Enable ssh_config to set LogPath option (-E)

readconf.c

@@ -156,7 +156,7 @@ typedef enum {
 	oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts,
 	oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression,
 	oTCPKeepAlive, oNumberOfPasswordPrompts,
-	oLogFacility, oLogLevel, oLogVerbose, oCiphers, oMacs,
+	oLogFacility, oLogLevel, oLogPath, oLogVerbose, oCiphers, oMacs,
 	oPubkeyAuthentication,
 	oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias,
 	oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication,
@@ -271,6 +271,7 @@ static struct {
 	{ "numberofpasswordprompts", oNumberOfPasswordPrompts },
 	{ "syslogfacility", oLogFacility },
 	{ "loglevel", oLogLevel },
+	{ "logpath", oLogPath },
 	{ "logverbose", oLogVerbose },
 	{ "dynamicforward", oDynamicForward },
 	{ "preferredauthentications", oPreferredAuthentications },
@@ -1629,6 +1630,10 @@ process_config_line_depth(Options *options, struct passwd *pw, const char *host,
 		}
 		break;
 
+	case oLogPath:
+		charptr = &options->log_path;
+		goto parse_string;
+
 	case oLocalForward:
 	case oRemoteForward:
 	case oDynamicForward:
@@ -2585,6 +2590,7 @@ initialize_options(Options * options)
 	options->num_permitted_remote_opens = 0;
 	options->log_facility = SYSLOG_FACILITY_NOT_SET;
 	options->log_level = SYSLOG_LEVEL_NOT_SET;
+	options->log_path = NULL;
 	options->num_log_verbose = 0;
 	options->log_verbose = NULL;
 	options->preferred_authentications = NULL;
@@ -2962,6 +2968,7 @@ free_options(Options *o)
 	free(o->forward_agent_sock_path);
 	free(o->xauth_location);
 	FREE_ARRAY(u_int, o->num_log_verbose, o->log_verbose);
+	free(o->log_path);
 	free(o->log_verbose);
 	free(o->ciphers);
 	free(o->macs);
@@ -3584,6 +3591,7 @@ dump_client_config(Options *o, const char *host)
 	dump_cfg_string(oLocalCommand, o->local_command);
 	dump_cfg_string(oRemoteCommand, o->remote_command);
 	dump_cfg_string(oLogLevel, log_level_name(o->log_level));
+	dump_cfg_string(oLogPath, o->log_path);
 	dump_cfg_string(oMacs, o->macs);
 #ifdef ENABLE_PKCS11
 	dump_cfg_string(oPKCS11Provider, o->pkcs11_provider);

readconf.h

@@ -54,6 +54,7 @@ typedef struct {
 	int	ip_qos_bulk;		/* IP ToS/DSCP/class for bulk traffic */
 	SyslogFacility log_facility;	/* Facility for system logging. */
 	LogLevel log_level;	/* Level for logging. */
+	char   *log_path;	/* Path for debug logs. */
 	u_int	num_log_verbose;	/* Verbose log overrides */
 	char   **log_verbose;
 	int     port;		/* Port to connect. */

ssh.c

@@ -670,7 +670,7 @@ main(int ac, char **av)
 	struct ssh *ssh = NULL;
 	int i, r, opt, exit_status, use_syslog, direct, timeout_ms;
 	int was_addr, config_test = 0, opt_terminated = 0, want_final_pass = 0;
-	char *p, *cp, *line, *argv0, *logfile;
+	char *p, *cp, *line, *argv0;
 	char cname[NI_MAXHOST], thishost[NI_MAXHOST];
 	struct stat st;
 	struct passwd *pw;
@@ -741,7 +741,6 @@ main(int ac, char **av)
 	/* Parse command-line arguments. */
 	host = NULL;
 	use_syslog = 0;
-	logfile = NULL;
 	argv0 = av[0];
 
  again:
@@ -777,7 +776,8 @@ main(int ac, char **av)
 			use_syslog = 1;
 			break;
 		case 'E':
-			logfile = optarg;
+			free(options.control_path);
+			options.log_path = xstrdup(optarg);
 			break;
 		case 'G':
 			config_test = 1;
@@ -1186,14 +1186,22 @@ main(int ac, char **av)
 
 	ssh_signal(SIGPIPE, SIG_IGN); /* ignore SIGPIPE early */
 
+	/* Parse the configuration files */
+	process_config_files(options.host_arg, pw, 0, &want_final_pass);
+
 	/*
 	 * Initialize "log" output.  Since we are the client all output
 	 * goes to stderr unless otherwise specified by -y or -E.
 	 */
-	if (use_syslog && logfile != NULL)
+	if (use_syslog && options.log_path != NULL)
 		fatal("Can't specify both -y and -E");
-	if (logfile != NULL)
-		log_redirect_stderr_to(logfile);
+	if (options.log_path != NULL) {
+		p = tilde_expand_filename(options.log_path, getuid());
+		options.log_path = p;
+		logit("Debug logging to file: %s", options.log_path);
+		log_redirect_stderr_to(options.log_path);
+		free(p);
+	}
 	log_init(argv0,
 	    options.log_level == SYSLOG_LEVEL_NOT_SET ?
 	    SYSLOG_LEVEL_INFO : options.log_level,
@@ -1204,8 +1212,6 @@ main(int ac, char **av)
 	if (debug_flag)
 		logit("%s, %s", SSH_RELEASE, SSH_OPENSSL_VERSION);
 
-	/* Parse the configuration files */
-	process_config_files(options.host_arg, pw, 0, &want_final_pass);
 	if (want_final_pass)
 		debug("configuration requests final Match pass");
 

ssh_config.5

@@ -1393,6 +1393,14 @@ function, and all code in the
 .Pa packet.c
 file.
 This option is intended for debugging and no overrides are enabled by default.
+.It Cm LogPath
+Specify the path to the log file where debug logging should be appended.
+Arguments to
+.Cm LogPath
+may use the tilde syntax to refer to a user's home directory and
+environment variables as described in the
+.Sx ENVIRONMENT VARIABLES
+section.
 .It Cm MACs
 Specifies the MAC (message authentication code) algorithms
 in order of preference.