when redirecting sshd's log output to a file, undo this redirection

after the session child process is forked(); ok dtucker@

2 files changed, 13 insertions, 2 deletions

diff --git a/usr.bin/ssh/log.c b/usr.bin/ssh/log.c
index 8456bd76d88..5f5757fb16e 100644
--- a/usr.bin/ssh/log.c
+++ b/usr.bin/ssh/log.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: log.c,v 1.51 2018/07/27 12:03:17 markus Exp $ */
+/* $OpenBSD: log.c,v 1.52 2020/07/03 06:46:41 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -336,6 +336,14 @@ log_redirect_stderr_to(const char *logfile)
 {
 	int fd;
 
+	if (logfile == NULL) {
+		if (log_stderr_fd != STDERR_FILENO) {
+			close(log_stderr_fd);
+			log_stderr_fd = STDERR_FILENO;
+		}
+		return;
+	}
+
 	if ((fd = open(logfile, O_WRONLY|O_CREAT|O_APPEND, 0600)) == -1) {
 		fprintf(stderr, "Couldn't open logfile %s: %s\n", logfile,
 		     strerror(errno));
diff --git a/usr.bin/ssh/session.c b/usr.bin/ssh/session.c
index c19974e6e10..a29333e0935 100644
--- a/usr.bin/ssh/session.c
+++ b/usr.bin/ssh/session.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: session.c,v 1.320 2020/06/26 04:45:11 dtucker Exp $ */
+/* $OpenBSD: session.c,v 1.321 2020/07/03 06:46:41 djm Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -1209,6 +1209,9 @@ child_close_fds(struct ssh *ssh)
 	 */
 	endpwent();
 
+	/* Stop directing logs to a high-numbered fd before we close it */
+	log_redirect_stderr_to(NULL);
+
 	/*
 	 * Close any extra open file descriptors so that we don't have them
 	 * hanging around in clients.  Note that we want to do this after