OpenSSH 6.4, "ssh-add -l", output to non-tty
Phil Pennock
phil.pennock at globnix.org
Fri Apr 18 02:32:57 EST 2014
On 2014-04-17 at 12:46 +0200, Peter Stuge wrote:
> Phil Pennock wrote:
> > stdio buffering, not in line-buffering mode, not flushed before
> > `fatal()` call.
> >
> > Obvious in retrospect. Bug?
>
> I think it seems good to add two fflush() calls to fatal().
What happens if fatal() is called from some place in a network speaker
where the caller has decided to exit immediately for security reasons?
(You might be right: this is an honest question from ignorance on my
part.)
It looks like openssh is already doing portability/brokenness checks to
end up with a working setlinebuf() call. Switching ssh-add to be
line-buffered when working with key conversion formats might conceivably
affect broken tools, but it should be safe for list_identities() to do
so.
But this assumes that the remote agent will always have older, more
broadly supported, key formats loaded first; true for a single
invocation of 'ssh-add' loading one set of keys in default order, but
buggy. It might be better to instead give key_fingerprint() a flag to
avoid fatal()?
diff --git a/ssh-add.c b/ssh-add.c
index 3421452..9bf5f21 100644
--- a/ssh-add.c
+++ b/ssh-add.c
@@ -324,6 +324,9 @@ list_identities(AuthenticationConnection *ac, int do_fp)
int had_identities = 0;
int version;
+ /* key_fingerprint() can fatal() */
+ setlinebuf(stdout);
+
for (version = 1; version <= 2; version++) {
for (key = ssh_get_first_identity(ac, &comment, version);
key != NULL;
More information about the openssh-unix-dev
mailing list