diff options
| author | Darren Tucker <dtucker@zip.com.au> | 2010-01-12 19:41:22 +1100 |
|---|---|---|
| committer | Darren Tucker <dtucker@zip.com.au> | 2010-01-12 19:41:22 +1100 |
| commit | d4c86b13254d7c84b27b7cb8d32dcc7036ca3788 (patch) | |
| tree | b43f895184faf976e8bd41d889ae7f5c93eedb45 | |
| parent | 7ad8dd21da5e2a2687fdff14142b70f1587f96ce (diff) | |
- dtucker@cvs.openbsd.org 2010/01/11 04:46:45
[authfile.c sshconnect2.c]
Do not prompt for a passphrase if we fail to open a keyfile, and log the
reason the open failed to debug.
bz #1693, found by tj AT castaglia org, ok djm@
| -rw-r--r-- | ChangeLog | 5 | ||||
| -rw-r--r-- | authfile.c | 14 | ||||
| -rw-r--r-- | sshconnect2.c | 4 |
3 files changed, 18 insertions, 5 deletions
@@ -6,6 +6,11 @@ single port forward on the server. This allows, for example, using ssh as a ProxyCommand to route connections via intermediate servers. bz #1618, man page help from jmc@, ok markus@ + - dtucker@cvs.openbsd.org 2010/01/11 04:46:45 + [authfile.c sshconnect2.c] + Do not prompt for a passphrase if we fail to open a keyfile, and log the + reason the open failed to debug. + bz #1693, found by tj AT castaglia org, ok djm@ 20100110 - (dtucker) [configure.ac misc.c readconf.c servconf.c ssh-keyscan.c] @@ -1,4 +1,4 @@ -/* $OpenBSD: authfile.c,v 1.77 2009/10/22 22:26:13 djm Exp $ */ +/* $OpenBSD: authfile.c,v 1.78 2010/01/11 04:46:45 dtucker Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -559,7 +559,12 @@ key_load_private_type(int type, const char *filename, const char *passphrase, int fd; fd = open(filename, O_RDONLY); - if (fd < 0) + if (fd < 0) { + debug("could not open key file '%s': %s", filename, + strerror(errno)); + if (perm_ok != NULL) + *perm_ok = 0; + } return NULL; if (!key_perm_ok(fd, filename)) { if (perm_ok != NULL) @@ -595,8 +600,11 @@ key_load_private(const char *filename, const char *passphrase, int fd; fd = open(filename, O_RDONLY); - if (fd < 0) + if (fd < 0) { + debug("could not open key file '%s': %s", filename, + strerror(errno)); return NULL; + } if (!key_perm_ok(fd, filename)) { error("bad permissions: ignore key: %s", filename); close(fd); diff --git a/sshconnect2.c b/sshconnect2.c index 367f0fc6..ed40a9d7 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.177 2010/01/04 01:45:30 dtucker Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.178 2010/01/11 04:46:45 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -1250,7 +1250,7 @@ load_identity_file(char *filename) { Key *private; char prompt[300], *passphrase; - int perm_ok, quit, i; + int perm_ok = 0, quit, i; struct stat st; if (stat(filename, &st) < 0) { |