upstream: better diagnosics on alg list assembly errors; ok

deraadt@ markus@ OpenBSD-Commit-ID: 5a557e74b839daf13cc105924d2af06a1560faee
2018-08-12 20:19:13 +00:00 · 2018-08-12 20:19:13 +00:00 · 1b9dd4aa15
parent e36a5f61b0
commit 1b9dd4aa15
2 changed files with 29 additions and 26 deletions
--- a/readconf.c
+++ b/readconf.c
@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.296 2018/07/27 05:34:42 dtucker Exp $ */
+/* $OpenBSD: readconf.c,v 1.297 2018/08/12 20:19:13 djm Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -53,6 +53,7 @@
 #include "xmalloc.h"
 #include "ssh.h"
 #include "ssherr.h"
 #include "compat.h"
 #include "cipher.h"
 #include "pathnames.h"
@ -1924,6 +1925,7 @@ void
 fill_default_options(Options * options)
 {
 	char *all_cipher, *all_mac, *all_kex, *all_key;
 	int r;
 	if (options->forward_agent == -1)
 		options->forward_agent = 0;
@ -2075,17 +2077,18 @@ fill_default_options(Options * options)
 	all_mac = mac_alg_list(',');
 	all_kex = kex_alg_list(',');
 	all_key = sshkey_alg_list(0, 0, 1, ',');
-	if (kex_assemble_names(&options->ciphers,
+#define ASSEMBLE(what, defaults, all) \
-	    KEX_CLIENT_ENCRYPT, all_cipher) != 0 ||
+	do { \
-	    kex_assemble_names(&options->macs,
+		if ((r = kex_assemble_names(&options->what, \
-	    KEX_CLIENT_MAC, all_mac) != 0 ||
+		    defaults, all)) != 0) \
-	    kex_assemble_names(&options->kex_algorithms,
+			fatal("%s: %s: %s", __func__, #what, ssh_err(r)); \
-	    KEX_CLIENT_KEX, all_kex) != 0 ||
+	} while (0)
-	    kex_assemble_names(&options->hostbased_key_types,
+	ASSEMBLE(ciphers, KEX_SERVER_ENCRYPT, all_cipher);
-	    KEX_DEFAULT_PK_ALG, all_key) != 0 ||
+	ASSEMBLE(macs, KEX_SERVER_MAC, all_mac);
-	    kex_assemble_names(&options->pubkey_key_types,
+	ASSEMBLE(kex_algorithms, KEX_SERVER_KEX, all_kex);
-	    KEX_DEFAULT_PK_ALG, all_key) != 0)
+	ASSEMBLE(hostbased_key_types, KEX_DEFAULT_PK_ALG, all_key);
-		fatal("%s: kex_assemble_names failed", __func__);
+	ASSEMBLE(pubkey_key_types, KEX_DEFAULT_PK_ALG, all_key);
 #undef ASSEMBLE
 	free(all_cipher);
 	free(all_mac);
 	free(all_kex);
--- a/servconf.c
+++ b/servconf.c
@ -1,5 +1,5 @@
-/* $OpenBSD: servconf.c,v 1.339 2018/07/11 18:53:29 markus Exp $ */
+/* $OpenBSD: servconf.c,v 1.340 2018/08/12 20:19:13 djm Exp $ */
 /*
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
@ -192,24 +192,24 @@ static void
 assemble_algorithms(ServerOptions *o)
 {
 	char *all_cipher, *all_mac, *all_kex, *all_key;
 	int r;
 	all_cipher = cipher_alg_list(',', 0);
 	all_mac = mac_alg_list(',');
 	all_kex = kex_alg_list(',');
 	all_key = sshkey_alg_list(0, 0, 1, ',');
-	if (kex_assemble_names(&o->ciphers,
+#define ASSEMBLE(what, defaults, all) \
-	    KEX_SERVER_ENCRYPT, all_cipher) != 0 ||
+	do { \
-	    kex_assemble_names(&o->macs,
+		if ((r = kex_assemble_names(&o->what, defaults, all)) != 0) \
-	    KEX_SERVER_MAC, all_mac) != 0 ||
+			fatal("%s: %s: %s", __func__, #what, ssh_err(r)); \
-	    kex_assemble_names(&o->kex_algorithms,
+	} while (0)
-	    KEX_SERVER_KEX, all_kex) != 0 ||
+	ASSEMBLE(ciphers, KEX_SERVER_ENCRYPT, all_cipher);
-	    kex_assemble_names(&o->hostkeyalgorithms,
+	ASSEMBLE(macs, KEX_SERVER_MAC, all_mac);
-	    KEX_DEFAULT_PK_ALG, all_key) != 0 ||
+	ASSEMBLE(kex_algorithms, KEX_SERVER_KEX, all_kex);
-	    kex_assemble_names(&o->hostbased_key_types,
+	ASSEMBLE(hostkeyalgorithms, KEX_DEFAULT_PK_ALG, all_key);
-	    KEX_DEFAULT_PK_ALG, all_key) != 0 ||
+	ASSEMBLE(hostbased_key_types, KEX_DEFAULT_PK_ALG, all_key);
-	    kex_assemble_names(&o->pubkey_key_types,
+	ASSEMBLE(pubkey_key_types, KEX_DEFAULT_PK_ALG, all_key);
-	    KEX_DEFAULT_PK_ALG, all_key) != 0)
+#undef ASSEMBLE
 		fatal("kex_assemble_names failed");
 	free(all_cipher);
 	free(all_mac);
 	free(all_kex);