Mercurial Mercurial > upstream > oracle > userland-gate / annotate
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/openssh/patches/038-print_libcrypto_errors.patch
author Jan Parcel <jan.parcel@oracle.com>
Mon, 01 Feb 2016 06:53:50 -0800
changeset 5376 4615bc2f4a50
parent 5310 a06a01eef195
permissions -rw-r--r--
22631538 Patch comment incorrect/outdated for patch 039-sshd_config_5_defaults.patch
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
5310
a06a01eef195 22051483 Dynamically enabling FIPS mode in OpenSSH
Tomas Kuthan <tomas.kuthan@oracle.com>
parents:
diff changeset 
     1
 
#
a06a01eef195 22051483 Dynamically enabling FIPS mode in OpenSSH
Tomas Kuthan <tomas.kuthan@oracle.com>
parents:
diff changeset 
     2
 
# Return OpenSSL error messages in ssherr() for SSH_ERR_LIBCRYPTO_ERROR.
a06a01eef195 22051483 Dynamically enabling FIPS mode in OpenSSH
Tomas Kuthan <tomas.kuthan@oracle.com>
parents:
diff changeset 
     3
 
#
a06a01eef195 22051483 Dynamically enabling FIPS mode in OpenSSH
Tomas Kuthan <tomas.kuthan@oracle.com>
parents:
diff changeset 
     4
 
# After code refactoring for library-like interfaces,OpenSSL error string
a06a01eef195 22051483 Dynamically enabling FIPS mode in OpenSSH
Tomas Kuthan <tomas.kuthan@oracle.com>
parents:
diff changeset 
     5
 
# were replaced by generic and vague "error in libcrypto" message.
a06a01eef195 22051483 Dynamically enabling FIPS mode in OpenSSH
Tomas Kuthan <tomas.kuthan@oracle.com>
parents:
diff changeset 
     6
 
#
a06a01eef195 22051483 Dynamically enabling FIPS mode in OpenSSH
Tomas Kuthan <tomas.kuthan@oracle.com>
parents:
diff changeset 
     7
 
# This patch returns OpenSSL error strings for SSH_ERR_LIBCRYPTO_ERROR errors.
a06a01eef195 22051483 Dynamically enabling FIPS mode in OpenSSH
Tomas Kuthan <tomas.kuthan@oracle.com>
parents:
diff changeset 
     8
 
#
a06a01eef195 22051483 Dynamically enabling FIPS mode in OpenSSH
Tomas Kuthan <tomas.kuthan@oracle.com>
parents:
diff changeset 
     9
 
# Patch submitted upstream:
a06a01eef195 22051483 Dynamically enabling FIPS mode in OpenSSH
Tomas Kuthan <tomas.kuthan@oracle.com>
parents:
diff changeset 
    10
 
# https://bugzilla.mindrot.org/show_bug.cgi?id=2508
a06a01eef195 22051483 Dynamically enabling FIPS mode in OpenSSH
Tomas Kuthan <tomas.kuthan@oracle.com>
parents:
diff changeset 
    11
 
#
a06a01eef195 22051483 Dynamically enabling FIPS mode in OpenSSH
Tomas Kuthan <tomas.kuthan@oracle.com>
parents:
diff changeset 
    12
 
diff -pur old/ssherr.c new/ssherr.c
a06a01eef195 22051483 Dynamically enabling FIPS mode in OpenSSH
Tomas Kuthan <tomas.kuthan@oracle.com>
parents:
diff changeset 
    13
 
--- old/ssherr.c
a06a01eef195 22051483 Dynamically enabling FIPS mode in OpenSSH
Tomas Kuthan <tomas.kuthan@oracle.com>
parents:
diff changeset 
    14
 
+++ new/ssherr.c
a06a01eef195 22051483 Dynamically enabling FIPS mode in OpenSSH
Tomas Kuthan <tomas.kuthan@oracle.com>
parents:
diff changeset 
    15
 
@@ -17,11 +17,13 @@
a06a01eef195 22051483 Dynamically enabling FIPS mode in OpenSSH
Tomas Kuthan <tomas.kuthan@oracle.com>
parents:
diff changeset 
    16
a06a01eef195 22051483 Dynamically enabling FIPS mode in OpenSSH
Tomas Kuthan <tomas.kuthan@oracle.com>
parents:
diff changeset 
    17
 
 #include <errno.h>
a06a01eef195 22051483 Dynamically enabling FIPS mode in OpenSSH
Tomas Kuthan <tomas.kuthan@oracle.com>
parents:
diff changeset 
    18
 
 #include <string.h>
a06a01eef195 22051483 Dynamically enabling FIPS mode in OpenSSH
Tomas Kuthan <tomas.kuthan@oracle.com>
parents:
diff changeset 
    19
 
+#include <openssl/err.h>
a06a01eef195 22051483 Dynamically enabling FIPS mode in OpenSSH
Tomas Kuthan <tomas.kuthan@oracle.com>
parents:
diff changeset 
    20
 
 #include "ssherr.h"
a06a01eef195 22051483 Dynamically enabling FIPS mode in OpenSSH
Tomas Kuthan <tomas.kuthan@oracle.com>
parents:
diff changeset 
    21
a06a01eef195 22051483 Dynamically enabling FIPS mode in OpenSSH
Tomas Kuthan <tomas.kuthan@oracle.com>
parents:
diff changeset 
    22
 
 const char *
a06a01eef195 22051483 Dynamically enabling FIPS mode in OpenSSH
Tomas Kuthan <tomas.kuthan@oracle.com>
parents:
diff changeset 
    23
 
 ssh_err(int n)
a06a01eef195 22051483 Dynamically enabling FIPS mode in OpenSSH
Tomas Kuthan <tomas.kuthan@oracle.com>
parents:
diff changeset 
    24
 
 {
a06a01eef195 22051483 Dynamically enabling FIPS mode in OpenSSH
Tomas Kuthan <tomas.kuthan@oracle.com>
parents:
diff changeset 
    25
 
+	static char err_str[256];
a06a01eef195 22051483 Dynamically enabling FIPS mode in OpenSSH
Tomas Kuthan <tomas.kuthan@oracle.com>
parents:
diff changeset 
    26
 
 	switch (n) {
a06a01eef195 22051483 Dynamically enabling FIPS mode in OpenSSH
Tomas Kuthan <tomas.kuthan@oracle.com>
parents:
diff changeset 
    27
 
 	case SSH_ERR_SUCCESS:
a06a01eef195 22051483 Dynamically enabling FIPS mode in OpenSSH
Tomas Kuthan <tomas.kuthan@oracle.com>
parents:
diff changeset 
    28
 
 		return "success";
a06a01eef195 22051483 Dynamically enabling FIPS mode in OpenSSH
Tomas Kuthan <tomas.kuthan@oracle.com>
parents:
diff changeset 
    29
 
@@ -68,7 +70,8 @@ ssh_err(int n)
a06a01eef195 22051483 Dynamically enabling FIPS mode in OpenSSH
Tomas Kuthan <tomas.kuthan@oracle.com>
parents:
diff changeset 
    30
 
 	case SSH_ERR_SIGNATURE_INVALID:
a06a01eef195 22051483 Dynamically enabling FIPS mode in OpenSSH
Tomas Kuthan <tomas.kuthan@oracle.com>
parents:
diff changeset 
    31
 
 		return "incorrect signature";
a06a01eef195 22051483 Dynamically enabling FIPS mode in OpenSSH
Tomas Kuthan <tomas.kuthan@oracle.com>
parents:
diff changeset 
    32
 
 	case SSH_ERR_LIBCRYPTO_ERROR:
a06a01eef195 22051483 Dynamically enabling FIPS mode in OpenSSH
Tomas Kuthan <tomas.kuthan@oracle.com>
parents:
diff changeset 
    33
 
-		return "error in libcrypto";  /* XXX fetch and return */
a06a01eef195 22051483 Dynamically enabling FIPS mode in OpenSSH
Tomas Kuthan <tomas.kuthan@oracle.com>
parents:
diff changeset 
    34
 
+		ERR_error_string_n(ERR_get_error(), err_str, sizeof (err_str));
a06a01eef195 22051483 Dynamically enabling FIPS mode in OpenSSH
Tomas Kuthan <tomas.kuthan@oracle.com>
parents:
diff changeset 
    35
 
+		return err_str;
a06a01eef195 22051483 Dynamically enabling FIPS mode in OpenSSH
Tomas Kuthan <tomas.kuthan@oracle.com>
parents:
diff changeset 
    36
 
 	case SSH_ERR_UNEXPECTED_TRAILING_DATA:
a06a01eef195 22051483 Dynamically enabling FIPS mode in OpenSSH
Tomas Kuthan <tomas.kuthan@oracle.com>
parents:
diff changeset 
    37
 
 		return "unexpected bytes remain after decoding";
a06a01eef195 22051483 Dynamically enabling FIPS mode in OpenSSH
Tomas Kuthan <tomas.kuthan@oracle.com>
parents:
diff changeset 
    38
 
 	case SSH_ERR_SYSTEM_ERROR:
upstream/oracle/userland-gate