diff -ur openssh-3.6.1p1.orig/auth-pam.c openssh-3.6.1p1/auth-pam.c --- openssh-3.6.1p1.orig/auth-pam.c Wed Jan 22 04:42:26 2003 +++ openssh-3.6.1p1/auth-pam.c Mon Apr 7 21:18:21 2003 @@ -79,6 +79,7 @@ int do_pam_authenticate(int flags) { int retval = pam_authenticate(__pamh, flags); + log_reinit(); was_authenticated = (retval == PAM_SUCCESS); return retval; } @@ -181,6 +182,7 @@ if (__pamh && session_opened) { pam_retval = pam_close_session(__pamh, 0); + log_reinit(); if (pam_retval != PAM_SUCCESS) log("Cannot close PAM session[%d]: %.200s", pam_retval, PAM_STRERROR(__pamh, pam_retval)); @@ -188,6 +190,7 @@ if (__pamh && creds_set) { pam_retval = pam_setcred(__pamh, PAM_DELETE_CRED); + log_reinit(); if (pam_retval != PAM_SUCCESS) debug("Cannot delete credentials[%d]: %.200s", pam_retval, PAM_STRERROR(__pamh, pam_retval)); @@ -243,6 +246,7 @@ } pam_retval = pam_acct_mgmt(__pamh, 0); + log_reinit(); debug2("pam_acct_mgmt() = %d", pam_retval); switch (pam_retval) { case PAM_SUCCESS: @@ -286,6 +290,7 @@ } pam_retval = pam_open_session(__pamh, 0); + log_reinit(); if (pam_retval != PAM_SUCCESS) fatal("PAM session setup failed[%d]: %.200s", pam_retval, PAM_STRERROR(__pamh, pam_retval)); @@ -306,6 +311,7 @@ debug("PAM establishing creds"); pam_retval = pam_setcred(__pamh, init ? PAM_ESTABLISH_CRED : PAM_REINITIALIZE_CRED); + log_reinit(); if (pam_retval != PAM_SUCCESS) { if (was_authenticated) fatal("PAM setcred failed[%d]: %.200s", @@ -341,6 +347,7 @@ " with privilege separation"); pamstate = OTHER; pam_retval = pam_chauthtok(__pamh, PAM_CHANGE_EXPIRED_AUTHTOK); + log_reinit(); if (pam_retval != PAM_SUCCESS) fatal("PAM pam_chauthtok failed[%d]: %.200s", pam_retval, PAM_STRERROR(__pamh, pam_retval)); diff -ur openssh-3.6.1p1.orig/entropy.c openssh-3.6.1p1/entropy.c --- openssh-3.6.1p1.orig/entropy.c Sun Jun 9 19:41:48 2002 +++ openssh-3.6.1p1/entropy.c Sat Jun 29 16:36:17 2002 @@ -93,7 +93,8 @@ original_uid, strerror(errno)); _exit(1); } - + + log_done(); execl(SSH_RAND_HELPER, "ssh-rand-helper", NULL); fprintf(stderr, "(rand child) Couldn't exec '%s': %s\n", SSH_RAND_HELPER, strerror(errno)); diff -ur openssh-3.6.1p1.orig/log.c openssh-3.6.1p1/log.c --- openssh-3.6.1p1.orig/log.c Tue Jan 14 11:22:43 2003 +++ openssh-3.6.1p1/log.c Mon Apr 7 21:20:02 2003 @@ -262,6 +262,15 @@ */ void +log_reinit(void) +{ + if (log_on_stderr) + return; + + openlog(argv0 ? argv0 : __progname, LOG_PID|LOG_NDELAY, log_facility); +} + +void log_init(char *av0, LogLevel level, SyslogFacility facility, int on_stderr) { argv0 = av0; @@ -332,6 +341,15 @@ (int) facility); exit(1); } + + tzset(); + log_reinit(); +} + +void +log_done(void) +{ + closelog(); } #define MSGBUFSIZ 1024 @@ -393,8 +411,6 @@ if (log_on_stderr) { fprintf(stderr, "%s\r\n", fmtbuf); } else { - openlog(argv0 ? argv0 : __progname, LOG_PID, log_facility); syslog(pri, "%.500s", fmtbuf); - closelog(); } } diff -ur openssh-3.6.1p1.orig/log.h openssh-3.6.1p1/log.h --- openssh-3.6.1p1.orig/log.h Tue Jul 23 21:01:57 2002 +++ openssh-3.6.1p1/log.h Mon Apr 7 21:18:21 2003 @@ -49,6 +49,8 @@ } LogLevel; void log_init(char *, LogLevel, SyslogFacility, int); +void log_done(void); +void log_reinit(void); SyslogFacility log_facility_number(char *); LogLevel log_level_number(char *); diff -ur openssh-3.6.1p1.orig/monitor.c openssh-3.6.1p1/monitor.c --- openssh-3.6.1p1.orig/monitor.c Tue Apr 1 11:43:39 2003 +++ openssh-3.6.1p1/monitor.c Mon Apr 7 21:18:21 2003 @@ -292,8 +292,6 @@ } if (ent->flags & MON_AUTHDECIDE) { - auth_log(authctxt, authenticated, auth_method, - compat20 ? " ssh2" : ""); if (!authenticated) authctxt->failures++; } diff -ur openssh-3.6.1p1.orig/openbsd-compat/bsd-cray.c openssh-3.6.1p1/openbsd-compat/bsd-cray.c --- openssh-3.6.1p1.orig/openbsd-compat/bsd-cray.c Thu Sep 26 00:38:51 2002 +++ openssh-3.6.1p1/openbsd-compat/bsd-cray.c Mon Apr 7 21:26:05 2003 @@ -287,6 +287,7 @@ if (ttyname(0) != NULL) { /* Force a password change */ printf("Your password has expired; Choose a new one.\n"); + log_done(); execl("/bin/passwd", "passwd", username, 0); exit(9); } @@ -724,7 +725,9 @@ return; if ((child = fork()) == 0) { + log_done(); execl(CLEANTMPCMD, CLEANTMPCMD, login, jtmp, (char *)NULL); + log_reinit(); fatal("cray_delete_tmpdir: execl of CLEANTMPCMD failed"); } diff -ur openssh-3.6.1p1.orig/readpass.c openssh-3.6.1p1/readpass.c --- openssh-3.6.1p1.orig/readpass.c Fri Jan 24 00:36:23 2003 +++ openssh-3.6.1p1/readpass.c Mon Apr 7 21:18:21 2003 @@ -58,7 +58,9 @@ close(p[0]); if (dup2(p[1], STDOUT_FILENO) < 0) fatal("ssh_askpass: dup2: %s", strerror(errno)); + log_done(); execlp(askpass, askpass, msg, (char *) 0); + log_reinit(); fatal("ssh_askpass: exec(%s): %s", askpass, strerror(errno)); } close(p[1]); diff -ur openssh-3.6.1p1.orig/scp.c openssh-3.6.1p1/scp.c --- openssh-3.6.1p1.orig/scp.c Fri Mar 21 00:55:32 2003 +++ openssh-3.6.1p1/scp.c Mon Apr 7 21:18:21 2003 @@ -163,6 +163,7 @@ addargs(&args, "%s", host); addargs(&args, "%s", cmd); + log_done(); execvp(ssh_program, args.list); perror(ssh_program); exit(1); diff -ur openssh-3.6.1p1.orig/session.c openssh-3.6.1p1/session.c --- openssh-3.6.1p1.orig/session.c Fri Mar 21 01:18:09 2003 +++ openssh-3.6.1p1/session.c Mon Apr 7 21:18:21 2003 @@ -468,7 +468,7 @@ fatal_remove_all_cleanups(); /* Child. Reinitialize the log since the pid has changed. */ - log_init(__progname, options.log_level, options.log_facility, log_stderr); + log_reinit(); /* * Create a new session and process group since the 4.4BSD @@ -592,7 +592,7 @@ fatal_remove_all_cleanups(); /* Child. Reinitialize the log because the pid has changed. */ - log_init(__progname, options.log_level, options.log_facility, log_stderr); + log_reinit(); /* Close the master side of the pseudo tty. */ close(ptyfd); @@ -1273,6 +1273,7 @@ { /* Launch login(1). */ + log_done(); execl(LOGIN_PROGRAM, "login", "-h", hostname, #ifdef xxxLOGIN_NEEDS_TERM (s->term ? s->term : "unknown"), @@ -1448,6 +1449,8 @@ exit(1); } + log_done(); + /* Execute the shell. */ argv[0] = argv0; argv[1] = NULL; @@ -1457,6 +1460,9 @@ perror(shell); exit(1); } + + log_done(); + /* * Execute the command using the user's shell. This uses the -c * option to execute the command. diff -ur openssh-3.6.1p1.orig/sftp-int.c openssh-3.6.1p1/sftp-int.c --- openssh-3.6.1p1.orig/sftp-int.c Mon Mar 10 00:21:18 2003 +++ openssh-3.6.1p1/sftp-int.c Mon Apr 7 21:18:21 2003 @@ -172,9 +172,11 @@ /* XXX: child has pipe fds to ssh subproc open - issue? */ if (args) { debug3("Executing %s -c \"%s\"", shell, args); + log_done(); execl(shell, shell, "-c", args, (char *)NULL); } else { debug3("Executing %s", shell); + log_done(); execl(shell, shell, (char *)NULL); } fprintf(stderr, "Couldn't execute \"%s\": %s\n", shell, diff -ur openssh-3.6.1p1.orig/sftp.c openssh-3.6.1p1/sftp.c --- openssh-3.6.1p1.orig/sftp.c Fri Jan 10 10:43:25 2003 +++ openssh-3.6.1p1/sftp.c Mon Apr 7 21:18:21 2003 @@ -86,6 +86,7 @@ close(*out); close(c_in); close(c_out); + log_done(); execv(path, args); fprintf(stderr, "exec: %s: %s\n", path, strerror(errno)); exit(1); diff -ur openssh-3.6.1p1.orig/ssh-agent.c openssh-3.6.1p1/ssh-agent.c --- openssh-3.6.1p1.orig/ssh-agent.c Sat Mar 15 00:37:09 2003 +++ openssh-3.6.1p1/ssh-agent.c Mon Apr 7 21:18:21 2003 @@ -1159,6 +1159,7 @@ perror("setenv"); exit(1); } + log_done(); execvp(av[0], av); perror(av[0]); exit(1); diff -ur openssh-3.6.1p1.orig/ssh-rand-helper.c openssh-3.6.1p1/ssh-rand-helper.c --- openssh-3.6.1p1.orig/ssh-rand-helper.c Mon Mar 17 05:13:53 2003 +++ openssh-3.6.1p1/ssh-rand-helper.c Mon Apr 7 21:18:21 2003 @@ -312,7 +312,9 @@ close(p[1]); close(devnull); + log_done(); execv(src->path, (char**)(src->args)); + log_reinit(); debug("(child) Couldn't exec '%s': %s", src->cmdstring, strerror(errno)); diff -ur openssh-3.6.1p1.orig/sshconnect.c openssh-3.6.1p1/sshconnect.c --- openssh-3.6.1p1.orig/sshconnect.c Mon Dec 23 02:06:20 2002 +++ openssh-3.6.1p1/sshconnect.c Mon Apr 7 21:18:21 2003 @@ -126,6 +126,8 @@ /* Cannot be 1 because pin allocated two descriptors. */ close(pout[1]); + log_done(); + /* Stderr is left as it is so that error messages get printed on the user's terminal. */ argv[0] = _PATH_BSHELL; diff -ur openssh-3.6.1p1.orig/sshconnect2.c openssh-3.6.1p1/sshconnect2.c --- openssh-3.6.1p1.orig/sshconnect2.c Tue Apr 1 11:43:40 2003 +++ openssh-3.6.1p1/sshconnect2.c Mon Apr 7 21:18:21 2003 @@ -937,7 +937,9 @@ fatal("ssh_keysign: dup2: %s", strerror(errno)); close(from[1]); close(to[0]); + log_done(); execl(_PATH_SSH_KEY_SIGN, _PATH_SSH_KEY_SIGN, (char *) 0); + log_reinit(); fatal("ssh_keysign: exec(%s): %s", _PATH_SSH_KEY_SIGN, strerror(errno)); } diff -ur openssh-3.6.1p1.orig/sshd.c openssh-3.6.1p1/sshd.c --- openssh-3.6.1p1.orig/sshd.c Mon Mar 10 00:38:10 2003 +++ openssh-3.6.1p1/sshd.c Mon Apr 7 21:18:21 2003 @@ -261,7 +261,9 @@ log("Received SIGHUP; restarting."); close_listen_socks(); close_startup_pipes(); + log_done(); execv(saved_argv[0], saved_argv); + log_reinit(); log("RESTART FAILED: av[0]='%.100s', error: %.100s.", saved_argv[0], strerror(errno)); exit(1); @@ -1111,7 +1113,7 @@ #endif /* TIOCNOTTY */ } /* Reinitialize the log (because of the fork above). */ - log_init(__progname, options.log_level, options.log_facility, log_stderr); + log_reinit(); /* Initialize the random number generator. */ arc4random_stir(); @@ -1360,7 +1362,7 @@ close_listen_socks(); sock_in = newsock; sock_out = newsock; - log_init(__progname, options.log_level, options.log_facility, log_stderr); + log_reinit(); break; } }