Date: Thu, 20 Jul 2023 21:58:08 GMT From: Gleb Smirnoff <glebius@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: 90f10db8a996 - main - sshd: remove unneeded initialization of libwrap logging severities Message-ID: <202307202158.36KLw8ba052181@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by glebius: URL: https://cgit.FreeBSD.org/src/commit/?id=90f10db8a99659d1baea7b2609d9256c331f61ae commit 90f10db8a99659d1baea7b2609d9256c331f61ae Author: Gleb Smirnoff <glebius@FreeBSD.org> AuthorDate: 2023-07-20 21:56:20 +0000 Commit: Gleb Smirnoff <glebius@FreeBSD.org> CommitDate: 2023-07-20 21:56:20 +0000 sshd: remove unneeded initialization of libwrap logging severities This part of ca573c9a177 proved to be unnecessary. As the removed comment says, we set them merely for logging syntax errors, as we log refusals ourselves. However, inside the libwrap the parser logs any syntax errors with tcpd_warn() which has hardcoded LOG_WARNING inside. Reviewed by: philip, emaste Differential revision: https://reviews.freebsd.org/D40068 --- crypto/openssh/sshd.c | 12 +----------- 1 file changed, 1 insertion(+), 11 deletions(-) diff --git a/crypto/openssh/sshd.c b/crypto/openssh/sshd.c index 620a7efe7797..ce8db54a2b72 100644 --- a/crypto/openssh/sshd.c +++ b/crypto/openssh/sshd.c @@ -142,8 +142,6 @@ #ifdef LIBWRAP #include <tcpd.h> #include <syslog.h> -extern int allow_severity; -extern int deny_severity; #endif /* LIBWRAP */ /* Re-exec fds */ @@ -1303,7 +1301,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) * exactly. sshguard, and supposedly lots * of custom made scripts rely on it. */ - syslog(deny_severity, + syslog(LOG_WARNING, "refused connect from %s (%s)", eval_client(&req), eval_hostaddr(req.client)); @@ -2112,14 +2110,6 @@ main(int ac, char **av) /* Reinitialize the log (because of the fork above). */ log_init(__progname, options.log_level, options.log_facility, log_stderr); -#ifdef LIBWRAP - /* - * We log refusals ourselves. However, libwrap will report - * syntax errors in hosts.allow via syslog(3). - */ - allow_severity = options.log_facility|LOG_INFO; - deny_severity = options.log_facility|LOG_WARNING; -#endif /* Avoid killing the process in high-pressure swapping environments. */ if (!inetd_flag && madvise(NULL, 0, MADV_PROTECT) != 0) debug("madvise(): %.200s", strerror(errno));
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202307202158.36KLw8ba052181>