Re: OpenSSH 6.4, "ssh-add -l", output to non-tty

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On 2014-04-17 at 12:46 +0200, Peter Stuge wrote:
> Phil Pennock wrote:
> > stdio buffering, not in line-buffering mode, not flushed before
> > `fatal()` call.
> > 
> > Obvious in retrospect.  Bug?
> 
> I think it seems good to add two fflush() calls to fatal().

What happens if fatal() is called from some place in a network speaker
where the caller has decided to exit immediately for security reasons?
(You might be right: this is an honest question from ignorance on my
part.)

It looks like openssh is already doing portability/brokenness checks to
end up with a working setlinebuf() call.  Switching ssh-add to be
line-buffered when working with key conversion formats might conceivably
affect broken tools, but it should be safe for list_identities() to do
so.

But this assumes that the remote agent will always have older, more
broadly supported, key formats loaded first; true for a single
invocation of 'ssh-add' loading one set of keys in default order, but
buggy.  It might be better to instead give key_fingerprint() a flag to
avoid fatal()?


diff --git a/ssh-add.c b/ssh-add.c
index 3421452..9bf5f21 100644
--- a/ssh-add.c
+++ b/ssh-add.c
@@ -324,6 +324,9 @@ list_identities(AuthenticationConnection *ac, int do_fp)
 	int had_identities = 0;
 	int version;
 
+	/* key_fingerprint() can fatal() */
+	setlinebuf(stdout);
+
 	for (version = 1; version <= 2; version++) {
 		for (key = ssh_get_first_identity(ac, &comment, version);
 		    key != NULL;
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux