_file);
dump_cfg_string(sXAuthLocation, o->xauth_location);
dump_cfg_string(sCiphers, o->ciphers);
dump_cfg_string(sMacs, o->macs);
dump_cfg_string(sBanner, o->banner);
dump_cfg_string(sAuthorizedKeysFile, o->authorized_keys_file);
dump_cfg_string(sAuthorizedKeysFile2, o->authorized_keys_file2);
dump_cfg_string(sForceCommand, o->adm_forced_command);
/* string arguments requiring a lookup */
dump_cfg_string(sLogLevel, log_level_name(o->log_level));
dump_cfg_string(sLogFacility, log_facility_name(o->log_facility));
/* string array arguments */
dump_cfg_strarray(sHostKeyFile, o->num_host_key_files,
o->host_key_files);
dump_cfg_strarray(sAllowUsers, o->num_allow_users, o->allow_users);
dump_cfg_strarray(sDenyUsers, o->num_deny_users, o->deny_users);
dump_cfg_strarray(sAllowGroups, o->num_allow_groups, o->allow_groups);
dump_cfg_strarray(sDenyGroups, o->num_deny_groups, o->deny_groups);
dump_cfg_strarray(sAcceptEnv, o->num_accept_env, o->accept_env);
/* other arguments */
for (i = 0; i < o->num_subsystems; i++)
printf("subsystem %s %s\n", o->subsystem_name[i],
o->subsystem_args[i]);
printf("maxstartups %d:%d:%d\n", o->max_startups_begin,
o->max_startups_rate, o->max_startups);
for (i = 0; tunmode_desc[i].val != -1; i++)
if (tunmode_desc[i].val == o->permit_tun) {
s = tunmode_desc[i].text;
break;
}
dump_cfg_string(sPermitTunnel, s);
channel_print_adm_permitted_opens();
}