Merge pull request #18 from annulen/dbclient_syslog

Support syslog logging in dbclient.

11 files changed, 51 insertions, 19 deletions

diff --git a/cli-kex.c b/cli-kex.c
index 07ee431..077fec9 100644
--- a/cli-kex.c
+++ b/cli-kex.c
@@ -190,7 +190,7 @@ static void ask_to_confirm(unsigned char* keyblob, unsigned int keybloblen,
 
 	fp = sign_key_fingerprint(keyblob, keybloblen);
 	if (cli_opts.always_accept_key) {
-		fprintf(stderr, "\nHost '%s' key accepted unconditionally.\n(%s fingerprint %s)\n",
+		dropbear_log(LOG_INFO, "\nHost '%s' key accepted unconditionally.\n(%s fingerprint %s)\n",
 				cli_opts.remotehost,
 				algoname,
 				fp);
@@ -290,7 +290,7 @@ static void checkhostkey(unsigned char* keyblob, unsigned int keybloblen) {
 	int ret;
 
 	if (cli_opts.no_hostkey_check) {
-		fprintf(stderr, "Caution, skipping hostkey check for %s\n", cli_opts.remotehost);
+		dropbear_log(LOG_INFO, "Caution, skipping hostkey check for %s\n", cli_opts.remotehost);
 		return;
 	}
 
diff --git a/cli-main.c b/cli-main.c
index dfb94fd..9506759 100644
--- a/cli-main.c
+++ b/cli-main.c
@@ -60,6 +60,12 @@ int main(int argc, char ** argv) {
 
 	cli_getopts(argc, argv);
 
+#ifndef DISABLE_SYSLOG
+	if (opts.usingsyslog) {
+		startsyslog("dbclient");
+	}
+#endif
+
 	TRACE(("user='%s' host='%s' port='%s'", cli_opts.username,
 				cli_opts.remotehost, cli_opts.remoteport))
 
@@ -118,13 +124,19 @@ static void cli_dropbear_exit(int exitcode, const char* format, va_list param) {
 	exit(exitcode);
 }
 
-static void cli_dropbear_log(int UNUSED(priority), 
+static void cli_dropbear_log(int priority,
 		const char* format, va_list param) {
 
 	char printbuf[1024];
 
 	vsnprintf(printbuf, sizeof(printbuf), format, param);
 
+#ifndef DISABLE_SYSLOG
+	if (opts.usingsyslog) {
+		syslog(priority, "%s", printbuf);
+	}
+#endif
+
 	fprintf(stderr, "%s: %s\n", cli_opts.progname, printbuf);
 	fflush(stderr);
 }
diff --git a/cli-runopts.c b/cli-runopts.c
index 0522221..3c70332 100644
--- a/cli-runopts.c
+++ b/cli-runopts.c
@@ -173,6 +173,9 @@ void cli_getopts(int argc, char ** argv) {
 	opts.cipher_list = NULL;
 	opts.mac_list = NULL;
 #endif
+#ifndef DISABLE_SYSLOG
+	opts.usingsyslog = 0;
+#endif
 	/* not yet
 	opts.ipv4 = 1;
 	opts.ipv6 = 1;
@@ -488,7 +491,7 @@ static void loadidentityfile(const char* filename, int warnfail) {
 	keytype = DROPBEAR_SIGNKEY_ANY;
 	if ( readhostkey(filename, key, &keytype) != DROPBEAR_SUCCESS ) {
 		if (warnfail) {
-			fprintf(stderr, "Failed loading keyfile '%s'\n", filename);
+			dropbear_log(LOG_WARNING, "Failed loading keyfile '%s'\n", filename);
 		}
 		sign_key_free(key);
 	} else {
@@ -861,6 +864,9 @@ static void add_extendedopt(const char* origstr) {
 #ifdef ENABLE_CLI_ANYTCPFWD
 			"\tExitOnForwardFailure\n"
 #endif
+#ifndef DISABLE_SYSLOG
+			"\tUseSyslog\n"
+#endif
 		);
 		exit(EXIT_SUCCESS);
 	}
@@ -872,5 +878,12 @@ static void add_extendedopt(const char* origstr) {
 	}
 #endif
 
+#ifndef DISABLE_SYSLOG
+	if (match_extendedopt(&optstr, "UseSyslog") == DROPBEAR_SUCCESS) {
+		opts.usingsyslog = parse_flag_value(optstr);
+		return;
+	}
+#endif
+
 	dropbear_exit("Bad configuration option '%s'", origstr);
 }
diff --git a/cli-session.c b/cli-session.c
index 9be958e..a93d192 100644
--- a/cli-session.c
+++ b/cli-session.c
@@ -269,6 +269,11 @@ static void cli_sessionloop() {
 			return;
 
 		case USERAUTH_SUCCESS_RCVD:
+#ifndef DISABLE_SYSLOG
+			if (opts.usingsyslog) {
+				dropbear_log(LOG_INFO, "Authentication succeeded.");
+			}
+#endif
 
 #ifdef DROPBEAR_NONE_CIPHER
 			if (cli_ses.cipher_none_after_auth)
diff --git a/dbclient.1 b/dbclient.1
index cd6b5c7..e521af6 100644
--- a/dbclient.1
+++ b/dbclient.1
@@ -133,12 +133,14 @@ useful for specifying options for which there is no separate command-line flag.
 For full details of the options listed below, and their possible values, see
 ssh_config(5).
 
-For now only following options have been implemented:
-.RS
+For now following options have been implemented:
 .RS
 .TP
-ExitOnForwardFailure
-.RE
+.B ExitOnForwardFailure
+Specifies whether dbclient should terminate the connection if it cannot set up all requested local and remote port forwardings. The argument must be “yes” or “no”.  The default is “no”.
+.TP
+.B UseSyslog
+Send dbclient log messages to syslog in addition to stderr.
 .RE
 .TP
 .B \-s 
diff --git a/dbutil.c b/dbutil.c
index d87835b..7c7c069 100644
--- a/dbutil.c
+++ b/dbutil.c
@@ -84,9 +84,9 @@ int debug_trace = 0;
 #endif
 
 #ifndef DISABLE_SYSLOG
-void startsyslog() {
+void startsyslog(const char *ident) {
 
-	openlog(PROGNAME, LOG_PID, LOG_AUTHPRIV);
+	openlog(ident, LOG_PID, LOG_AUTHPRIV);
 
 }
 #endif /* DISABLE_SYSLOG */
diff --git a/dbutil.h b/dbutil.h
index e1db328..098563d 100644
--- a/dbutil.h
+++ b/dbutil.h
@@ -31,7 +31,7 @@
 #include "queue.h"
 
 #ifndef DISABLE_SYSLOG
-void startsyslog();
+void startsyslog(const char *ident);
 #endif
 
 #ifdef __GNUC__
diff --git a/runopts.h b/runopts.h
index 92c105b..613ccf1 100644
--- a/runopts.h
+++ b/runopts.h
@@ -40,6 +40,7 @@ typedef struct runopts {
 	unsigned int recv_window;
 	time_t keepalive_secs; /* Time between sending keepalives. 0 is off */
 	time_t idle_timeout_secs; /* Exit if no traffic is sent/received in this time */
+	int usingsyslog;
 
 #ifndef DISABLE_ZLIB
 	/* TODO: add a commandline flag. Currently this is on by default if compression
@@ -70,7 +71,6 @@ typedef struct svr_runopts {
 	char * bannerfile;
 
 	int forkbg;
-	int usingsyslog;
 
 	/* ports and addresses are arrays of the portcount 
 	listening ports. strings are malloced. */
diff --git a/svr-main.c b/svr-main.c
index cc59332..af56a7c 100644
--- a/svr-main.c
+++ b/svr-main.c
@@ -145,7 +145,7 @@ void main_noinetd() {
 	if (svr_opts.forkbg) {
 		int closefds = 0;
 #ifndef DEBUG_TRACE
-		if (!svr_opts.usingsyslog) {
+		if (!opts.usingsyslog) {
 			closefds = 1;
 		}
 #endif
@@ -367,8 +367,8 @@ static void commonsetup() {
 
 	struct sigaction sa_chld;
 #ifndef DISABLE_SYSLOG
-	if (svr_opts.usingsyslog) {
-		startsyslog();
+	if (opts.usingsyslog) {
+		startsyslog(PROGNAME);
 	}
 #endif
 
diff --git a/svr-runopts.c b/svr-runopts.c
index 0e70998..8f60059 100644
--- a/svr-runopts.c
+++ b/svr-runopts.c
@@ -158,7 +158,7 @@ void svr_getopts(int argc, char ** argv) {
 	svr_opts.domotd = 1;
 #endif
 #ifndef DISABLE_SYSLOG
-	svr_opts.usingsyslog = 1;
+	opts.usingsyslog = 1;
 #endif
 	opts.recv_window = DEFAULT_RECV_WINDOW;
 	opts.keepalive_secs = DEFAULT_KEEPALIVE;
@@ -189,7 +189,7 @@ void svr_getopts(int argc, char ** argv) {
 					break;
 #ifndef DISABLE_SYSLOG
 				case 'E':
-					svr_opts.usingsyslog = 0;
+					opts.usingsyslog = 0;
 					break;
 #endif
 #ifdef ENABLE_SVR_LOCALTCPFWD
diff --git a/svr-session.c b/svr-session.c
index ea9ca7e..c378562 100644
--- a/svr-session.c
+++ b/svr-session.c
@@ -204,7 +204,7 @@ void svr_dropbear_log(int priority, const char* format, va_list param) {
 	vsnprintf(printbuf, sizeof(printbuf), format, param);
 
 #ifndef DISABLE_SYSLOG
-	if (svr_opts.usingsyslog) {
+	if (opts.usingsyslog) {
 		syslog(priority, "%s", printbuf);
 	}
 #endif
@@ -215,7 +215,7 @@ void svr_dropbear_log(int priority, const char* format, va_list param) {
 	havetrace = debug_trace;
 #endif
 
-	if (!svr_opts.usingsyslog || havetrace)
+	if (!opts.usingsyslog || havetrace)
 	{
 		struct tm * local_tm = NULL;
 		timesec = time(NULL);