shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-12 03:00:26 +09:00
Code Issues Packages Projects Releases Wiki Activity

SSH_LOG_DEBUG: Recategorize loglevels

Browse Source 
Loglevel INFO is the default openssh configuration setting which does not print
redundant information. On a system using openssh with loglevels set by the
terms of openssh will cause unwanted log lines in the output.
recategorized based on - SSH_LOG_DEBUG are informational debug logs (no error)

Signed-off-by: Norbert Pocs <npocs@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
This commit is contained in:
Norbert Pocs
2022-09-15 20:48:19 +02:00
committed by Andreas Schneider
parent 7ea75cda45
commit 657d9143d1
29 changed files with 122 additions and 123 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/agent.c
View File

@@ -306,12 +306,12 @@ static int agent_talk(struct ssh_session_struct *session,
payload = ssh_buffer_allocate(reply, len); payload = ssh_buffer_allocate(reply, len);
if (payload == NULL) { if (payload == NULL) {
SSH_LOG(SSH_LOG_WARN, "Not enough space"); SSH_LOG(SSH_LOG_DEBUG, "Not enough space");
return -1; return -1;
} }
if (atomicio(session->agent, payload, len, 1) != len) { if (atomicio(session->agent, payload, len, 1) != len) {
SSH_LOG(SSH_LOG_WARN, SSH_LOG(SSH_LOG_DEBUG,
"Error reading response from authentication socket."); "Error reading response from authentication socket.");
/* Rollback the unused space */ /* Rollback the unused space */
ssh_buffer_pass_bytes_end(reply, len); ssh_buffer_pass_bytes_end(reply, len);
@@ -587,7 +587,7 @@ ssh_string ssh_agent_sign_data(ssh_session session,
#endif #endif
if (agent_failed(type)) { if (agent_failed(type)) {
SSH_LOG(SSH_LOG_WARN, "Agent reports failure in signing the key"); SSH_LOG(SSH_LOG_DEBUG, "Agent reports failure in signing the key");
SSH_BUFFER_FREE(reply); SSH_BUFFER_FREE(reply);
return NULL; return NULL;
} else if (type != SSH2_AGENT_SIGN_RESPONSE) { } else if (type != SSH2_AGENT_SIGN_RESPONSE) {

14
src/auth.c
View File

@@ -240,7 +240,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_failure) {
if (partial) { if (partial) {
session->auth.state = SSH_AUTH_STATE_PARTIAL; session->auth.state = SSH_AUTH_STATE_PARTIAL;
SSH_LOG(SSH_LOG_INFO, SSH_LOG(SSH_LOG_DEBUG,
"Partial success for '%s'. Authentication that can continue: %s", "Partial success for '%s'. Authentication that can continue: %s",
current_method, current_method,
auth_methods); auth_methods);
@@ -250,7 +250,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_failure) {
"Access denied for '%s'. Authentication that can continue: %s", "Access denied for '%s'. Authentication that can continue: %s",
current_method, current_method,
auth_methods); auth_methods);
SSH_LOG(SSH_LOG_INFO, SSH_LOG(SSH_LOG_DEBUG,
"%s", "%s",
ssh_get_error(session)); ssh_get_error(session));
@@ -1061,7 +1061,7 @@ int ssh_userauth_agent(ssh_session session,
session->agent_state = NULL; session->agent_state = NULL;
goto done; goto done;
} else if (rc != SSH_AUTH_SUCCESS) { } else if (rc != SSH_AUTH_SUCCESS) {
SSH_LOG(SSH_LOG_INFO, SSH_LOG(SSH_LOG_DEBUG,
"Server accepted public key but refused the signature"); "Server accepted public key but refused the signature");
ssh_key_free(state->pubkey); ssh_key_free(state->pubkey);
state->pubkey = ssh_agent_get_next_ident(session, &state->comment); state->pubkey = ssh_agent_get_next_ident(session, &state->comment);
@@ -1345,7 +1345,7 @@ int ssh_userauth_publickey_auto(ssh_session session,
/* If the file doesn't exist, continue */ /* If the file doesn't exist, continue */
ssh_key_free(state->pubkey); ssh_key_free(state->pubkey);
state->pubkey = NULL; state->pubkey = NULL;
SSH_LOG(SSH_LOG_INFO, SSH_LOG(SSH_LOG_DEBUG,
"Private key %s doesn't exist.", "Private key %s doesn't exist.",
privkey_file); privkey_file);
state->it = state->it->next; state->it = state->it->next;
@@ -1360,7 +1360,7 @@ int ssh_userauth_publickey_auto(ssh_session session,
ssh_key_free(state->pubkey); ssh_key_free(state->pubkey);
SAFE_FREE(session->auth.auto_state); SAFE_FREE(session->auth.auto_state);
if (rc == SSH_AUTH_SUCCESS) { if (rc == SSH_AUTH_SUCCESS) {
SSH_LOG(SSH_LOG_INFO, SSH_LOG(SSH_LOG_DEBUG,
"Successfully authenticated using %s", "Successfully authenticated using %s",
privkey_file); privkey_file);
} }
@@ -1373,7 +1373,7 @@ int ssh_userauth_publickey_auto(ssh_session session,
ssh_key_free(state->privkey); ssh_key_free(state->privkey);
ssh_key_free(state->pubkey); ssh_key_free(state->pubkey);
SSH_LOG(SSH_LOG_WARN, SSH_LOG(SSH_LOG_DEBUG,
"The server accepted the public key but refused the signature"); "The server accepted the public key but refused the signature");
state->it = state->it->next; state->it = state->it->next;
state->state = SSH_AUTH_AUTO_STATE_PUBKEY; state->state = SSH_AUTH_AUTO_STATE_PUBKEY;
@@ -2123,7 +2123,7 @@ int ssh_userauth_gssapi(ssh_session session)
} else if (rc == SSH_ERROR) { } else if (rc == SSH_ERROR) {
return SSH_AUTH_ERROR; return SSH_AUTH_ERROR;
} }
SSH_LOG(SSH_LOG_PROTOCOL, "Authenticating with gssapi-with-mic"); SSH_LOG(SSH_LOG_DEBUG, "Authenticating with gssapi-with-mic");
session->auth.current_method = SSH_AUTH_METHOD_GSSAPI_MIC; session->auth.current_method = SSH_AUTH_METHOD_GSSAPI_MIC;
session->auth.state = SSH_AUTH_STATE_NONE; session->auth.state = SSH_AUTH_STATE_NONE;

2
src/bind.c
View File

@@ -297,7 +297,7 @@ int ssh_bind_listen(ssh_bind sshbind) {
sshbind->bindfd = fd; sshbind->bindfd = fd;
} else { } else {
SSH_LOG(SSH_LOG_INFO, "Using app-provided bind socket"); SSH_LOG(SSH_LOG_DEBUG, "Using app-provided bind socket");
} }
return 0; return 0;
} }

4
src/bind_config.c
View File

@@ -546,7 +546,7 @@ ssh_bind_config_parse_line(ssh_bind bind,
return -1; return -1;
} }
args++; args++;
SSH_LOG(SSH_LOG_WARN, SSH_LOG(SSH_LOG_DEBUG,
"line %d: Unsupported Match keyword '%s', ignoring\n", "line %d: Unsupported Match keyword '%s', ignoring\n",
count, count,
p2); p2);
@@ -595,7 +595,7 @@ ssh_bind_config_parse_line(ssh_bind bind,
} }
break; break;
case BIND_CFG_NOT_ALLOWED_IN_MATCH: case BIND_CFG_NOT_ALLOWED_IN_MATCH:
SSH_LOG(SSH_LOG_WARN, "Option not allowed in Match block: %s, line: %d", SSH_LOG(SSH_LOG_DEBUG, "Option not allowed in Match block: %s, line: %d",
keyword, count); keyword, count);
break; break;
case BIND_CFG_UNKNOWN: case BIND_CFG_UNKNOWN:

26
src/channels.c
View File

@@ -192,7 +192,7 @@ SSH_PACKET_CALLBACK(ssh_packet_channel_open_conf){
if (rc != SSH_OK) if (rc != SSH_OK)
goto error; goto error;
SSH_LOG(SSH_LOG_PROTOCOL, SSH_LOG(SSH_LOG_DEBUG,
"Received a CHANNEL_OPEN_CONFIRMATION for channel %d:%d", "Received a CHANNEL_OPEN_CONFIRMATION for channel %d:%d",
channel->local_channel, channel->local_channel,
channel->remote_channel); channel->remote_channel);
@@ -205,7 +205,7 @@ SSH_PACKET_CALLBACK(ssh_packet_channel_open_conf){
goto error; goto error;
} }
SSH_LOG(SSH_LOG_PROTOCOL, SSH_LOG(SSH_LOG_DEBUG,
"Remote window : %"PRIu32", maxpacket : %"PRIu32, "Remote window : %"PRIu32", maxpacket : %"PRIu32,
(uint32_t) channel->remote_window, (uint32_t) channel->remote_window,
(uint32_t) channel->remote_maxpacket); (uint32_t) channel->remote_maxpacket);
@@ -327,7 +327,7 @@ channel_open(ssh_channel channel,
channel->local_maxpacket = maxpacket; channel->local_maxpacket = maxpacket;
channel->local_window = window; channel->local_window = window;
SSH_LOG(SSH_LOG_PROTOCOL, SSH_LOG(SSH_LOG_DEBUG,
"Creating a channel %d with %d window and %d max packet", "Creating a channel %d with %d window and %d max packet",
channel->local_channel, window, maxpacket); channel->local_channel, window, maxpacket);
@@ -417,7 +417,7 @@ static int grow_window(ssh_session session,
int rc; int rc;
if (new_window <= channel->local_window) { if (new_window <= channel->local_window) {
SSH_LOG(SSH_LOG_PROTOCOL, SSH_LOG(SSH_LOG_DEBUG,
"growing window (channel %d:%d) to %d bytes : not needed (%d bytes)", "growing window (channel %d:%d) to %d bytes : not needed (%d bytes)",
channel->local_channel, channel->remote_channel, new_window, channel->local_channel, channel->remote_channel, new_window,
channel->local_window); channel->local_window);
@@ -441,7 +441,7 @@ static int grow_window(ssh_session session,
goto error; goto error;
} }
SSH_LOG(SSH_LOG_PROTOCOL, SSH_LOG(SSH_LOG_DEBUG,
"growing window (channel %d:%d) to %d bytes", "growing window (channel %d:%d) to %d bytes",
channel->local_channel, channel->local_channel,
channel->remote_channel, channel->remote_channel,
@@ -512,7 +512,7 @@ SSH_PACKET_CALLBACK(channel_rcv_change_window) {
return SSH_PACKET_USED; return SSH_PACKET_USED;
} }
SSH_LOG(SSH_LOG_PROTOCOL, SSH_LOG(SSH_LOG_DEBUG,
"Adding %d bytes to channel (%d:%d) (from %d bytes)", "Adding %d bytes to channel (%d:%d) (from %d bytes)",
bytes, bytes,
channel->local_channel, channel->local_channel,
@@ -831,7 +831,7 @@ SSH_PACKET_CALLBACK(channel_rcv_request) {
} }
if(strcmp(request,"keepalive@openssh.com")==0){ if(strcmp(request,"keepalive@openssh.com")==0){
SAFE_FREE(request); SAFE_FREE(request);
SSH_LOG(SSH_LOG_PROTOCOL,"Responding to Openssh's keepalive"); SSH_LOG(SSH_LOG_DEBUG,"Responding to Openssh's keepalive");
rc = ssh_buffer_pack(session->out_buffer, rc = ssh_buffer_pack(session->out_buffer,
"bd", "bd",
@@ -849,7 +849,7 @@ SSH_PACKET_CALLBACK(channel_rcv_request) {
int status; int status;
SAFE_FREE(request); SAFE_FREE(request);
SSH_LOG(SSH_LOG_PROTOCOL, "Received an auth-agent-req request"); SSH_LOG(SSH_LOG_DEBUG, "Received an auth-agent-req request");
status = SSH2_MSG_CHANNEL_FAILURE; status = SSH2_MSG_CHANNEL_FAILURE;
ssh_callbacks_iterate(channel->callbacks, ssh_callbacks_iterate(channel->callbacks,
@@ -884,7 +884,7 @@ SSH_PACKET_CALLBACK(channel_rcv_request) {
*/ */
ssh_message_handle_channel_request(session,channel,packet,request,want_reply); ssh_message_handle_channel_request(session,channel,packet,request,want_reply);
#else #else
SSH_LOG(SSH_LOG_WARNING, "Unhandled channel request %s", request); SSH_LOG(SSH_LOG_DEBUG, "Unhandled channel request %s", request);
#endif #endif
SAFE_FREE(request); SAFE_FREE(request);
@@ -1490,14 +1490,14 @@ static int channel_write_common(ssh_channel channel,
} }
while (len > 0) { while (len > 0) {
if (channel->remote_window < len) { if (channel->remote_window < len) {
SSH_LOG(SSH_LOG_PROTOCOL, SSH_LOG(SSH_LOG_DEBUG,
"Remote window is %d bytes. going to write %d bytes", "Remote window is %d bytes. going to write %d bytes",
channel->remote_window, channel->remote_window,
len); len);
/* What happens when the channel window is zero? */ /* What happens when the channel window is zero? */
if(channel->remote_window == 0) { if(channel->remote_window == 0) {
/* nothing can be written */ /* nothing can be written */
SSH_LOG(SSH_LOG_PROTOCOL, SSH_LOG(SSH_LOG_DEBUG,
"Wait for a growing window message..."); "Wait for a growing window message...");
rc = ssh_handle_packets_termination(session, SSH_TIMEOUT_DEFAULT, rc = ssh_handle_packets_termination(session, SSH_TIMEOUT_DEFAULT,
ssh_channel_waitwindow_termination,channel); ssh_channel_waitwindow_termination,channel);
@@ -1822,7 +1822,7 @@ pending:
rc=SSH_ERROR; rc=SSH_ERROR;
break; break;
case SSH_CHANNEL_REQ_STATE_ACCEPTED: case SSH_CHANNEL_REQ_STATE_ACCEPTED:
SSH_LOG(SSH_LOG_PROTOCOL, SSH_LOG(SSH_LOG_DEBUG,
"Channel request %s success",request); "Channel request %s success",request);
rc=SSH_OK; rc=SSH_OK;
break; break;
@@ -2396,7 +2396,7 @@ pending:
} }
switch(session->global_req_state){ switch(session->global_req_state){
case SSH_CHANNEL_REQ_STATE_ACCEPTED: case SSH_CHANNEL_REQ_STATE_ACCEPTED:
SSH_LOG(SSH_LOG_PROTOCOL, "Global request %s success",request); SSH_LOG(SSH_LOG_DEBUG, "Global request %s success",request);
rc=SSH_OK; rc=SSH_OK;
break; break;
case SSH_CHANNEL_REQ_STATE_DENIED: case SSH_CHANNEL_REQ_STATE_DENIED:

6
src/client.c
View File

@@ -405,7 +405,7 @@ static void ssh_client_connection_callback(ssh_session session)
goto error; goto error;
} }
set_status(session, 0.4f); set_status(session, 0.4f);
SSH_LOG(SSH_LOG_PROTOCOL, SSH_LOG(SSH_LOG_DEBUG,
"SSH server banner: %s", session->serverbanner); "SSH server banner: %s", session->serverbanner);
/* Here we analyze the different protocols the server allows. */ /* Here we analyze the different protocols the server allows. */
@@ -565,7 +565,7 @@ int ssh_connect(ssh_session session)
return SSH_ERROR; return SSH_ERROR;
} }
SSH_LOG(SSH_LOG_PROTOCOL, SSH_LOG(SSH_LOG_DEBUG,
"libssh %s, using threading %s", "libssh %s, using threading %s",
ssh_copyright(), ssh_copyright(),
ssh_threads_get_type()); ssh_threads_get_type());
@@ -600,7 +600,7 @@ int ssh_connect(ssh_session session)
set_status(session, 0.2f); set_status(session, 0.2f);
session->alive = 1; session->alive = 1;
SSH_LOG(SSH_LOG_PROTOCOL, SSH_LOG(SSH_LOG_DEBUG,
"Socket connecting, now waiting for the callbacks to work"); "Socket connecting, now waiting for the callbacks to work");
pending: pending:

6
src/config.c
View File

@@ -668,7 +668,7 @@ ssh_config_parse_line(ssh_session session,
break; break;
} }
args++; args++;
SSH_LOG(SSH_LOG_TRACE, "line %d: Processing Match keyword '%s'", SSH_LOG(SSH_LOG_DEBUG, "line %d: Processing Match keyword '%s'",
count, p); count, p);
/* If the option is prefixed with ! the result should be negated */ /* If the option is prefixed with ! the result should be negated */
@@ -700,7 +700,7 @@ ssh_config_parse_line(ssh_session session,
case MATCH_FINAL: case MATCH_FINAL:
case MATCH_CANONICAL: case MATCH_CANONICAL:
SSH_LOG(SSH_LOG_INFO, SSH_LOG(SSH_LOG_DEBUG,
"line %d: Unsupported Match keyword '%s', skipping", "line %d: Unsupported Match keyword '%s', skipping",
count, count,
p); p);
@@ -718,7 +718,7 @@ ssh_config_parse_line(ssh_session session,
return -1; return -1;
} }
if (result != 1) { if (result != 1) {
SSH_LOG(SSH_LOG_INFO, "line %d: Skipped match exec " SSH_LOG(SSH_LOG_DEBUG, "line %d: Skipped match exec "
"'%s' as previous conditions already failed.", "'%s' as previous conditions already failed.",
count, p2); count, p2);
continue; continue;

6
src/curve25519.c
View File

@@ -339,7 +339,7 @@ static SSH_PACKET_CALLBACK(ssh_packet_client_curve25519_reply){
goto error; goto error;
} }
SSH_LOG(SSH_LOG_PROTOCOL, "SSH_MSG_NEWKEYS sent"); SSH_LOG(SSH_LOG_DEBUG, "SSH_MSG_NEWKEYS sent");
session->dh_handshake_state = DH_STATE_NEWKEYS_SENT; session->dh_handshake_state = DH_STATE_NEWKEYS_SENT;
return SSH_PACKET_USED; return SSH_PACKET_USED;
@@ -491,7 +491,7 @@ static SSH_PACKET_CALLBACK(ssh_packet_server_curve25519_init){
goto error; goto error;
} }
SSH_LOG(SSH_LOG_PROTOCOL, "SSH_MSG_KEX_ECDH_REPLY sent"); SSH_LOG(SSH_LOG_DEBUG, "SSH_MSG_KEX_ECDH_REPLY sent");
rc = ssh_packet_send(session); rc = ssh_packet_send(session);
if (rc == SSH_ERROR) { if (rc == SSH_ERROR) {
return SSH_ERROR; return SSH_ERROR;
@@ -508,7 +508,7 @@ static SSH_PACKET_CALLBACK(ssh_packet_server_curve25519_init){
if (rc == SSH_ERROR) { if (rc == SSH_ERROR) {
goto error; goto error;
} }
SSH_LOG(SSH_LOG_PROTOCOL, "SSH_MSG_NEWKEYS sent"); SSH_LOG(SSH_LOG_DEBUG, "SSH_MSG_NEWKEYS sent");
return SSH_PACKET_USED; return SSH_PACKET_USED;
error: error:

16
src/dh-gex.c
View File

@@ -116,7 +116,7 @@ SSH_PACKET_CALLBACK(ssh_packet_client_dhgex_group)
(void) type; (void) type;
(void) user; (void) user;
SSH_LOG(SSH_LOG_PROTOCOL, "SSH_MSG_KEX_DH_GEX_GROUP received"); SSH_LOG(SSH_LOG_DEBUG, "SSH_MSG_KEX_DH_GEX_GROUP received");
if (bignum_ctx_invalid(ctx)) { if (bignum_ctx_invalid(ctx)) {
goto error; goto error;
@@ -256,7 +256,7 @@ static SSH_PACKET_CALLBACK(ssh_packet_client_dhgex_reply)
bignum server_pubkey = NULL; bignum server_pubkey = NULL;
(void)type; (void)type;
(void)user; (void)user;
SSH_LOG(SSH_LOG_PROTOCOL, "SSH_MSG_KEX_DH_GEX_REPLY received"); SSH_LOG(SSH_LOG_DEBUG, "SSH_MSG_KEX_DH_GEX_REPLY received");
ssh_packet_remove_callbacks(session, &ssh_dhgex_client_callbacks); ssh_packet_remove_callbacks(session, &ssh_dhgex_client_callbacks);
rc = ssh_buffer_unpack(packet, rc = ssh_buffer_unpack(packet,
@@ -300,7 +300,7 @@ static SSH_PACKET_CALLBACK(ssh_packet_client_dhgex_reply)
if (rc == SSH_ERROR) { if (rc == SSH_ERROR) {
goto error; goto error;
} }
SSH_LOG(SSH_LOG_PROTOCOL, "SSH_MSG_NEWKEYS sent"); SSH_LOG(SSH_LOG_DEBUG, "SSH_MSG_NEWKEYS sent");
session->dh_handshake_state = DH_STATE_NEWKEYS_SENT; session->dh_handshake_state = DH_STATE_NEWKEYS_SENT;
return SSH_PACKET_USED; return SSH_PACKET_USED;
@@ -435,7 +435,7 @@ static int ssh_retrieve_dhgroup_file(FILE *moduli,
if (rc == EOF) { if (rc == EOF) {
break; break;
} }
SSH_LOG(SSH_LOG_INFO, "Invalid moduli entry line %zu", line); SSH_LOG(SSH_LOG_DEBUG, "Invalid moduli entry line %zu", line);
do { do {
firstbyte = getc(moduli); firstbyte = getc(moduli);
} while(firstbyte != '\n' && firstbyte != EOF); } while(firstbyte != '\n' && firstbyte != EOF);
@@ -473,13 +473,13 @@ static int ssh_retrieve_dhgroup_file(FILE *moduli,
} }
} }
if (*best_size != 0) { if (*best_size != 0) {
SSH_LOG(SSH_LOG_INFO, SSH_LOG(SSH_LOG_DEBUG,
"Selected %zu bits modulus out of %zu candidates in %zu lines", "Selected %zu bits modulus out of %zu candidates in %zu lines",
*best_size, *best_size,
best_nlines - 1, best_nlines - 1,
line); line);
} else { } else {
SSH_LOG(SSH_LOG_WARNING, SSH_LOG(SSH_LOG_DEBUG,
"No moduli found for [%u:%u:%u]", "No moduli found for [%u:%u:%u]",
pmin, pmin,
pn, pn,
@@ -526,7 +526,7 @@ static int ssh_retrieve_dhgroup(char *moduli_file,
if (moduli == NULL) { if (moduli == NULL) {
char err_msg[SSH_ERRNO_MSG_MAX] = {0}; char err_msg[SSH_ERRNO_MSG_MAX] = {0};
SSH_LOG(SSH_LOG_WARNING, SSH_LOG(SSH_LOG_DEBUG,
"Unable to open moduli file: %s", "Unable to open moduli file: %s",
ssh_strerror(errno, err_msg, SSH_ERRNO_MSG_MAX)); ssh_strerror(errno, err_msg, SSH_ERRNO_MSG_MAX));
return ssh_fallback_group(pmax, p, g); return ssh_fallback_group(pmax, p, g);
@@ -621,7 +621,7 @@ static SSH_PACKET_CALLBACK(ssh_packet_server_dhgex_request)
ssh_set_error_invalid(session); ssh_set_error_invalid(session);
goto error; goto error;
} }
SSH_LOG(SSH_LOG_INFO, "dh-gex: DHGEX_REQUEST[%u:%u:%u]", pmin, pn, pmax); SSH_LOG(SSH_LOG_DEBUG, "dh-gex: DHGEX_REQUEST[%u:%u:%u]", pmin, pn, pmax);
if (pmin > pn || pn > pmax || pn > DH_PMAX || pmax < DH_PMIN) { if (pmin > pn || pn > pmax || pn > DH_PMAX || pmax < DH_PMIN) {
ssh_set_error(session, ssh_set_error(session,

2
src/dh.c
View File

@@ -400,7 +400,7 @@ SSH_PACKET_CALLBACK(ssh_packet_client_dh_reply){
goto error; goto error;
} }
SSH_LOG(SSH_LOG_PROTOCOL, "SSH_MSG_NEWKEYS sent"); SSH_LOG(SSH_LOG_DEBUG, "SSH_MSG_NEWKEYS sent");
session->dh_handshake_state = DH_STATE_NEWKEYS_SENT; session->dh_handshake_state = DH_STATE_NEWKEYS_SENT;
return SSH_PACKET_USED; return SSH_PACKET_USED;
error: error:

2
src/ecdh.c
View File

@@ -97,7 +97,7 @@ SSH_PACKET_CALLBACK(ssh_packet_client_ecdh_reply){
goto error; goto error;
} }
SSH_LOG(SSH_LOG_PROTOCOL, "SSH_MSG_NEWKEYS sent"); SSH_LOG(SSH_LOG_DEBUG, "SSH_MSG_NEWKEYS sent");
session->dh_handshake_state = DH_STATE_NEWKEYS_SENT; session->dh_handshake_state = DH_STATE_NEWKEYS_SENT;
return SSH_PACKET_USED; return SSH_PACKET_USED;

4
src/ecdh_crypto.c
View File

@@ -613,7 +613,7 @@ SSH_PACKET_CALLBACK(ssh_packet_server_ecdh_init){
goto error; goto error;
} }
SSH_LOG(SSH_LOG_PROTOCOL, "SSH_MSG_KEXDH_REPLY sent"); SSH_LOG(SSH_LOG_DEBUG, "SSH_MSG_KEXDH_REPLY sent");
rc = ssh_packet_send(session); rc = ssh_packet_send(session);
if (rc == SSH_ERROR) { if (rc == SSH_ERROR) {
goto error; goto error;
@@ -630,7 +630,7 @@ SSH_PACKET_CALLBACK(ssh_packet_server_ecdh_init){
if (rc == SSH_ERROR){ if (rc == SSH_ERROR){
goto error; goto error;
} }
SSH_LOG(SSH_LOG_PROTOCOL, "SSH_MSG_NEWKEYS sent"); SSH_LOG(SSH_LOG_DEBUG, "SSH_MSG_NEWKEYS sent");
return SSH_PACKET_USED; return SSH_PACKET_USED;
error: error:

4
src/ecdh_gcrypt.c
View File

@@ -366,7 +366,7 @@ SSH_PACKET_CALLBACK(ssh_packet_server_ecdh_init){
goto out; goto out;
} }
SSH_LOG(SSH_LOG_PROTOCOL, "SSH_MSG_KEXDH_REPLY sent"); SSH_LOG(SSH_LOG_DEBUG, "SSH_MSG_KEXDH_REPLY sent");
rc = ssh_packet_send(session); rc = ssh_packet_send(session);
if (rc != SSH_OK) { if (rc != SSH_OK) {
goto out; goto out;
@@ -381,7 +381,7 @@ SSH_PACKET_CALLBACK(ssh_packet_server_ecdh_init){
session->dh_handshake_state = DH_STATE_NEWKEYS_SENT; session->dh_handshake_state = DH_STATE_NEWKEYS_SENT;
rc = ssh_packet_send(session); rc = ssh_packet_send(session);
SSH_LOG(SSH_LOG_PROTOCOL, "SSH_MSG_NEWKEYS sent"); SSH_LOG(SSH_LOG_DEBUG, "SSH_MSG_NEWKEYS sent");
out: out:
gcry_sexp_release(param); gcry_sexp_release(param);

4
src/ecdh_mbedcrypto.c
View File

@@ -311,7 +311,7 @@ SSH_PACKET_CALLBACK(ssh_packet_server_ecdh_init){
goto out; goto out;
} }
SSH_LOG(SSH_LOG_PROTOCOL, "SSH_MSG_KEXDH_REPLY sent"); SSH_LOG(SSH_LOG_DEBUG, "SSH_MSG_KEXDH_REPLY sent");
rc = ssh_packet_send(session); rc = ssh_packet_send(session);
if (rc != SSH_OK) { if (rc != SSH_OK) {
rc = SSH_ERROR; rc = SSH_ERROR;
@@ -326,7 +326,7 @@ SSH_PACKET_CALLBACK(ssh_packet_server_ecdh_init){
session->dh_handshake_state = DH_STATE_NEWKEYS_SENT; session->dh_handshake_state = DH_STATE_NEWKEYS_SENT;
rc = ssh_packet_send(session); rc = ssh_packet_send(session);
SSH_LOG(SSH_LOG_PROTOCOL, "SSH_MSG_NEWKEYS sent"); SSH_LOG(SSH_LOG_DEBUG, "SSH_MSG_NEWKEYS sent");
out: out:
mbedtls_ecp_group_free(&grp); mbedtls_ecp_group_free(&grp);

36
src/gssapi.c
View File

@@ -224,8 +224,8 @@ ssh_gssapi_handle_userauth(ssh_session session, const char *user,
maj_stat = gss_indicate_mechs(&min_stat, &supported); maj_stat = gss_indicate_mechs(&min_stat, &supported);
if (maj_stat != GSS_S_COMPLETE) { if (maj_stat != GSS_S_COMPLETE) {
SSH_LOG(SSH_LOG_WARNING, "indicate mecks %d, %d", maj_stat, min_stat); SSH_LOG(SSH_LOG_DEBUG, "indicate mecks %d, %d", maj_stat, min_stat);
ssh_gssapi_log_error(SSH_LOG_WARNING, ssh_gssapi_log_error(SSH_LOG_DEBUG,
"indicate mechs", "indicate mechs",
maj_stat, maj_stat,
min_stat); min_stat);
@@ -259,7 +259,7 @@ ssh_gssapi_handle_userauth(ssh_session session, const char *user,
} }
gss_release_oid_set(&min_stat, &supported); gss_release_oid_set(&min_stat, &supported);
if (oid_count == 0){ if (oid_count == 0){
SSH_LOG(SSH_LOG_PROTOCOL,"GSSAPI: no OID match"); SSH_LOG(SSH_LOG_DEBUG,"GSSAPI: no OID match");
ssh_auth_reply_default(session, 0); ssh_auth_reply_default(session, 0);
gss_release_oid_set(&min_stat, &both_supported); gss_release_oid_set(&min_stat, &both_supported);
return SSH_OK; return SSH_OK;
@@ -273,8 +273,8 @@ ssh_gssapi_handle_userauth(ssh_session session, const char *user,
maj_stat = gss_import_name(&min_stat, &name_buf, maj_stat = gss_import_name(&min_stat, &name_buf,
(gss_OID) GSS_C_NT_HOSTBASED_SERVICE, &server_name); (gss_OID) GSS_C_NT_HOSTBASED_SERVICE, &server_name);
if (maj_stat != GSS_S_COMPLETE) { if (maj_stat != GSS_S_COMPLETE) {
SSH_LOG(SSH_LOG_WARNING, "importing name %d, %d", maj_stat, min_stat); SSH_LOG(SSH_LOG_DEBUG, "importing name %d, %d", maj_stat, min_stat);
ssh_gssapi_log_error(SSH_LOG_WARNING, ssh_gssapi_log_error(SSH_LOG_DEBUG,
"importing name", "importing name",
maj_stat, maj_stat,
min_stat); min_stat);
@@ -297,7 +297,7 @@ ssh_gssapi_handle_userauth(ssh_session session, const char *user,
return SSH_ERROR; return SSH_ERROR;
} }
SSH_LOG(SSH_LOG_PROTOCOL, "acquiring credentials %d, %d", maj_stat, min_stat); SSH_LOG(SSH_LOG_DEBUG, "acquiring credentials %d, %d", maj_stat, min_stat);
/* finding which OID from client we selected */ /* finding which OID from client we selected */
for (i=0 ; i< n_oid ; ++i){ for (i=0 ; i< n_oid ; ++i){
@@ -339,7 +339,7 @@ static char *ssh_gssapi_name_to_char(gss_name_t name)
OM_uint32 maj_stat, min_stat; OM_uint32 maj_stat, min_stat;
char *ptr; char *ptr;
maj_stat = gss_display_name(&min_stat, name, &buffer, NULL); maj_stat = gss_display_name(&min_stat, name, &buffer, NULL);
ssh_gssapi_log_error(SSH_LOG_WARNING, ssh_gssapi_log_error(SSH_LOG_DEBUG,
"converting name", "converting name",
maj_stat, maj_stat,
min_stat); min_stat);
@@ -414,7 +414,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_token_server){
maj_stat = gss_accept_sec_context(&min_stat, &session->gssapi->ctx, session->gssapi->server_creds, maj_stat = gss_accept_sec_context(&min_stat, &session->gssapi->ctx, session->gssapi->server_creds,
&input_token, input_bindings, &client_name, NULL /*mech_oid*/, &output_token, &ret_flags, &input_token, input_bindings, &client_name, NULL /*mech_oid*/, &output_token, &ret_flags,
NULL /*time*/, &session->gssapi->client_creds); NULL /*time*/, &session->gssapi->client_creds);
ssh_gssapi_log_error(SSH_LOG_PROTOCOL, ssh_gssapi_log_error(SSH_LOG_DEBUG,
"accepting token", "accepting token",
maj_stat, maj_stat,
min_stat); min_stat);
@@ -424,7 +424,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_token_server){
session->gssapi->canonic_user = ssh_gssapi_name_to_char(client_name); session->gssapi->canonic_user = ssh_gssapi_name_to_char(client_name);
} }
if (GSS_ERROR(maj_stat)){ if (GSS_ERROR(maj_stat)){
ssh_gssapi_log_error(SSH_LOG_WARNING, ssh_gssapi_log_error(SSH_LOG_DEBUG,
"Gssapi error", "Gssapi error",
maj_stat, maj_stat,
min_stat); min_stat);
@@ -531,7 +531,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_mic)
mic_token_buf.value = ssh_string_data(mic_token); mic_token_buf.value = ssh_string_data(mic_token);
maj_stat = gss_verify_mic(&min_stat, session->gssapi->ctx, &mic_buf, &mic_token_buf, NULL); maj_stat = gss_verify_mic(&min_stat, session->gssapi->ctx, &mic_buf, &mic_token_buf, NULL);
ssh_gssapi_log_error(SSH_LOG_PROTOCOL, ssh_gssapi_log_error(SSH_LOG_DEBUG,
"verifying MIC", "verifying MIC",
maj_stat, maj_stat,
min_stat); min_stat);
@@ -750,8 +750,8 @@ int ssh_gssapi_auth_mic(ssh_session session)
(gss_OID)GSS_C_NT_HOSTBASED_SERVICE, (gss_OID)GSS_C_NT_HOSTBASED_SERVICE,
&session->gssapi->client.server_name); &session->gssapi->client.server_name);
if (maj_stat != GSS_S_COMPLETE) { if (maj_stat != GSS_S_COMPLETE) {
SSH_LOG(SSH_LOG_WARNING, "importing name %d, %d", maj_stat, min_stat); SSH_LOG(SSH_LOG_DEBUG, "importing name %d, %d", maj_stat, min_stat);
ssh_gssapi_log_error(SSH_LOG_WARNING, ssh_gssapi_log_error(SSH_LOG_DEBUG,
"importing name", "importing name",
maj_stat, maj_stat,
min_stat); min_stat);
@@ -765,7 +765,7 @@ int ssh_gssapi_auth_mic(ssh_session session)
return SSH_AUTH_ERROR; return SSH_AUTH_ERROR;
} }
SSH_LOG(SSH_LOG_PROTOCOL, "Authenticating with gssapi to host %s with user %s", SSH_LOG(SSH_LOG_DEBUG, "Authenticating with gssapi to host %s with user %s",
session->opts.host, session->gssapi->user); session->opts.host, session->gssapi->user);
rc = ssh_gssapi_match(session, &selected); rc = ssh_gssapi_match(session, &selected);
if (rc == SSH_ERROR) { if (rc == SSH_ERROR) {
@@ -773,7 +773,7 @@ int ssh_gssapi_auth_mic(ssh_session session)
} }
n_oids = selected->count; n_oids = selected->count;
SSH_LOG(SSH_LOG_PROTOCOL, "Sending %zu oids", n_oids); SSH_LOG(SSH_LOG_DEBUG, "Sending %zu oids", n_oids);
oids = calloc(n_oids, sizeof(ssh_string)); oids = calloc(n_oids, sizeof(ssh_string));
if (oids == NULL) { if (oids == NULL) {
@@ -886,7 +886,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_response){
0, NULL, &input_token, NULL, 0, NULL, &input_token, NULL,
&output_token, NULL, NULL); &output_token, NULL, NULL);
if(GSS_ERROR(maj_stat)){ if(GSS_ERROR(maj_stat)){
ssh_gssapi_log_error(SSH_LOG_WARNING, ssh_gssapi_log_error(SSH_LOG_DEBUG,
"Initializing gssapi context", "Initializing gssapi context",
maj_stat, maj_stat,
min_stat); min_stat);
@@ -935,7 +935,7 @@ static int ssh_gssapi_send_mic(ssh_session session)
&mic_buf, &mic_token_buf); &mic_buf, &mic_token_buf);
if (GSS_ERROR(maj_stat)){ if (GSS_ERROR(maj_stat)){
SSH_BUFFER_FREE(mic_buffer); SSH_BUFFER_FREE(mic_buffer);
ssh_gssapi_log_error(SSH_LOG_PROTOCOL, ssh_gssapi_log_error(SSH_LOG_DEBUG,
"generating MIC", "generating MIC",
maj_stat, maj_stat,
min_stat); min_stat);
@@ -992,13 +992,13 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_token_client){
0, NULL, &input_token, NULL, 0, NULL, &input_token, NULL,
&output_token, NULL, NULL); &output_token, NULL, NULL);
ssh_gssapi_log_error(SSH_LOG_PROTOCOL, ssh_gssapi_log_error(SSH_LOG_DEBUG,
"accepting token", "accepting token",
maj_stat, maj_stat,
min_stat); min_stat);
SSH_STRING_FREE(token); SSH_STRING_FREE(token);
if (GSS_ERROR(maj_stat)){ if (GSS_ERROR(maj_stat)){
ssh_gssapi_log_error(SSH_LOG_PROTOCOL, ssh_gssapi_log_error(SSH_LOG_DEBUG,
"Gssapi error", "Gssapi error",
maj_stat, maj_stat,
min_stat); min_stat);

4
src/kex.c
View File

@@ -356,7 +356,7 @@ SSH_PACKET_CALLBACK(ssh_packet_kexinit)
(void)user; (void)user;
if (session->session_state == SSH_SESSION_STATE_AUTHENTICATED) { if (session->session_state == SSH_SESSION_STATE_AUTHENTICATED) {
SSH_LOG(SSH_LOG_INFO, "Initiating key re-exchange"); SSH_LOG(SSH_LOG_DEBUG, "Initiating key re-exchange");
} else if (session->session_state != SSH_SESSION_STATE_INITIAL_KEX) { } else if (session->session_state != SSH_SESSION_STATE_INITIAL_KEX) {
ssh_set_error(session,SSH_FATAL,"SSH_KEXINIT received in wrong state"); ssh_set_error(session,SSH_FATAL,"SSH_KEXINIT received in wrong state");
goto error; goto error;
@@ -824,7 +824,7 @@ int ssh_kex_select_methods (ssh_session session)
} else if (strcmp(session->next_crypto->kex_methods[SSH_KEX], "curve25519-sha256") == 0){ } else if (strcmp(session->next_crypto->kex_methods[SSH_KEX], "curve25519-sha256") == 0){
session->next_crypto->kex_type=SSH_KEX_CURVE25519_SHA256; session->next_crypto->kex_type=SSH_KEX_CURVE25519_SHA256;
} }
SSH_LOG(SSH_LOG_INFO, "Negotiated %s,%s,%s,%s,%s,%s,%s,%s,%s,%s", SSH_LOG(SSH_LOG_DEBUG, "Negotiated %s,%s,%s,%s,%s,%s,%s,%s,%s,%s",
session->next_crypto->kex_methods[SSH_KEX], session->next_crypto->kex_methods[SSH_KEX],
session->next_crypto->kex_methods[SSH_HOSTKEYS], session->next_crypto->kex_methods[SSH_HOSTKEYS],
session->next_crypto->kex_methods[SSH_CRYPT_C_S], session->next_crypto->kex_methods[SSH_CRYPT_C_S],

10
src/libcrypto.c
View File

@@ -109,7 +109,7 @@ ENGINE *pki_get_engine(void)
ERR_error_string(ERR_get_error(), NULL)); ERR_error_string(ERR_get_error(), NULL));
return NULL; return NULL;
} }
SSH_LOG(SSH_LOG_INFO, "Engine loaded successfully"); SSH_LOG(SSH_LOG_DEBUG, "Engine loaded successfully");
ok = ENGINE_init(engine); ok = ENGINE_init(engine);
if (!ok) { if (!ok) {
@@ -120,7 +120,7 @@ ENGINE *pki_get_engine(void)
return NULL; return NULL;
} }
SSH_LOG(SSH_LOG_INFO, "Engine init success"); SSH_LOG(SSH_LOG_DEBUG, "Engine init success");
} }
return engine; return engine;
} }
@@ -532,7 +532,7 @@ static void evp_cipher_encrypt(struct ssh_cipher_struct *cipher,
return; return;
} }
if (outlen != (int)len){ if (outlen != (int)len){
SSH_LOG(SSH_LOG_WARNING, SSH_LOG(SSH_LOG_DEBUG,
"EVP_EncryptUpdate: output size %d for %zu in", "EVP_EncryptUpdate: output size %d for %zu in",
outlen, outlen,
len); len);
@@ -558,7 +558,7 @@ static void evp_cipher_decrypt(struct ssh_cipher_struct *cipher,
return; return;
} }
if (outlen != (int)len){ if (outlen != (int)len){
SSH_LOG(SSH_LOG_WARNING, SSH_LOG(SSH_LOG_DEBUG,
"EVP_DecryptUpdate: output size %d for %zu in", "EVP_DecryptUpdate: output size %d for %zu in",
outlen, outlen,
len); len);
@@ -1377,7 +1377,7 @@ int ssh_crypto_init(void)
return SSH_OK; return SSH_OK;
} }
if (OpenSSL_version_num() != OPENSSL_VERSION_NUMBER){ if (OpenSSL_version_num() != OPENSSL_VERSION_NUMBER){
SSH_LOG(SSH_LOG_WARNING, "libssh compiled with %s " SSH_LOG(SSH_LOG_DEBUG, "libssh compiled with %s "
"headers, currently running with %s.", "headers, currently running with %s.",
OPENSSL_VERSION_TEXT, OPENSSL_VERSION_TEXT,
OpenSSL_version(OpenSSL_version_num()) OpenSSL_version(OpenSSL_version_num())

2
src/libgcrypt.c
View File

@@ -433,7 +433,7 @@ aes_gcm_decrypt(struct ssh_cipher_struct *cipher,
(unsigned char *)complete_packet + aadlen + encrypted_size, (unsigned char *)complete_packet + aadlen + encrypted_size,
authlen); authlen);
if (gpg_err_code(err) == GPG_ERR_CHECKSUM) { if (gpg_err_code(err) == GPG_ERR_CHECKSUM) {
SSH_LOG(SSH_LOG_WARNING, "The authentication tag does not match"); SSH_LOG(SSH_LOG_DEBUG, "The authentication tag does not match");
return SSH_ERROR; return SSH_ERROR;
} else if (err != GPG_ERR_NO_ERROR) { } else if (err != GPG_ERR_NO_ERROR) {
SSH_LOG(SSH_LOG_TRACE, "General error while decryption: %s", SSH_LOG(SSH_LOG_TRACE, "General error while decryption: %s",

8
src/libmbedcrypto.c
View File

@@ -429,7 +429,7 @@ static void cipher_encrypt(struct ssh_cipher_struct *cipher,
} }
if (total_len != len) { if (total_len != len) {
SSH_LOG(SSH_LOG_WARNING, "mbedtls_cipher_update: output size %zu for %zu", SSH_LOG(SSH_LOG_DEBUG, "mbedtls_cipher_update: output size %zu for %zu",
outlen, len); outlen, len);
return; return;
} }
@@ -448,7 +448,7 @@ static void cipher_encrypt_cbc(struct ssh_cipher_struct *cipher, void *in, void
} }
if (outlen != len) { if (outlen != len) {
SSH_LOG(SSH_LOG_WARNING, "mbedtls_cipher_update: output size %zu for %zu", SSH_LOG(SSH_LOG_DEBUG, "mbedtls_cipher_update: output size %zu for %zu",
outlen, len); outlen, len);
return; return;
} }
@@ -487,7 +487,7 @@ static void cipher_decrypt(struct ssh_cipher_struct *cipher,
total_len += outlen; total_len += outlen;
if (total_len != len) { if (total_len != len) {
SSH_LOG(SSH_LOG_WARNING, "mbedtls_cipher_update: output size %zu for %zu", SSH_LOG(SSH_LOG_DEBUG, "mbedtls_cipher_update: output size %zu for %zu",
outlen, len); outlen, len);
return; return;
} }
@@ -532,7 +532,7 @@ static void cipher_decrypt_cbc(struct ssh_cipher_struct *cipher, void *in, void
} }
if (outlen != len) { if (outlen != len) {
SSH_LOG(SSH_LOG_WARNING, "mbedtls_cipher_update: output size %zu for %zu", SSH_LOG(SSH_LOG_DEBUG, "mbedtls_cipher_update: output size %zu for %zu",
outlen, len); outlen, len);
return; return;
} }

16
src/messages.c
View File

@@ -1055,7 +1055,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_info_response){
} }
if (session->kbdint == NULL) { if (session->kbdint == NULL) {
SSH_LOG(SSH_LOG_PROTOCOL, "Warning: Got a keyboard-interactive " SSH_LOG(SSH_LOG_DEBUG, "Warning: Got a keyboard-interactive "
"response but it seems we didn't send the request."); "response but it seems we didn't send the request.");
session->kbdint = ssh_kbdint_new(); session->kbdint = ssh_kbdint_new();
@@ -1089,7 +1089,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_info_response){
if(nanswers != session->kbdint->nprompts) { if(nanswers != session->kbdint->nprompts) {
/* warn but let the application handle this case */ /* warn but let the application handle this case */
SSH_LOG(SSH_LOG_PROTOCOL, "Warning: Number of prompts and answers" SSH_LOG(SSH_LOG_DEBUG, "Warning: Number of prompts and answers"
" mismatch: p=%u a=%u", session->kbdint->nprompts, nanswers); " mismatch: p=%u a=%u", session->kbdint->nprompts, nanswers);
} }
session->kbdint->nanswers = nanswers; session->kbdint->nanswers = nanswers;
@@ -1504,7 +1504,7 @@ SSH_PACKET_CALLBACK(ssh_packet_global_request){
(void)type; (void)type;
(void)packet; (void)packet;
SSH_LOG(SSH_LOG_PROTOCOL,"Received SSH_MSG_GLOBAL_REQUEST packet"); SSH_LOG(SSH_LOG_DEBUG,"Received SSH_MSG_GLOBAL_REQUEST packet");
r = ssh_buffer_unpack(packet, "sb", r = ssh_buffer_unpack(packet, "sb",
&request, &request,
&want_reply); &want_reply);
@@ -1536,12 +1536,12 @@ SSH_PACKET_CALLBACK(ssh_packet_global_request){
msg->global_request.type = SSH_GLOBAL_REQUEST_TCPIP_FORWARD; msg->global_request.type = SSH_GLOBAL_REQUEST_TCPIP_FORWARD;
msg->global_request.want_reply = want_reply; msg->global_request.want_reply = want_reply;
SSH_LOG(SSH_LOG_PROTOCOL, "Received SSH_MSG_GLOBAL_REQUEST %s %d %s:%d", request, want_reply, SSH_LOG(SSH_LOG_DEBUG, "Received SSH_MSG_GLOBAL_REQUEST %s %d %s:%d", request, want_reply,
msg->global_request.bind_address, msg->global_request.bind_address,
msg->global_request.bind_port); msg->global_request.bind_port);
if(ssh_callbacks_exists(session->common.callbacks, global_request_function)) { if(ssh_callbacks_exists(session->common.callbacks, global_request_function)) {
SSH_LOG(SSH_LOG_PROTOCOL, "Calling callback for SSH_MSG_GLOBAL_REQUEST %s %d %s:%d", request, SSH_LOG(SSH_LOG_DEBUG, "Calling callback for SSH_MSG_GLOBAL_REQUEST %s %d %s:%d", request,
want_reply, msg->global_request.bind_address, want_reply, msg->global_request.bind_address,
msg->global_request.bind_port); msg->global_request.bind_port);
session->common.callbacks->global_request_function(session, msg, session->common.callbacks->userdata); session->common.callbacks->global_request_function(session, msg, session->common.callbacks->userdata);
@@ -1566,7 +1566,7 @@ SSH_PACKET_CALLBACK(ssh_packet_global_request){
msg->global_request.type = SSH_GLOBAL_REQUEST_CANCEL_TCPIP_FORWARD; msg->global_request.type = SSH_GLOBAL_REQUEST_CANCEL_TCPIP_FORWARD;
msg->global_request.want_reply = want_reply; msg->global_request.want_reply = want_reply;
SSH_LOG(SSH_LOG_PROTOCOL, "Received SSH_MSG_GLOBAL_REQUEST %s %d %s:%d", request, want_reply, SSH_LOG(SSH_LOG_DEBUG, "Received SSH_MSG_GLOBAL_REQUEST %s %d %s:%d", request, want_reply,
msg->global_request.bind_address, msg->global_request.bind_address,
msg->global_request.bind_port); msg->global_request.bind_port);
@@ -1580,14 +1580,14 @@ SSH_PACKET_CALLBACK(ssh_packet_global_request){
} else if(strcmp(request, "keepalive@openssh.com") == 0) { } else if(strcmp(request, "keepalive@openssh.com") == 0) {
msg->global_request.type = SSH_GLOBAL_REQUEST_KEEPALIVE; msg->global_request.type = SSH_GLOBAL_REQUEST_KEEPALIVE;
msg->global_request.want_reply = want_reply; msg->global_request.want_reply = want_reply;
SSH_LOG(SSH_LOG_PROTOCOL, "Received keepalive@openssh.com %d", want_reply); SSH_LOG(SSH_LOG_DEBUG, "Received keepalive@openssh.com %d", want_reply);
if(ssh_callbacks_exists(session->common.callbacks, global_request_function)) { if(ssh_callbacks_exists(session->common.callbacks, global_request_function)) {
session->common.callbacks->global_request_function(session, msg, session->common.callbacks->userdata); session->common.callbacks->global_request_function(session, msg, session->common.callbacks->userdata);
} else { } else {
ssh_message_global_request_reply_success(msg, 0); ssh_message_global_request_reply_success(msg, 0);
} }
} else { } else {
SSH_LOG(SSH_LOG_PROTOCOL, "UNKNOWN SSH_MSG_GLOBAL_REQUEST %s, " SSH_LOG(SSH_LOG_DEBUG, "UNKNOWN SSH_MSG_GLOBAL_REQUEST %s, "
"want_reply = %d", request, want_reply); "want_reply = %d", request, want_reply);
goto reply_with_failure; goto reply_with_failure;
} }

8
src/misc.c
View File

@@ -634,7 +634,7 @@ void ssh_log_hexdump(const char *descr, const unsigned char *what, size_t len)
return; return;
error: error:
SSH_LOG(SSH_LOG_WARN, "Could not print to buffer"); SSH_LOG(SSH_LOG_DEBUG, "Could not print to buffer");
return; return;
} }
@@ -1330,7 +1330,7 @@ int ssh_analyze_banner(ssh_session session, int server)
return -1; return -1;
} }
SSH_LOG(SSH_LOG_PROTOCOL, "Analyzing banner: %s", banner); SSH_LOG(SSH_LOG_DEBUG, "Analyzing banner: %s", banner);
switch (banner[4]) { switch (banner[4]) {
case '2': case '2':
@@ -1384,7 +1384,7 @@ int ssh_analyze_banner(ssh_session session, int server)
session->openssh = SSH_VERSION_INT(((int) major), ((int) minor), 0); session->openssh = SSH_VERSION_INT(((int) major), ((int) minor), 0);
SSH_LOG(SSH_LOG_PROTOCOL, SSH_LOG(SSH_LOG_DEBUG,
"We are talking to an OpenSSH %s version: %lu.%lu (%x)", "We are talking to an OpenSSH %s version: %lu.%lu (%x)",
server ? "client" : "server", server ? "client" : "server",
major, minor, session->openssh); major, minor, session->openssh);
@@ -1488,7 +1488,7 @@ int ssh_timeout_elapsed(struct ssh_timestamp *ts, int timeout)
* -2 means user-defined timeout as available in * -2 means user-defined timeout as available in
* session->timeout, session->timeout_usec. * session->timeout, session->timeout_usec.
*/ */
SSH_LOG(SSH_LOG_WARN, "ssh_timeout_elapsed called with -2. this needs to " SSH_LOG(SSH_LOG_DEBUG, "ssh_timeout_elapsed called with -2. this needs to "
"be fixed. please set a breakpoint on misc.c:%d and " "be fixed. please set a breakpoint on misc.c:%d and "
"fix the caller\n", __LINE__); "fix the caller\n", __LINE__);
return 0; return 0;

4
src/packet.c
View File

@@ -1867,7 +1867,7 @@ ssh_init_rekey_state(struct ssh_session_struct *session,
session->opts.rekey_data / cipher->blocksize); session->opts.rekey_data / cipher->blocksize);
} }
SSH_LOG(SSH_LOG_PROTOCOL, SSH_LOG(SSH_LOG_DEBUG,
"Set rekey after %" PRIu64 " blocks", "Set rekey after %" PRIu64 " blocks",
cipher->max_blocks); cipher->max_blocks);
} }
@@ -1969,7 +1969,7 @@ ssh_packet_set_newkeys(ssh_session session,
ssh_init_rekey_state(session, in_cipher); ssh_init_rekey_state(session, in_cipher);
if (session->opts.rekey_time != 0) { if (session->opts.rekey_time != 0) {
ssh_timestamp_init(&session->last_rekey_time); ssh_timestamp_init(&session->last_rekey_time);
SSH_LOG(SSH_LOG_PROTOCOL, "Set rekey after %" PRIu32 " seconds", SSH_LOG(SSH_LOG_DEBUG, "Set rekey after %" PRIu32 " seconds",
session->opts.rekey_time/1000); session->opts.rekey_time/1000);
} }

6
src/packet_cb.c
View File

@@ -87,7 +87,7 @@ SSH_PACKET_CALLBACK(ssh_packet_ignore_callback){
(void)user; (void)user;
(void)type; (void)type;
(void)packet; (void)packet;
SSH_LOG(SSH_LOG_PROTOCOL,"Received %s packet",type==SSH2_MSG_IGNORE ? "SSH_MSG_IGNORE" : "SSH_MSG_DEBUG"); SSH_LOG(SSH_LOG_DEBUG,"Received %s packet",type==SSH2_MSG_IGNORE ? "SSH_MSG_IGNORE" : "SSH_MSG_DEBUG");
/* TODO: handle a graceful disconnect */ /* TODO: handle a graceful disconnect */
return SSH_PACKET_USED; return SSH_PACKET_USED;
} }
@@ -99,7 +99,7 @@ SSH_PACKET_CALLBACK(ssh_packet_newkeys){
(void)packet; (void)packet;
(void)user; (void)user;
(void)type; (void)type;
SSH_LOG(SSH_LOG_PROTOCOL, "Received SSH_MSG_NEWKEYS"); SSH_LOG(SSH_LOG_DEBUG, "Received SSH_MSG_NEWKEYS");
if (session->session_state != SSH_SESSION_STATE_DH || if (session->session_state != SSH_SESSION_STATE_DH ||
session->dh_handshake_state != DH_STATE_NEWKEYS_SENT) { session->dh_handshake_state != DH_STATE_NEWKEYS_SENT) {
@@ -158,7 +158,7 @@ SSH_PACKET_CALLBACK(ssh_packet_newkeys){
if (rc == SSH_ERROR) { if (rc == SSH_ERROR) {
goto error; goto error;
} }
SSH_LOG(SSH_LOG_PROTOCOL,"Signature verified and valid"); SSH_LOG(SSH_LOG_DEBUG,"Signature verified and valid");
/* When receiving this packet, we switch on the incomming crypto. */ /* When receiving this packet, we switch on the incomming crypto. */
rc = ssh_packet_set_newkeys(session, SSH_DIRECTION_IN); rc = ssh_packet_set_newkeys(session, SSH_DIRECTION_IN);

4
src/pki.c
View File

@@ -697,7 +697,7 @@ int ssh_key_cmp(const ssh_key k1,
} }
if (k1->type != k2->type) { if (k1->type != k2->type) {
SSH_LOG(SSH_LOG_WARN, "key types don't match!"); SSH_LOG(SSH_LOG_DEBUG, "key types don't match!");
return 1; return 1;
} }
@@ -830,7 +830,7 @@ int ssh_pki_import_privkey_base64(const char *b64_key,
return SSH_ERROR; return SSH_ERROR;
} }
SSH_LOG(SSH_LOG_INFO, SSH_LOG(SSH_LOG_DEBUG,
"Trying to decode privkey passphrase=%s", "Trying to decode privkey passphrase=%s",
passphrase ? "true" : "false"); passphrase ? "true" : "false");

6
src/pki_container_openssh.c
View File

@@ -298,7 +298,7 @@ ssh_pki_openssh_import(const char *text_key,
SSH_LOG(SSH_LOG_TRACE, "Not an OpenSSH private key (bad magic)"); SSH_LOG(SSH_LOG_TRACE, "Not an OpenSSH private key (bad magic)");
goto out; goto out;
} }
SSH_LOG(SSH_LOG_INFO, SSH_LOG(SSH_LOG_DEBUG,
"Opening OpenSSH private key: ciphername: %s, kdf: %s, nkeys: %d", "Opening OpenSSH private key: ciphername: %s, kdf: %s, nkeys: %d",
ciphername, ciphername,
kdfname, kdfname,
@@ -478,7 +478,7 @@ static int pki_private_key_encrypt(ssh_buffer privkey_buffer,
return SSH_ERROR; return SSH_ERROR;
} }
SSH_LOG(SSH_LOG_WARN, "Encryption: %d key, %d IV, %d rounds, %zu bytes salt", SSH_LOG(SSH_LOG_DEBUG, "Encryption: %d key, %d IV, %d rounds, %zu bytes salt",
cipher.keysize/8, cipher.keysize/8,
cipher.blocksize, rounds, ssh_string_len(salt)); cipher.blocksize, rounds, ssh_string_len(salt));
@@ -559,7 +559,7 @@ ssh_string ssh_pki_openssh_privkey_export(const ssh_key privkey,
return NULL; return NULL;
} }
if (passphrase != NULL || auth_fn != NULL){ if (passphrase != NULL || auth_fn != NULL){
SSH_LOG(SSH_LOG_INFO, "Enabling encryption for private key export"); SSH_LOG(SSH_LOG_DEBUG, "Enabling encryption for private key export");
to_encrypt = 1; to_encrypt = 1;
} }
buffer = ssh_buffer_new(); buffer = ssh_buffer_new();

8
src/scp.c
View File

@@ -146,7 +146,7 @@ int ssh_scp_init(ssh_scp scp)
return SSH_ERROR; return SSH_ERROR;
} }
SSH_LOG(SSH_LOG_PROTOCOL, "Initializing scp session %s %son location '%s'", SSH_LOG(SSH_LOG_DEBUG, "Initializing scp session %s %son location '%s'",
scp->mode == SSH_SCP_WRITE?"write":"read", scp->mode == SSH_SCP_WRITE?"write":"read",
scp->recursive ? "recursive " : "", scp->recursive ? "recursive " : "",
scp->location); scp->location);
@@ -376,7 +376,7 @@ int ssh_scp_push_directory(ssh_scp scp, const char *dirname, int mode)
goto error; goto error;
} }
SSH_LOG(SSH_LOG_PROTOCOL, SSH_LOG(SSH_LOG_DEBUG,
"SCP pushing directory %s with permissions '%s'", "SCP pushing directory %s with permissions '%s'",
vis_encoded, perms); vis_encoded, perms);
@@ -517,7 +517,7 @@ int ssh_scp_push_file64(ssh_scp scp, const char *filename, uint64_t size,
goto error; goto error;
} }
SSH_LOG(SSH_LOG_PROTOCOL, SSH_LOG(SSH_LOG_DEBUG,
"SCP pushing file %s, size %" PRIu64 " with permissions '%s'", "SCP pushing file %s, size %" PRIu64 " with permissions '%s'",
vis_encoded, size, perms); vis_encoded, size, perms);
@@ -825,7 +825,7 @@ int ssh_scp_pull_request(ssh_scp scp)
*p = '\0'; *p = '\0';
} }
SSH_LOG(SSH_LOG_PROTOCOL, "Received SCP request: '%s'", buffer); SSH_LOG(SSH_LOG_DEBUG, "Received SCP request: '%s'", buffer);
switch(buffer[0]) { switch(buffer[0]) {
case 'C': case 'C':
/* File */ /* File */

11
src/server.c
View File

@@ -348,7 +348,7 @@ static void ssh_server_connection_callback(ssh_session session){
goto error; goto error;
} }
set_status(session, 0.4f); set_status(session, 0.4f);
SSH_LOG(SSH_LOG_PROTOCOL, SSH_LOG(SSH_LOG_DEBUG,
"SSH client banner: %s", session->clientbanner); "SSH client banner: %s", session->clientbanner);
/* Here we analyze the different protocols the server allows. */ /* Here we analyze the different protocols the server allows. */
@@ -928,9 +928,8 @@ int ssh_message_auth_interactive_request(ssh_message msg, const char *name,
/* fill in the kbdint structure */ /* fill in the kbdint structure */
if (msg->session->kbdint == NULL) { if (msg->session->kbdint == NULL) {
SSH_LOG(SSH_LOG_PROTOCOL, "Warning: Got a " SSH_LOG(SSH_LOG_DEBUG, "Warning: Got a keyboard-interactive response "
"keyboard-interactive response but it " "but it seems we didn't send the request.");
"seems we didn't send the request.");
msg->session->kbdint = ssh_kbdint_new(); msg->session->kbdint = ssh_kbdint_new();
if (msg->session->kbdint == NULL) { if (msg->session->kbdint == NULL) {
@@ -1025,13 +1024,13 @@ int ssh_auth_reply_success(ssh_session session, int partial)
crypto = ssh_packet_get_current_crypto(session, SSH_DIRECTION_OUT); crypto = ssh_packet_get_current_crypto(session, SSH_DIRECTION_OUT);
if (crypto != NULL && crypto->delayed_compress_out) { if (crypto != NULL && crypto->delayed_compress_out) {
SSH_LOG(SSH_LOG_PROTOCOL, "Enabling delayed compression OUT"); SSH_LOG(SSH_LOG_DEBUG, "Enabling delayed compression OUT");
crypto->do_compress_out = 1; crypto->do_compress_out = 1;
} }
crypto = ssh_packet_get_current_crypto(session, SSH_DIRECTION_IN); crypto = ssh_packet_get_current_crypto(session, SSH_DIRECTION_IN);
if (crypto != NULL && crypto->delayed_compress_in) { if (crypto != NULL && crypto->delayed_compress_in) {
SSH_LOG(SSH_LOG_PROTOCOL, "Enabling delayed compression IN"); SSH_LOG(SSH_LOG_DEBUG, "Enabling delayed compression IN");
crypto->do_compress_in = 1; crypto->do_compress_in = 1;
} }
return r; return r;

14
src/sftp.c
View File

@@ -317,7 +317,7 @@ int sftp_server_init(sftp_session sftp){
} }
SSH_BUFFER_FREE(reply); SSH_BUFFER_FREE(reply);
SSH_LOG(SSH_LOG_PROTOCOL, "Server version sent"); SSH_LOG(SSH_LOG_DEBUG, "Server version sent");
if (version > LIBSFTP_VERSION) { if (version > LIBSFTP_VERSION) {
sftp->version = LIBSFTP_VERSION; sftp->version = LIBSFTP_VERSION;
@@ -701,7 +701,7 @@ int sftp_init(sftp_session sftp) {
sftp_set_error(sftp, SSH_FX_FAILURE); sftp_set_error(sftp, SSH_FX_FAILURE);
return -1; return -1;
} }
SSH_LOG(SSH_LOG_PROTOCOL, SSH_LOG(SSH_LOG_DEBUG,
"SFTP server version %d", "SFTP server version %d",
version); version);
rc = ssh_buffer_unpack(packet->payload, "s", &ext_name); rc = ssh_buffer_unpack(packet->payload, "s", &ext_name);
@@ -714,7 +714,7 @@ int sftp_init(sftp_session sftp) {
break; break;
} }
SSH_LOG(SSH_LOG_PROTOCOL, SSH_LOG(SSH_LOG_DEBUG,
"SFTP server extension: %s, version: %s", "SFTP server extension: %s, version: %s",
ext_name, ext_data); ext_name, ext_data);
@@ -1347,7 +1347,7 @@ static sftp_attributes sftp_parse_attr_3(sftp_session sftp, ssh_buffer buf,
if (rc != SSH_OK){ if (rc != SSH_OK){
goto error; goto error;
} }
SSH_LOG(SSH_LOG_PROTOCOL, "Name: %s", attr->name); SSH_LOG(SSH_LOG_DEBUG, "Name: %s", attr->name);
/* Set owner and group if we talk to openssh and have the longname */ /* Set owner and group if we talk to openssh and have the longname */
if (ssh_get_openssh_version(sftp->session)) { if (ssh_get_openssh_version(sftp->session)) {
@@ -1367,7 +1367,7 @@ static sftp_attributes sftp_parse_attr_3(sftp_session sftp, ssh_buffer buf,
if (rc != SSH_OK){ if (rc != SSH_OK){
goto error; goto error;
} }
SSH_LOG(SSH_LOG_PROTOCOL, SSH_LOG(SSH_LOG_DEBUG,
"Flags: %.8"PRIx32"\n", (uint32_t) attr->flags); "Flags: %.8"PRIx32"\n", (uint32_t) attr->flags);
if (attr->flags & SSH_FILEXFER_ATTR_SIZE) { if (attr->flags & SSH_FILEXFER_ATTR_SIZE) {
@@ -1375,7 +1375,7 @@ static sftp_attributes sftp_parse_attr_3(sftp_session sftp, ssh_buffer buf,
if(rc != SSH_OK) { if(rc != SSH_OK) {
goto error; goto error;
} }
SSH_LOG(SSH_LOG_PROTOCOL, SSH_LOG(SSH_LOG_DEBUG,
"Size: %"PRIu64"\n", "Size: %"PRIu64"\n",
(uint64_t) attr->size); (uint64_t) attr->size);
} }
@@ -1638,7 +1638,7 @@ sftp_attributes sftp_readdir(sftp_session sftp, sftp_dir dir)
return NULL; return NULL;
} }
SSH_LOG(SSH_LOG_PROTOCOL, "Count is %d", dir->count); SSH_LOG(SSH_LOG_DEBUG, "Count is %d", dir->count);
attr = sftp_parse_attr(sftp, dir->buffer, 1); attr = sftp_parse_attr(sftp, dir->buffer, 1);
if (attr == NULL) { if (attr == NULL) {

6
src/socket.c
View File

@@ -868,7 +868,7 @@ int ssh_socket_connect(ssh_socket s,
return SSH_ERROR; return SSH_ERROR;
} }
fd = ssh_connect_host_nonblocking(s->session, host, bind_addr, port); fd = ssh_connect_host_nonblocking(s->session, host, bind_addr, port);
SSH_LOG(SSH_LOG_PROTOCOL, "Nonblocking connection socket: %d", fd); SSH_LOG(SSH_LOG_DEBUG, "Nonblocking connection socket: %d", fd);
if (fd == SSH_INVALID_SOCKET) { if (fd == SSH_INVALID_SOCKET) {
return SSH_ERROR; return SSH_ERROR;
} }
@@ -955,7 +955,7 @@ ssh_socket_connect_proxycommand(ssh_socket s, const char *command)
return SSH_ERROR; return SSH_ERROR;
} }
SSH_LOG(SSH_LOG_PROTOCOL, "Executing proxycommand '%s'", command); SSH_LOG(SSH_LOG_DEBUG, "Executing proxycommand '%s'", command);
pid = fork(); pid = fork();
if (pid == 0) { if (pid == 0) {
ssh_execute_command(command, pair[0], pair[0]); ssh_execute_command(command, pair[0], pair[0]);
@@ -963,7 +963,7 @@ ssh_socket_connect_proxycommand(ssh_socket s, const char *command)
} }
s->proxy_pid = pid; s->proxy_pid = pid;
close(pair[0]); close(pair[0]);
SSH_LOG(SSH_LOG_PROTOCOL, "ProxyCommand connection pipe: [%d,%d]",pair[0],pair[1]); SSH_LOG(SSH_LOG_DEBUG, "ProxyCommand connection pipe: [%d,%d]",pair[0],pair[1]);
ssh_socket_set_fd(s, pair[1]); ssh_socket_set_fd(s, pair[1]);
s->state=SSH_SOCKET_CONNECTED; s->state=SSH_SOCKET_CONNECTED;
s->fd_is_socket=0; s->fd_is_socket=0;