Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / d4c86b13254d7c84b27b7cb8d32dcc7036ca3788^! / .
commitd4c86b13254d7c84b27b7cb8d32dcc7036ca3788[log] [tgz]
authorDarren Tucker <dtucker@zip.com.au>Tue Jan 12 19:41:22 2010 +1100
committerDarren Tucker <dtucker@zip.com.au>Tue Jan 12 19:41:22 2010 +1100
treeb43f895184faf976e8bd41d889ae7f5c93eedb45
parent7ad8dd21da5e2a2687fdff14142b70f1587f96ce [diff]
   - dtucker@cvs.openbsd.org 2010/01/11 04:46:45
     [authfile.c sshconnect2.c]
     Do not prompt for a passphrase if we fail to open a keyfile, and log the
     reason the open failed to debug.
     bz #1693, found by tj AT castaglia org, ok djm@

diff --git a/ChangeLog b/ChangeLog
index 72a68a6..74936fa 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -6,6 +6,11 @@
      single port forward on the server.  This allows, for example, using ssh as
      a ProxyCommand to route connections via intermediate servers.
      bz #1618, man page help from jmc@, ok markus@
+   - dtucker@cvs.openbsd.org 2010/01/11 04:46:45
+     [authfile.c sshconnect2.c]
+     Do not prompt for a passphrase if we fail to open a keyfile, and log the
+     reason the open failed to debug.
+     bz #1693, found by tj AT castaglia org, ok djm@
 
 20100110
  - (dtucker) [configure.ac misc.c readconf.c servconf.c ssh-keyscan.c]

diff --git a/authfile.c b/authfile.c
index 3fbe11b..23535fa 100644
--- a/authfile.c
+++ b/authfile.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: authfile.c,v 1.77 2009/10/22 22:26:13 djm Exp $ */
+/* $OpenBSD: authfile.c,v 1.78 2010/01/11 04:46:45 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -559,7 +559,12 @@
 	int fd;
 
 	fd = open(filename, O_RDONLY);
-	if (fd < 0)
+	if (fd < 0) {
+		debug("could not open key file '%s': %s", filename,
+		    strerror(errno));
+		if (perm_ok != NULL)
+			*perm_ok = 0;
+	}
 		return NULL;
 	if (!key_perm_ok(fd, filename)) {
 		if (perm_ok != NULL)
@@ -595,8 +600,11 @@
 	int fd;
 
 	fd = open(filename, O_RDONLY);
-	if (fd < 0)
+	if (fd < 0) {
+		debug("could not open key file '%s': %s", filename,
+		    strerror(errno));
 		return NULL;
+	}
 	if (!key_perm_ok(fd, filename)) {
 		error("bad permissions: ignore key: %s", filename);
 		close(fd);

diff --git a/sshconnect2.c b/sshconnect2.c
index 367f0fc..ed40a9d 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect2.c,v 1.177 2010/01/04 01:45:30 dtucker Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.178 2010/01/11 04:46:45 dtucker Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  * Copyright (c) 2008 Damien Miller.  All rights reserved.
@@ -1250,7 +1250,7 @@
 {
 	Key *private;
 	char prompt[300], *passphrase;
-	int perm_ok, quit, i;
+	int perm_ok = 0, quit, i;
 	struct stat st;
 
 	if (stat(filename, &st) < 0) {