Index: openssh-9.9p1/sshd.c =================================================================== --- openssh-9.9p1.orig/sshd.c +++ openssh-9.9p1/sshd.c @@ -1768,6 +1768,9 @@ main(int ac, char **av) /* Accept a connection and return in a forked child */ server_accept_loop(&sock_in, &sock_out, &newsock, config_s, log_stderr); + + set_log_session_id(); // Set log session ID for this session + } /* This is the child processing a new connection. */ @@ -1818,3 +1821,4 @@ cleanup_exit(int i) { _exit(i); } + Index: openssh-9.9p1/log.c =================================================================== --- openssh-9.9p1.orig/log.c +++ openssh-9.9p1/log.c @@ -414,25 +414,52 @@ do_log(LogLevel level, int force, const tmp_handler(level, force, fmtbuf, log_handler_ctx); log_handler = tmp_handler; } else if (log_on_stderr) { - snprintf(msgbuf, sizeof msgbuf, "%s%s%.*s\r\n", + snprintf(msgbuf, sizeof msgbuf, "%s%s%.*s session=%s\r\n", (log_on_stderr > 1) ? progname : "", (log_on_stderr > 1) ? ": " : "", - (int)sizeof msgbuf - 3, fmtbuf); + (int)sizeof msgbuf - 3, fmtbuf, get_log_session_id()); (void)write(log_stderr_fd, msgbuf, strlen(msgbuf)); } else { #if defined(HAVE_OPENLOG_R) && defined(SYSLOG_DATA_INIT) openlog_r(progname, LOG_PID, log_facility, &sdata); - syslog_r(pri, &sdata, "%.500s", fmtbuf); + syslog_r(pri, &sdata, "%.500s session=%s", fmtbuf, get_log_session_id()); closelog_r(&sdata); #else openlog(progname, LOG_PID, log_facility); - syslog(pri, "%.500s", fmtbuf); + syslog(pri, "%.500s session=%s", fmtbuf, get_log_session_id()); closelog(); #endif } errno = saved_errno; } +void +set_log_session_id() +{ + struct timeval tv; + char hostname[HOST_NAME_MAX + 1]; + char session_id[HOST_NAME_MAX + 20]; + char *s; + if (gethostname(hostname, sizeof(hostname)) != 0) { + *hostname = '\0'; + } + gettimeofday(&tv, NULL); + snprintf(session_id, sizeof(session_id), "%s:%x.%x", + hostname, tv.tv_sec, tv.tv_usec); + setenv("LOG_SESSION_ID", session_id, 1); +} + +const char * +get_log_session_id() +{ + const char *id = getenv("LOG_SESSION_ID"); + if (!id) { + set_log_session_id(); + id = getenv("LOG_SESSION_ID"); + } + return id; +} + void sshlog(const char *file, const char *func, int line, int showfunc, LogLevel level, const char *suffix, const char *fmt, ...) @@ -519,3 +546,4 @@ sshlogdirect(LogLevel level, int forced, do_log(level, forced, NULL, fmt, args); va_end(args); } + Index: openssh-9.9p1/regress/session-id.sh =================================================================== --- /dev/null +++ openssh-9.9p1/regress/session-id.sh @@ -0,0 +1,23 @@ +tid="session id" + +start_sshd + +${SSH} -F $OBJ/ssh_config somehost true +if [ $? -ne 0 ]; then + fail "ssh connect with failed" +fi + +expected="session=$(hostname)" + +# grab the first session ID which will be stable across session +sessionid=$(grep -m1 $expected $TEST_SSHD_LOGFILE | sed -E 's/.*(session=.*)/\1/') + +line_count=$(grep -c $expected $TEST_SSHD_LOGFILE) +if [ $line_count == "0" ]; then + fail "No session ID lines found" +fi + +stable_id_count=$(grep -c $sessionid $TEST_SSHD_LOGFILE) +if [ $line_count != $stable_id_count ]; then + fail 'Mismatching session ids found' +fi Index: openssh-9.9p1/log.h =================================================================== --- openssh-9.9p1.orig/log.h +++ openssh-9.9p1/log.h @@ -68,6 +68,9 @@ const char * log_level_name(LogLevel); void set_log_handler(log_handler_fn *, void *); void cleanup_exit(int) __attribute__((noreturn)); +void set_log_session_id(); +const char * get_log_session_id(); + void sshlog(const char *, const char *, int, int, LogLevel, const char *, const char *, ...) __attribute__((format(printf, 7, 8))); Index: openssh-9.9p1/session.c =================================================================== --- openssh-9.9p1.orig/session.c +++ openssh-9.9p1/session.c @@ -1242,6 +1242,10 @@ do_setup_env(struct ssh *ssh, Session *s child_set_env(&env, &envsize, "SSH_ORIGINAL_COMMAND", original_command); + /* set LOG_SESSION_ID for child */ + child_set_env(&env, &envsize, "LOG_SESSION_ID", get_log_session_id()); + debug("set LOG_SESION_ID to: %s", get_log_session_id()); + if (debug_flag) { /* dump the environment */ fprintf(stderr, "Environment:\n");