diff options
author | djm@openbsd.org <djm@openbsd.org> | 2020-03-13 04:01:56 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2020-03-14 19:39:30 +1100 |
commit | 5becbec023f2037394987f85ed7f74b9a28699e0 (patch) | |
tree | ea7a8e45ac5e4a71d95f5b99e376b51fa3f823ef | |
parent | eef88418f9e5e51910af3c5b23b5606ebc17af55 (diff) |
upstream: use sshpkt_fatal() for kex_exchange_identification()
errors. This ensures that the logged errors are consistent with other
transport- layer errors and that the relevant IP addresses are logged. bz3129
ok dtucker@
OpenBSD-Commit-ID: 2c22891f0b9e1a6cd46771cedbb26ac96ec2e6ab
-rw-r--r-- | kex.c | 14 | ||||
-rw-r--r-- | sshconnect.c | 7 | ||||
-rw-r--r-- | sshd.c | 7 |
3 files changed, 19 insertions, 9 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: kex.c,v 1.157 2020/02/26 13:40:09 jsg Exp $ */ +/* $OpenBSD: kex.c,v 1.158 2020/03/13 04:01:56 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * @@ -1167,7 +1167,7 @@ int kex_exchange_identification(struct ssh *ssh, int timeout_ms, const char *version_addendum) { - int remote_major, remote_minor, mismatch; + int remote_major, remote_minor, mismatch, oerrno = 0; size_t len, i, n; int r, expect_nl; u_char c; @@ -1186,6 +1186,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION, version_addendum == NULL ? "" : " ", version_addendum == NULL ? "" : version_addendum)) != 0) { + oerrno = errno; error("%s: sshbuf_putf: %s", __func__, ssh_err(r)); goto out; } @@ -1193,11 +1194,13 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, if (atomicio(vwrite, ssh_packet_get_connection_out(ssh), sshbuf_mutable_ptr(our_version), sshbuf_len(our_version)) != sshbuf_len(our_version)) { - error("%s: write: %.100s", __func__, strerror(errno)); + oerrno = errno; + debug("%s: write: %.100s", __func__, strerror(errno)); r = SSH_ERR_SYSTEM_ERROR; goto out; } if ((r = sshbuf_consume_end(our_version, 2)) != 0) { /* trim \r\n */ + oerrno = errno; error("%s: sshbuf_consume_end: %s", __func__, ssh_err(r)); goto out; } @@ -1233,6 +1236,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, r = SSH_ERR_CONN_TIMEOUT; goto out; } else if (r == -1) { + oerrno = errno; error("%s: %s", __func__, strerror(errno)); r = SSH_ERR_SYSTEM_ERROR; @@ -1248,6 +1252,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, r = SSH_ERR_CONN_CLOSED; goto out; } else if (len != 1) { + oerrno = errno; error("%s: read: %.100s", __func__, strerror(errno)); r = SSH_ERR_SYSTEM_ERROR; @@ -1265,6 +1270,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, goto invalid; } if ((r = sshbuf_put_u8(peer_version, c)) != 0) { + oerrno = errno; error("%s: sshbuf_put: %s", __func__, ssh_err(r)); goto out; @@ -1365,6 +1371,8 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, free(our_version_string); free(peer_version_string); free(remote_version); + if (r == SSH_ERR_SYSTEM_ERROR) + errno = oerrno; return r; } diff --git a/sshconnect.c b/sshconnect.c index 4711af78..af08be41 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.328 2020/01/25 07:17:18 djm Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.329 2020/03/13 04:01:56 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -1276,6 +1276,7 @@ ssh_login(struct ssh *ssh, Sensitive *sensitive, const char *orighost, { char *host; char *server_user, *local_user; + int r; local_user = xstrdup(pw->pw_name); server_user = options.user ? options.user : local_user; @@ -1285,8 +1286,8 @@ ssh_login(struct ssh *ssh, Sensitive *sensitive, const char *orighost, lowercase(host); /* Exchange protocol version identification strings with the server. */ - if (kex_exchange_identification(ssh, timeout_ms, NULL) != 0) - cleanup_exit(255); /* error already logged */ + if ((r = kex_exchange_identification(ssh, timeout_ms, NULL)) != 0) + sshpkt_fatal(ssh, r, "banner exchange"); /* Put the connection into non-blocking mode. */ ssh_packet_set_nonblocking(ssh); @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.551 2020/03/13 03:24:49 dtucker Exp $ */ +/* $OpenBSD: sshd.c,v 1.552 2020/03/13 04:01:57 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -2155,8 +2155,9 @@ main(int ac, char **av) if (!debug_flag) alarm(options.login_grace_time); - if (kex_exchange_identification(ssh, -1, options.version_addendum) != 0) - cleanup_exit(255); /* error already logged */ + if ((r = kex_exchange_identification(ssh, -1, + options.version_addendum)) != 0) + sshpkt_fatal(ssh, r, "banner exchange"); ssh_packet_set_nonblocking(ssh); |