diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2024-10-14 03:57:50 +0200 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2024-10-14 05:01:37 +0200 |
| commit | 6072e4c9385713e9c166f32cfca6a7e603d4f0b8 (patch) | |
| tree | ea07b20ea04f48014ec2b958b432e3b6fc0b3b18 /log.c | |
| parent | upstream: don't start the ObscureKeystrokeTiming mitigations if (diff) | |
| download | openssh-6072e4c9385713e9c166f32cfca6a7e603d4f0b8.tar.xz openssh-6072e4c9385713e9c166f32cfca6a7e603d4f0b8.zip | |
upstream: Split per-connection sshd-session binary
This splits the user authentication code from the sshd-session
binary into a separate sshd-auth binary. This will be executed by
sshd-session to complete the user authentication phase of the
protocol only.
Splitting this code into a separate binary ensures that the crucial
pre-authentication attack surface has an entirely disjoint address
space from the code used for the rest of the connection. It also
yields a small runtime memory saving as the authentication code will
be unloaded after thhe authentication phase completes.
Joint work with markus@ feedback deraadt@
Tested in snaps since last week
OpenBSD-Commit-ID: 9c3b2087ae08626ec31b4177b023db600e986d9c
Diffstat (limited to 'log.c')
| -rw-r--r-- | log.c | 4 |
1 files changed, 2 insertions, 2 deletions
@@ -460,9 +460,9 @@ sshlogv(const char *file, const char *func, int line, int showfunc, if (nlog_verbose == 0 && level > log_level) return; - snprintf(tag, sizeof(tag), "%.48s:%.48s():%d (pid=%ld)", + snprintf(tag, sizeof(tag), "%.48s:%.48s():%d (bin=%s, pid=%ld)", (cp = strrchr(file, '/')) == NULL ? file : cp + 1, func, line, - (long)getpid()); + argv0 == NULL ? "UNKNOWN" : argv0, (long)getpid()); for (i = 0; i < nlog_verbose; i++) { if (match_pattern_list(tag, log_verbose[i], 0) == 1) { forced = 1; |