Bugzilla – Attachment 3365 Details for
Bug 3129
Add IP address to error kex_exchange_identification error message
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
use sshpkt_fatal() for kex_exchange_identification() errors
bz3129.diff (text/plain), 3.60 KB, created by
Damien Miller
on 2020-03-13 14:07:54 AEDT
(
hide
)
Description:
use sshpkt_fatal() for kex_exchange_identification() errors
Filename:
MIME Type:
Creator:
Damien Miller
Created:
2020-03-13 14:07:54 AEDT
Size:
3.60 KB
patch
obsolete
>diff --git a/kex.c b/kex.c >index 899036e6e..bfdb33e29 100644 >--- a/kex.c >+++ b/kex.c >@@ -1167,7 +1167,7 @@ int > kex_exchange_identification(struct ssh *ssh, int timeout_ms, > const char *version_addendum) > { >- int remote_major, remote_minor, mismatch; >+ int remote_major, remote_minor, mismatch, oerrno = 0; > size_t len, i, n; > int r, expect_nl; > u_char c; >@@ -1186,6 +1186,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, > PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION, > version_addendum == NULL ? "" : " ", > version_addendum == NULL ? "" : version_addendum)) != 0) { >+ oerrno = errno; > error("%s: sshbuf_putf: %s", __func__, ssh_err(r)); > goto out; > } >@@ -1193,11 +1194,13 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, > if (atomicio(vwrite, ssh_packet_get_connection_out(ssh), > sshbuf_mutable_ptr(our_version), > sshbuf_len(our_version)) != sshbuf_len(our_version)) { >- error("%s: write: %.100s", __func__, strerror(errno)); >+ oerrno = errno; >+ debug("%s: write: %.100s", __func__, strerror(errno)); > r = SSH_ERR_SYSTEM_ERROR; > goto out; > } > if ((r = sshbuf_consume_end(our_version, 2)) != 0) { /* trim \r\n */ >+ oerrno = errno; > error("%s: sshbuf_consume_end: %s", __func__, ssh_err(r)); > goto out; > } >@@ -1233,6 +1236,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, > r = SSH_ERR_CONN_TIMEOUT; > goto out; > } else if (r == -1) { >+ oerrno = errno; > error("%s: %s", > __func__, strerror(errno)); > r = SSH_ERR_SYSTEM_ERROR; >@@ -1248,6 +1252,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, > r = SSH_ERR_CONN_CLOSED; > goto out; > } else if (len != 1) { >+ oerrno = errno; > error("%s: read: %.100s", > __func__, strerror(errno)); > r = SSH_ERR_SYSTEM_ERROR; >@@ -1265,6 +1270,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, > goto invalid; > } > if ((r = sshbuf_put_u8(peer_version, c)) != 0) { >+ oerrno = errno; > error("%s: sshbuf_put: %s", > __func__, ssh_err(r)); > goto out; >@@ -1365,6 +1371,8 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, > free(our_version_string); > free(peer_version_string); > free(remote_version); >+ if (r == SSH_ERR_SYSTEM_ERROR) >+ errno = oerrno; > return r; > } > >diff --git a/sshconnect.c b/sshconnect.c >index 4711af782..7263562cb 100644 >--- a/sshconnect.c >+++ b/sshconnect.c >@@ -1276,6 +1276,7 @@ ssh_login(struct ssh *ssh, Sensitive *sensitive, const char *orighost, > { > char *host; > char *server_user, *local_user; >+ int r; > > local_user = xstrdup(pw->pw_name); > server_user = options.user ? options.user : local_user; >@@ -1285,8 +1286,8 @@ ssh_login(struct ssh *ssh, Sensitive *sensitive, const char *orighost, > lowercase(host); > > /* Exchange protocol version identification strings with the server. */ >- if (kex_exchange_identification(ssh, timeout_ms, NULL) != 0) >- cleanup_exit(255); /* error already logged */ >+ if ((r = kex_exchange_identification(ssh, timeout_ms, NULL)) != 0) >+ sshpkt_fatal(ssh, r, "banner exchange"); > > /* Put the connection into non-blocking mode. */ > ssh_packet_set_nonblocking(ssh); >diff --git a/sshd.c b/sshd.c >index 60b2aaf73..5b8a04637 100644 >--- a/sshd.c >+++ b/sshd.c >@@ -2161,8 +2161,9 @@ main(int ac, char **av) > if (!debug_flag) > alarm(options.login_grace_time); > >- if (kex_exchange_identification(ssh, -1, options.version_addendum) != 0) >- cleanup_exit(255); /* error already logged */ >+ if ((r = kex_exchange_identification(ssh, -1, >+ options.version_addendum)) != 0) >+ sshpkt_fatal(ssh, r, "banner exchange"); > > ssh_packet_set_nonblocking(ssh); >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=3365">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Flags:
dtucker
:
ok+
Actions:
View
|
Diff
Attachments on
bug 3129
:
3359
| 3365