From 26369a5f7d9c4e4ef44a3e04910126e1bcea43d8 Mon Sep 17 00:00:00 2001
From: "djm@openbsd.org" <djm@openbsd.org>
Date: Tue, 19 Nov 2019 22:21:15 +0000
Subject: [PATCH] upstream: a little more information from the monitor when
 signature

verification fails.

OpenBSD-Commit-ID: e6a30071e0518cac512f9e10be3dc3500e2003f3
---
 monitor.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/monitor.c b/monitor.c
index a884d5f9d..1186c1dd5 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.200 2019/10/31 21:23:19 djm Exp $ */
+/* $OpenBSD: monitor.c,v 1.201 2019/11/19 22:21:15 djm Exp $ */
 /*
  * Copyright 2002 Niels Provos <provos@citi.umich.edu>
  * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -1431,8 +1431,9 @@ mm_answer_keyverify(struct ssh *ssh, int sock, struct sshbuf *m)
 
 	ret = sshkey_verify(key, signature, signaturelen, data, datalen,
 	    sigalg, ssh->compat);
-	debug3("%s: %s %p signature %s", __func__, auth_method, key,
-	    (ret == 0) ? "verified" : "unverified");
+	debug3("%s: %s %p signature %s%s%s", __func__, auth_method, key,
+	    (ret == 0) ? "verified" : "unverified",
+	    (ret != 0) ? ": " : "", (ret != 0) ? ssh_err(ret) : "");
 	auth2_record_key(authctxt, ret == 0, key);
 
 	free(blob);