upstream commit

use error/logit/fatal instead of fprintf(stderr, ...) and exit(0), fix a few errors that were being printed to stdout instead of stderr and a few non-errors that were going to stderr instead of stdout bz#2325; ok dtucker
2015-04-17 13:19:22 +00:00 · 2015-04-17 13:19:22 +00:00 · 3038a19187
parent a58be33cb6
commit 3038a19187
1 changed files with 94 additions and 153 deletions
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.268 2015/03/31 11:06:49 tobias Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.269 2015/04/17 13:19:22 djm Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -187,10 +187,8 @@ type_bits_valid(int type, const char *name, u_int32_t *bitsp)
 	int nid;
 #endif

-	if (type == KEY_UNSPEC) {
-		fprintf(stderr, "unknown key type %s\n", key_type_name);
-		exit(1);
-	}
+	if (type == KEY_UNSPEC)
+		fatal("unknown key type %s", key_type_name);
 	if (*bitsp == 0) {
 #ifdef WITH_OPENSSL
 		if (type == KEY_DSA)
@ -208,10 +206,8 @@ type_bits_valid(int type, const char *name, u_int32_t *bitsp)
 #ifdef WITH_OPENSSL
 	maxbits = (type == KEY_DSA) ?
 	    OPENSSL_DSA_MAX_MODULUS_BITS : OPENSSL_RSA_MAX_MODULUS_BITS;
-	if (*bitsp > maxbits) {
-		fprintf(stderr, "key bits exceeds maximum %d\n", maxbits);
-		exit(1);
-	}
+	if (*bitsp > maxbits)
+		fatal("key bits exceeds maximum %d", maxbits);
 	if (type == KEY_DSA && *bitsp != 1024)
 		fatal("DSA keys must be 1024 bits");
 	else if (type != KEY_ECDSA && type != KEY_ED25519 && *bitsp < 768)
@ -256,13 +252,13 @@ ask_filename(struct passwd *pw, const char *prompt)
 			name = _PATH_SSH_CLIENT_ID_ED25519;
 			break;
 		default:
-			fprintf(stderr, "bad key type\n");
-			exit(1);
-			break;
+			fatal("bad key type");
 		}
 	}
-	snprintf(identity_file, sizeof(identity_file), "%s/%s", pw->pw_dir, name);
-	fprintf(stderr, "%s (%s): ", prompt, identity_file);
+	snprintf(identity_file, sizeof(identity_file),
+	    "%s/%s", pw->pw_dir, name);
+	printf("%s (%s): ", prompt, identity_file);
+	fflush(stdout);
 	if (fgets(buf, sizeof(buf), stdin) == NULL)
 		exit(1);
 	buf[strcspn(buf, "\n")] = '\0';
@ -308,14 +304,10 @@ do_convert_to_ssh2(struct passwd *pw, struct sshkey *k)
 	char comment[61];
 	int r;

-	if (k->type == KEY_RSA1) {
-		fprintf(stderr, "version 1 keys are not supported\n");
-		exit(1);
-	}
-	if ((r = sshkey_to_blob(k, &blob, &len)) != 0) {
-		fprintf(stderr, "key_to_blob failed: %s\n", ssh_err(r));
-		exit(1);
-	}
+	if (k->type == KEY_RSA1)
+		fatal("version 1 keys are not supported");
+	if ((r = sshkey_to_blob(k, &blob, &len)) != 0)
+		fatal("key_to_blob failed: %s", ssh_err(r));
 	/* Comment + surrounds must fit into 72 chars (RFC 4716 sec 3.3) */
 	snprintf(comment, sizeof(comment),
 	    "%u-bit %s, converted by %s@%s from OpenSSH",
@ -544,17 +536,13 @@ get_line(FILE *fp, char *line, size_t len)

 	line[0] = '\0';
 	while ((c = fgetc(fp)) != EOF) {
-		if (pos >= len - 1) {
-			fprintf(stderr, "input line too long.\n");
-			exit(1);
-		}
+		if (pos >= len - 1)
+			fatal("input line too long.");
 		switch (c) {
 		case '\r':
 			c = fgetc(fp);
-			if (c != EOF && c != '\n' && ungetc(c, fp) == EOF) {
-				fprintf(stderr, "unget: %s\n", strerror(errno));
-				exit(1);
-			}
+			if (c != EOF && c != '\n' && ungetc(c, fp) == EOF)
+				fatal("unget: %s", strerror(errno));
 			return pos;
 		case '\n':
 			return pos;
@ -606,16 +594,12 @@ do_convert_from_ssh2(struct passwd *pw, struct sshkey **k, int *private)
 	    (encoded[len-3] == '='))
 		encoded[len-3] = '\0';
 	blen = uudecode(encoded, blob, sizeof(blob));
-	if (blen < 0) {
-		fprintf(stderr, "uudecode failed.\n");
-		exit(1);
-	}
+	if (blen < 0)
+		fatal("uudecode failed.");
 	if (*private)
 		*k = do_convert_private_ssh2_from_blob(blob, blen);
-	else if ((r = sshkey_from_blob(blob, blen, k)) != 0) {
-		fprintf(stderr, "decode blob failed: %s\n", ssh_err(r));
-		exit(1);
-	}
+	else if ((r = sshkey_from_blob(blob, blen, k)) != 0)
+		fatal("decode blob failed: %s", ssh_err(r));
 	fclose(fp);
 }

@ -749,10 +733,8 @@ do_convert_from(struct passwd *pw)
 		}
 	}

-	if (!ok) {
-		fprintf(stderr, "key write failed\n");
-		exit(1);
-	}
+	if (!ok)
+		fatal("key write failed");
 	sshkey_free(k);
 	exit(0);
 }
@ -767,13 +749,11 @@ do_print_public(struct passwd *pw)

 	if (!have_identity)
 		ask_filename(pw, "Enter file in which the key is");
-	if (stat(identity_file, &st) < 0) {
-		perror(identity_file);
-		exit(1);
-	}
+	if (stat(identity_file, &st) < 0)
+		fatal("%s: %s", identity_file, strerror(errno));
 	prv = load_identity(identity_file);
 	if ((r = sshkey_write(prv, stdout)) != 0)
-		fprintf(stderr, "key_write failed: %s", ssh_err(r));
+		error("key_write failed: %s", ssh_err(r));
 	sshkey_free(prv);
 	fprintf(stdout, "\n");
 	exit(0);
@ -838,10 +818,8 @@ do_fingerprint(struct passwd *pw)
 	rep =    print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_DEFAULT;
 	if (!have_identity)
 		ask_filename(pw, "Enter file in which the key is");
-	if (stat(identity_file, &st) < 0) {
-		perror(identity_file);
-		exit(1);
-	}
+	if (stat(identity_file, &st) < 0)
+		fatal("%s: %s", identity_file, strerror(errno));
 	if ((r = sshkey_load_public(identity_file, &public, &comment)) != 0)
 		debug2("Error loading public key \"%s\": %s",
 		    identity_file, ssh_err(r));
@ -933,10 +911,8 @@ do_fingerprint(struct passwd *pw)
 	}
 	fclose(f);

-	if (invalid) {
-		printf("%s is not a public key file.\n", identity_file);
-		exit(1);
-	}
+	if (invalid)
+		fatal("%s is not a public key file.", identity_file);
 	exit(0);
 }

@ -973,7 +949,7 @@ do_gen_all_hostkeys(struct passwd *pw)
 		if (stat(key_types[i].path, &st) == 0)
 			continue;
 		if (errno != ENOENT) {
-			printf("Could not stat %s: %s", key_types[i].path,
+			error("Could not stat %s: %s", key_types[i].path,
 			    strerror(errno));
 			first = 0;
 			continue;
@ -990,8 +966,7 @@ do_gen_all_hostkeys(struct passwd *pw)
 		bits = 0;
 		type_bits_valid(type, NULL, &bits);
 		if ((r = sshkey_generate(type, bits, &private)) != 0) {
-			fprintf(stderr, "key_generate failed: %s\n",
-			    ssh_err(r));
+			error("key_generate failed: %s", ssh_err(r));
 			first = 0;
 			continue;
 		}
@ -1001,8 +976,8 @@ do_gen_all_hostkeys(struct passwd *pw)
 		    hostname);
 		if ((r = sshkey_save_private(private, identity_file, "",
 		    comment, use_new_format, new_format_cipher, rounds)) != 0) {
-			printf("Saving key \"%s\" failed: %s\n", identity_file,
-			    ssh_err(r));
+			error("Saving key \"%s\" failed: %s",
+			    identity_file, ssh_err(r));
 			sshkey_free(private);
 			sshkey_free(public);
 			first = 0;
@ -1012,7 +987,7 @@ do_gen_all_hostkeys(struct passwd *pw)
 		strlcat(identity_file, ".pub", sizeof(identity_file));
 		fd = open(identity_file, O_WRONLY | O_CREAT | O_TRUNC, 0644);
 		if (fd == -1) {
-			printf("Could not save your public key in %s\n",
+			error("Could not save your public key in %s",
 			    identity_file);
 			sshkey_free(public);
 			first = 0;
@ -1020,14 +995,14 @@ do_gen_all_hostkeys(struct passwd *pw)
 		}
 		f = fdopen(fd, "w");
 		if (f == NULL) {
-			printf("fdopen %s failed\n", identity_file);
+			error("fdopen %s failed", identity_file);
 			close(fd);
 			sshkey_free(public);
 			first = 0;
 			continue;
 		}
 		if ((r = sshkey_write(public, f)) != 0) {
-			fprintf(stderr, "write key failed: %s\n", ssh_err(r));
+			error("write key failed: %s", ssh_err(r));
 			fclose(f);
 			sshkey_free(public);
 			first = 0;
@ -1068,8 +1043,8 @@ known_hosts_hash(struct hostkey_foreach_line *l, void *_ctx)
 		    has_wild || l->marker != MRK_NONE) {
 			fprintf(ctx->out, "%s\n", l->line);
 			if (has_wild && !find_host) {
-				fprintf(stderr, "%s:%ld: ignoring host name "
-				    "with wildcard: %.64s\n", l->path,
+				logit("%s:%ld: ignoring host name "
+				    "with wildcard: %.64s", l->path,
 				    l->linenum, l->hosts);
 			}
 			return 0;
@ -1090,7 +1065,7 @@ known_hosts_hash(struct hostkey_foreach_line *l, void *_ctx)
 	case HKF_STATUS_INVALID:
 		/* Retain invalid lines, but mark file as invalid. */
 		ctx->invalid = 1;
-		fprintf(stderr, "%s:%ld: invalid line\n", l->path, l->linenum);
+		logit("%s:%ld: invalid line", l->path, l->linenum);
 		/* FALLTHROUGH */
 	default:
 		fprintf(ctx->out, "%s\n", l->line);
@ -1140,8 +1115,7 @@ known_hosts_find_delete(struct hostkey_foreach_line *l, void *_ctx)
 		/* Retain non-matching hosts when deleting */
 		if (l->status == HKF_STATUS_INVALID) {
 			ctx->invalid = 1;
-			fprintf(stderr, "%s:%ld: invalid line\n",
-			    l->path, l->linenum);
+			logit("%s:%ld: invalid line", l->path, l->linenum);
 		}
 		fprintf(ctx->out, "%s\n", l->line);
 	}
@ -1199,17 +1173,15 @@ do_known_hosts(struct passwd *pw, const char *name)
 		fclose(ctx.out);

 	if (ctx.invalid) {
-		fprintf(stderr, "%s is not a valid known_hosts file.\n",
-		    identity_file);
+		error("%s is not a valid known_hosts file.", identity_file);
 		if (inplace) {
-			fprintf(stderr, "Not replacing existing known_hosts "
-			    "file because of errors\n");
+			error("Not replacing existing known_hosts "
+			    "file because of errors");
 			unlink(tmp);
 		}
 		exit(1);
 	} else if (delete_host && !ctx.found_key) {
-		fprintf(stderr, "Host %s not found in %s\n",
-		    name, identity_file);
+		logit("Host %s not found in %s", name, identity_file);
 		unlink(tmp);
 	} else if (inplace) {
 		/* Backup existing file */
@ -1227,13 +1199,12 @@ do_known_hosts(struct passwd *pw, const char *name)
 			exit(1);
 		}

-		fprintf(stderr, "%s updated.\n", identity_file);
-		fprintf(stderr, "Original contents retained as %s\n", old);
+		printf("%s updated.\n", identity_file);
+		printf("Original contents retained as %s\n", old);
 		if (ctx.has_unhashed) {
-			fprintf(stderr, "WARNING: %s contains unhashed "
-			    "entries\n", old);
-			fprintf(stderr, "Delete this file to ensure privacy "
-			    "of hostnames\n");
+			logit("WARNING: %s contains unhashed entries", old);
+			logit("Delete this file to ensure privacy "
+			    "of hostnames");
 		}
 	}

@ -1255,10 +1226,8 @@ do_change_passphrase(struct passwd *pw)

 	if (!have_identity)
 		ask_filename(pw, "Enter file in which the key is");
-	if (stat(identity_file, &st) < 0) {
-		perror(identity_file);
-		exit(1);
-	}
+	if (stat(identity_file, &st) < 0)
+		fatal("%s: %s", identity_file, strerror(errno));
 	/* Try to load the file with empty passphrase. */
 	r = sshkey_load_private(identity_file, "", &private, &comment);
 	if (r == SSH_ERR_KEY_WRONG_PASSPHRASE) {
@ -1276,9 +1245,7 @@ do_change_passphrase(struct passwd *pw)
 			goto badkey;
 	} else if (r != 0) {
 badkey:
-		fprintf(stderr, "Failed to load key \"%s\": %s\n",
-		    identity_file, ssh_err(r));
-		exit(1);
+		fatal("Failed to load key %s: %s", identity_file, ssh_err(r));
 	}
 	if (comment)
 		printf("Key has comment '%s'\n", comment);
@ -1311,7 +1278,7 @@ do_change_passphrase(struct passwd *pw)
 	/* Save the file using the new passphrase. */
 	if ((r = sshkey_save_private(private, identity_file, passphrase1,
 	    comment, use_new_format, new_format_cipher, rounds)) != 0) {
-		printf("Saving key \"%s\" failed: %s.\n",
+		error("Saving key \"%s\" failed: %s.",
 		    identity_file, ssh_err(r));
 		explicit_bzero(passphrase1, strlen(passphrase1));
 		free(passphrase1);
@ -1345,14 +1312,11 @@ do_print_resource_record(struct passwd *pw, char *fname, char *hname)
 	if (stat(fname, &st) < 0) {
 		if (errno == ENOENT)
 			return 0;
-		perror(fname);
-		exit(1);
+		fatal("%s: %s", fname, strerror(errno));
 	}
-	if ((r = sshkey_load_public(fname, &public, &comment)) != 0) {
-		printf("Failed to read v2 public key from \"%s\": %s.\n",
+	if ((r = sshkey_load_public(fname, &public, &comment)) != 0)
+		fatal("Failed to read v2 public key from \"%s\": %s.",
 		    fname, ssh_err(r));
-		exit(1);
-	}
 	export_dns_rr(hname, public, stdout, print_generic);
 	sshkey_free(public);
 	free(comment);
@ -1374,18 +1338,15 @@ do_change_comment(struct passwd *pw)

 	if (!have_identity)
 		ask_filename(pw, "Enter file in which the key is");
-	if (stat(identity_file, &st) < 0) {
-		perror(identity_file);
-		exit(1);
-	}
+	if (stat(identity_file, &st) < 0)
+		fatal("%s: %s", identity_file, strerror(errno));
 	if ((r = sshkey_load_private(identity_file, "",
 	    &private, &comment)) == 0)
 		passphrase = xstrdup("");
-	else if (r != SSH_ERR_KEY_WRONG_PASSPHRASE) {
-		printf("Cannot load private key \"%s\": %s.\n",
+	else if (r != SSH_ERR_KEY_WRONG_PASSPHRASE)
+		fatal("Cannot load private key \"%s\": %s.",
 		    identity_file, ssh_err(r));
-		exit(1);
-	} else {
+	else {
 		if (identity_passphrase)
 			passphrase = xstrdup(identity_passphrase);
 		else if (identity_new_passphrase)
@ -1398,13 +1359,13 @@ do_change_comment(struct passwd *pw)
 		    &private, &comment)) != 0) {
 			explicit_bzero(passphrase, strlen(passphrase));
 			free(passphrase);
-			printf("Cannot load private key \"%s\": %s.\n",
+			fatal("Cannot load private key \"%s\": %s.",
 			    identity_file, ssh_err(r));
-			exit(1);
 		}
 	}
+	/* XXX what about new-format keys? */
 	if (private->type != KEY_RSA1) {
-		fprintf(stderr, "Comments are only supported for RSA1 keys.\n");
+		error("Comments are only supported for RSA1 keys.");
 		explicit_bzero(passphrase, strlen(passphrase));
 		sshkey_free(private);
 		exit(1);
@ -1427,7 +1388,7 @@ do_change_comment(struct passwd *pw)
 	/* Save the file using the new passphrase. */
 	if ((r = sshkey_save_private(private, identity_file, passphrase,
 	    new_comment, use_new_format, new_format_cipher, rounds)) != 0) {
-		printf("Saving key \"%s\" failed: %s\n",
+		error("Saving key \"%s\" failed: %s",
 		    identity_file, ssh_err(r));
 		explicit_bzero(passphrase, strlen(passphrase));
 		free(passphrase);
@ -1443,17 +1404,13 @@ do_change_comment(struct passwd *pw)

 	strlcat(identity_file, ".pub", sizeof(identity_file));
 	fd = open(identity_file, O_WRONLY | O_CREAT | O_TRUNC, 0644);
-	if (fd == -1) {
-		printf("Could not save your public key in %s\n", identity_file);
-		exit(1);
-	}
+	if (fd == -1)
+		fatal("Could not save your public key in %s", identity_file);
 	f = fdopen(fd, "w");
-	if (f == NULL) {
-		printf("fdopen %s failed\n", identity_file);
-		exit(1);
-	}
+	if (f == NULL)
+		fatal("fdopen %s failed: %s", identity_file, strerror(errno));
 	if ((r = sshkey_write(public, f)) != 0)
-		fprintf(stderr, "write key failed: %s\n", ssh_err(r));
+		fatal("write key failed: %s", ssh_err(r));
 	sshkey_free(public);
 	fprintf(f, " %s\n", new_comment);
 	fclose(f);
@ -1613,8 +1570,7 @@ do_ca_sign(struct passwd *pw, int argc, char **argv)
 				break;
 			/* FALLTHROUGH */
 		default:
-			fprintf(stderr, "unknown key type %s\n", key_type_name);
-			exit(1);
+			fatal("unknown key type %s", key_type_name);
 		}
 	}

@ -2272,14 +2228,10 @@ main(int argc, char **argv)

 	/* we need this for the home * directory.  */
 	pw = getpwuid(getuid());
-	if (!pw) {
-		printf("No user exists for uid %lu\n", (u_long)getuid());
-		exit(1);
-	}
-	if (gethostname(hostname, sizeof(hostname)) < 0) {
-		perror("gethostname");
-		exit(1);
-	}
+	if (!pw)
+		fatal("No user exists for uid %lu", (u_long)getuid());
+	if (gethostname(hostname, sizeof(hostname)) < 0)
+		fatal("gethostname: %s", strerror(errno));

 	/* Remaining characters: UYdw */
 	while ((opt = getopt(argc, argv, "ABHLQXceghiklopquvxy"
@ -2496,19 +2448,19 @@ main(int argc, char **argv)

 	if (ca_key_path != NULL) {
 		if (argc < 1 && !gen_krl) {
-			printf("Too few arguments.\n");
+			error("Too few arguments.");
 			usage();
 		}
 	} else if (argc > 0 && !gen_krl && !check_krl) {
-		printf("Too many arguments.\n");
+		error("Too many arguments.");
 		usage();
 	}
 	if (change_passphrase && change_comment) {
-		printf("Can only have one of -p and -c.\n");
+		error("Can only have one of -p and -c.");
 		usage();
 	}
 	if (print_fingerprint && (delete_host || hash_hosts)) {
-		printf("Cannot use -l with -H or -R.\n");
+		error("Cannot use -l with -H or -R.");
 		usage();
 	}
 	if (gen_krl) {
@ -2550,10 +2502,8 @@ main(int argc, char **argv)
 		if (have_identity) {
 			n = do_print_resource_record(pw,
 			    identity_file, rr_hostname);
-			if (n == 0) {
-				perror(identity_file);
-				exit(1);
-			}
+			if (n == 0)
+				fatal("%s: %s", identity_file, strerror(errno));
 			exit(0);
 		} else {

@ -2625,14 +2575,10 @@ main(int argc, char **argv)
 	if (!quiet)
 		printf("Generating public/private %s key pair.\n",
 		    key_type_name);
-	if ((r = sshkey_generate(type, bits, &private)) != 0) {
-		fprintf(stderr, "key_generate failed\n");
-		exit(1);
-	}
-	if ((r = sshkey_from_private(private, &public)) != 0) {
-		fprintf(stderr, "key_from_private failed: %s\n", ssh_err(r));
-		exit(1);
-	}
+	if ((r = sshkey_generate(type, bits, &private)) != 0)
+		fatal("key_generate failed");
+	if ((r = sshkey_from_private(private, &public)) != 0)
+		fatal("key_from_private failed: %s\n", ssh_err(r));

 	if (!have_identity)
 		ask_filename(pw, "Enter file in which to save the key");
@ -2702,7 +2648,7 @@ passphrase_again:
 	/* Save the key with the given passphrase and comment. */
 	if ((r = sshkey_save_private(private, identity_file, passphrase1,
 	    comment, use_new_format, new_format_cipher, rounds)) != 0) {
-		printf("Saving key \"%s\" failed: %s\n",
+		error("Saving key \"%s\" failed: %s",
 		    identity_file, ssh_err(r));
 		explicit_bzero(passphrase1, strlen(passphrase1));
 		free(passphrase1);
@ -2719,18 +2665,13 @@ passphrase_again:
 		printf("Your identification has been saved in %s.\n", identity_file);

 	strlcat(identity_file, ".pub", sizeof(identity_file));
-	fd = open(identity_file, O_WRONLY | O_CREAT | O_TRUNC, 0644);
-	if (fd == -1) {
-		printf("Could not save your public key in %s\n", identity_file);
-		exit(1);
-	}
-	f = fdopen(fd, "w");
-	if (f == NULL) {
-		printf("fdopen %s failed\n", identity_file);
-		exit(1);
-	}
+	if ((fd = open(identity_file, O_WRONLY|O_CREAT|O_TRUNC, 0644)) == -1)
+		fatal("Unable to save public key to %s: %s",
+		    identity_file, strerror(errno));
+	if ((f = fdopen(fd, "w")) == NULL)
+		fatal("fdopen %s failed: %s", identity_file, strerror(errno));
 	if ((r = sshkey_write(public, f)) != 0)
-		fprintf(stderr, "write key failed: %s\n", ssh_err(r));
+		error("write key failed: %s", ssh_err(r));
 	fprintf(f, " %s\n", comment);
 	fclose(f);