Bugzilla – Attachment 2593 Details for
Bug 2325
excessive and unquietable stderr chatter
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
convert ssh-keygen to logit/error/fatal
keygen_stderr.diff (text/plain), 17.40 KB, created by
Damien Miller
on 2015-04-17 16:28:57 AEST
(
hide
)
Description:
convert ssh-keygen to logit/error/fatal
Filename:
MIME Type:
Creator:
Damien Miller
Created:
2015-04-17 16:28:57 AEST
Size:
17.40 KB
patch
obsolete
>diff --git a/ssh-keygen.c b/ssh-keygen.c >index 577bc5b..921fa32 100644 >--- a/ssh-keygen.c >+++ b/ssh-keygen.c >@@ -178,10 +178,8 @@ type_bits_valid(int type, const char *name, u_int32_t *bitsp) > { > u_int maxbits, nid; > >- if (type == KEY_UNSPEC) { >- fprintf(stderr, "unknown key type %s\n", key_type_name); >- exit(1); >- } >+ if (type == KEY_UNSPEC) >+ fatal("unknown key type %s", key_type_name); > if (*bitsp == 0) { > if (type == KEY_DSA) > *bitsp = DEFAULT_BITS_DSA; >@@ -197,10 +195,8 @@ type_bits_valid(int type, const char *name, u_int32_t *bitsp) > } > maxbits = (type == KEY_DSA) ? > OPENSSL_DSA_MAX_MODULUS_BITS : OPENSSL_RSA_MAX_MODULUS_BITS; >- if (*bitsp > maxbits) { >- fprintf(stderr, "key bits exceeds maximum %d\n", maxbits); >- exit(1); >- } >+ if (*bitsp > maxbits) >+ fatal("key bits exceeds maximum %d", maxbits); > #ifdef WITH_OPENSSL > if (type == KEY_DSA && *bitsp != 1024) > fatal("DSA keys must be 1024 bits"); >@@ -244,13 +240,13 @@ ask_filename(struct passwd *pw, const char *prompt) > name = _PATH_SSH_CLIENT_ID_ED25519; > break; > default: >- fprintf(stderr, "bad key type\n"); >- exit(1); >- break; >+ fatal("bad key type"); > } > } >- snprintf(identity_file, sizeof(identity_file), "%s/%s", pw->pw_dir, name); >- fprintf(stderr, "%s (%s): ", prompt, identity_file); >+ snprintf(identity_file, sizeof(identity_file), >+ "%s/%s", pw->pw_dir, name); >+ printf("%s (%s): ", prompt, identity_file); >+ fflush(stdout); > if (fgets(buf, sizeof(buf), stdin) == NULL) > exit(1); > buf[strcspn(buf, "\n")] = '\0'; >@@ -296,14 +292,10 @@ do_convert_to_ssh2(struct passwd *pw, struct sshkey *k) > char comment[61]; > int r; > >- if (k->type == KEY_RSA1) { >- fprintf(stderr, "version 1 keys are not supported\n"); >- exit(1); >- } >- if ((r = sshkey_to_blob(k, &blob, &len)) != 0) { >- fprintf(stderr, "key_to_blob failed: %s\n", ssh_err(r)); >- exit(1); >- } >+ if (k->type == KEY_RSA1) >+ fatal("version 1 keys are not supported"); >+ if ((r = sshkey_to_blob(k, &blob, &len)) != 0) >+ fatal("key_to_blob failed: %s", ssh_err(r)); > /* Comment + surrounds must fit into 72 chars (RFC 4716 sec 3.3) */ > snprintf(comment, sizeof(comment), > "%u-bit %s, converted by %s@%s from OpenSSH", >@@ -530,17 +522,13 @@ get_line(FILE *fp, char *line, size_t len) > > line[0] = '\0'; > while ((c = fgetc(fp)) != EOF) { >- if (pos >= len - 1) { >- fprintf(stderr, "input line too long.\n"); >- exit(1); >- } >+ if (pos >= len - 1) >+ fatal("input line too long."); > switch (c) { > case '\r': > c = fgetc(fp); >- if (c != EOF && c != '\n' && ungetc(c, fp) == EOF) { >- fprintf(stderr, "unget: %s\n", strerror(errno)); >- exit(1); >- } >+ if (c != EOF && c != '\n' && ungetc(c, fp) == EOF) >+ fatal("unget: %s", strerror(errno)); > return pos; > case '\n': > return pos; >@@ -592,16 +580,12 @@ do_convert_from_ssh2(struct passwd *pw, struct sshkey **k, int *private) > (encoded[len-3] == '=')) > encoded[len-3] = '\0'; > blen = uudecode(encoded, blob, sizeof(blob)); >- if (blen < 0) { >- fprintf(stderr, "uudecode failed.\n"); >- exit(1); >- } >+ if (blen < 0) >+ fatal("uudecode failed."); > if (*private) > *k = do_convert_private_ssh2_from_blob(blob, blen); >- else if ((r = sshkey_from_blob(blob, blen, k)) != 0) { >- fprintf(stderr, "decode blob failed: %s\n", ssh_err(r)); >- exit(1); >- } >+ else if ((r = sshkey_from_blob(blob, blen, k)) != 0) >+ fatal("decode blob failed: %s", ssh_err(r)); > fclose(fp); > } > >@@ -731,10 +715,8 @@ do_convert_from(struct passwd *pw) > } > } > >- if (!ok) { >- fprintf(stderr, "key write failed\n"); >- exit(1); >- } >+ if (!ok) >+ fatal("key write failed"); > sshkey_free(k); > exit(0); > } >@@ -749,13 +731,11 @@ do_print_public(struct passwd *pw) > > if (!have_identity) > ask_filename(pw, "Enter file in which the key is"); >- if (stat(identity_file, &st) < 0) { >- perror(identity_file); >- exit(1); >- } >+ if (stat(identity_file, &st) < 0) >+ fatal("%s: %s", identity_file, strerror(errno)); > prv = load_identity(identity_file); > if ((r = sshkey_write(prv, stdout)) != 0) >- fprintf(stderr, "key_write failed: %s", ssh_err(r)); >+ error("key_write failed: %s", ssh_err(r)); > sshkey_free(prv); > fprintf(stdout, "\n"); > exit(0); >@@ -820,10 +800,8 @@ do_fingerprint(struct passwd *pw) > rep = print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_DEFAULT; > if (!have_identity) > ask_filename(pw, "Enter file in which the key is"); >- if (stat(identity_file, &st) < 0) { >- perror(identity_file); >- exit(1); >- } >+ if (stat(identity_file, &st) < 0) >+ fatal("%s: %s", identity_file, strerror(errno)); > if ((r = sshkey_load_public(identity_file, &public, &comment)) != 0) > debug2("Error loading public key \"%s\": %s", > identity_file, ssh_err(r)); >@@ -915,10 +893,8 @@ do_fingerprint(struct passwd *pw) > } > fclose(f); > >- if (invalid) { >- printf("%s is not a public key file.\n", identity_file); >- exit(1); >- } >+ if (invalid) >+ fatal("%s is not a public key file.", identity_file); > exit(0); > } > >@@ -953,7 +929,7 @@ do_gen_all_hostkeys(struct passwd *pw) > if (stat(key_types[i].path, &st) == 0) > continue; > if (errno != ENOENT) { >- printf("Could not stat %s: %s", key_types[i].path, >+ error("Could not stat %s: %s", key_types[i].path, > strerror(errno)); > first = 0; > continue; >@@ -970,8 +946,7 @@ do_gen_all_hostkeys(struct passwd *pw) > bits = 0; > type_bits_valid(type, NULL, &bits); > if ((r = sshkey_generate(type, bits, &private)) != 0) { >- fprintf(stderr, "key_generate failed: %s\n", >- ssh_err(r)); >+ error("key_generate failed: %s", ssh_err(r)); > first = 0; > continue; > } >@@ -981,8 +956,8 @@ do_gen_all_hostkeys(struct passwd *pw) > hostname); > if ((r = sshkey_save_private(private, identity_file, "", > comment, use_new_format, new_format_cipher, rounds)) != 0) { >- printf("Saving key \"%s\" failed: %s\n", identity_file, >- ssh_err(r)); >+ error("Saving key \"%s\" failed: %s", >+ identity_file, ssh_err(r)); > sshkey_free(private); > sshkey_free(public); > first = 0; >@@ -992,7 +967,7 @@ do_gen_all_hostkeys(struct passwd *pw) > strlcat(identity_file, ".pub", sizeof(identity_file)); > fd = open(identity_file, O_WRONLY | O_CREAT | O_TRUNC, 0644); > if (fd == -1) { >- printf("Could not save your public key in %s\n", >+ error("Could not save your public key in %s", > identity_file); > sshkey_free(public); > first = 0; >@@ -1000,14 +975,14 @@ do_gen_all_hostkeys(struct passwd *pw) > } > f = fdopen(fd, "w"); > if (f == NULL) { >- printf("fdopen %s failed\n", identity_file); >+ error("fdopen %s failed", identity_file); > close(fd); > sshkey_free(public); > first = 0; > continue; > } > if ((r = sshkey_write(public, f)) != 0) { >- fprintf(stderr, "write key failed: %s\n", ssh_err(r)); >+ error("write key failed: %s", ssh_err(r)); > fclose(f); > sshkey_free(public); > first = 0; >@@ -1048,8 +1023,8 @@ known_hosts_hash(struct hostkey_foreach_line *l, void *_ctx) > has_wild || l->marker != MRK_NONE) { > fprintf(ctx->out, "%s\n", l->line); > if (has_wild && !find_host) { >- fprintf(stderr, "%s:%ld: ignoring host name " >- "with wildcard: %.64s\n", l->path, >+ logit("%s:%ld: ignoring host name " >+ "with wildcard: %.64s", l->path, > l->linenum, l->hosts); > } > return 0; >@@ -1070,7 +1045,7 @@ known_hosts_hash(struct hostkey_foreach_line *l, void *_ctx) > case HKF_STATUS_INVALID: > /* Retain invalid lines, but mark file as invalid. */ > ctx->invalid = 1; >- fprintf(stderr, "%s:%ld: invalid line\n", l->path, l->linenum); >+ logit("%s:%ld: invalid line", l->path, l->linenum); > /* FALLTHROUGH */ > default: > fprintf(ctx->out, "%s\n", l->line); >@@ -1120,8 +1095,7 @@ known_hosts_find_delete(struct hostkey_foreach_line *l, void *_ctx) > /* Retain non-matching hosts when deleting */ > if (l->status == HKF_STATUS_INVALID) { > ctx->invalid = 1; >- fprintf(stderr, "%s:%ld: invalid line\n", >- l->path, l->linenum); >+ logit("%s:%ld: invalid line", l->path, l->linenum); > } > fprintf(ctx->out, "%s\n", l->line); > } >@@ -1179,17 +1153,15 @@ do_known_hosts(struct passwd *pw, const char *name) > fclose(ctx.out); > > if (ctx.invalid) { >- fprintf(stderr, "%s is not a valid known_hosts file.\n", >- identity_file); >+ error("%s is not a valid known_hosts file.", identity_file); > if (inplace) { >- fprintf(stderr, "Not replacing existing known_hosts " >- "file because of errors\n"); >+ error("Not replacing existing known_hosts " >+ "file because of errors"); > unlink(tmp); > } > exit(1); > } else if (delete_host && !ctx.found_key) { >- fprintf(stderr, "Host %s not found in %s\n", >- name, identity_file); >+ logit("Host %s not found in %s", name, identity_file); > unlink(tmp); > } else if (inplace) { > /* Backup existing file */ >@@ -1207,13 +1179,12 @@ do_known_hosts(struct passwd *pw, const char *name) > exit(1); > } > >- fprintf(stderr, "%s updated.\n", identity_file); >- fprintf(stderr, "Original contents retained as %s\n", old); >+ printf("%s updated.\n", identity_file); >+ printf("Original contents retained as %s\n", old); > if (ctx.has_unhashed) { >- fprintf(stderr, "WARNING: %s contains unhashed " >- "entries\n", old); >- fprintf(stderr, "Delete this file to ensure privacy " >- "of hostnames\n"); >+ logit("WARNING: %s contains unhashed entries", old); >+ logit("Delete this file to ensure privacy " >+ "of hostnames"); > } > } > >@@ -1235,10 +1206,8 @@ do_change_passphrase(struct passwd *pw) > > if (!have_identity) > ask_filename(pw, "Enter file in which the key is"); >- if (stat(identity_file, &st) < 0) { >- perror(identity_file); >- exit(1); >- } >+ if (stat(identity_file, &st) < 0) >+ fatal("%s: %s", identity_file, strerror(errno)); > /* Try to load the file with empty passphrase. */ > r = sshkey_load_private(identity_file, "", &private, &comment); > if (r == SSH_ERR_KEY_WRONG_PASSPHRASE) { >@@ -1256,9 +1225,7 @@ do_change_passphrase(struct passwd *pw) > goto badkey; > } else if (r != 0) { > badkey: >- fprintf(stderr, "Failed to load key \"%s\": %s\n", >- identity_file, ssh_err(r)); >- exit(1); >+ fatal("Failed to load key %s: %s", identity_file, ssh_err(r)); > } > if (comment) > printf("Key has comment '%s'\n", comment); >@@ -1291,7 +1258,7 @@ do_change_passphrase(struct passwd *pw) > /* Save the file using the new passphrase. */ > if ((r = sshkey_save_private(private, identity_file, passphrase1, > comment, use_new_format, new_format_cipher, rounds)) != 0) { >- printf("Saving key \"%s\" failed: %s.\n", >+ error("Saving key \"%s\" failed: %s.", > identity_file, ssh_err(r)); > explicit_bzero(passphrase1, strlen(passphrase1)); > free(passphrase1); >@@ -1325,14 +1292,11 @@ do_print_resource_record(struct passwd *pw, char *fname, char *hname) > if (stat(fname, &st) < 0) { > if (errno == ENOENT) > return 0; >- perror(fname); >- exit(1); >+ fatal("%s: %s", fname, strerror(errno)); > } >- if ((r = sshkey_load_public(fname, &public, &comment)) != 0) { >- printf("Failed to read v2 public key from \"%s\": %s.\n", >+ if ((r = sshkey_load_public(fname, &public, &comment)) != 0) >+ fatal("Failed to read v2 public key from \"%s\": %s.", > fname, ssh_err(r)); >- exit(1); >- } > export_dns_rr(hname, public, stdout, print_generic); > sshkey_free(public); > free(comment); >@@ -1354,18 +1318,15 @@ do_change_comment(struct passwd *pw) > > if (!have_identity) > ask_filename(pw, "Enter file in which the key is"); >- if (stat(identity_file, &st) < 0) { >- perror(identity_file); >- exit(1); >- } >+ if (stat(identity_file, &st) < 0) >+ fatal("%s: %s", identity_file, strerror(errno)); > if ((r = sshkey_load_private(identity_file, "", > &private, &comment)) == 0) > passphrase = xstrdup(""); >- else if (r != SSH_ERR_KEY_WRONG_PASSPHRASE) { >- printf("Cannot load private key \"%s\": %s.\n", >+ else if (r != SSH_ERR_KEY_WRONG_PASSPHRASE) >+ fatal("Cannot load private key \"%s\": %s.", > identity_file, ssh_err(r)); >- exit(1); >- } else { >+ else { > if (identity_passphrase) > passphrase = xstrdup(identity_passphrase); > else if (identity_new_passphrase) >@@ -1378,13 +1339,13 @@ do_change_comment(struct passwd *pw) > &private, &comment)) != 0) { > explicit_bzero(passphrase, strlen(passphrase)); > free(passphrase); >- printf("Cannot load private key \"%s\": %s.\n", >+ fatal("Cannot load private key \"%s\": %s.", > identity_file, ssh_err(r)); >- exit(1); > } > } >+ /* XXX what about new-format keys? */ > if (private->type != KEY_RSA1) { >- fprintf(stderr, "Comments are only supported for RSA1 keys.\n"); >+ error("Comments are only supported for RSA1 keys."); > explicit_bzero(passphrase, strlen(passphrase)); > sshkey_free(private); > exit(1); >@@ -1407,7 +1368,7 @@ do_change_comment(struct passwd *pw) > /* Save the file using the new passphrase. */ > if ((r = sshkey_save_private(private, identity_file, passphrase, > new_comment, use_new_format, new_format_cipher, rounds)) != 0) { >- printf("Saving key \"%s\" failed: %s\n", >+ error("Saving key \"%s\" failed: %s", > identity_file, ssh_err(r)); > explicit_bzero(passphrase, strlen(passphrase)); > free(passphrase); >@@ -1423,17 +1384,13 @@ do_change_comment(struct passwd *pw) > > strlcat(identity_file, ".pub", sizeof(identity_file)); > fd = open(identity_file, O_WRONLY | O_CREAT | O_TRUNC, 0644); >- if (fd == -1) { >- printf("Could not save your public key in %s\n", identity_file); >- exit(1); >- } >+ if (fd == -1) >+ fatal("Could not save your public key in %s", identity_file); > f = fdopen(fd, "w"); >- if (f == NULL) { >- printf("fdopen %s failed\n", identity_file); >- exit(1); >- } >+ if (f == NULL) >+ fatal("fdopen %s failed: %s", identity_file, strerror(errno)); > if ((r = sshkey_write(public, f)) != 0) >- fprintf(stderr, "write key failed: %s\n", ssh_err(r)); >+ fatal("write key failed: %s", ssh_err(r)); > sshkey_free(public); > fprintf(f, " %s\n", new_comment); > fclose(f); >@@ -1593,8 +1550,7 @@ do_ca_sign(struct passwd *pw, int argc, char **argv) > break; > /* FALLTHROUGH */ > default: >- fprintf(stderr, "unknown key type %s\n", key_type_name); >- exit(1); >+ fatal("unknown key type %s", key_type_name); > } > } > >@@ -2248,14 +2204,10 @@ main(int argc, char **argv) > > /* we need this for the home * directory. */ > pw = getpwuid(getuid()); >- if (!pw) { >- printf("No user exists for uid %lu\n", (u_long)getuid()); >- exit(1); >- } >- if (gethostname(hostname, sizeof(hostname)) < 0) { >- perror("gethostname"); >- exit(1); >- } >+ if (!pw) >+ fatal("No user exists for uid %lu", (u_long)getuid()); >+ if (gethostname(hostname, sizeof(hostname)) < 0) >+ fatal("gethostname: %s", strerror(errno)); > > /* Remaining characters: UYdw */ > while ((opt = getopt(argc, argv, "ABHLQXceghiklopquvxy" >@@ -2470,19 +2422,19 @@ main(int argc, char **argv) > > if (ca_key_path != NULL) { > if (argc < 1 && !gen_krl) { >- printf("Too few arguments.\n"); >+ error("Too few arguments."); > usage(); > } > } else if (argc > 0 && !gen_krl && !check_krl) { >- printf("Too many arguments.\n"); >+ error("Too many arguments."); > usage(); > } > if (change_passphrase && change_comment) { >- printf("Can only have one of -p and -c.\n"); >+ error("Can only have one of -p and -c."); > usage(); > } > if (print_fingerprint && (delete_host || hash_hosts)) { >- printf("Cannot use -l with -H or -R.\n"); >+ error("Cannot use -l with -H or -R."); > usage(); > } > #ifdef WITH_OPENSSL >@@ -2526,10 +2478,8 @@ main(int argc, char **argv) > if (have_identity) { > n = do_print_resource_record(pw, > identity_file, rr_hostname); >- if (n == 0) { >- perror(identity_file); >- exit(1); >- } >+ if (n == 0) >+ fatal("%s: %s", identity_file, strerror(errno)); > exit(0); > } else { > >@@ -2601,14 +2551,10 @@ main(int argc, char **argv) > if (!quiet) > printf("Generating public/private %s key pair.\n", > key_type_name); >- if ((r = sshkey_generate(type, bits, &private)) != 0) { >- fprintf(stderr, "key_generate failed\n"); >- exit(1); >- } >- if ((r = sshkey_from_private(private, &public)) != 0) { >- fprintf(stderr, "key_from_private failed: %s\n", ssh_err(r)); >- exit(1); >- } >+ if ((r = sshkey_generate(type, bits, &private)) != 0) >+ fatal("key_generate failed"); >+ if ((r = sshkey_from_private(private, &public)) != 0) >+ fatal("key_from_private failed: %s\n", ssh_err(r)); > > if (!have_identity) > ask_filename(pw, "Enter file in which to save the key"); >@@ -2678,7 +2624,7 @@ passphrase_again: > /* Save the key with the given passphrase and comment. */ > if ((r = sshkey_save_private(private, identity_file, passphrase1, > comment, use_new_format, new_format_cipher, rounds)) != 0) { >- printf("Saving key \"%s\" failed: %s\n", >+ error("Saving key \"%s\" failed: %s", > identity_file, ssh_err(r)); > explicit_bzero(passphrase1, strlen(passphrase1)); > free(passphrase1); >@@ -2695,18 +2641,13 @@ passphrase_again: > printf("Your identification has been saved in %s.\n", identity_file); > > strlcat(identity_file, ".pub", sizeof(identity_file)); >- fd = open(identity_file, O_WRONLY | O_CREAT | O_TRUNC, 0644); >- if (fd == -1) { >- printf("Could not save your public key in %s\n", identity_file); >- exit(1); >- } >- f = fdopen(fd, "w"); >- if (f == NULL) { >- printf("fdopen %s failed\n", identity_file); >- exit(1); >- } >+ if ((fd = open(identity_file, O_WRONLY|O_CREAT|O_TRUNC, 0644)) == -1) >+ fatal("Unable to save public key to %s: %s", >+ identity_file, strerror(errno)); >+ if ((f = fdopen(fd, "w")) == NULL) >+ fatal("fdopen %s failed: %s", identity_file, strerror(errno)); > if ((r = sshkey_write(public, f)) != 0) >- fprintf(stderr, "write key failed: %s\n", ssh_err(r)); >+ error("write key failed: %s", ssh_err(r)); > fprintf(f, " %s\n", comment); > fclose(f); >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=2593">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Flags:
dtucker
:
ok+
Actions:
View
|
Diff
Attachments on
bug 2325
: 2593