Commit 996acd24 authored by Damien Miller's avatar Damien Miller

*** empty log message ***

parent 5f16a5ee
......@@ -78,7 +78,7 @@ krb4_init(void *context)
return (1);
}
/* Failure - cancel cleanup function, leaving ticket for inspection. */
log("WARNING: bad ticket file %s", authctxt->krb4_ticket_file);
logit("WARNING: bad ticket file %s", authctxt->krb4_ticket_file);
fatal_remove_cleanup(krb4_cleanup_proc, authctxt);
cleanup_registered = 0;
......@@ -114,7 +114,7 @@ auth_krb4_password(Authctxt *authctxt, const char *password)
if (pw->pw_uid != 0 && krb_get_lrealm(realm, 1) == KSUCCESS) {
/* Set up our ticket file. */
if (!krb4_init(authctxt)) {
log("Couldn't initialize Kerberos ticket file for %s!",
logit("Couldn't initialize Kerberos ticket file for %s!",
pw->pw_name);
goto failure;
}
......@@ -141,7 +141,7 @@ auth_krb4_password(Authctxt *authctxt, const char *password)
if (r == KSUCCESS) {
if ((hp = gethostbyname(localhost)) == NULL) {
log("Couldn't get local host address!");
logit("Couldn't get local host address!");
goto failure;
}
memmove((void *)&faddr, (void *)hp->h_addr,
......@@ -155,12 +155,12 @@ auth_krb4_password(Authctxt *authctxt, const char *password)
* Probably didn't have a srvtab on
* localhost. Disallow login.
*/
log("Kerberos v4 TGT for %s unverifiable, "
logit("Kerberos v4 TGT for %s unverifiable, "
"no srvtab installed? krb_rd_req: %s",
pw->pw_name, krb_err_txt[r]);
goto failure;
} else if (r != KSUCCESS) {
log("Kerberos v4 %s ticket unverifiable: %s",
logit("Kerberos v4 %s ticket unverifiable: %s",
KRB4_SERVICE_NAME, krb_err_txt[r]);
goto failure;
}
......@@ -169,7 +169,7 @@ auth_krb4_password(Authctxt *authctxt, const char *password)
* Disallow login if no rcmd service exists, and
* log the error.
*/
log("Kerberos v4 TGT for %s unverifiable: %s; %s.%s "
logit("Kerberos v4 TGT for %s unverifiable: %s; %s.%s "
"not registered, or srvtab is wrong?", pw->pw_name,
krb_err_txt[r], KRB4_SERVICE_NAME, phost);
goto failure;
......@@ -249,7 +249,7 @@ auth_krb4(Authctxt *authctxt, KTEXT auth, char **client, KTEXT reply)
/* Check ~/.klogin authorization now. */
if (kuserok(&adat, authctxt->user) != KSUCCESS) {
log("Kerberos v4 .klogin authorization failed for %s to "
logit("Kerberos v4 .klogin authorization failed for %s to "
"account %s", *client, authctxt->user);
xfree(*client);
*client = NULL;
......@@ -289,14 +289,14 @@ auth_krb4_tgt(Authctxt *authctxt, const char *string)
temporarily_use_uid(pw);
if (!radix_to_creds(string, &creds)) {
log("Protocol error decoding Kerberos v4 TGT");
logit("Protocol error decoding Kerberos v4 TGT");
goto failure;
}
if (strncmp(creds.service, "", 1) == 0) /* backward compatibility */
strlcpy(creds.service, "krbtgt", sizeof creds.service);
if (strcmp(creds.service, "krbtgt")) {
log("Kerberos v4 TGT (%s%s%s@%s) rejected for %s",
logit("Kerberos v4 TGT (%s%s%s@%s) rejected for %s",
creds.pname, creds.pinst[0] ? "." : "", creds.pinst,
creds.realm, pw->pw_name);
goto failure;
......@@ -343,7 +343,7 @@ auth_afs_token(Authctxt *authctxt, const char *token_string)
return (0);
if (!radix_to_creds(token_string, &creds)) {
log("Protocol error decoding AFS token");
logit("Protocol error decoding AFS token");
return (0);
}
if (strncmp(creds.service, "", 1) == 0) /* backward compatibility */
......@@ -355,7 +355,7 @@ auth_afs_token(Authctxt *authctxt, const char *token_string)
uid = pw->pw_uid;
if (kafs_settoken(creds.realm, uid, &creds)) {
log("AFS token (%s@%s) rejected for %s",
logit("AFS token (%s@%s) rejected for %s",
creds.pname, creds.realm, pw->pw_name);
memset(&creds, 0, sizeof(creds));
return (0);
......
......@@ -189,12 +189,12 @@ auth_krb5_tgt(Authctxt *authctxt, krb5_data *tgt)
snprintf(ccname,sizeof(ccname),"FILE:/tmp/krb5cc_%d_XXXXXX",geteuid());
if ((tmpfd = mkstemp(ccname+strlen("FILE:")))==-1) {
log("mkstemp(): %.100s", strerror(errno));
logit("mkstemp(): %.100s", strerror(errno));
problem = errno;
goto fail;
}
if (fchmod(tmpfd,S_IRUSR | S_IWUSR) == -1) {
log("fchmod(): %.100s", strerror(errno));
logit("fchmod(): %.100s", strerror(errno));
close(tmpfd);
problem = errno;
goto fail;
......@@ -326,13 +326,13 @@ auth_krb5_password(Authctxt *authctxt, const char *password)
snprintf(ccname,sizeof(ccname),"FILE:/tmp/krb5cc_%d_XXXXXX",geteuid());
if ((tmpfd = mkstemp(ccname+strlen("FILE:")))==-1) {
log("mkstemp(): %.100s", strerror(errno));
logit("mkstemp(): %.100s", strerror(errno));
problem = errno;
goto out;
}
if (fchmod(tmpfd,S_IRUSR | S_IWUSR) == -1) {
log("fchmod(): %.100s", strerror(errno));
logit("fchmod(): %.100s", strerror(errno));
close(tmpfd);
problem = errno;
goto out;
......
......@@ -201,7 +201,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
if (match_host_and_ip(remote_host, remote_ip,
patterns) != 1) {
xfree(patterns);
log("Authentication tried for %.100s with "
logit("Authentication tried for %.100s with "
"correct key but not from a permitted "
"host (host=%.200s, ip=%.200s).",
pw->pw_name, remote_host, remote_ip);
......@@ -287,7 +287,7 @@ next_option:
return 1;
bad_option:
log("Bad options in %.100s file, line %lu: %.50s",
logit("Bad options in %.100s file, line %lu: %.50s",
file, linenum, opts);
auth_debug_add("Bad options in %.100s file, line %lu: %.50s",
file, linenum, opts);
......
......@@ -38,7 +38,7 @@ extern char *__progname;
extern int use_privsep;
RCSID("$Id: auth-pam.c,v 1.55 2003/01/22 04:42:26 djm Exp $");
RCSID("$Id: auth-pam.c,v 1.56 2003/04/09 10:59:48 djm Exp $");
#define NEW_AUTHTOK_MSG \
"Warning: Your password has expired, please change it now."
......@@ -182,7 +182,7 @@ void do_pam_cleanup_proc(void *context)
if (__pamh && session_opened) {
pam_retval = pam_close_session(__pamh, 0);
if (pam_retval != PAM_SUCCESS)
log("Cannot close PAM session[%d]: %.200s",
logit("Cannot close PAM session[%d]: %.200s",
pam_retval, PAM_STRERROR(__pamh, pam_retval));
}
......@@ -196,7 +196,7 @@ void do_pam_cleanup_proc(void *context)
if (__pamh) {
pam_retval = pam_end(__pamh, pam_retval);
if (pam_retval != PAM_SUCCESS)
log("Cannot release PAM authentication[%d]: %.200s",
logit("Cannot release PAM authentication[%d]: %.200s",
pam_retval, PAM_STRERROR(__pamh, pam_retval));
}
}
......@@ -261,7 +261,7 @@ int do_pam_account(char *username, char *remote_user)
break;
#endif
default:
log("PAM rejected by account configuration[%d]: "
logit("PAM rejected by account configuration[%d]: "
"%.200s", pam_retval, PAM_STRERROR(__pamh,
pam_retval));
return(0);
......
......@@ -75,7 +75,7 @@ auth_rhosts_rsa(struct passwd *pw, char *cuser, Key *client_host_key)
/* Perform the challenge-response dialog with the client for the host key. */
if (!auth_rsa_challenge_dialog(client_host_key)) {
log("Client on %.800s failed to respond correctly to host authentication.",
logit("Client on %.800s failed to respond correctly to host authentication.",
chost);
return 0;
}
......
......@@ -220,7 +220,7 @@ auth_rhosts2_raw(struct passwd *pw, const char *client_user, const char *hostnam
* not group or world writable.
*/
if (stat(pw->pw_dir, &st) < 0) {
log("Rhosts authentication refused for %.100s: "
logit("Rhosts authentication refused for %.100s: "
"no home directory %.200s", pw->pw_name, pw->pw_dir);
auth_debug_add("Rhosts authentication refused for %.100s: "
"no home directory %.200s", pw->pw_name, pw->pw_dir);
......@@ -229,7 +229,7 @@ auth_rhosts2_raw(struct passwd *pw, const char *client_user, const char *hostnam
if (options.strict_modes &&
((st.st_uid != 0 && st.st_uid != pw->pw_uid) ||
(st.st_mode & 022) != 0)) {
log("Rhosts authentication refused for %.100s: "
logit("Rhosts authentication refused for %.100s: "
"bad ownership or modes for home directory.", pw->pw_name);
auth_debug_add("Rhosts authentication refused for %.100s: "
"bad ownership or modes for home directory.", pw->pw_name);
......@@ -256,7 +256,7 @@ auth_rhosts2_raw(struct passwd *pw, const char *client_user, const char *hostnam
if (options.strict_modes &&
((st.st_uid != 0 && st.st_uid != pw->pw_uid) ||
(st.st_mode & 022) != 0)) {
log("Rhosts authentication refused for %.100s: bad modes for %.200s",
logit("Rhosts authentication refused for %.100s: bad modes for %.200s",
pw->pw_name, buf);
auth_debug_add("Bad file modes for %.200s", buf);
continue;
......
......@@ -187,7 +187,7 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey)
secure_filename(f, file, pw, line, sizeof(line)) != 0) {
xfree(file);
fclose(f);
log("Authentication refused: %s", line);
logit("Authentication refused: %s", line);
restore_uid();
return (0);
}
......@@ -246,7 +246,7 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey)
/* check the real bits */
if (bits != BN_num_bits(key->rsa->n))
log("Warning: %s, line %lu: keysize mismatch: "
logit("Warning: %s, line %lu: keysize mismatch: "
"actual %d vs. announced %d.",
file, linenum, BN_num_bits(key->rsa->n), bits);
......
......@@ -102,19 +102,19 @@ allowed_user(struct passwd * pw)
* day after the day specified.
*/
if (spw->sp_expire != -1 && today > spw->sp_expire) {
log("Account %.100s has expired", pw->pw_name);
logit("Account %.100s has expired", pw->pw_name);
return 0;
}
if (spw->sp_lstchg == 0) {
log("User %.100s password has expired (root forced)",
logit("User %.100s password has expired (root forced)",
pw->pw_name);
return 0;
}
if (spw->sp_max != -1 &&
today > spw->sp_lstchg + spw->sp_max) {
log("User %.100s password has expired (password aged)",
logit("User %.100s password has expired (password aged)",
pw->pw_name);
return 0;
}
......@@ -129,13 +129,13 @@ allowed_user(struct passwd * pw)
/* deny if shell does not exists or is not executable */
if (stat(shell, &st) != 0) {
log("User %.100s not allowed because shell %.100s does not exist",
logit("User %.100s not allowed because shell %.100s does not exist",
pw->pw_name, shell);
return 0;
}
if (S_ISREG(st.st_mode) == 0 ||
(st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)) == 0) {
log("User %.100s not allowed because shell %.100s is not executable",
logit("User %.100s not allowed because shell %.100s is not executable",
pw->pw_name, shell);
return 0;
}
......@@ -150,7 +150,7 @@ allowed_user(struct passwd * pw)
for (i = 0; i < options.num_deny_users; i++)
if (match_user(pw->pw_name, hostname, ipaddr,
options.deny_users[i])) {
log("User %.100s not allowed because listed in DenyUsers",
logit("User %.100s not allowed because listed in DenyUsers",
pw->pw_name);
return 0;
}
......@@ -163,7 +163,7 @@ allowed_user(struct passwd * pw)
break;
/* i < options.num_allow_users iff we break for loop */
if (i >= options.num_allow_users) {
log("User %.100s not allowed because not listed in AllowUsers",
logit("User %.100s not allowed because not listed in AllowUsers",
pw->pw_name);
return 0;
}
......@@ -171,7 +171,7 @@ allowed_user(struct passwd * pw)
if (options.num_deny_groups > 0 || options.num_allow_groups > 0) {
/* Get the user's group access list (primary and supplementary) */
if (ga_init(pw->pw_name, pw->pw_gid) == 0) {
log("User %.100s not allowed because not in any group",
logit("User %.100s not allowed because not in any group",
pw->pw_name);
return 0;
}
......@@ -181,7 +181,7 @@ allowed_user(struct passwd * pw)
if (ga_match(options.deny_groups,
options.num_deny_groups)) {
ga_free();
log("User %.100s not allowed because a group is listed in DenyGroups",
logit("User %.100s not allowed because a group is listed in DenyGroups",
pw->pw_name);
return 0;
}
......@@ -193,7 +193,7 @@ allowed_user(struct passwd * pw)
if (!ga_match(options.allow_groups,
options.num_allow_groups)) {
ga_free();
log("User %.100s not allowed because none of user's groups are listed in AllowGroups",
logit("User %.100s not allowed because none of user's groups are listed in AllowGroups",
pw->pw_name);
return 0;
}
......@@ -219,7 +219,7 @@ allowed_user(struct passwd * pw)
}
/* Remove trailing newline */
*--p = '\0';
log("Login restricted for %s: %.100s", pw->pw_name,
logit("Login restricted for %s: %.100s", pw->pw_name,
loginmsg);
}
/* Don't fail if /etc/nologin set */
......@@ -293,12 +293,12 @@ auth_root_allowed(char *method)
break;
case PERMIT_FORCED_ONLY:
if (forced_command) {
log("Root login accepted for forced command.");
logit("Root login accepted for forced command.");
return 1;
}
break;
}
log("ROOT LOGIN REFUSED FROM %.200s", get_remote_ipaddr());
logit("ROOT LOGIN REFUSED FROM %.200s", get_remote_ipaddr());
return 0;
}
......@@ -390,7 +390,7 @@ check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host,
(stat(user_hostfile, &st) == 0) &&
((st.st_uid != 0 && st.st_uid != pw->pw_uid) ||
(st.st_mode & 022) != 0)) {
log("Authentication refused for %.100s: "
logit("Authentication refused for %.100s: "
"bad owner or modes for %.200s",
pw->pw_name, user_hostfile);
} else {
......@@ -494,7 +494,7 @@ getpwnamallow(const char *user)
pw = getpwnam(user);
if (pw == NULL) {
log("Illegal user %.100s from %.100s",
logit("Illegal user %.100s from %.100s",
user, get_remote_ipaddr());
#ifdef WITH_AIXAUTHENTICATE
loginfailed(user,
......
......@@ -297,7 +297,7 @@ do_authloop(Authctxt *authctxt)
* Any unknown messages will be ignored (and failure
* returned) during authentication.
*/
log("Unknown message during authentication: type %d", type);
logit("Unknown message during authentication: type %d", type);
break;
}
#ifdef BSD_AUTH
......
......@@ -77,7 +77,7 @@ userauth_hostbased(Authctxt *authctxt)
pktype = key_type_from_name(pkalg);
if (pktype == KEY_UNSPEC) {
/* this is perfectly legal */
log("userauth_hostbased: unsupported "
logit("userauth_hostbased: unsupported "
"public key algorithm: %s", pkalg);
goto done;
}
......@@ -152,7 +152,7 @@ hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost,
chost[len - 1] = '\0';
}
if (strcasecmp(resolvedname, chost) != 0)
log("userauth_hostbased mismatch: "
logit("userauth_hostbased mismatch: "
"client sends %s, but we resolve %s to %s",
chost, ipaddr, resolvedname);
if (auth_rhosts2(pw, cuser, resolvedname, ipaddr) == 0)
......
......@@ -44,7 +44,7 @@ userauth_passwd(Authctxt *authctxt)
u_int len;
change = packet_get_char();
if (change)
log("password change not supported");
logit("password change not supported");
password = packet_get_string(&len);
packet_check_eom();
if (authctxt->valid &&
......
......@@ -78,7 +78,7 @@ userauth_pubkey(Authctxt *authctxt)
pktype = key_type_from_name(pkalg);
if (pktype == KEY_UNSPEC) {
/* this is perfectly legal */
log("userauth_pubkey: unsupported public key algorithm: %s",
logit("userauth_pubkey: unsupported public key algorithm: %s",
pkalg);
goto done;
}
......@@ -199,7 +199,7 @@ user_key_allowed2(struct passwd *pw, Key *key, char *file)
if (options.strict_modes &&
secure_filename(f, file, pw, line, sizeof(line)) != 0) {
fclose(f);
log("Authentication refused: %s", line);
logit("Authentication refused: %s", line);
restore_uid();
return 0;
}
......
......@@ -160,7 +160,7 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt)
PRIVSEP(start_pam(authctxt->pw->pw_name));
#endif
} else {
log("input_userauth_request: illegal user %s", user);
logit("input_userauth_request: illegal user %s", user);
#ifdef USE_PAM
PRIVSEP(start_pam("NOUSER"));
#endif
......
......@@ -332,7 +332,7 @@ ssh_get_next_identity(AuthenticationConnection *auth, char **comment, int versio
buffer_get_bignum(&auth->identities, key->rsa->n);
*comment = buffer_get_string(&auth->identities, NULL);
if (bits != BN_num_bits(key->rsa->n))
log("Warning: identity keysize mismatch: actual %d, announced %u",
logit("Warning: identity keysize mismatch: actual %d, announced %u",
BN_num_bits(key->rsa->n), bits);
break;
case 2:
......@@ -373,7 +373,7 @@ ssh_decrypt_challenge(AuthenticationConnection *auth,
if (key->type != KEY_RSA1)
return 0;
if (response_type == 0) {
log("Compatibility with ssh protocol version 1.0 no longer supported.");
logit("Compatibility with ssh protocol version 1.0 no longer supported.");
return 0;
}
buffer_init(&buffer);
......@@ -392,7 +392,7 @@ ssh_decrypt_challenge(AuthenticationConnection *auth,
type = buffer_get_char(&buffer);
if (agent_failed(type)) {
log("Agent admitted failure to authenticate using the key.");
logit("Agent admitted failure to authenticate using the key.");
} else if (type != SSH_AGENT_RSA_RESPONSE) {
fatal("Bad authentication response: %d", type);
} else {
......@@ -441,7 +441,7 @@ ssh_agent_sign(AuthenticationConnection *auth,
}
type = buffer_get_char(&msg);
if (agent_failed(type)) {
log("Agent admitted failure to sign using the key.");
logit("Agent admitted failure to sign using the key.");
} else if (type != SSH2_AGENT_SIGN_RESPONSE) {
fatal("Bad authentication response: %d", type);
} else {
......@@ -641,7 +641,7 @@ decode_reply(int type)
case SSH_AGENT_FAILURE:
case SSH_COM_AGENT2_FAILURE:
case SSH2_AGENT_FAILURE:
log("SSH_AGENT_FAILURE");
logit("SSH_AGENT_FAILURE");
return 0;
case SSH_AGENT_SUCCESS:
return 1;
......
......@@ -119,7 +119,7 @@ buffer_put_bignum2(Buffer *buffer, BIGNUM *value)
/**XXX should be two's-complement */
int i, carry;
u_char *uc = buf;
log("negativ!");
logit("negativ!");
for (i = bytes-1, carry = 1; i>=0; i--) {
uc[i] ^= 0xff;
if (carry)
......
......@@ -81,7 +81,7 @@ get_remote_hostname(int socket, int verify_reverse_mapping)
NULL, 0, NI_NAMEREQD) != 0) {
/* Host name not found. Use ip address. */
#if 0
log("Could not reverse map address %.100s.", ntop);
logit("Could not reverse map address %.100s.", ntop);
#endif
return xstrdup(ntop);
}
......@@ -111,7 +111,7 @@ get_remote_hostname(int socket, int verify_reverse_mapping)
hints.ai_family = from.ss_family;
hints.ai_socktype = SOCK_STREAM;
if (getaddrinfo(name, NULL, &hints, &aitop) != 0) {
log("reverse mapping checking getaddrinfo for %.700s "
logit("reverse mapping checking getaddrinfo for %.700s "
"failed - POSSIBLE BREAKIN ATTEMPT!", name);
return xstrdup(ntop);
}
......@@ -126,7 +126,7 @@ get_remote_hostname(int socket, int verify_reverse_mapping)
/* If we reached the end of the list, the address was not there. */
if (!ai) {
/* Address not found for the host name. */
log("Address %.100s maps to %.600s, but this does not "
logit("Address %.100s maps to %.600s, but this does not "
"map back to the address - POSSIBLE BREAKIN ATTEMPT!",
ntop, name);
return xstrdup(ntop);
......@@ -166,7 +166,7 @@ check_ip_options(int socket, char *ipaddr)
for (i = 0; i < option_size; i++)
snprintf(text + i*3, sizeof(text) - i*3,
" %2.2x", options[i]);
log("Connection from %.100s with IP options:%.800s",
logit("Connection from %.100s with IP options:%.800s",
ipaddr, text);
packet_disconnect("Connection from %.100s with IP options:%.800s",
ipaddr, text);
......
......@@ -142,12 +142,12 @@ channel_lookup(int id)
Channel *c;
if (id < 0 || id >= channels_alloc) {
log("channel_lookup: %d: bad id", id);
logit("channel_lookup: %d: bad id", id);
return NULL;
}
c = channels[id];
if (c == NULL) {
log("channel_lookup: %d: bad id: channel free", id);
logit("channel_lookup: %d: bad id: channel free", id);
return NULL;
}
return c;
......@@ -575,7 +575,7 @@ channel_send_open(int id)
Channel *c = channel_lookup(id);
if (c == NULL) {
log("channel_send_open: %d: bad id", id);
logit("channel_send_open: %d: bad id", id);
return;
}
debug2("channel %d: send open", id);
......@@ -593,7 +593,7 @@ channel_request_start(int id, char *service, int wantconfirm)
Channel *c = channel_lookup(id);
if (c == NULL) {
log("channel_request_start: %d: unknown channel id", id);
logit("channel_request_start: %d: unknown channel id", id);
return;
}
debug("channel %d: request %s", id, service) ;
......@@ -608,7 +608,7 @@ channel_register_confirm(int id, channel_callback_fn *fn)
Channel *c = channel_lookup(id);
if (c == NULL) {
log("channel_register_comfirm: %d: bad id", id);
logit("channel_register_comfirm: %d: bad id", id);
return;
}
c->confirm = fn;
......@@ -619,7 +619,7 @@ channel_register_cleanup(int id, channel_callback_fn *fn)
Channel *c = channel_lookup(id);
if (c == NULL) {
log("channel_register_cleanup: %d: bad id", id);
logit("channel_register_cleanup: %d: bad id", id);
return;
}
c->detach_user = fn;
......@@ -630,7 +630,7 @@ channel_cancel_cleanup(int id)
Channel *c = channel_lookup(id);
if (c == NULL) {
log("channel_cancel_cleanup: %d: bad id", id);
logit("channel_cancel_cleanup: %d: bad id", id);
return;
}
c->detach_user = NULL;
......@@ -641,7 +641,7 @@ channel_register_filter(int id, channel_filter_fn *fn)
Channel *c = channel_lookup(id);
if (c == NULL) {
log("channel_register_filter: %d: bad id", id);
logit("channel_register_filter: %d: bad id", id);
return;
}
c->input_filter = fn;
......@@ -833,7 +833,7 @@ channel_pre_x11_open_13(Channel *c, fd_set * readset, fd_set * writeset)
* We have received an X11 connection that has bad
* authentication information.
*/
log("X11 connection rejected because of wrong authentication.");
logit("X11 connection rejected because of wrong authentication.");
buffer_clear(&c->input);
buffer_clear(&c->output);
channel_close_fd(&c->sock);
......@@ -856,7 +856,7 @@ channel_pre_x11_open(Channel *c, fd_set * readset, fd_set * writeset)
c->type = SSH_CHANNEL_OPEN;
channel_pre_open(c, readset, writeset);
} else if (ret == -1) {
log("X11 connection rejected because of wrong authentication.");
logit("X11 connection rejected because of wrong authentication.");
debug("X11 rejected %d i%d/o%d", c->self, c->istate, c->ostate);
chan_read_failed(c);
buffer_clear(&c->input);
......@@ -1717,11 +1717,11 @@ channel_input_data(int type, u_int32_t seq, void *ctxt)
if (compat20) {
if (data_len > c->local_maxpacket) {
log("channel %d: rcvd big packet %d, maxpack %d",
logit("channel %d: rcvd big packet %d, maxpack %d",
c->self, data_len, c->local_maxpacket);
}
if (data_len > c->local_window) {
log("channel %d: rcvd too much data %d, win %d",
logit("channel %d: rcvd too much data %d, win %d",
c->self, data_len, c->local_window);
xfree(data);
return;
......@@ -1748,7 +1748,7 @@ channel_input_extended_data(int type, u_int32_t seq, void *ctxt)
if (c == NULL)
packet_disconnect("Received extended_data for bad channel %d.", id);
if (c->type != SSH_CHANNEL_OPEN) {
log("channel %d: ext data for non open", id);
logit("channel %d: ext data for non open", id);
return;
}
if (c->flags & CHAN_EOF_RCVD) {
......@@ -1762,13 +1762,13 @@ channel_input_extended_data(int type, u_int32_t seq, void *ctxt)
if (c->efd == -1 ||
c->extended_usage != CHAN_EXTENDED_WRITE ||
tcode != SSH2_EXTENDED_DATA_STDERR) {
log("channel %d: bad ext data", c->self);
logit("channel %d: bad ext data", c->self);
return;
}
data = packet_get_string(&data_len);
packet_check_eom();
if (data_len > c->local_window) {
log("channel %d: rcvd too much extended_data %d, win %d",
logit("channel %d: rcvd too much extended_data %d, win %d",
c->self, data_len, c->local_window);
xfree(data);
return;
......@@ -1934,7 +1934,7 @@ channel_input_open_failure(int type, u_int32_t seq, void *ctxt)
msg = packet_get_string(NULL);
lang = packet_get_string(NULL);
}
log("channel %d: open failed: %s%s%s", id,
logit("channel %d: open failed: %s%s%s", id,
reason2txt(reason), msg ? ": ": "", msg ? msg : "");
if (msg != NULL)
xfree(msg);
......@@ -1961,7 +1961,7 @@ channel_input_window_adjust(int type, u_int32_t seq, void *ctxt)
c = channel_lookup(id);
if (c == NULL || c->type != SSH_CHANNEL_OPEN) {
log("Received window adjust for "
logit("Received window adjust for "
"non-open channel %d.", id);
return;
}
......@@ -2167,7 +2167,7 @@ channel_request_remote_forwarding(u_short listen_port,
success = 1;
break;
case SSH_SMSG_FAILURE:
log("Warning: Server denied remote port forwarding.");
logit("Warning: Server denied remote port forwarding.");
break;
default:
/* Unknown packet */
......@@ -2340,7 +2340,7 @@ channel_connect_to(const char *host, u_short port)
}
if (!permit) {
log("Received request to connect to host %.100s port %d, "
logit("Received request to connect to host %.100s port %d, "
"but the request was denied.", host, port);
return -1;
}
......
......@@ -490,13 +490,13 @@ process_cmdline(void)
if (*s == 0)
goto out;
if (strlen(s) < 2 || s[0] != '-' || !(s[1] == 'L' || s[1] == 'R')) {
log("Invalid command.");
logit("Invalid command.");
goto out;
}
if (s[1] == 'L')
local = 1;
if (!local && !compat20) {
log("Not supported for SSH protocol version 1.");
logit("Not supported for SSH protocol version 1.");
goto out;
}
s += 2;
......@@ -507,24 +507,24 @@ process_cmdline(void)
sfwd_port, buf, sfwd_host_port) != 3 &&
sscanf(s, "%5[0-9]/%255[^/]/%5[0-9]",
sfwd_port, buf, sfwd_host_port) != 3) {
log("Bad forwarding specification.");
logit("Bad forwarding specification.");
goto out;
}
if ((fwd_port = a2port(sfwd_port)) == 0 ||
(fwd_host_port = a2port(sfwd_host_port)) == 0) {
log("Bad forwarding port(s).");
logit("Bad forwarding port(s).");
goto out;
}
if (local) {
if (channel_setup_local_fwd_listener(fwd_port, buf,
fwd_host_port, options.gateway_ports) < 0) {
log("Port forwarding failed.");
logit("Port forwarding failed.");
goto out;
}
} else
channel_request_remote_forwarding(fwd_port, buf,
fwd_host_port);
log("Forwarding port.");
logit("Forwarding port.");
out:
signal(SIGINT, handler);
enter_raw_mode();
......@@ -577,7 +577,7 @@ process_escapes(Buffer *bin, Buffer *bout, Buffer *berr, char *buf, int len)
case 'R':
if (compat20) {
if (datafellows & SSH_BUG_NOREKEY)
log("Server does not support re-keying");
logit("Server does not support re-keying");
else
need_rekeying = 1;
}
......
......@@ -188,7 +188,7 @@ proto_spec(const char *spec)
ret |= SSH_PROTO_2;
break;
default:
log("ignoring bad proto spec: '%s'.", p);
logit("ignoring bad proto spec: '%s'.", p);
break;
}
}
......
......@@ -112,7 +112,7 @@ choose_dh(int min, int wantbits, int max)
if ((f = fopen(_PATH_DH_MODULI, "r")) == NULL &&
(f = fopen(_PATH_DH_PRIMES, "r")) == NULL) {
log("WARNING: %s does not exist, using old modulus", _PATH_DH_MODULI);
logit("WARNING: %s does not exist, using old modulus", _PATH_DH_MODULI);
return (dh_new_group1());
}
......@@ -140,7 +140,7 @@ choose_dh(int min, int wantbits, int max)
if (bestcount == 0) {
fclose(f);
log("WARNING: no suitable primes in %s", _PATH_DH_PRIMES);
logit("WARNING: no suitable primes in %s", _PATH_DH_PRIMES);
return (NULL);
}
......@@ -176,7 +176,7 @@ dh_pub_is_valid(DH *dh, BIGNUM *dh_pub)
int bits_set = 0;
if (dh_pub->neg) {
log("invalid public DH value: negativ");
log