From d51a1029dda4c055e9406c395d53b54074ae40ef Mon Sep 17 00:00:00 2001 From: dtucker Date: Fri, 15 Jul 2016 05:01:58 +0000 Subject: [PATCH] Reduce the syslog level of some relatively common protocol events from LOG_CRIT by replacing fatal() calls with logdie(). Part of bz#2585, ok djm@ --- usr.bin/ssh/log.c | 12 +++++++++++- usr.bin/ssh/log.h | 4 +++- usr.bin/ssh/packet.c | 21 ++++++++------------- 3 files changed, 22 insertions(+), 15 deletions(-) diff --git a/usr.bin/ssh/log.c b/usr.bin/ssh/log.c index 8039896371f..6228989b44b 100644 --- a/usr.bin/ssh/log.c +++ b/usr.bin/ssh/log.c @@ -1,4 +1,4 @@ -/* $OpenBSD: log.c,v 1.47 2016/04/29 08:07:53 djm Exp $ */ +/* $OpenBSD: log.c,v 1.48 2016/07/15 05:01:58 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -164,6 +164,16 @@ sigdie(const char *fmt,...) _exit(1); } +void +logdie(const char *fmt,...) +{ + va_list args; + + va_start(args, fmt); + do_log(SYSLOG_LEVEL_INFO, fmt, args); + va_end(args); + cleanup_exit(255); +} /* Log this message (information that usually should go to the log). */ diff --git a/usr.bin/ssh/log.h b/usr.bin/ssh/log.h index d7ff4033117..fef04d0c3b8 100644 --- a/usr.bin/ssh/log.h +++ b/usr.bin/ssh/log.h @@ -1,4 +1,4 @@ -/* $OpenBSD: log.h,v 1.20 2013/04/07 02:10:33 dtucker Exp $ */ +/* $OpenBSD: log.h,v 1.21 2016/07/15 05:01:58 dtucker Exp $ */ /* * Author: Tatu Ylonen @@ -60,6 +60,8 @@ void fatal(const char *, ...) __attribute__((noreturn)) void error(const char *, ...) __attribute__((format(printf, 1, 2))); void sigdie(const char *, ...) __attribute__((noreturn)) __attribute__((format(printf, 1, 2))); +void logdie(const char *, ...) __attribute__((noreturn)) + __attribute__((format(printf, 1, 2))); void logit(const char *, ...) __attribute__((format(printf, 1, 2))); void verbose(const char *, ...) __attribute__((format(printf, 1, 2))); void debug(const char *, ...) __attribute__((format(printf, 1, 2))); diff --git a/usr.bin/ssh/packet.c b/usr.bin/ssh/packet.c index 7e4555377ae..42a11cd0cf7 100644 --- a/usr.bin/ssh/packet.c +++ b/usr.bin/ssh/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.231 2016/07/08 03:44:42 djm Exp $ */ +/* $OpenBSD: packet.c,v 1.232 2016/07/15 05:01:58 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -2061,24 +2061,19 @@ sshpkt_fatal(struct ssh *ssh, const char *tag, int r) { switch (r) { case SSH_ERR_CONN_CLOSED: - logit("Connection closed by %.200s port %d", + logdie("Connection closed by %.200s port %d", ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); - cleanup_exit(255); case SSH_ERR_CONN_TIMEOUT: - logit("Connection %s %.200s port %d timed out", + logdie("Connection %s %.200s port %d timed out", ssh->state->server_side ? "from" : "to", ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); - cleanup_exit(255); case SSH_ERR_DISCONNECTED: - logit("Disconnected from %.200s port %d", + logdie("Disconnected from %.200s port %d", ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); - cleanup_exit(255); case SSH_ERR_SYSTEM_ERROR: - if (errno == ECONNRESET) { - logit("Connection reset by %.200s port %d", + if (errno == ECONNRESET) + logdie("Connection reset by %.200s port %d", ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); - cleanup_exit(255); - } /* FALLTHROUGH */ case SSH_ERR_NO_CIPHER_ALG_MATCH: case SSH_ERR_NO_MAC_ALG_MATCH: @@ -2086,14 +2081,14 @@ sshpkt_fatal(struct ssh *ssh, const char *tag, int r) case SSH_ERR_NO_KEX_ALG_MATCH: case SSH_ERR_NO_HOSTKEY_ALG_MATCH: if (ssh && ssh->kex && ssh->kex->failed_choice) { - fatal("Unable to negotiate with %.200s port %d: %s. " + logdie("Unable to negotiate with %.200s port %d: %s. " "Their offer: %s", ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), ssh_err(r), ssh->kex->failed_choice); } /* FALLTHROUGH */ default: - fatal("%s%sConnection %s %.200s port %d: %s", + logdie("%s%sConnection %s %.200s port %d: %s", tag != NULL ? tag : "", tag != NULL ? ": " : "", ssh->state->server_side ? "from" : "to", ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), ssh_err(r)); -- 2.20.1