FreeBSD Bugzilla – Attachment 168616 Details for
Bug 208254
rc.d/sshd failes to generate all referenced ssh host keys.
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Check whether each key file exists before adding it
openssh-add-host-key-file.diff (text/plain), 1.79 KB, created by
Dag-Erling Smørgrav
on 2016-03-25 12:26:13 UTC
(
hide
)
Description:
Check whether each key file exists before adding it
Filename:
MIME Type:
Creator:
Dag-Erling Smørgrav
Created:
2016-03-25 12:26:13 UTC
Size:
1.79 KB
patch
obsolete
>Index: crypto/openssh/servconf.c >=================================================================== >--- crypto/openssh/servconf.c (revision 297205) >+++ crypto/openssh/servconf.c (working copy) >@@ -22,6 +22,7 @@ > #include <netinet/ip.h> > > #include <ctype.h> >+#include <fcntl.h> > #include <netdb.h> > #include <pwd.h> > #include <stdio.h> >@@ -208,24 +209,28 @@ > options->protocol = SSH_PROTO_2; > if (options->protocol & SSH_PROTO_1) > error("WARNING: SSH protocol version 1 enabled"); >+#define add_host_key_file(path) \ >+ do { \ >+ if (access((path), O_RDONLY) == 0) \ >+ options->host_key_files \ >+ [options->num_host_key_files++] = (path); \ >+ } while (0) > if (options->num_host_key_files == 0) { > /* fill default hostkeys for protocols */ > if (options->protocol & SSH_PROTO_1) >- options->host_key_files[options->num_host_key_files++] = >- _PATH_HOST_KEY_FILE; >+ add_host_key_file(_PATH_HOST_KEY_FILE); > if (options->protocol & SSH_PROTO_2) { >- options->host_key_files[options->num_host_key_files++] = >- _PATH_HOST_RSA_KEY_FILE; >- options->host_key_files[options->num_host_key_files++] = >- _PATH_HOST_DSA_KEY_FILE; >+ add_host_key_file(_PATH_HOST_RSA_KEY_FILE); >+ add_host_key_file(_PATH_HOST_DSA_KEY_FILE); > #ifdef OPENSSL_HAS_ECC >- options->host_key_files[options->num_host_key_files++] = >- _PATH_HOST_ECDSA_KEY_FILE; >+ add_host_key_file(_PATH_HOST_ECDSA_KEY_FILE); > #endif >- options->host_key_files[options->num_host_key_files++] = >- _PATH_HOST_ED25519_KEY_FILE; >+ add_host_key_file(_PATH_HOST_ED25519_KEY_FILE); > } > } >+#undef add_host_key_file >+ if (options->num_host_key_files == 0) >+ fatal("No host key files found"); > /* No certificates by default */ > if (options->num_ports == 0) > options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=168616">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 208254
:
168616
|
173396