mirror of
https://github.com/openssh/openssh-portable.git
synced 2026-06-30 19:57:57 +00:00
replace remaining manual logging of __func__
Use the appropriate log macro that prepends the function name (e.g. logit_f/debug2_f/etc).
This commit is contained in:
Damien Miller
@@ -449,7 +449,7 @@ audit_event(struct ssh *ssh, ssh_audit_event_t event)
|
||||
break;
|
||||
|
||||
default:
|
||||
debug("%s: unhandled event %d", __func__, event);
|
||||
debug_f("unhandled event %d", event);
|
||||
}
|
||||
}
|
||||
#endif /* BSM */
|
||||
|
||||
@@ -117,7 +117,7 @@ audit_event(struct ssh *ssh, ssh_audit_event_t event)
|
||||
ssh_remote_ipaddr(ssh), "sshd", 0);
|
||||
break;
|
||||
default:
|
||||
debug("%s: unhandled event %d", __func__, event);
|
||||
debug_f("unhandled event %d", event);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
86
auth-pam.c
86
auth-pam.c
@@ -229,7 +229,7 @@ pthread_join(sp_pthread_t thread, void **value)
|
||||
while (waitpid(thread, &status, 0) == -1) {
|
||||
if (errno == EINTR)
|
||||
continue;
|
||||
fatal("%s: waitpid: %s", __func__, strerror(errno));
|
||||
fatal_f("waitpid: %s", strerror(errno));
|
||||
}
|
||||
return (status);
|
||||
}
|
||||
@@ -287,10 +287,10 @@ sshpam_chauthtok_ruid(pam_handle_t *pamh, int flags)
|
||||
if (sshpam_authctxt == NULL)
|
||||
fatal("PAM: sshpam_authctxt not initialized");
|
||||
if (setreuid(sshpam_authctxt->pw->pw_uid, -1) == -1)
|
||||
fatal("%s: setreuid failed: %s", __func__, strerror(errno));
|
||||
fatal_f("setreuid failed: %s", strerror(errno));
|
||||
result = pam_chauthtok(pamh, flags);
|
||||
if (setreuid(0, -1) == -1)
|
||||
fatal("%s: setreuid failed: %s", __func__, strerror(errno));
|
||||
fatal_f("setreuid failed: %s", strerror(errno));
|
||||
return result;
|
||||
}
|
||||
# define pam_chauthtok(a,b) (sshpam_chauthtok_ruid((a), (b)))
|
||||
@@ -302,9 +302,9 @@ sshpam_password_change_required(int reqd)
|
||||
extern struct sshauthopt *auth_opts;
|
||||
static int saved_port, saved_agent, saved_x11;
|
||||
|
||||
debug3("%s %d", __func__, reqd);
|
||||
debug3_f("reqd=%d", reqd);
|
||||
if (sshpam_authctxt == NULL)
|
||||
fatal("%s: PAM authctxt not initialized", __func__);
|
||||
fatal_f("PAM authctxt not initialized");
|
||||
sshpam_authctxt->force_pwchange = reqd;
|
||||
if (reqd) {
|
||||
saved_port = auth_opts->permit_port_forwarding_flag;
|
||||
@@ -331,22 +331,22 @@ import_environments(struct sshbuf *b)
|
||||
u_int n, i, num_env;
|
||||
int r;
|
||||
|
||||
debug3("PAM: %s entering", __func__);
|
||||
debug3_f("entering");
|
||||
|
||||
#ifndef UNSUPPORTED_POSIX_THREADS_HACK
|
||||
/* Import variables set by do_pam_account */
|
||||
if ((r = sshbuf_get_u32(b, &n)) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
fatal_fr(r, "buffer error");
|
||||
if (n > INT_MAX)
|
||||
fatal("%s: invalid PAM account status %u", __func__, n);
|
||||
fatal_f("invalid PAM account status %u", n);
|
||||
sshpam_account_status = (int)n;
|
||||
if ((r = sshbuf_get_u32(b, &n)) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
fatal_fr(r, "buffer error");
|
||||
sshpam_password_change_required(n != 0);
|
||||
|
||||
/* Import environment from subprocess */
|
||||
if ((r = sshbuf_get_u32(b, &num_env)) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
fatal_fr(r, "buffer error");
|
||||
if (num_env > 1024) {
|
||||
fatal_f("received %u environment variables, expected <= 1024",
|
||||
num_env);
|
||||
@@ -355,13 +355,13 @@ import_environments(struct sshbuf *b)
|
||||
debug3("PAM: num env strings %u", num_env);
|
||||
for(i = 0; i < num_env; i++) {
|
||||
if ((r = sshbuf_get_cstring(b, &(sshpam_env[i]), NULL)) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
fatal_fr(r, "buffer error");
|
||||
}
|
||||
sshpam_env[num_env] = NULL;
|
||||
|
||||
/* Import PAM environment from subprocess */
|
||||
if ((r = sshbuf_get_u32(b, &num_env)) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
fatal_fr(r, "buffer error");
|
||||
if (num_env > 1024) {
|
||||
fatal_f("received %u PAM env variables, expected <= 1024",
|
||||
num_env);
|
||||
@@ -369,7 +369,7 @@ import_environments(struct sshbuf *b)
|
||||
debug("PAM: num PAM env strings %u", num_env);
|
||||
for (i = 0; i < num_env; i++) {
|
||||
if ((r = sshbuf_get_cstring(b, &env, NULL)) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
fatal_fr(r, "buffer error");
|
||||
/* Errors are not fatal here */
|
||||
if ((r = pam_putenv(sshpam_handle, env)) != PAM_SUCCESS) {
|
||||
error("PAM: pam_putenv: %s",
|
||||
@@ -397,7 +397,7 @@ sshpam_thread_conv(int n, sshpam_const struct pam_message **msg,
|
||||
int r, i;
|
||||
u_char status;
|
||||
|
||||
debug3("PAM: %s entering, %d messages", __func__, n);
|
||||
debug3_f("PAM: entering, %d messages", n);
|
||||
*resp = NULL;
|
||||
|
||||
if (data == NULL) {
|
||||
@@ -474,7 +474,7 @@ check_pam_user(Authctxt *authctxt)
|
||||
|
||||
if (authctxt == NULL || authctxt->pw == NULL ||
|
||||
authctxt->pw->pw_name == NULL)
|
||||
fatal("%s: PAM authctxt user not initialized", __func__);
|
||||
fatal_f("PAM authctxt user not initialized");
|
||||
|
||||
if ((sshpam_err = pam_get_item(sshpam_handle, PAM_USER,
|
||||
(sshpam_const void **) &pam_user)) != PAM_SUCCESS)
|
||||
@@ -533,10 +533,10 @@ sshpam_thread(void *ctxtp)
|
||||
sshpam_conv.appdata_ptr = ctxt;
|
||||
|
||||
if (sshpam_authctxt == NULL)
|
||||
fatal("%s: PAM authctxt not initialized", __func__);
|
||||
fatal_f("PAM authctxt not initialized");
|
||||
|
||||
if ((buffer = sshbuf_new()) == NULL)
|
||||
fatal("%s: sshbuf_new failed", __func__);
|
||||
fatal_f("sshbuf_new failed");
|
||||
|
||||
sshpam_err = pam_set_item(sshpam_handle, PAM_CONV,
|
||||
(const void *)&sshpam_conv);
|
||||
@@ -563,38 +563,38 @@ sshpam_thread(void *ctxtp)
|
||||
}
|
||||
|
||||
if ((r = sshbuf_put_cstring(buffer, "OK")) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
fatal_fr(r, "buffer error");
|
||||
|
||||
#ifndef UNSUPPORTED_POSIX_THREADS_HACK
|
||||
/* Export variables set by do_pam_account */
|
||||
if ((r = sshbuf_put_u32(buffer, sshpam_account_status)) != 0 ||
|
||||
(r = sshbuf_put_u32(buffer, sshpam_authctxt->force_pwchange)) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
fatal_fr(r, "buffer error");
|
||||
|
||||
/* Export any environment strings set in child */
|
||||
for (i = 0; environ[i] != NULL; i++) {
|
||||
/* Count */
|
||||
if (i > INT_MAX)
|
||||
fatal("%s: too many environment strings", __func__);
|
||||
fatal_f("too many environment strings");
|
||||
}
|
||||
if ((r = sshbuf_put_u32(buffer, i)) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
fatal_fr(r, "buffer error");
|
||||
for (i = 0; environ[i] != NULL; i++) {
|
||||
if ((r = sshbuf_put_cstring(buffer, environ[i])) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
fatal_fr(r, "buffer error");
|
||||
}
|
||||
/* Export any environment strings set by PAM in child */
|
||||
env_from_pam = pam_getenvlist(sshpam_handle);
|
||||
for (i = 0; env_from_pam != NULL && env_from_pam[i] != NULL; i++) {
|
||||
/* Count */
|
||||
if (i > INT_MAX)
|
||||
fatal("%s: too many PAM environment strings", __func__);
|
||||
fatal_f("too many PAM environment strings");
|
||||
}
|
||||
if ((r = sshbuf_put_u32(buffer, i)) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
fatal_fr(r, "buffer error");
|
||||
for (i = 0; env_from_pam != NULL && env_from_pam[i] != NULL; i++) {
|
||||
if ((r = sshbuf_put_cstring(buffer, env_from_pam[i])) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
fatal_fr(r, "buffer error");
|
||||
}
|
||||
#endif /* UNSUPPORTED_POSIX_THREADS_HACK */
|
||||
|
||||
@@ -606,7 +606,7 @@ sshpam_thread(void *ctxtp)
|
||||
auth_fail:
|
||||
if ((r = sshbuf_put_cstring(buffer,
|
||||
pam_strerror(sshpam_handle, sshpam_err))) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
fatal_fr(r, "buffer error");
|
||||
/* XXX - can't do much about an error here */
|
||||
if (sshpam_err == PAM_ACCT_EXPIRED)
|
||||
ssh_msg_send(ctxt->pam_csock, PAM_ACCT_EXPIRED, buffer);
|
||||
@@ -625,7 +625,7 @@ sshpam_thread_cleanup(void)
|
||||
{
|
||||
struct pam_ctxt *ctxt = cleanup_ctxt;
|
||||
|
||||
debug3("PAM: %s entering", __func__);
|
||||
debug3_f("entering");
|
||||
if (ctxt != NULL && ctxt->pam_thread != 0) {
|
||||
pthread_cancel(ctxt->pam_thread);
|
||||
pthread_join(ctxt->pam_thread, NULL);
|
||||
@@ -640,7 +640,7 @@ static int
|
||||
sshpam_null_conv(int n, sshpam_const struct pam_message **msg,
|
||||
struct pam_response **resp, void *data)
|
||||
{
|
||||
debug3("PAM: %s entering, %d messages", __func__, n);
|
||||
debug3_f("PAM: entering, %d messages", n);
|
||||
return (PAM_CONV_ERR);
|
||||
}
|
||||
|
||||
@@ -653,7 +653,7 @@ sshpam_store_conv(int n, sshpam_const struct pam_message **msg,
|
||||
struct pam_response *reply;
|
||||
int r, i;
|
||||
|
||||
debug3("PAM: %s called with %d messages", __func__, n);
|
||||
debug3_f("PAM: called with %d messages", n);
|
||||
*resp = NULL;
|
||||
|
||||
if (n <= 0 || n > PAM_MAX_NUM_MSG)
|
||||
@@ -811,7 +811,7 @@ expose_authinfo(const char *caller)
|
||||
auth_info = xstrdup("");
|
||||
else if ((auth_info = sshbuf_dup_string(
|
||||
sshpam_authctxt->session_info)) == NULL)
|
||||
fatal("%s: sshbuf_dup_string failed", __func__);
|
||||
fatal_f("sshbuf_dup_string failed");
|
||||
|
||||
debug2("%s: auth information in SSH_AUTH_INFO_0", caller);
|
||||
do_pam_putenv("SSH_AUTH_INFO_0", auth_info);
|
||||
@@ -824,7 +824,7 @@ sshpam_init_ctx(Authctxt *authctxt)
|
||||
struct pam_ctxt *ctxt;
|
||||
int result, socks[2];
|
||||
|
||||
debug3("PAM: %s entering", __func__);
|
||||
debug3_f("entering");
|
||||
/*
|
||||
* Refuse to start if we don't have PAM enabled or do_pam_account
|
||||
* has previously failed.
|
||||
@@ -874,9 +874,9 @@ sshpam_query(void *ctx, char **name, char **info,
|
||||
size_t len, mlen, nmesg = 0;
|
||||
int r;
|
||||
|
||||
debug3("PAM: %s entering", __func__);
|
||||
debug3_f("entering");
|
||||
if ((buffer = sshbuf_new()) == NULL)
|
||||
fatal("%s: sshbuf_new failed", __func__);
|
||||
fatal_f("sshbuf_new failed");
|
||||
*name = xstrdup("");
|
||||
*info = xstrdup("");
|
||||
*prompts = xmalloc(sizeof(char *));
|
||||
@@ -888,7 +888,7 @@ sshpam_query(void *ctx, char **name, char **info,
|
||||
fatal_f("too many query messages");
|
||||
if ((r = sshbuf_get_u8(buffer, &type)) != 0 ||
|
||||
(r = sshbuf_get_cstring(buffer, &msg, &mlen)) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
fatal_fr(r, "buffer error");
|
||||
switch (type) {
|
||||
case PAM_PROMPT_ECHO_ON:
|
||||
case PAM_PROMPT_ECHO_OFF:
|
||||
@@ -989,7 +989,7 @@ fake_password(const char *wire_password)
|
||||
size_t i, l = wire_password != NULL ? strlen(wire_password) : 0;
|
||||
|
||||
if (l >= INT_MAX)
|
||||
fatal("%s: password length too long: %zu", __func__, l);
|
||||
fatal_f("password length too long: %zu", l);
|
||||
|
||||
ret = malloc(l + 1);
|
||||
if (ret == NULL)
|
||||
@@ -1009,7 +1009,7 @@ sshpam_respond(void *ctx, u_int num, char **resp)
|
||||
char *fake;
|
||||
int r;
|
||||
|
||||
debug2("PAM: %s entering, %u responses", __func__, num);
|
||||
debug2_f("PAM: entering, %u responses", num);
|
||||
switch (ctxt->pam_done) {
|
||||
case 1:
|
||||
sshpam_authenticated = 1;
|
||||
@@ -1024,16 +1024,16 @@ sshpam_respond(void *ctx, u_int num, char **resp)
|
||||
return (-1);
|
||||
}
|
||||
if ((buffer = sshbuf_new()) == NULL)
|
||||
fatal("%s: sshbuf_new failed", __func__);
|
||||
fatal_f("sshbuf_new failed");
|
||||
if (sshpam_authctxt->valid &&
|
||||
(sshpam_authctxt->pw->pw_uid != 0 ||
|
||||
options.permit_root_login == PERMIT_YES)) {
|
||||
if ((r = sshbuf_put_cstring(buffer, *resp)) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
fatal_fr(r, "buffer error");
|
||||
} else {
|
||||
fake = fake_password(*resp);
|
||||
if ((r = sshbuf_put_cstring(buffer, fake)) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
fatal_fr(r, "buffer error");
|
||||
free(fake);
|
||||
}
|
||||
if (ssh_msg_send(ctxt->pam_psock, PAM_AUTHTOK, buffer) == -1) {
|
||||
@@ -1049,7 +1049,7 @@ sshpam_free_ctx(void *ctxtp)
|
||||
{
|
||||
struct pam_ctxt *ctxt = ctxtp;
|
||||
|
||||
debug3("PAM: %s entering", __func__);
|
||||
debug3_f("entering");
|
||||
sshpam_thread_cleanup();
|
||||
free(ctxt);
|
||||
/*
|
||||
@@ -1101,7 +1101,7 @@ finish_pam(void)
|
||||
u_int
|
||||
do_pam_account(void)
|
||||
{
|
||||
debug("%s: called", __func__);
|
||||
debug_f("called");
|
||||
if (sshpam_account_status != -1)
|
||||
return (sshpam_account_status);
|
||||
|
||||
@@ -1154,7 +1154,7 @@ sshpam_tty_conv(int n, sshpam_const struct pam_message **msg,
|
||||
struct pam_response *reply;
|
||||
int i;
|
||||
|
||||
debug3("PAM: %s called with %d messages", __func__, n);
|
||||
debug3_f("PAM: called with %d messages", n);
|
||||
|
||||
*resp = NULL;
|
||||
|
||||
@@ -1315,7 +1315,7 @@ sshpam_passwd_conv(int n, sshpam_const struct pam_message **msg,
|
||||
int r, i;
|
||||
size_t len;
|
||||
|
||||
debug3("PAM: %s called with %d messages", __func__, n);
|
||||
debug3_f("PAM: called with %d messages", n);
|
||||
|
||||
*resp = NULL;
|
||||
|
||||
|
||||
@@ -74,7 +74,7 @@ auth_shadow_acctexpired(struct spwd *spw)
|
||||
if ((r = sshbuf_putf(loginmsg,
|
||||
"Your account will expire in %lld day%s.\n", daysleft,
|
||||
daysleft == 1 ? "" : "s")) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
fatal_fr(r, "buffer error");
|
||||
}
|
||||
|
||||
return 0;
|
||||
@@ -133,7 +133,7 @@ auth_shadow_pwexpired(Authctxt *ctxt)
|
||||
if ((r = sshbuf_putf(loginmsg,
|
||||
"Your password will expire in %d day%s.\n", daysleft,
|
||||
daysleft == 1 ? "" : "s")) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
fatal_fr(r, "buffer error");
|
||||
}
|
||||
|
||||
return 0;
|
||||
|
||||
2
auth2.c
2
auth2.c
@@ -145,7 +145,7 @@ userauth_send_banner(struct ssh *ssh, const char *msg)
|
||||
(r = sshpkt_put_cstring(ssh, "")) != 0 || /* language, unused */
|
||||
(r = sshpkt_send(ssh)) != 0)
|
||||
fatal_fr(r, "send packet");
|
||||
debug("%s: sent", __func__);
|
||||
debug_f("sent");
|
||||
}
|
||||
|
||||
static void
|
||||
|
||||
@@ -5185,7 +5185,7 @@ is_path_to_xsocket(const char *display, char *path, size_t pathlen)
|
||||
struct stat sbuf;
|
||||
|
||||
if (strlcpy(path, display, pathlen) >= pathlen) {
|
||||
error("%s: display path too long", __func__);
|
||||
error_f("display path too long");
|
||||
return 0;
|
||||
}
|
||||
if (display[0] != '/')
|
||||
|
||||
36
loginrec.c
36
loginrec.c
@@ -853,7 +853,7 @@ utmp_write_direct(struct logininfo *li, struct utmp *ut)
|
||||
endttyent();
|
||||
|
||||
if (NULL == ty) {
|
||||
logit("%s: tty not found", __func__);
|
||||
logit_f("tty not found");
|
||||
return (0);
|
||||
}
|
||||
#else /* FIXME */
|
||||
@@ -867,7 +867,7 @@ utmp_write_direct(struct logininfo *li, struct utmp *ut)
|
||||
|
||||
pos = (off_t)tty * sizeof(struct utmp);
|
||||
if ((ret = lseek(fd, pos, SEEK_SET)) == -1) {
|
||||
logit("%s: lseek: %s", __func__, strerror(errno));
|
||||
logit_f("lseek: %s", strerror(errno));
|
||||
close(fd);
|
||||
return (0);
|
||||
}
|
||||
@@ -889,7 +889,7 @@ utmp_write_direct(struct logininfo *li, struct utmp *ut)
|
||||
memcpy(ut->ut_host, old_ut.ut_host, sizeof(ut->ut_host));
|
||||
|
||||
if ((ret = lseek(fd, pos, SEEK_SET)) == -1) {
|
||||
logit("%s: lseek: %s", __func__, strerror(errno));
|
||||
logit_f("lseek: %s", strerror(errno));
|
||||
close(fd);
|
||||
return (0);
|
||||
}
|
||||
@@ -922,12 +922,12 @@ utmp_perform_login(struct logininfo *li)
|
||||
construct_utmp(li, &ut);
|
||||
# ifdef UTMP_USE_LIBRARY
|
||||
if (!utmp_write_library(li, &ut)) {
|
||||
logit("%s: utmp_write_library() failed", __func__);
|
||||
logit_f("utmp_write_library() failed");
|
||||
return (0);
|
||||
}
|
||||
# else
|
||||
if (!utmp_write_direct(li, &ut)) {
|
||||
logit("%s: utmp_write_direct() failed", __func__);
|
||||
logit_f("utmp_write_direct() failed");
|
||||
return (0);
|
||||
}
|
||||
# endif
|
||||
@@ -943,12 +943,12 @@ utmp_perform_logout(struct logininfo *li)
|
||||
construct_utmp(li, &ut);
|
||||
# ifdef UTMP_USE_LIBRARY
|
||||
if (!utmp_write_library(li, &ut)) {
|
||||
logit("%s: utmp_write_library() failed", __func__);
|
||||
logit_f("utmp_write_library() failed");
|
||||
return (0);
|
||||
}
|
||||
# else
|
||||
if (!utmp_write_direct(li, &ut)) {
|
||||
logit("%s: utmp_write_direct() failed", __func__);
|
||||
logit_f("utmp_write_direct() failed");
|
||||
return (0);
|
||||
}
|
||||
# endif
|
||||
@@ -967,7 +967,7 @@ utmp_write_entry(struct logininfo *li)
|
||||
return (utmp_perform_logout(li));
|
||||
|
||||
default:
|
||||
logit("%s: invalid type field", __func__);
|
||||
logit_f("invalid type field");
|
||||
return (0);
|
||||
}
|
||||
}
|
||||
@@ -1008,7 +1008,7 @@ utmpx_write_library(struct logininfo *li, struct utmpx *utx)
|
||||
static int
|
||||
utmpx_write_direct(struct logininfo *li, struct utmpx *utx)
|
||||
{
|
||||
logit("%s: not implemented!", __func__);
|
||||
logit_f("not implemented!");
|
||||
return (0);
|
||||
}
|
||||
# endif /* UTMPX_USE_LIBRARY */
|
||||
@@ -1021,12 +1021,12 @@ utmpx_perform_login(struct logininfo *li)
|
||||
construct_utmpx(li, &utx);
|
||||
# ifdef UTMPX_USE_LIBRARY
|
||||
if (!utmpx_write_library(li, &utx)) {
|
||||
logit("%s: utmp_write_library() failed", __func__);
|
||||
logit_f("utmp_write_library() failed");
|
||||
return (0);
|
||||
}
|
||||
# else
|
||||
if (!utmpx_write_direct(li, &utx)) {
|
||||
logit("%s: utmp_write_direct() failed", __func__);
|
||||
logit_f("utmp_write_direct() failed");
|
||||
return (0);
|
||||
}
|
||||
# endif
|
||||
@@ -1064,7 +1064,7 @@ utmpx_write_entry(struct logininfo *li)
|
||||
case LTYPE_LOGOUT:
|
||||
return (utmpx_perform_logout(li));
|
||||
default:
|
||||
logit("%s: invalid type field", __func__);
|
||||
logit_f("invalid type field");
|
||||
return (0);
|
||||
}
|
||||
}
|
||||
@@ -1132,7 +1132,7 @@ wtmp_write_entry(struct logininfo *li)
|
||||
case LTYPE_LOGOUT:
|
||||
return (wtmp_perform_logout(li));
|
||||
default:
|
||||
logit("%s: invalid type field", __func__);
|
||||
logit_f("invalid type field");
|
||||
return (0);
|
||||
}
|
||||
}
|
||||
@@ -1311,7 +1311,7 @@ wtmpx_write_entry(struct logininfo *li)
|
||||
case LTYPE_LOGOUT:
|
||||
return (wtmpx_perform_logout(li));
|
||||
default:
|
||||
logit("%s: invalid type field", __func__);
|
||||
logit_f("invalid type field");
|
||||
return (0);
|
||||
}
|
||||
}
|
||||
@@ -1453,7 +1453,7 @@ wtmpdb_write_entry(struct logininfo *li)
|
||||
case LTYPE_LOGOUT:
|
||||
return (wtmpdb_perform_logout(li));
|
||||
default:
|
||||
logit("%s: invalid type field", __func__);
|
||||
logit_f("invalid type field");
|
||||
return (0);
|
||||
}
|
||||
}
|
||||
@@ -1486,7 +1486,7 @@ syslogin_perform_logout(struct logininfo *li)
|
||||
(void)line_stripname(line, li->line, sizeof(line));
|
||||
|
||||
if (!logout(line))
|
||||
logit("%s: logout() returned an error", __func__);
|
||||
logit_f("logout() returned an error");
|
||||
# ifdef HAVE_LOGWTMP
|
||||
else
|
||||
logwtmp(line, "", "");
|
||||
@@ -1508,7 +1508,7 @@ syslogin_write_entry(struct logininfo *li)
|
||||
case LTYPE_LOGOUT:
|
||||
return (syslogin_perform_logout(li));
|
||||
default:
|
||||
logit("%s: Invalid type field", __func__);
|
||||
logit_f("Invalid type field");
|
||||
return (0);
|
||||
}
|
||||
}
|
||||
@@ -1612,7 +1612,7 @@ lastlog_write_entry(struct logininfo *li)
|
||||
close(fd);
|
||||
return (1);
|
||||
default:
|
||||
logit("%s: Invalid type field", __func__);
|
||||
logit_f("Invalid type field");
|
||||
return (0);
|
||||
}
|
||||
}
|
||||
|
||||
2
misc.c
2
misc.c
@@ -1986,7 +1986,7 @@ sock_set_v6only(int s)
|
||||
#if defined(IPV6_V6ONLY) && !defined(__OpenBSD__)
|
||||
int on = 1;
|
||||
|
||||
debug3("%s: set socket %d IPV6_V6ONLY", __func__, s);
|
||||
debug3_f("set socket %d IPV6_V6ONLY", s);
|
||||
if (setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY, &on, sizeof(on)) == -1)
|
||||
error("setsockopt IPV6_V6ONLY: %s", strerror(errno));
|
||||
#endif
|
||||
|
||||
43
monitor.c
43
monitor.c
@@ -1011,7 +1011,6 @@ mm_answer_authpassword(struct ssh *ssh, int sock, struct sshbuf *m)
|
||||
fatal_fr(r, "assemble PAM");
|
||||
#endif
|
||||
|
||||
debug3("%s: sending result %d", __func__, authenticated);
|
||||
debug3_f("sending result %d", authenticated);
|
||||
mm_request_send(sock, MONITOR_ANS_AUTHPASSWORD, m);
|
||||
|
||||
@@ -1098,7 +1097,7 @@ int
|
||||
mm_answer_pam_start(struct ssh *ssh, int sock, struct sshbuf *m)
|
||||
{
|
||||
if (!options.use_pam)
|
||||
fatal("UsePAM not set, but ended up in %s anyway", __func__);
|
||||
fatal_f("UsePAM not set, but ended up in %s anyway", __func__);
|
||||
|
||||
start_pam(ssh);
|
||||
|
||||
@@ -1116,13 +1115,13 @@ mm_answer_pam_account(struct ssh *ssh, int sock, struct sshbuf *m)
|
||||
int r;
|
||||
|
||||
if (!options.use_pam)
|
||||
fatal("%s: PAM not enabled", __func__);
|
||||
fatal_f("PAM not enabled");
|
||||
|
||||
ret = do_pam_account();
|
||||
|
||||
if ((r = sshbuf_put_u32(m, ret)) != 0 ||
|
||||
(r = sshbuf_put_stringb(m, loginmsg)) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
fatal_fr(r, "buffer error");
|
||||
|
||||
mm_request_send(sock, MONITOR_ANS_PAM_ACCOUNT, m);
|
||||
|
||||
@@ -1138,11 +1137,11 @@ mm_answer_pam_init_ctx(struct ssh *ssh, int sock, struct sshbuf *m)
|
||||
u_int ok = 0;
|
||||
int r;
|
||||
|
||||
debug3("%s", __func__);
|
||||
debug3_f("entering");
|
||||
if (!options.kbd_interactive_authentication)
|
||||
fatal("%s: kbd-int authentication not enabled", __func__);
|
||||
fatal_f("kbd-int authentication not enabled");
|
||||
if (sshpam_ctxt != NULL)
|
||||
fatal("%s: already called", __func__);
|
||||
fatal_f("already called");
|
||||
sshpam_ctxt = (sshpam_device.init_ctx)(authctxt);
|
||||
sshpam_authok = NULL;
|
||||
sshbuf_reset(m);
|
||||
@@ -1152,7 +1151,7 @@ mm_answer_pam_init_ctx(struct ssh *ssh, int sock, struct sshbuf *m)
|
||||
ok = 1;
|
||||
}
|
||||
if ((r = sshbuf_put_u32(m, ok)) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
fatal_fr(r, "buffer error");
|
||||
mm_request_send(sock, MONITOR_ANS_PAM_INIT_CTX, m);
|
||||
return (0);
|
||||
}
|
||||
@@ -1164,10 +1163,10 @@ mm_answer_pam_query(struct ssh *ssh, int sock, struct sshbuf *m)
|
||||
u_int i, num = 0, *echo_on = 0;
|
||||
int r, ret;
|
||||
|
||||
debug3("%s", __func__);
|
||||
debug3_f("entering");
|
||||
sshpam_authok = NULL;
|
||||
if (sshpam_ctxt == NULL)
|
||||
fatal("%s: no context", __func__);
|
||||
fatal_f("no context");
|
||||
ret = (sshpam_device.query)(sshpam_ctxt, &name, &info,
|
||||
&num, &prompts, &echo_on);
|
||||
if (ret == 0 && num == 0)
|
||||
@@ -1181,13 +1180,13 @@ mm_answer_pam_query(struct ssh *ssh, int sock, struct sshbuf *m)
|
||||
(r = sshbuf_put_cstring(m, info)) != 0 ||
|
||||
(r = sshbuf_put_u32(m, sshpam_get_maxtries_reached())) != 0 ||
|
||||
(r = sshbuf_put_u32(m, num)) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
fatal_fr(r, "buffer error");
|
||||
free(name);
|
||||
free(info);
|
||||
for (i = 0; i < num; ++i) {
|
||||
if ((r = sshbuf_put_cstring(m, prompts[i])) != 0 ||
|
||||
(r = sshbuf_put_u32(m, echo_on[i])) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
fatal_fr(r, "buffer error");
|
||||
free(prompts[i]);
|
||||
}
|
||||
free(prompts);
|
||||
@@ -1205,12 +1204,12 @@ mm_answer_pam_respond(struct ssh *ssh, int sock, struct sshbuf *m)
|
||||
u_int i, num;
|
||||
int r, ret;
|
||||
|
||||
debug3("%s", __func__);
|
||||
debug3_f("entering");
|
||||
if (sshpam_ctxt == NULL)
|
||||
fatal("%s: no context", __func__);
|
||||
fatal_f("no context");
|
||||
sshpam_authok = NULL;
|
||||
if ((r = sshbuf_get_u32(m, &num)) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
fatal_fr(r, "buffer error");
|
||||
if (num > PAM_MAX_NUM_MSG) {
|
||||
fatal_f("Too many PAM messages, got %u, expected <= %u",
|
||||
num, (unsigned)PAM_MAX_NUM_MSG);
|
||||
@@ -1231,7 +1230,7 @@ mm_answer_pam_respond(struct ssh *ssh, int sock, struct sshbuf *m)
|
||||
}
|
||||
sshbuf_reset(m);
|
||||
if ((r = sshbuf_put_u32(m, ret)) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
fatal_fr(r, "buffer error");
|
||||
mm_request_send(sock, MONITOR_ANS_PAM_RESPOND, m);
|
||||
auth_method = "keyboard-interactive";
|
||||
auth_submethod = "pam";
|
||||
@@ -1245,9 +1244,9 @@ mm_answer_pam_free_ctx(struct ssh *ssh, int sock, struct sshbuf *m)
|
||||
{
|
||||
int r = sshpam_authok != NULL && sshpam_authok == sshpam_ctxt;
|
||||
|
||||
debug3("%s", __func__);
|
||||
debug3_f("entering");
|
||||
if (sshpam_ctxt == NULL)
|
||||
fatal("%s: no context", __func__);
|
||||
fatal_f("no context");
|
||||
(sshpam_device.free_ctx)(sshpam_ctxt);
|
||||
sshpam_ctxt = sshpam_authok = NULL;
|
||||
sshbuf_reset(m);
|
||||
@@ -1778,10 +1777,10 @@ mm_answer_audit_event(struct ssh *ssh, int socket, struct sshbuf *m)
|
||||
ssh_audit_event_t event;
|
||||
int r;
|
||||
|
||||
debug3("%s entering", __func__);
|
||||
debug3_f("entering");
|
||||
|
||||
if ((r = sshbuf_get_u32(m, &n)) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
fatal_fr(r, "buffer error");
|
||||
event = (ssh_audit_event_t)n;
|
||||
switch (event) {
|
||||
case SSH_AUTH_FAIL_PUBKEY:
|
||||
@@ -1806,9 +1805,9 @@ mm_answer_audit_command(struct ssh *ssh, int socket, struct sshbuf *m)
|
||||
char *cmd;
|
||||
int r;
|
||||
|
||||
debug3("%s entering", __func__);
|
||||
debug3_f("entering");
|
||||
if ((r = sshbuf_get_cstring(m, &cmd, NULL)) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
fatal_fr(r, "buffer error");
|
||||
/* sanity check command, if so how? */
|
||||
audit_run_command(cmd);
|
||||
free(cmd);
|
||||
|
||||
@@ -103,7 +103,7 @@ mm_send_fd(int sock, int fd)
|
||||
}
|
||||
return 0;
|
||||
#else
|
||||
error("%s: file descriptor passing not supported", __func__);
|
||||
error_f("file descriptor passing not supported");
|
||||
return -1;
|
||||
#endif
|
||||
}
|
||||
|
||||
@@ -692,11 +692,11 @@ mm_start_pam(struct ssh *ssh)
|
||||
{
|
||||
struct sshbuf *m;
|
||||
|
||||
debug3("%s entering", __func__);
|
||||
debug3_f("entering");
|
||||
if (!options.use_pam)
|
||||
fatal("UsePAM=no, but ended up in %s anyway", __func__);
|
||||
fatal_f("UsePAM=no, but ended up in %s anyway", __func__);
|
||||
if ((m = sshbuf_new()) == NULL)
|
||||
fatal("%s: sshbuf_new failed", __func__);
|
||||
fatal_f("sshbuf_new failed");
|
||||
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_START, m);
|
||||
|
||||
sshbuf_free(m);
|
||||
@@ -711,12 +711,12 @@ mm_do_pam_account(void)
|
||||
size_t msglen;
|
||||
int r;
|
||||
|
||||
debug3("%s entering", __func__);
|
||||
debug3_f("entering");
|
||||
if (!options.use_pam)
|
||||
fatal("UsePAM=no, but ended up in %s anyway", __func__);
|
||||
fatal_f("UsePAM=no, but ended up in %s anyway", __func__);
|
||||
|
||||
if ((m = sshbuf_new()) == NULL)
|
||||
fatal("%s: sshbuf_new failed", __func__);
|
||||
fatal_f("sshbuf_new failed");
|
||||
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_ACCOUNT, m);
|
||||
|
||||
mm_request_receive_expect(pmonitor->m_recvfd,
|
||||
@@ -724,12 +724,12 @@ mm_do_pam_account(void)
|
||||
if ((r = sshbuf_get_u32(m, &ret)) != 0 ||
|
||||
(r = sshbuf_get_cstring(m, &msg, &msglen)) != 0 ||
|
||||
(r = sshbuf_put(loginmsg, msg, msglen)) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
fatal_fr(r, "buffer error");
|
||||
|
||||
free(msg);
|
||||
sshbuf_free(m);
|
||||
|
||||
debug3("%s returning %d", __func__, ret);
|
||||
debug3_f("returning %d", ret);
|
||||
|
||||
return (ret);
|
||||
}
|
||||
@@ -740,17 +740,17 @@ mm_sshpam_init_ctx(Authctxt *authctxt)
|
||||
struct sshbuf *m;
|
||||
int r, success;
|
||||
|
||||
debug3("%s", __func__);
|
||||
debug3_f("entering");
|
||||
if ((m = sshbuf_new()) == NULL)
|
||||
fatal("%s: sshbuf_new failed", __func__);
|
||||
fatal_f("sshbuf_new failed");
|
||||
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_INIT_CTX, m);
|
||||
debug3("%s: waiting for MONITOR_ANS_PAM_INIT_CTX", __func__);
|
||||
debug3_f("waiting for MONITOR_ANS_PAM_INIT_CTX");
|
||||
mm_request_receive_expect(pmonitor->m_recvfd,
|
||||
MONITOR_ANS_PAM_INIT_CTX, m);
|
||||
if ((r = sshbuf_get_u32(m, &success)) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
fatal_fr(r, "buffer error");
|
||||
if (success == 0) {
|
||||
debug3("%s: pam_init_ctx failed", __func__);
|
||||
debug3_f("pam_init_ctx failed");
|
||||
sshbuf_free(m);
|
||||
return (NULL);
|
||||
}
|
||||
@@ -766,19 +766,19 @@ mm_sshpam_query(void *ctx, char **name, char **info,
|
||||
u_int i, n;
|
||||
int r, ret;
|
||||
|
||||
debug3("%s", __func__);
|
||||
debug3_f("entering");
|
||||
if ((m = sshbuf_new()) == NULL)
|
||||
fatal("%s: sshbuf_new failed", __func__);
|
||||
fatal_f("sshbuf_new failed");
|
||||
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_QUERY, m);
|
||||
debug3("%s: waiting for MONITOR_ANS_PAM_QUERY", __func__);
|
||||
debug3_f("waiting for MONITOR_ANS_PAM_QUERY");
|
||||
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PAM_QUERY, m);
|
||||
if ((r = sshbuf_get_u32(m, &ret)) != 0 ||
|
||||
(r = sshbuf_get_cstring(m, name, NULL)) != 0 ||
|
||||
(r = sshbuf_get_cstring(m, info, NULL)) != 0 ||
|
||||
(r = sshbuf_get_u32(m, &n)) != 0 ||
|
||||
(r = sshbuf_get_u32(m, num)) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
debug3("%s: pam_query returned %d", __func__, ret);
|
||||
fatal_fr(r, "buffer error");
|
||||
debug3_f("pam_query returned %d", ret);
|
||||
sshpam_set_maxtries_reached(n);
|
||||
if (*num > PAM_MAX_NUM_MSG)
|
||||
fatal("%s: received %u PAM messages, expected <= %u",
|
||||
@@ -788,7 +788,7 @@ mm_sshpam_query(void *ctx, char **name, char **info,
|
||||
for (i = 0; i < *num; ++i) {
|
||||
if ((r = sshbuf_get_cstring(m, &((*prompts)[i]), NULL)) != 0 ||
|
||||
(r = sshbuf_get_u32(m, &((*echo_on)[i]))) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
fatal_fr(r, "buffer error");
|
||||
}
|
||||
sshbuf_free(m);
|
||||
return (ret);
|
||||
@@ -801,23 +801,23 @@ mm_sshpam_respond(void *ctx, u_int num, char **resp)
|
||||
u_int n, i;
|
||||
int r, ret;
|
||||
|
||||
debug3("%s", __func__);
|
||||
debug3_f("entering");
|
||||
if ((m = sshbuf_new()) == NULL)
|
||||
fatal("%s: sshbuf_new failed", __func__);
|
||||
fatal_f("sshbuf_new failed");
|
||||
if ((r = sshbuf_put_u32(m, num)) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
fatal_fr(r, "buffer error");
|
||||
for (i = 0; i < num; ++i) {
|
||||
if ((r = sshbuf_put_cstring(m, resp[i])) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
fatal_fr(r, "buffer error");
|
||||
}
|
||||
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_RESPOND, m);
|
||||
debug3("%s: waiting for MONITOR_ANS_PAM_RESPOND", __func__);
|
||||
debug3_f("waiting for MONITOR_ANS_PAM_RESPOND");
|
||||
mm_request_receive_expect(pmonitor->m_recvfd,
|
||||
MONITOR_ANS_PAM_RESPOND, m);
|
||||
if ((r = sshbuf_get_u32(m, &n)) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
fatal_fr(r, "buffer error");
|
||||
ret = (int)n; /* XXX */
|
||||
debug3("%s: pam_respond returned %d", __func__, ret);
|
||||
debug3_f("pam_respond returned %d", ret);
|
||||
sshbuf_free(m);
|
||||
return (ret);
|
||||
}
|
||||
@@ -827,11 +827,11 @@ mm_sshpam_free_ctx(void *ctxtp)
|
||||
{
|
||||
struct sshbuf *m;
|
||||
|
||||
debug3("%s", __func__);
|
||||
debug3_f("entering");
|
||||
if ((m = sshbuf_new()) == NULL)
|
||||
fatal("%s: sshbuf_new failed", __func__);
|
||||
fatal_f("sshbuf_new failed");
|
||||
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_FREE_CTX, m);
|
||||
debug3("%s: waiting for MONITOR_ANS_PAM_FREE_CTX", __func__);
|
||||
debug3_f("waiting for MONITOR_ANS_PAM_FREE_CTX");
|
||||
mm_request_receive_expect(pmonitor->m_recvfd,
|
||||
MONITOR_ANS_PAM_FREE_CTX, m);
|
||||
sshbuf_free(m);
|
||||
@@ -1000,12 +1000,12 @@ mm_audit_event(struct ssh *ssh, ssh_audit_event_t event)
|
||||
struct sshbuf *m;
|
||||
int r;
|
||||
|
||||
debug3("%s entering", __func__);
|
||||
debug3_f("entering");
|
||||
|
||||
if ((m = sshbuf_new()) == NULL)
|
||||
fatal("%s: sshbuf_new failed", __func__);
|
||||
fatal_f("sshbuf_new failed");
|
||||
if ((r = sshbuf_put_u32(m, event)) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
fatal_fr(r, "buffer error");
|
||||
|
||||
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_EVENT, m);
|
||||
sshbuf_free(m);
|
||||
@@ -1017,12 +1017,12 @@ mm_audit_run_command(const char *command)
|
||||
struct sshbuf *m;
|
||||
int r;
|
||||
|
||||
debug3("%s entering command %s", __func__, command);
|
||||
debug3_f("entering command %s", command);
|
||||
|
||||
if ((m = sshbuf_new()) == NULL)
|
||||
fatal("%s: sshbuf_new failed", __func__);
|
||||
fatal_f("sshbuf_new failed");
|
||||
if ((r = sshbuf_put_cstring(m, command)) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
fatal_fr(r, "buffer error");
|
||||
|
||||
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_COMMAND, m);
|
||||
sshbuf_free(m);
|
||||
|
||||
@@ -54,7 +54,7 @@ ssh_sandbox_init(struct monitor *monitor)
|
||||
{
|
||||
struct ssh_sandbox *box;
|
||||
|
||||
debug3("%s: preparing capsicum sandbox", __func__);
|
||||
debug3_f("preparing capsicum sandbox");
|
||||
box = xcalloc(1, sizeof(*box));
|
||||
box->m_recvfd = monitor->m_recvfd;
|
||||
box->m_log_sendfd = monitor->m_log_sendfd;
|
||||
@@ -97,13 +97,13 @@ ssh_sandbox_child(struct ssh_sandbox *box)
|
||||
cap_rights_init(&rights, CAP_READ, CAP_WRITE);
|
||||
if (cap_rights_limit(box->m_recvfd, &rights) < 0 &&
|
||||
errno != ENOSYS)
|
||||
fatal("%s: failed to limit the network socket", __func__);
|
||||
fatal_f("failed to limit the network socket");
|
||||
cap_rights_init(&rights, CAP_WRITE);
|
||||
if (cap_rights_limit(box->m_log_sendfd, &rights) < 0 &&
|
||||
errno != ENOSYS)
|
||||
fatal("%s: failed to limit the logging socket", __func__);
|
||||
fatal_f("failed to limit the logging socket");
|
||||
if (cap_enter() < 0 && errno != ENOSYS)
|
||||
fatal("%s: failed to enter capability mode", __func__);
|
||||
fatal_f("failed to enter capability mode");
|
||||
|
||||
}
|
||||
|
||||
|
||||
@@ -49,7 +49,7 @@ ssh_sandbox_init(struct monitor *monitor)
|
||||
* Strictly, we don't need to maintain any state here but we need
|
||||
* to return non-NULL to satisfy the API.
|
||||
*/
|
||||
debug3("%s: preparing Darwin sandbox", __func__);
|
||||
debug3_f("preparing Darwin sandbox");
|
||||
box = xcalloc(1, sizeof(*box));
|
||||
return box;
|
||||
}
|
||||
@@ -60,10 +60,10 @@ ssh_sandbox_child(struct ssh_sandbox *box)
|
||||
char *errmsg;
|
||||
struct rlimit rl_zero;
|
||||
|
||||
debug3("%s: starting Darwin sandbox", __func__);
|
||||
debug3_f("starting Darwin sandbox");
|
||||
if (sandbox_init(kSBXProfilePureComputation, SANDBOX_NAMED,
|
||||
&errmsg) == -1)
|
||||
fatal("%s: sandbox_init: %s", __func__, errmsg);
|
||||
fatal_f("sandbox_init: %s", errmsg);
|
||||
|
||||
/*
|
||||
* The kSBXProfilePureComputation still allows sockets, so
|
||||
|
||||
@@ -486,7 +486,7 @@ ssh_sandbox_init(struct monitor *monitor)
|
||||
* Strictly, we don't need to maintain any state here but we need
|
||||
* to return non-NULL to satisfy the API.
|
||||
*/
|
||||
debug3("%s: preparing seccomp filter sandbox", __func__);
|
||||
debug3_f("preparing seccomp filter sandbox");
|
||||
box = xcalloc(1, sizeof(*box));
|
||||
return box;
|
||||
}
|
||||
@@ -513,7 +513,7 @@ ssh_sandbox_child_debugging(void)
|
||||
struct sigaction act;
|
||||
sigset_t mask;
|
||||
|
||||
debug3("%s: installing SIGSYS handler", __func__);
|
||||
debug3_f("installing SIGSYS handler");
|
||||
memset(&act, 0, sizeof(act));
|
||||
sigemptyset(&mask);
|
||||
sigaddset(&mask, SIGSYS);
|
||||
@@ -521,7 +521,7 @@ ssh_sandbox_child_debugging(void)
|
||||
act.sa_sigaction = &ssh_sandbox_violation;
|
||||
act.sa_flags = SA_SIGINFO;
|
||||
if (sigaction(SIGSYS, &act, NULL) == -1)
|
||||
fatal("%s: sigaction(SIGSYS): %s", __func__, strerror(errno));
|
||||
fatal_f("sigaction(SIGSYS): %s", strerror(errno));
|
||||
if (sigprocmask(SIG_UNBLOCK, &mask, NULL) == -1)
|
||||
fatal("%s: sigprocmask(SIGSYS): %s",
|
||||
__func__, strerror(errno));
|
||||
@@ -554,13 +554,13 @@ ssh_sandbox_child(struct ssh_sandbox *box)
|
||||
ssh_sandbox_child_debugging();
|
||||
#endif /* SANDBOX_SECCOMP_FILTER_DEBUG */
|
||||
|
||||
debug3("%s: setting PR_SET_NO_NEW_PRIVS", __func__);
|
||||
debug3_f("setting PR_SET_NO_NEW_PRIVS");
|
||||
if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) == -1) {
|
||||
debug("%s: prctl(PR_SET_NO_NEW_PRIVS): %s",
|
||||
__func__, strerror(errno));
|
||||
nnp_failed = 1;
|
||||
}
|
||||
debug3("%s: attaching seccomp filter program", __func__);
|
||||
debug3_f("attaching seccomp filter program");
|
||||
if (prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &preauth_program) == -1)
|
||||
debug("%s: prctl(PR_SET_SECCOMP): %s",
|
||||
__func__, strerror(errno));
|
||||
|
||||
@@ -2291,7 +2291,7 @@ out:
|
||||
int
|
||||
pkcs11_init(int interactive)
|
||||
{
|
||||
error("%s: dlopen() not supported", __func__);
|
||||
error_f("dlopen() not supported");
|
||||
return (-1);
|
||||
}
|
||||
|
||||
@@ -2299,13 +2299,13 @@ int
|
||||
pkcs11_add_provider(char *provider_id, char *pin, struct sshkey ***keyp,
|
||||
char ***labelsp)
|
||||
{
|
||||
error("%s: dlopen() not supported", __func__);
|
||||
error_f("dlopen() not supported");
|
||||
return (-1);
|
||||
}
|
||||
|
||||
void
|
||||
pkcs11_terminate(void)
|
||||
{
|
||||
error("%s: dlopen() not supported", __func__);
|
||||
error_f("dlopen() not supported");
|
||||
}
|
||||
#endif /* ENABLE_PKCS11 */
|
||||
|
||||
@@ -290,7 +290,7 @@ reseed_prngs(void)
|
||||
RAND_seed(rnd, sizeof(rnd));
|
||||
/* give libcrypto a chance to notice the PID change */
|
||||
if ((RAND_bytes((u_char *)rnd, 1)) != 1)
|
||||
fatal("%s: RAND_bytes failed", __func__);
|
||||
fatal_f("RAND_bytes failed");
|
||||
#endif
|
||||
|
||||
explicit_bzero(rnd, sizeof(rnd));
|
||||
|
||||
2
sshd.c
2
sshd.c
@@ -1233,7 +1233,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s,
|
||||
#ifdef WITH_OPENSSL
|
||||
RAND_seed(rnd, sizeof(rnd));
|
||||
if ((RAND_bytes((u_char *)rnd, 1)) != 1)
|
||||
fatal("%s: RAND_bytes failed", __func__);
|
||||
fatal_f("RAND_bytes failed");
|
||||
#endif
|
||||
explicit_bzero(rnd, sizeof(rnd));
|
||||
}
|
||||
|
||||
@@ -106,7 +106,7 @@ store_lastlog_message(const char *user, uid_t uid)
|
||||
if (time_string != NULL) {
|
||||
if ((r = sshbuf_put(loginmsg,
|
||||
time_string, strlen(time_string))) != 0)
|
||||
fatal("%s: buffer error: %s", __func__, ssh_err(r));
|
||||
fatal_fr(r, "buffer error");
|
||||
free(time_string);
|
||||
}
|
||||
# else
|
||||
|
||||
2
sshpty.c
2
sshpty.c
@@ -173,7 +173,7 @@ pty_setowner(struct passwd *pw, const char *tty)
|
||||
/* Determine the group to make the owner of the tty. */
|
||||
grp = getgrnam("tty");
|
||||
if (grp == NULL)
|
||||
debug("%s: no tty group", __func__);
|
||||
debug_f("no tty group");
|
||||
gid = (grp != NULL) ? grp->gr_gid : pw->pw_gid;
|
||||
mode = (grp != NULL) ? 0620 : 0600;
|
||||
|
||||
|
||||
@@ -163,9 +163,9 @@ restore_uid(void)
|
||||
* as well.
|
||||
*/
|
||||
if (setuid(getuid()) == -1)
|
||||
fatal("%s: setuid failed: %s", __func__, strerror(errno));
|
||||
fatal_f("setuid failed: %s", strerror(errno));
|
||||
if (setgid(getgid()) == -1)
|
||||
fatal("%s: setgid failed: %s", __func__, strerror(errno));
|
||||
fatal_f("setgid failed: %s", strerror(errno));
|
||||
#endif /* SAVED_IDS_WORK_WITH_SETEUID */
|
||||
|
||||
if (setgroups(saved_egroupslen, saved_egroups) == -1)
|
||||
@@ -212,7 +212,7 @@ permanently_set_uid(struct passwd *pw)
|
||||
/* Try restoration of GID if changed (test clearing of saved gid) */
|
||||
if (old_gid != pw->pw_gid && pw->pw_uid != 0 &&
|
||||
(setgid(old_gid) != -1 || setegid(old_gid) != -1))
|
||||
fatal("%s: was able to restore old [e]gid", __func__);
|
||||
fatal_f("was able to restore old [e]gid");
|
||||
#endif
|
||||
|
||||
/* Verify GID drop was successful */
|
||||
@@ -226,7 +226,7 @@ permanently_set_uid(struct passwd *pw)
|
||||
/* Try restoration of UID if changed (test clearing of saved uid) */
|
||||
if (old_uid != pw->pw_uid &&
|
||||
(setuid(old_uid) != -1 || seteuid(old_uid) != -1))
|
||||
fatal("%s: was able to restore old [e]uid", __func__);
|
||||
fatal_f("was able to restore old [e]uid");
|
||||
#endif
|
||||
|
||||
/* Verify UID drop was successful */
|
||||
|
||||
Reference in New Issue
Block a user