Mercurial Mercurial > upstream > oracle > userland-gate / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/openssh/patches/037-missing_or_misleading_error_messages.patch
changeset 5819 c5f05bd2a9bc
parent 5818 5f0e7a0f17c2
child 5820 cef0da89f9ee
equal deleted inserted replaced
5818:5f0e7a0f17c2 5819:c5f05bd2a9bc 
     1 #
 
       
     2 # Add missing error() upon identity_sign() failure, fix typos in ssherr() calls.
 
       
     3 #
 
       
     4 # After OpenSSH code was refactored recently, DSA_do_sign() and RSA_sign()
 
       
     5 # failures no longer result in error messages printed out. This is particularly
 
       
     6 # inconvenient for FIPS mode, were these calls can fail due to non-compliant
 
       
     7 # crypto algorithm options.
 
       
     8 #
 
       
     9 # Investigating other missing error messages spotted two calls to ssherr()
 
       
    10 # with wrong error codes.
 
       
    11 #
 
       
    12 # Patch has been submitted upstream:
 
       
    13 # https://bugzilla.mindrot.org/show_bug.cgi?id=2507
 
       
    14 #
 
       
    15 # Update: patch has been accepted upstream, will be part of 7.2:
 
       
    16 # https://github.com/openssh/openssh-portable/commit/39736be
 
       
    17 #
 
       
    18 # On uprev to 7.2+ we will drop this patch.
 
       
    19 #
 
       
    20 diff -pur old/ssh-agent.c new/ssh-agent.c
 
       
    21 --- old/ssh-agent.c
 
       
    22 +++ new/ssh-agent.c
 
       
    23 @@ -389,7 +389,7 @@ process_sign_request2(SocketEntry *e)
 
       
    24  	if (flags & SSH_AGENT_OLD_SIGNATURE)
 
       
    25  		compat = SSH_BUG_SIGBLOB;
 
       
    26  	if ((r = sshkey_from_blob(blob, blen, &key)) != 0) {
 
       
    27 -		error("%s: cannot parse key blob: %s", __func__, ssh_err(ok));
 
       
    28 +		error("%s: cannot parse key blob: %s", __func__, ssh_err(r));
 
       
    29  		goto send;
 
       
    30  	}
 
       
    31  	if ((id = lookup_identity(key, 2)) == NULL) {
 
       
    32 @@ -402,7 +402,7 @@ process_sign_request2(SocketEntry *e)
 
       
    33  	}
 
       
    34  	if ((r = sshkey_sign(id->key, &signature, &slen,
 
       
    35  	    data, dlen, compat)) != 0) {
 
       
    36 -		error("%s: sshkey_sign: %s", __func__, ssh_err(ok));
 
       
    37 +		error("%s: sshkey_sign: %s", __func__, ssh_err(r));
 
       
    38  		goto send;
 
       
    39  	}
 
       
    40  	/* Success */
 
       
    41 diff -pur old/sshconnect2.c new/sshconnect2.c
 
       
    42 --- old/sshconnect2.c
 
       
    43 +++ new/sshconnect2.c
 
       
    44 @@ -1167,6 +1167,7 @@ sign_and_send_pubkey(Authctxt *authctxt,
 
       
    45  	ret = identity_sign(id, &signature, &slen,
 
       
    46  	    buffer_ptr(&b), buffer_len(&b), datafellows);
 
       
    47  	if (ret != 0) {
 
       
    48 +		error("%s: signing failed: %s", __func__, ssh_err(ret));
 
       
    49  		free(blob);
 
       
    50  		buffer_free(&b);
 
       
    51  		return 0;
upstream/oracle/userland-gate