retire unused API

short circuit debug log processing early if we're not going to
log anything. From Kobe Housen

allow log_stderr==2 to prefix log messages with argv[0]

use this to make scp's SFTP mode error messages more scp-like

prompted by and ok deraadt@

include pid in LogVerbose spam

do not pass file/func to monitor; noted by Ilja van Sprundel; ok djm@

highly polished whitespace, mostly fixing spaces-for-tab and bad
indentation on continuation lines. Prompted by GHPR#185

make program name be const

variants of the log methods that append a ssherr.h string from
a supplied error code; ok markus@

make the log functions that exit (sshlogdie(), sshfatal(), etc) have
identical signatures. Makes things a bit more consistent...

revised log infrastructure for OpenSSH

log functions receive function, filename and line number of caller.
We can use this to selectively enable logging via pattern-lists.

ok markus@

when redirecting sshd's log output to a file, undo this redirection
after the session child process is forked(); ok dtucker@

avoid expensive channel_open_message() calls; ok djm@

allow LogLevel in sshd_config Match blocks; ok dtucker bz#2717

don't truncate off \r\n from long stderr lines; bz#2688, reported by
Brian Dyson; ok dtucker@

Reduce the syslog level of some relatively common protocol events
from LOG_CRIT by replacing fatal() calls with logdie(). Part of
bz#2585, ok djm@

close ControlPersist background process stderr when not in
debug mode or when logging to a file or syslog.
bz#1988 ok dtucker

xmalloc.h is unused

Fix some "unused result" warnings found via clang and -portable. ok markus@

Add -E option to ssh and sshd to append debugging logs to a specified file
instead of stderr or syslog. ok markus@, man page help jmc@

Add ~v and ~V escape sequences to raise and lower the logging level
respectively. Man page help from jmc, ok deraadt jmc

make the pre-auth privsep slave log via a socketpair shared with the
monitor rather than /var/empty/dev/log; ok dtucker@ deraadt@ markus@

Add extended test mode (-T) and connection parameters for test mode (-C).
-T causes sshd to write its effective configuration to stdout and exit.
-C causes any relevant Match rules to be applied before output. The
combination allows tesing of the parser and config files. ok deraadt djm

save and restore errno when logging; ok deraadt@

make signal handler termination path shorter; risky code pointed out by
mark dowd; ok djm markus

almost entirely get rid of the culture of ".h files that include .h files"
ok djm, sort of ok stevesk
makes the pain stop in one easy step

move #include <stdio.h> out of includes.h

move #include <stdlib.h> out of includes.h

move #include <string.h> out of includes.h

move #include <unistd.h> out of includes.h

move #include <stdarg.h> out of includes.h; ok markus@

move user includes after /usr/include files

Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that
Theo nuked - our scripts to sync -portable need them in the files

RCSID() can die

branches: 1.29.8; 1.29.10;
replace fatal_cleanup() and linked list of fatal callbacks with static
cleanup_exit() function. re-refine cleanup_exit() where appropriate,
allocate sshd's authctxt eary to allow simpler cleanup in sshd.
tested by many, ok deraadt@

branches: 1.28.2;
pass logged data through strnvis; ok markus

use syslog_r() in a signal handler called place; markus ok

rename log() into logit() to avoid name conflict. markus ok, from netbsd

branches: 1.25.2;
set fatal_cleanups to NULL in fatal_remove_all_cleanups(); dtucker@zip.com.au

branches: 1.24.2;
remove fatal cleanups after fork; based on discussions with and code
from solar.

KNF

branches: 1.22.2;
overwrite fatal() in ssh-keyscan.c; fixes pr 2354; ok provos@

add SYSLOG_FACILITY_NOT_SET = -1, SYSLOG_LEVEL_NOT_SET = -1,
fixes arm/netbsd; based on patch from bjh21@netbsd.org; ok djm@

casts to silence enum type warnings for bugzilla bug 37; ok markus@

basic KNF done while i was looking for something else

branches: 1.18.2;
remove comments from .h, since they are cut&paste from the .c files
and out of sync

branches: 1.17.2;
log functions should not be passed strings that end in newline as they
get passed on to syslog() and when logging to stderr, do_log() appends
its own newline.

log*.c -> log.c

split ssh.h and try to cleanup the #include mess. remove unnecessary #includes.
rename util.[ch] -> misc.[ch]

log() is at pri=LOG_INFO, since LOG_NOTICE goes to /dev/console on many systems

rename SYSLOG_LEVEL_INFO->SYSLOG_LEVEL_NOTICE
syslog priority changes:
fatal() LOG_ERR -> LOG_CRIT
log() LOG_INFO -> LOG_NOTICE

replace 'unsigned bla' with 'u_bla' everywhere. also, replace 'char unsigned'
with u_char.

branches: 1.11.2;
allow loglevel debug

multiple debug levels

some more Copyright fixes

cleanup copyright notices on all files. I have attempted to be accurate with
the details. everything is now under Tatu's licence (which I copied from his
readme), and/or the core-sdi bsd-ish thing for deattack, or various openbsd
developers under a 2-term bsd licence. We're not changing any rules, just
being accurate.

branches: 1.7.2;
ipv6 support: mostly gethostbyname->getaddrinfo/getnameinfo, new features:
sshd allows multiple ListenAddress and Port options. note that libwrap is
not IPv6-ready. (based on patches from <kick@kyoto.wide.ad.jp> and
fujiwara@rcac.tdi.co.jp)

KNF, final part 3

much more KNF

KNF part 1

syslog changes:
* Unified Logmessage for all auth-types, for success and for failed
* Standard connections get only ONE line in the LOG when level==LOG:
Auth-attempts are logged only, if authentication is:
a) successfull or
b) with passwd or
c) we had more than AUTH_FAIL_LOG failues
* many log() became verbose()
* old behaviour with level=VERBOSE

bugfix: loglevels are per host in clientconfig,
factor out common log-level parsing code.

add LogLevel {QUIET, FATAL, ERROR, INFO, CHAT, DEBUG} to ssh/sshd,
obsoletes QuietMode and FascistLogging in sshd.

short circuit debug log processing early if we're not going to
log anything. From Kobe Housen

allow log_stderr==2 to prefix log messages with argv[0]

use this to make scp's SFTP mode error messages more scp-like

prompted by and ok deraadt@

include pid in LogVerbose spam

do not pass file/func to monitor; noted by Ilja van Sprundel; ok djm@

highly polished whitespace, mostly fixing spaces-for-tab and bad
indentation on continuation lines. Prompted by GHPR#185

make program name be const

variants of the log methods that append a ssherr.h string from
a supplied error code; ok markus@

make the log functions that exit (sshlogdie(), sshfatal(), etc) have
identical signatures. Makes things a bit more consistent...

revised log infrastructure for OpenSSH

log functions receive function, filename and line number of caller.
We can use this to selectively enable logging via pattern-lists.

ok markus@

when redirecting sshd's log output to a file, undo this redirection
after the session child process is forked(); ok dtucker@

avoid expensive channel_open_message() calls; ok djm@

allow LogLevel in sshd_config Match blocks; ok dtucker bz#2717

don't truncate off \r\n from long stderr lines; bz#2688, reported by
Brian Dyson; ok dtucker@

Reduce the syslog level of some relatively common protocol events
from LOG_CRIT by replacing fatal() calls with logdie(). Part of
bz#2585, ok djm@

close ControlPersist background process stderr when not in
debug mode or when logging to a file or syslog.
bz#1988 ok dtucker

xmalloc.h is unused

Fix some "unused result" warnings found via clang and -portable. ok markus@

Add -E option to ssh and sshd to append debugging logs to a specified file
instead of stderr or syslog. ok markus@, man page help jmc@

Add ~v and ~V escape sequences to raise and lower the logging level
respectively. Man page help from jmc, ok deraadt jmc

make the pre-auth privsep slave log via a socketpair shared with the
monitor rather than /var/empty/dev/log; ok dtucker@ deraadt@ markus@

Add extended test mode (-T) and connection parameters for test mode (-C).
-T causes sshd to write its effective configuration to stdout and exit.
-C causes any relevant Match rules to be applied before output. The
combination allows tesing of the parser and config files. ok deraadt djm

save and restore errno when logging; ok deraadt@

make signal handler termination path shorter; risky code pointed out by
mark dowd; ok djm markus

almost entirely get rid of the culture of ".h files that include .h files"
ok djm, sort of ok stevesk
makes the pain stop in one easy step

move #include <stdio.h> out of includes.h

move #include <stdlib.h> out of includes.h

move #include <string.h> out of includes.h

move #include <unistd.h> out of includes.h

move #include <stdarg.h> out of includes.h; ok markus@

move user includes after /usr/include files

Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that
Theo nuked - our scripts to sync -portable need them in the files

RCSID() can die

branches: 1.29.8; 1.29.10;
replace fatal_cleanup() and linked list of fatal callbacks with static
cleanup_exit() function. re-refine cleanup_exit() where appropriate,
allocate sshd's authctxt eary to allow simpler cleanup in sshd.
tested by many, ok deraadt@

branches: 1.28.2;
pass logged data through strnvis; ok markus

use syslog_r() in a signal handler called place; markus ok

rename log() into logit() to avoid name conflict. markus ok, from netbsd

branches: 1.25.2;
set fatal_cleanups to NULL in fatal_remove_all_cleanups(); dtucker@zip.com.au

branches: 1.24.2;
remove fatal cleanups after fork; based on discussions with and code
from solar.

KNF

branches: 1.22.2;
overwrite fatal() in ssh-keyscan.c; fixes pr 2354; ok provos@

add SYSLOG_FACILITY_NOT_SET = -1, SYSLOG_LEVEL_NOT_SET = -1,
fixes arm/netbsd; based on patch from bjh21@netbsd.org; ok djm@

casts to silence enum type warnings for bugzilla bug 37; ok markus@

basic KNF done while i was looking for something else

branches: 1.18.2;
remove comments from .h, since they are cut&paste from the .c files
and out of sync

branches: 1.17.2;
log functions should not be passed strings that end in newline as they
get passed on to syslog() and when logging to stderr, do_log() appends
its own newline.

log*.c -> log.c

split ssh.h and try to cleanup the #include mess. remove unnecessary #includes.
rename util.[ch] -> misc.[ch]

log() is at pri=LOG_INFO, since LOG_NOTICE goes to /dev/console on many systems

rename SYSLOG_LEVEL_INFO->SYSLOG_LEVEL_NOTICE
syslog priority changes:
fatal() LOG_ERR -> LOG_CRIT
log() LOG_INFO -> LOG_NOTICE

replace 'unsigned bla' with 'u_bla' everywhere. also, replace 'char unsigned'
with u_char.

branches: 1.11.2;
allow loglevel debug

multiple debug levels

some more Copyright fixes

cleanup copyright notices on all files. I have attempted to be accurate with
the details. everything is now under Tatu's licence (which I copied from his
readme), and/or the core-sdi bsd-ish thing for deattack, or various openbsd
developers under a 2-term bsd licence. We're not changing any rules, just
being accurate.

branches: 1.7.2;
ipv6 support: mostly gethostbyname->getaddrinfo/getnameinfo, new features:
sshd allows multiple ListenAddress and Port options. note that libwrap is
not IPv6-ready. (based on patches from <kick@kyoto.wide.ad.jp> and
fujiwara@rcac.tdi.co.jp)

KNF, final part 3

much more KNF

KNF part 1

syslog changes:
* Unified Logmessage for all auth-types, for success and for failed
* Standard connections get only ONE line in the LOG when level==LOG:
Auth-attempts are logged only, if authentication is:
a) successfull or
b) with passwd or
c) we had more than AUTH_FAIL_LOG failues
* many log() became verbose()
* old behaviour with level=VERBOSE

bugfix: loglevels are per host in clientconfig,
factor out common log-level parsing code.

add LogLevel {QUIET, FATAL, ERROR, INFO, CHAT, DEBUG} to ssh/sshd,
obsoletes QuietMode and FascistLogging in sshd.

allow log_stderr==2 to prefix log messages with argv[0]

use this to make scp's SFTP mode error messages more scp-like

prompted by and ok deraadt@

include pid in LogVerbose spam

do not pass file/func to monitor; noted by Ilja van Sprundel; ok djm@

highly polished whitespace, mostly fixing spaces-for-tab and bad
indentation on continuation lines. Prompted by GHPR#185

make program name be const

variants of the log methods that append a ssherr.h string from
a supplied error code; ok markus@

make the log functions that exit (sshlogdie(), sshfatal(), etc) have
identical signatures. Makes things a bit more consistent...

revised log infrastructure for OpenSSH

log functions receive function, filename and line number of caller.
We can use this to selectively enable logging via pattern-lists.

ok markus@

when redirecting sshd's log output to a file, undo this redirection
after the session child process is forked(); ok dtucker@

avoid expensive channel_open_message() calls; ok djm@

allow LogLevel in sshd_config Match blocks; ok dtucker bz#2717

don't truncate off \r\n from long stderr lines; bz#2688, reported by
Brian Dyson; ok dtucker@

Reduce the syslog level of some relatively common protocol events
from LOG_CRIT by replacing fatal() calls with logdie(). Part of
bz#2585, ok djm@

close ControlPersist background process stderr when not in
debug mode or when logging to a file or syslog.
bz#1988 ok dtucker

xmalloc.h is unused

Fix some "unused result" warnings found via clang and -portable. ok markus@

Add -E option to ssh and sshd to append debugging logs to a specified file
instead of stderr or syslog. ok markus@, man page help jmc@

Add ~v and ~V escape sequences to raise and lower the logging level
respectively. Man page help from jmc, ok deraadt jmc

make the pre-auth privsep slave log via a socketpair shared with the
monitor rather than /var/empty/dev/log; ok dtucker@ deraadt@ markus@

Add extended test mode (-T) and connection parameters for test mode (-C).
-T causes sshd to write its effective configuration to stdout and exit.
-C causes any relevant Match rules to be applied before output. The
combination allows tesing of the parser and config files. ok deraadt djm

save and restore errno when logging; ok deraadt@

make signal handler termination path shorter; risky code pointed out by
mark dowd; ok djm markus

almost entirely get rid of the culture of ".h files that include .h files"
ok djm, sort of ok stevesk
makes the pain stop in one easy step

move #include <stdio.h> out of includes.h

move #include <stdlib.h> out of includes.h

move #include <string.h> out of includes.h

move #include <unistd.h> out of includes.h

move #include <stdarg.h> out of includes.h; ok markus@

move user includes after /usr/include files

Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that
Theo nuked - our scripts to sync -portable need them in the files

RCSID() can die

branches: 1.29.8; 1.29.10;
replace fatal_cleanup() and linked list of fatal callbacks with static
cleanup_exit() function. re-refine cleanup_exit() where appropriate,
allocate sshd's authctxt eary to allow simpler cleanup in sshd.
tested by many, ok deraadt@

branches: 1.28.2;
pass logged data through strnvis; ok markus

use syslog_r() in a signal handler called place; markus ok

rename log() into logit() to avoid name conflict. markus ok, from netbsd

branches: 1.25.2;
set fatal_cleanups to NULL in fatal_remove_all_cleanups(); dtucker@zip.com.au

branches: 1.24.2;
remove fatal cleanups after fork; based on discussions with and code
from solar.

KNF

branches: 1.22.2;
overwrite fatal() in ssh-keyscan.c; fixes pr 2354; ok provos@

add SYSLOG_FACILITY_NOT_SET = -1, SYSLOG_LEVEL_NOT_SET = -1,
fixes arm/netbsd; based on patch from bjh21@netbsd.org; ok djm@

casts to silence enum type warnings for bugzilla bug 37; ok markus@

basic KNF done while i was looking for something else

branches: 1.18.2;
remove comments from .h, since they are cut&paste from the .c files
and out of sync

branches: 1.17.2;
log functions should not be passed strings that end in newline as they
get passed on to syslog() and when logging to stderr, do_log() appends
its own newline.

log*.c -> log.c

split ssh.h and try to cleanup the #include mess. remove unnecessary #includes.
rename util.[ch] -> misc.[ch]

log() is at pri=LOG_INFO, since LOG_NOTICE goes to /dev/console on many systems

rename SYSLOG_LEVEL_INFO->SYSLOG_LEVEL_NOTICE
syslog priority changes:
fatal() LOG_ERR -> LOG_CRIT
log() LOG_INFO -> LOG_NOTICE

replace 'unsigned bla' with 'u_bla' everywhere. also, replace 'char unsigned'
with u_char.

branches: 1.11.2;
allow loglevel debug

multiple debug levels

some more Copyright fixes

cleanup copyright notices on all files. I have attempted to be accurate with
the details. everything is now under Tatu's licence (which I copied from his
readme), and/or the core-sdi bsd-ish thing for deattack, or various openbsd
developers under a 2-term bsd licence. We're not changing any rules, just
being accurate.

branches: 1.7.2;
ipv6 support: mostly gethostbyname->getaddrinfo/getnameinfo, new features:
sshd allows multiple ListenAddress and Port options. note that libwrap is
not IPv6-ready. (based on patches from <kick@kyoto.wide.ad.jp> and
fujiwara@rcac.tdi.co.jp)

KNF, final part 3

much more KNF

KNF part 1

syslog changes:
* Unified Logmessage for all auth-types, for success and for failed
* Standard connections get only ONE line in the LOG when level==LOG:
Auth-attempts are logged only, if authentication is:
a) successfull or
b) with passwd or
c) we had more than AUTH_FAIL_LOG failues
* many log() became verbose()
* old behaviour with level=VERBOSE

bugfix: loglevels are per host in clientconfig,
factor out common log-level parsing code.

add LogLevel {QUIET, FATAL, ERROR, INFO, CHAT, DEBUG} to ssh/sshd,
obsoletes QuietMode and FascistLogging in sshd.

include pid in LogVerbose spam

do not pass file/func to monitor; noted by Ilja van Sprundel; ok djm@

highly polished whitespace, mostly fixing spaces-for-tab and bad
indentation on continuation lines. Prompted by GHPR#185

make program name be const

variants of the log methods that append a ssherr.h string from
a supplied error code; ok markus@

make the log functions that exit (sshlogdie(), sshfatal(), etc) have
identical signatures. Makes things a bit more consistent...

revised log infrastructure for OpenSSH

log functions receive function, filename and line number of caller.
We can use this to selectively enable logging via pattern-lists.

ok markus@

when redirecting sshd's log output to a file, undo this redirection
after the session child process is forked(); ok dtucker@

avoid expensive channel_open_message() calls; ok djm@

allow LogLevel in sshd_config Match blocks; ok dtucker bz#2717

don't truncate off \r\n from long stderr lines; bz#2688, reported by
Brian Dyson; ok dtucker@

Reduce the syslog level of some relatively common protocol events
from LOG_CRIT by replacing fatal() calls with logdie(). Part of
bz#2585, ok djm@

close ControlPersist background process stderr when not in
debug mode or when logging to a file or syslog.
bz#1988 ok dtucker

xmalloc.h is unused

Fix some "unused result" warnings found via clang and -portable. ok markus@

Add -E option to ssh and sshd to append debugging logs to a specified file
instead of stderr or syslog. ok markus@, man page help jmc@

Add ~v and ~V escape sequences to raise and lower the logging level
respectively. Man page help from jmc, ok deraadt jmc

make the pre-auth privsep slave log via a socketpair shared with the
monitor rather than /var/empty/dev/log; ok dtucker@ deraadt@ markus@

Add extended test mode (-T) and connection parameters for test mode (-C).
-T causes sshd to write its effective configuration to stdout and exit.
-C causes any relevant Match rules to be applied before output. The
combination allows tesing of the parser and config files. ok deraadt djm

save and restore errno when logging; ok deraadt@

make signal handler termination path shorter; risky code pointed out by
mark dowd; ok djm markus

almost entirely get rid of the culture of ".h files that include .h files"
ok djm, sort of ok stevesk
makes the pain stop in one easy step

move #include <stdio.h> out of includes.h

move #include <stdlib.h> out of includes.h

move #include <string.h> out of includes.h

move #include <unistd.h> out of includes.h

move #include <stdarg.h> out of includes.h; ok markus@

move user includes after /usr/include files

Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that
Theo nuked - our scripts to sync -portable need them in the files

RCSID() can die

branches: 1.29.8; 1.29.10;
replace fatal_cleanup() and linked list of fatal callbacks with static
cleanup_exit() function. re-refine cleanup_exit() where appropriate,
allocate sshd's authctxt eary to allow simpler cleanup in sshd.
tested by many, ok deraadt@

branches: 1.28.2;
pass logged data through strnvis; ok markus

use syslog_r() in a signal handler called place; markus ok

rename log() into logit() to avoid name conflict. markus ok, from netbsd

branches: 1.25.2;
set fatal_cleanups to NULL in fatal_remove_all_cleanups(); dtucker@zip.com.au

branches: 1.24.2;
remove fatal cleanups after fork; based on discussions with and code
from solar.

KNF

branches: 1.22.2;
overwrite fatal() in ssh-keyscan.c; fixes pr 2354; ok provos@

add SYSLOG_FACILITY_NOT_SET = -1, SYSLOG_LEVEL_NOT_SET = -1,
fixes arm/netbsd; based on patch from bjh21@netbsd.org; ok djm@

casts to silence enum type warnings for bugzilla bug 37; ok markus@

basic KNF done while i was looking for something else

branches: 1.18.2;
remove comments from .h, since they are cut&paste from the .c files
and out of sync

branches: 1.17.2;
log functions should not be passed strings that end in newline as they
get passed on to syslog() and when logging to stderr, do_log() appends
its own newline.

log*.c -> log.c

split ssh.h and try to cleanup the #include mess. remove unnecessary #includes.
rename util.[ch] -> misc.[ch]

log() is at pri=LOG_INFO, since LOG_NOTICE goes to /dev/console on many systems

rename SYSLOG_LEVEL_INFO->SYSLOG_LEVEL_NOTICE
syslog priority changes:
fatal() LOG_ERR -> LOG_CRIT
log() LOG_INFO -> LOG_NOTICE

replace 'unsigned bla' with 'u_bla' everywhere. also, replace 'char unsigned'
with u_char.

branches: 1.11.2;
allow loglevel debug

multiple debug levels

some more Copyright fixes

cleanup copyright notices on all files. I have attempted to be accurate with
the details. everything is now under Tatu's licence (which I copied from his
readme), and/or the core-sdi bsd-ish thing for deattack, or various openbsd
developers under a 2-term bsd licence. We're not changing any rules, just
being accurate.

branches: 1.7.2;
ipv6 support: mostly gethostbyname->getaddrinfo/getnameinfo, new features:
sshd allows multiple ListenAddress and Port options. note that libwrap is
not IPv6-ready. (based on patches from <kick@kyoto.wide.ad.jp> and
fujiwara@rcac.tdi.co.jp)

KNF, final part 3

much more KNF

KNF part 1

syslog changes:
* Unified Logmessage for all auth-types, for success and for failed
* Standard connections get only ONE line in the LOG when level==LOG:
Auth-attempts are logged only, if authentication is:
a) successfull or
b) with passwd or
c) we had more than AUTH_FAIL_LOG failues
* many log() became verbose()
* old behaviour with level=VERBOSE

bugfix: loglevels are per host in clientconfig,
factor out common log-level parsing code.

add LogLevel {QUIET, FATAL, ERROR, INFO, CHAT, DEBUG} to ssh/sshd,
obsoletes QuietMode and FascistLogging in sshd.

do not pass file/func to monitor; noted by Ilja van Sprundel; ok djm@

highly polished whitespace, mostly fixing spaces-for-tab and bad
indentation on continuation lines. Prompted by GHPR#185

make program name be const

variants of the log methods that append a ssherr.h string from
a supplied error code; ok markus@

make the log functions that exit (sshlogdie(), sshfatal(), etc) have
identical signatures. Makes things a bit more consistent...

revised log infrastructure for OpenSSH

log functions receive function, filename and line number of caller.
We can use this to selectively enable logging via pattern-lists.

ok markus@

when redirecting sshd's log output to a file, undo this redirection
after the session child process is forked(); ok dtucker@

avoid expensive channel_open_message() calls; ok djm@

allow LogLevel in sshd_config Match blocks; ok dtucker bz#2717

don't truncate off \r\n from long stderr lines; bz#2688, reported by
Brian Dyson; ok dtucker@

Reduce the syslog level of some relatively common protocol events
from LOG_CRIT by replacing fatal() calls with logdie(). Part of
bz#2585, ok djm@

close ControlPersist background process stderr when not in
debug mode or when logging to a file or syslog.
bz#1988 ok dtucker

xmalloc.h is unused

Fix some "unused result" warnings found via clang and -portable. ok markus@

Add -E option to ssh and sshd to append debugging logs to a specified file
instead of stderr or syslog. ok markus@, man page help jmc@

Add ~v and ~V escape sequences to raise and lower the logging level
respectively. Man page help from jmc, ok deraadt jmc

make the pre-auth privsep slave log via a socketpair shared with the
monitor rather than /var/empty/dev/log; ok dtucker@ deraadt@ markus@

Add extended test mode (-T) and connection parameters for test mode (-C).
-T causes sshd to write its effective configuration to stdout and exit.
-C causes any relevant Match rules to be applied before output. The
combination allows tesing of the parser and config files. ok deraadt djm

save and restore errno when logging; ok deraadt@

make signal handler termination path shorter; risky code pointed out by
mark dowd; ok djm markus

almost entirely get rid of the culture of ".h files that include .h files"
ok djm, sort of ok stevesk
makes the pain stop in one easy step

move #include <stdio.h> out of includes.h

move #include <stdlib.h> out of includes.h

move #include <string.h> out of includes.h

move #include <unistd.h> out of includes.h

move #include <stdarg.h> out of includes.h; ok markus@

move user includes after /usr/include files

Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that
Theo nuked - our scripts to sync -portable need them in the files

RCSID() can die

branches: 1.29.8; 1.29.10;
replace fatal_cleanup() and linked list of fatal callbacks with static
cleanup_exit() function. re-refine cleanup_exit() where appropriate,
allocate sshd's authctxt eary to allow simpler cleanup in sshd.
tested by many, ok deraadt@

branches: 1.28.2;
pass logged data through strnvis; ok markus

use syslog_r() in a signal handler called place; markus ok

rename log() into logit() to avoid name conflict. markus ok, from netbsd

branches: 1.25.2;
set fatal_cleanups to NULL in fatal_remove_all_cleanups(); dtucker@zip.com.au

branches: 1.24.2;
remove fatal cleanups after fork; based on discussions with and code
from solar.

KNF

branches: 1.22.2;
overwrite fatal() in ssh-keyscan.c; fixes pr 2354; ok provos@

add SYSLOG_FACILITY_NOT_SET = -1, SYSLOG_LEVEL_NOT_SET = -1,
fixes arm/netbsd; based on patch from bjh21@netbsd.org; ok djm@

casts to silence enum type warnings for bugzilla bug 37; ok markus@

basic KNF done while i was looking for something else

branches: 1.18.2;
remove comments from .h, since they are cut&paste from the .c files
and out of sync

branches: 1.17.2;
log functions should not be passed strings that end in newline as they
get passed on to syslog() and when logging to stderr, do_log() appends
its own newline.

log*.c -> log.c

split ssh.h and try to cleanup the #include mess. remove unnecessary #includes.
rename util.[ch] -> misc.[ch]

log() is at pri=LOG_INFO, since LOG_NOTICE goes to /dev/console on many systems

rename SYSLOG_LEVEL_INFO->SYSLOG_LEVEL_NOTICE
syslog priority changes:
fatal() LOG_ERR -> LOG_CRIT
log() LOG_INFO -> LOG_NOTICE

replace 'unsigned bla' with 'u_bla' everywhere. also, replace 'char unsigned'
with u_char.

branches: 1.11.2;
allow loglevel debug

multiple debug levels

some more Copyright fixes

cleanup copyright notices on all files. I have attempted to be accurate with
the details. everything is now under Tatu's licence (which I copied from his
readme), and/or the core-sdi bsd-ish thing for deattack, or various openbsd
developers under a 2-term bsd licence. We're not changing any rules, just
being accurate.

branches: 1.7.2;
ipv6 support: mostly gethostbyname->getaddrinfo/getnameinfo, new features:
sshd allows multiple ListenAddress and Port options. note that libwrap is
not IPv6-ready. (based on patches from <kick@kyoto.wide.ad.jp> and
fujiwara@rcac.tdi.co.jp)

KNF, final part 3

much more KNF

KNF part 1

syslog changes:
* Unified Logmessage for all auth-types, for success and for failed
* Standard connections get only ONE line in the LOG when level==LOG:
Auth-attempts are logged only, if authentication is:
a) successfull or
b) with passwd or
c) we had more than AUTH_FAIL_LOG failues
* many log() became verbose()
* old behaviour with level=VERBOSE

bugfix: loglevels are per host in clientconfig,
factor out common log-level parsing code.

add LogLevel {QUIET, FATAL, ERROR, INFO, CHAT, DEBUG} to ssh/sshd,
obsoletes QuietMode and FascistLogging in sshd.

highly polished whitespace, mostly fixing spaces-for-tab and bad
indentation on continuation lines. Prompted by GHPR#185

make program name be const

variants of the log methods that append a ssherr.h string from
a supplied error code; ok markus@

make the log functions that exit (sshlogdie(), sshfatal(), etc) have
identical signatures. Makes things a bit more consistent...

revised log infrastructure for OpenSSH

log functions receive function, filename and line number of caller.
We can use this to selectively enable logging via pattern-lists.

ok markus@

when redirecting sshd's log output to a file, undo this redirection
after the session child process is forked(); ok dtucker@

avoid expensive channel_open_message() calls; ok djm@

allow LogLevel in sshd_config Match blocks; ok dtucker bz#2717

don't truncate off \r\n from long stderr lines; bz#2688, reported by
Brian Dyson; ok dtucker@

Reduce the syslog level of some relatively common protocol events
from LOG_CRIT by replacing fatal() calls with logdie(). Part of
bz#2585, ok djm@

close ControlPersist background process stderr when not in
debug mode or when logging to a file or syslog.
bz#1988 ok dtucker

xmalloc.h is unused

Fix some "unused result" warnings found via clang and -portable. ok markus@

Add -E option to ssh and sshd to append debugging logs to a specified file
instead of stderr or syslog. ok markus@, man page help jmc@

Add ~v and ~V escape sequences to raise and lower the logging level
respectively. Man page help from jmc, ok deraadt jmc

make the pre-auth privsep slave log via a socketpair shared with the
monitor rather than /var/empty/dev/log; ok dtucker@ deraadt@ markus@

Add extended test mode (-T) and connection parameters for test mode (-C).
-T causes sshd to write its effective configuration to stdout and exit.
-C causes any relevant Match rules to be applied before output. The
combination allows tesing of the parser and config files. ok deraadt djm

save and restore errno when logging; ok deraadt@

make signal handler termination path shorter; risky code pointed out by
mark dowd; ok djm markus

almost entirely get rid of the culture of ".h files that include .h files"
ok djm, sort of ok stevesk
makes the pain stop in one easy step

move #include <stdio.h> out of includes.h

move #include <stdlib.h> out of includes.h

move #include <string.h> out of includes.h

move #include <unistd.h> out of includes.h

move #include <stdarg.h> out of includes.h; ok markus@

move user includes after /usr/include files

Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that
Theo nuked - our scripts to sync -portable need them in the files

RCSID() can die

branches: 1.29.8; 1.29.10;
replace fatal_cleanup() and linked list of fatal callbacks with static
cleanup_exit() function. re-refine cleanup_exit() where appropriate,
allocate sshd's authctxt eary to allow simpler cleanup in sshd.
tested by many, ok deraadt@

branches: 1.28.2;
pass logged data through strnvis; ok markus

use syslog_r() in a signal handler called place; markus ok

rename log() into logit() to avoid name conflict. markus ok, from netbsd

branches: 1.25.2;
set fatal_cleanups to NULL in fatal_remove_all_cleanups(); dtucker@zip.com.au

branches: 1.24.2;
remove fatal cleanups after fork; based on discussions with and code
from solar.

KNF

branches: 1.22.2;
overwrite fatal() in ssh-keyscan.c; fixes pr 2354; ok provos@

add SYSLOG_FACILITY_NOT_SET = -1, SYSLOG_LEVEL_NOT_SET = -1,
fixes arm/netbsd; based on patch from bjh21@netbsd.org; ok djm@

casts to silence enum type warnings for bugzilla bug 37; ok markus@

basic KNF done while i was looking for something else

branches: 1.18.2;
remove comments from .h, since they are cut&paste from the .c files
and out of sync

branches: 1.17.2;
log functions should not be passed strings that end in newline as they
get passed on to syslog() and when logging to stderr, do_log() appends
its own newline.

log*.c -> log.c

split ssh.h and try to cleanup the #include mess. remove unnecessary #includes.
rename util.[ch] -> misc.[ch]

log() is at pri=LOG_INFO, since LOG_NOTICE goes to /dev/console on many systems

rename SYSLOG_LEVEL_INFO->SYSLOG_LEVEL_NOTICE
syslog priority changes:
fatal() LOG_ERR -> LOG_CRIT
log() LOG_INFO -> LOG_NOTICE

replace 'unsigned bla' with 'u_bla' everywhere. also, replace 'char unsigned'
with u_char.

branches: 1.11.2;
allow loglevel debug

multiple debug levels

some more Copyright fixes

cleanup copyright notices on all files. I have attempted to be accurate with
the details. everything is now under Tatu's licence (which I copied from his
readme), and/or the core-sdi bsd-ish thing for deattack, or various openbsd
developers under a 2-term bsd licence. We're not changing any rules, just
being accurate.

branches: 1.7.2;
ipv6 support: mostly gethostbyname->getaddrinfo/getnameinfo, new features:
sshd allows multiple ListenAddress and Port options. note that libwrap is
not IPv6-ready. (based on patches from <kick@kyoto.wide.ad.jp> and
fujiwara@rcac.tdi.co.jp)

KNF, final part 3

much more KNF

KNF part 1

syslog changes:
* Unified Logmessage for all auth-types, for success and for failed
* Standard connections get only ONE line in the LOG when level==LOG:
Auth-attempts are logged only, if authentication is:
a) successfull or
b) with passwd or
c) we had more than AUTH_FAIL_LOG failues
* many log() became verbose()
* old behaviour with level=VERBOSE

bugfix: loglevels are per host in clientconfig,
factor out common log-level parsing code.

add LogLevel {QUIET, FATAL, ERROR, INFO, CHAT, DEBUG} to ssh/sshd,
obsoletes QuietMode and FascistLogging in sshd.

make program name be const

variants of the log methods that append a ssherr.h string from
a supplied error code; ok markus@

make the log functions that exit (sshlogdie(), sshfatal(), etc) have
identical signatures. Makes things a bit more consistent...

revised log infrastructure for OpenSSH

log functions receive function, filename and line number of caller.
We can use this to selectively enable logging via pattern-lists.

ok markus@

when redirecting sshd's log output to a file, undo this redirection
after the session child process is forked(); ok dtucker@

avoid expensive channel_open_message() calls; ok djm@

allow LogLevel in sshd_config Match blocks; ok dtucker bz#2717

don't truncate off \r\n from long stderr lines; bz#2688, reported by
Brian Dyson; ok dtucker@

Reduce the syslog level of some relatively common protocol events
from LOG_CRIT by replacing fatal() calls with logdie(). Part of
bz#2585, ok djm@

close ControlPersist background process stderr when not in
debug mode or when logging to a file or syslog.
bz#1988 ok dtucker

xmalloc.h is unused

Fix some "unused result" warnings found via clang and -portable. ok markus@

Add -E option to ssh and sshd to append debugging logs to a specified file
instead of stderr or syslog. ok markus@, man page help jmc@

Add ~v and ~V escape sequences to raise and lower the logging level
respectively. Man page help from jmc, ok deraadt jmc

make the pre-auth privsep slave log via a socketpair shared with the
monitor rather than /var/empty/dev/log; ok dtucker@ deraadt@ markus@

Add extended test mode (-T) and connection parameters for test mode (-C).
-T causes sshd to write its effective configuration to stdout and exit.
-C causes any relevant Match rules to be applied before output. The
combination allows tesing of the parser and config files. ok deraadt djm

save and restore errno when logging; ok deraadt@

make signal handler termination path shorter; risky code pointed out by
mark dowd; ok djm markus

almost entirely get rid of the culture of ".h files that include .h files"
ok djm, sort of ok stevesk
makes the pain stop in one easy step

move #include <stdio.h> out of includes.h

move #include <stdlib.h> out of includes.h

move #include <string.h> out of includes.h

move #include <unistd.h> out of includes.h

move #include <stdarg.h> out of includes.h; ok markus@

move user includes after /usr/include files

Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that
Theo nuked - our scripts to sync -portable need them in the files

RCSID() can die

branches: 1.29.8; 1.29.10;
replace fatal_cleanup() and linked list of fatal callbacks with static
cleanup_exit() function. re-refine cleanup_exit() where appropriate,
allocate sshd's authctxt eary to allow simpler cleanup in sshd.
tested by many, ok deraadt@

branches: 1.28.2;
pass logged data through strnvis; ok markus

use syslog_r() in a signal handler called place; markus ok

rename log() into logit() to avoid name conflict. markus ok, from netbsd

branches: 1.25.2;
set fatal_cleanups to NULL in fatal_remove_all_cleanups(); dtucker@zip.com.au

branches: 1.24.2;
remove fatal cleanups after fork; based on discussions with and code
from solar.

KNF

branches: 1.22.2;
overwrite fatal() in ssh-keyscan.c; fixes pr 2354; ok provos@

add SYSLOG_FACILITY_NOT_SET = -1, SYSLOG_LEVEL_NOT_SET = -1,
fixes arm/netbsd; based on patch from bjh21@netbsd.org; ok djm@

casts to silence enum type warnings for bugzilla bug 37; ok markus@

basic KNF done while i was looking for something else

branches: 1.18.2;
remove comments from .h, since they are cut&paste from the .c files
and out of sync

branches: 1.17.2;
log functions should not be passed strings that end in newline as they
get passed on to syslog() and when logging to stderr, do_log() appends
its own newline.

log*.c -> log.c

split ssh.h and try to cleanup the #include mess. remove unnecessary #includes.
rename util.[ch] -> misc.[ch]

log() is at pri=LOG_INFO, since LOG_NOTICE goes to /dev/console on many systems

rename SYSLOG_LEVEL_INFO->SYSLOG_LEVEL_NOTICE
syslog priority changes:
fatal() LOG_ERR -> LOG_CRIT
log() LOG_INFO -> LOG_NOTICE

replace 'unsigned bla' with 'u_bla' everywhere. also, replace 'char unsigned'
with u_char.

branches: 1.11.2;
allow loglevel debug

multiple debug levels

some more Copyright fixes

cleanup copyright notices on all files. I have attempted to be accurate with
the details. everything is now under Tatu's licence (which I copied from his
readme), and/or the core-sdi bsd-ish thing for deattack, or various openbsd
developers under a 2-term bsd licence. We're not changing any rules, just
being accurate.

branches: 1.7.2;
ipv6 support: mostly gethostbyname->getaddrinfo/getnameinfo, new features:
sshd allows multiple ListenAddress and Port options. note that libwrap is
not IPv6-ready. (based on patches from <kick@kyoto.wide.ad.jp> and
fujiwara@rcac.tdi.co.jp)

KNF, final part 3

much more KNF

KNF part 1

syslog changes:
* Unified Logmessage for all auth-types, for success and for failed
* Standard connections get only ONE line in the LOG when level==LOG:
Auth-attempts are logged only, if authentication is:
a) successfull or
b) with passwd or
c) we had more than AUTH_FAIL_LOG failues
* many log() became verbose()
* old behaviour with level=VERBOSE

bugfix: loglevels are per host in clientconfig,
factor out common log-level parsing code.

add LogLevel {QUIET, FATAL, ERROR, INFO, CHAT, DEBUG} to ssh/sshd,
obsoletes QuietMode and FascistLogging in sshd.

variants of the log methods that append a ssherr.h string from
a supplied error code; ok markus@

make the log functions that exit (sshlogdie(), sshfatal(), etc) have
identical signatures. Makes things a bit more consistent...

revised log infrastructure for OpenSSH

log functions receive function, filename and line number of caller.
We can use this to selectively enable logging via pattern-lists.

ok markus@

when redirecting sshd's log output to a file, undo this redirection
after the session child process is forked(); ok dtucker@

avoid expensive channel_open_message() calls; ok djm@

allow LogLevel in sshd_config Match blocks; ok dtucker bz#2717

don't truncate off \r\n from long stderr lines; bz#2688, reported by
Brian Dyson; ok dtucker@

Reduce the syslog level of some relatively common protocol events
from LOG_CRIT by replacing fatal() calls with logdie(). Part of
bz#2585, ok djm@

close ControlPersist background process stderr when not in
debug mode or when logging to a file or syslog.
bz#1988 ok dtucker

xmalloc.h is unused

Fix some "unused result" warnings found via clang and -portable. ok markus@

Add -E option to ssh and sshd to append debugging logs to a specified file
instead of stderr or syslog. ok markus@, man page help jmc@

Add ~v and ~V escape sequences to raise and lower the logging level
respectively. Man page help from jmc, ok deraadt jmc

make the pre-auth privsep slave log via a socketpair shared with the
monitor rather than /var/empty/dev/log; ok dtucker@ deraadt@ markus@

Add extended test mode (-T) and connection parameters for test mode (-C).
-T causes sshd to write its effective configuration to stdout and exit.
-C causes any relevant Match rules to be applied before output. The
combination allows tesing of the parser and config files. ok deraadt djm

save and restore errno when logging; ok deraadt@

make signal handler termination path shorter; risky code pointed out by
mark dowd; ok djm markus

almost entirely get rid of the culture of ".h files that include .h files"
ok djm, sort of ok stevesk
makes the pain stop in one easy step

move #include <stdio.h> out of includes.h

move #include <stdlib.h> out of includes.h

move #include <string.h> out of includes.h

move #include <unistd.h> out of includes.h

move #include <stdarg.h> out of includes.h; ok markus@

move user includes after /usr/include files

Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that
Theo nuked - our scripts to sync -portable need them in the files

RCSID() can die

branches: 1.29.8; 1.29.10;
replace fatal_cleanup() and linked list of fatal callbacks with static
cleanup_exit() function. re-refine cleanup_exit() where appropriate,
allocate sshd's authctxt eary to allow simpler cleanup in sshd.
tested by many, ok deraadt@

branches: 1.28.2;
pass logged data through strnvis; ok markus

use syslog_r() in a signal handler called place; markus ok

rename log() into logit() to avoid name conflict. markus ok, from netbsd

branches: 1.25.2;
set fatal_cleanups to NULL in fatal_remove_all_cleanups(); dtucker@zip.com.au

branches: 1.24.2;
remove fatal cleanups after fork; based on discussions with and code
from solar.

KNF

branches: 1.22.2;
overwrite fatal() in ssh-keyscan.c; fixes pr 2354; ok provos@

add SYSLOG_FACILITY_NOT_SET = -1, SYSLOG_LEVEL_NOT_SET = -1,
fixes arm/netbsd; based on patch from bjh21@netbsd.org; ok djm@

casts to silence enum type warnings for bugzilla bug 37; ok markus@

basic KNF done while i was looking for something else

branches: 1.18.2;
remove comments from .h, since they are cut&paste from the .c files
and out of sync