From: dtucker@openbsd.org Date: Thu, 16 Jan 2025 06:37:10 +0000 (+0000) Subject: upstream: Call log_init in sshd-auth and sshd-session immediately X-Git-Tag: V_10_0_P1~85 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e4e5b06fdf4532705669c0ae944b364022d16b9d;p=thirdparty%2Fopenssh-portable.git upstream: Call log_init in sshd-auth and sshd-session immediately after parsing the config file so that any log settings set in the config file take effect immediately. Move version banners to immediately after that, and make them distinct per binary. ok djm@ OpenBSD-Commit-ID: acf3d090638edf9b6e6f78eed96b537fe671f0f5 --- diff --git a/sshd-auth.c b/sshd-auth.c index 161194298..30eecd8a4 100644 --- a/sshd-auth.c +++ b/sshd-auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd-auth.c,v 1.2 2024/12/03 22:30:03 jsg Exp $ */ +/* $OpenBSD: sshd-auth.c,v 1.3 2025/01/16 06:37:10 dtucker Exp $ */ /* * SSH2 implementation: * Privilege Separation: @@ -636,8 +636,6 @@ main(int ac, char **av) exit(1); } - debug("sshd version %s, %s", SSH_VERSION, SSH_OPENSSL_VERSION); - /* Connection passed by stdin/out */ if (inetd_flag) { /* @@ -675,6 +673,11 @@ main(int ac, char **av) fill_default_server_options(&options); options.timing_secret = timing_secret; /* XXX eliminate from unpriv */ + /* Reinit logging in case config set Level, Facility or Verbose. */ + log_init(__progname, options.log_level, options.log_facility, 1); + + debug("sshd-auth version %s, %s", SSH_VERSION, SSH_OPENSSL_VERSION); + /* Store privilege separation user for later use if required. */ privsep_chroot = (getuid() == 0 || geteuid() == 0); if ((privsep_pw = getpwnam(SSH_PRIVSEP_USER)) == NULL) { diff --git a/sshd-session.c b/sshd-session.c index 8eea08848..92a27c104 100644 --- a/sshd-session.c +++ b/sshd-session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd-session.c,v 1.9 2024/09/09 02:39:57 djm Exp $ */ +/* $OpenBSD: sshd-session.c,v 1.11 2025/01/16 06:37:10 dtucker Exp $ */ /* * SSH2 implementation: * Privilege Separation: @@ -987,8 +987,6 @@ main(int ac, char **av) exit(1); } - debug("sshd version %s, %s", SSH_VERSION, SSH_OPENSSL_VERSION); - if (!rexeced_flag) fatal("sshd-session should not be executed directly"); @@ -1028,8 +1026,6 @@ main(int ac, char **av) SYSLOG_FACILITY_AUTH : options.log_facility, log_stderr || !inetd_flag || debug_flag); - debug("sshd version %s, %s", SSH_VERSION, SSH_OPENSSL_VERSION); - /* Fetch our configuration */ if ((cfg = sshbuf_new()) == NULL) fatal("sshbuf_new config buf failed"); @@ -1043,6 +1039,12 @@ main(int ac, char **av) fill_default_server_options(&options); options.timing_secret = timing_secret; + /* Reinit logging in case config set Level, Facility or Verbose. */ + log_init(__progname, options.log_level, options.log_facility, + log_stderr || !inetd_flag || debug_flag); + + debug("sshd-session version %s, %s", SSH_VERSION, SSH_OPENSSL_VERSION); + /* Store privilege separation user for later use if required. */ privsep_chroot = (getuid() == 0 || geteuid() == 0); if ((privsep_pw = getpwnam(SSH_PRIVSEP_USER)) == NULL) {