"no such identity"
Darren Tucker
dtucker at zip.com.au
Wed Apr 3 00:15:00 EST 2013
On Tue, Apr 02, 2013 at 02:08:40PM +0200, Corinna Vinschen wrote:
> On Apr 1 10:22, Arthur Mesh wrote:
[...]
> > (Didn't make it to 6.2 though).
>
> Is that really the right patch? It doesn't seem to be in the portable
> version, but the portable version is apparently affected as well by the
> gratuitous "No such identity" message.
> The aforementioned patch breaks the portable version since Options has
> no member named identity_file_userprovided.
>
> So, what's the real patch for this problem relative to 6.2p1?
That's it, but it also needs the following patch. Sorry, I should have
pulled both in for 6.2p1.
---------------------
PatchSet 4190
Date: 2013/02/18 10:16:57
Author: dtucker
Branch: HEAD
Tag: (none)
Log:
Keep track of which IndentityFile options were manually supplied and which
were default options, and don't warn if the latter are missing. ok markus@
Members:
readconf.c:1.194->1.195
readconf.h:1.91->1.92
ssh.c:1.370->1.371
sshconnect2.c:1.191->1.192
Index: src/usr.bin/ssh/readconf.c
diff -u src/usr.bin/ssh/readconf.c:1.194 src/usr.bin/ssh/readconf.c:1.195
--- src/usr.bin/ssh/readconf.c:1.194 Fri Sep 23 07:45:05 2011
+++ src/usr.bin/ssh/readconf.c Sun Feb 17 23:16:57 2013
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.194 2011/09/23 07:45:05 markus Exp $ */
+/* $OpenBSD: readconf.c,v 1.195 2013/02/17 23:16:57 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -322,6 +322,26 @@
options->tun_open = SSH_TUNMODE_NO;
}
+void
+add_identity_file(Options *options, const char *dir, const char *filename,
+ int userprovided)
+{
+ char *path;
+
+ if (options->num_identity_files >= SSH_MAX_IDENTITY_FILES)
+ fatal("Too many identity files specified (max %d)",
+ SSH_MAX_IDENTITY_FILES);
+
+ if (dir == NULL) /* no dir, filename is absolute */
+ path = xstrdup(filename);
+ else
+ (void)xasprintf(&path, "%.100s%.100s", dir, filename);
+
+ options->identity_file_userprovided[options->num_identity_files] =
+ userprovided;
+ options->identity_files[options->num_identity_files++] = path;
+}
+
/*
* Returns the number of the token pointed to by cp or oBadOption.
*/
@@ -582,9 +602,7 @@
if (*intptr >= SSH_MAX_IDENTITY_FILES)
fatal("%.200s line %d: Too many identity files specified (max %d).",
filename, linenum, SSH_MAX_IDENTITY_FILES);
- charptr = &options->identity_files[*intptr];
- *charptr = xstrdup(arg);
- *intptr = *intptr + 1;
+ add_identity_file(options, NULL, arg, 1);
}
break;
@@ -1276,30 +1294,16 @@
options->protocol = SSH_PROTO_2;
if (options->num_identity_files == 0) {
if (options->protocol & SSH_PROTO_1) {
- len = 2 + strlen(_PATH_SSH_CLIENT_IDENTITY) + 1;
- options->identity_files[options->num_identity_files] =
- xmalloc(len);
- snprintf(options->identity_files[options->num_identity_files++],
- len, "~/%.100s", _PATH_SSH_CLIENT_IDENTITY);
+ add_identity_file(options, "~/",
+ _PATH_SSH_CLIENT_IDENTITY, 0);
}
if (options->protocol & SSH_PROTO_2) {
- len = 2 + strlen(_PATH_SSH_CLIENT_ID_RSA) + 1;
- options->identity_files[options->num_identity_files] =
- xmalloc(len);
- snprintf(options->identity_files[options->num_identity_files++],
- len, "~/%.100s", _PATH_SSH_CLIENT_ID_RSA);
-
- len = 2 + strlen(_PATH_SSH_CLIENT_ID_DSA) + 1;
- options->identity_files[options->num_identity_files] =
- xmalloc(len);
- snprintf(options->identity_files[options->num_identity_files++],
- len, "~/%.100s", _PATH_SSH_CLIENT_ID_DSA);
-
- len = 2 + strlen(_PATH_SSH_CLIENT_ID_ECDSA) + 1;
- options->identity_files[options->num_identity_files] =
- xmalloc(len);
- snprintf(options->identity_files[options->num_identity_files++],
- len, "~/%.100s", _PATH_SSH_CLIENT_ID_ECDSA);
+ add_identity_file(options, "~/",
+ _PATH_SSH_CLIENT_ID_RSA, 0);
+ add_identity_file(options, "~/",
+ _PATH_SSH_CLIENT_ID_DSA, 0);
+ add_identity_file(options, "~/",
+ _PATH_SSH_CLIENT_ID_ECDSA, 0);
}
}
if (options->escape_char == -1)
Index: src/usr.bin/ssh/readconf.h
diff -u src/usr.bin/ssh/readconf.h:1.91 src/usr.bin/ssh/readconf.h:1.92
--- src/usr.bin/ssh/readconf.h:1.91 Fri Sep 23 07:45:05 2011
+++ src/usr.bin/ssh/readconf.h Sun Feb 17 23:16:57 2013
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.h,v 1.91 2011/09/23 07:45:05 markus Exp $ */
+/* $OpenBSD: readconf.h,v 1.92 2013/02/17 23:16:57 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
@@ -96,6 +96,7 @@
int num_identity_files; /* Number of files for RSA/DSA identities. */
char *identity_files[SSH_MAX_IDENTITY_FILES];
+ int identity_file_userprovided[SSH_MAX_IDENTITY_FILES];
Key *identity_keys[SSH_MAX_IDENTITY_FILES];
/* Local TCP/IP forward requests. */
@@ -158,5 +159,6 @@
void add_local_forward(Options *, const Forward *);
void add_remote_forward(Options *, const Forward *);
+void add_identity_file(Options *, const char *, const char *, int);
#endif /* READCONF_H */
Index: src/usr.bin/ssh/ssh.c
diff -u src/usr.bin/ssh/ssh.c:1.370 src/usr.bin/ssh/ssh.c:1.371
--- src/usr.bin/ssh/ssh.c:1.370 Fri Jul 6 01:47:38 2012
+++ src/usr.bin/ssh/ssh.c Sun Feb 17 23:16:57 2013
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.370 2012/07/06 01:47:38 djm Exp $ */
+/* $OpenBSD: ssh.c,v 1.371 2013/02/17 23:16:57 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -376,12 +376,7 @@
strerror(errno));
break;
}
- if (options.num_identity_files >=
- SSH_MAX_IDENTITY_FILES)
- fatal("Too many identity files specified "
- "(max %d)", SSH_MAX_IDENTITY_FILES);
- options.identity_files[options.num_identity_files++] =
- xstrdup(optarg);
+ add_identity_file(&options, NULL, optarg, 1);
break;
case 'I':
#ifdef ENABLE_PKCS11
Index: src/usr.bin/ssh/sshconnect2.c
diff -u src/usr.bin/ssh/sshconnect2.c:1.191 src/usr.bin/ssh/sshconnect2.c:1.192
--- src/usr.bin/ssh/sshconnect2.c:1.191 Fri Feb 15 00:21:01 2013
+++ src/usr.bin/ssh/sshconnect2.c Sun Feb 17 23:16:57 2013
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect2.c,v 1.191 2013/02/15 00:21:01 dtucker Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.192 2013/02/17 23:16:57 dtucker Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
* Copyright (c) 2008 Damien Miller. All rights reserved.
@@ -1378,7 +1378,7 @@
id = xcalloc(1, sizeof(*id));
id->key = key;
id->filename = xstrdup(options.identity_files[i]);
- id->userprovided = 1;
+ id->userprovided = options.identity_file_userprovided[i];
TAILQ_INSERT_TAIL(&files, id, next);
}
/* Prefer PKCS11 keys that are explicitly listed */
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
More information about the openssh-unix-dev
mailing list