20010115

[openssh.git] / sshd.c

diff --git a/sshd.c b/sshd.c
index dade6564eec06c9272ff0f68ff5864902efcdb7d..298a1b6bdd58955415451935bfed80da954941a9 100644 (file)
--- a/sshd.c
+++ b/sshd.c
@@ -40,7 +40,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.144 2000/12/28 12:03:58 markus Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.147 2001/01/10 19:43:20 deraadt Exp $");
 
 #include "xmalloc.h"
 #include "rsa.h"
@@ -266,8 +266,8 @@ grace_alarm_handler(int sig)
  * do anything with the private key or random state before forking.
  * Thus there should be no concurrency control/asynchronous execution
  * problems.
+ * XXX calling log() is not safe from races.
  */
-/* XXX do we really want this work to be done in a signal handler ? -m */
 void
 generate_empheral_server_key(void)
 {
@@ -279,6 +279,7 @@ generate_empheral_server_key(void)
        arc4random_stir();
        log("RSA key generation complete.");
 }
+
 void
 key_regeneration_alarm(int sig)
 {
@@ -657,7 +658,7 @@ main(int ac, char **av)
                        fprintf(stderr, "  -q         Quiet (no logging)\n");
                        fprintf(stderr, "  -p port    Listen on the specified port (default: 22)\n");
                        fprintf(stderr, "  -k seconds Regenerate server key every this many seconds (default: 3600)\n");
-                       fprintf(stderr, "  -g seconds Grace period for authentication (default: 300)\n");
+                       fprintf(stderr, "  -g seconds Grace period for authentication (default: 600)\n");
                        fprintf(stderr, "  -b bits    Size of server RSA key (default: 768 bits)\n");
                        fprintf(stderr, "  -h file    File from which to read host key (default: %s)\n",
                            HOST_KEY_FILE);
@@ -673,7 +674,7 @@ main(int ac, char **av)
         * key (unless started from inetd)
         */
        log_init(__progname,
-           options.log_level == -1 ? SYSLOG_LEVEL_INFO : options.log_level,
+           options.log_level == -1 ? SYSLOG_LEVEL_NOTICE : options.log_level,
            options.log_facility == -1 ? SYSLOG_FACILITY_AUTH : options.log_facility,
            !silent && !inetd_flag);