From 816036f142ecd284c12bb3685ae316a68d2ef190 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Sun, 18 Oct 2020 11:32:01 +0000 Subject: upstream: use the new variant log macros instead of prepending __func__ and appending ssh_err(r) manually; ok markus@ OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8 --- auth2-hostbased.c | 51 +++++++++++++++++++++++++-------------------------- 1 file changed, 25 insertions(+), 26 deletions(-) (limited to 'auth2-hostbased.c') diff --git a/auth2-hostbased.c b/auth2-hostbased.c index 5e9b7c65..52753700 100644 --- a/auth2-hostbased.c +++ b/auth2-hostbased.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-hostbased.c,v 1.42 2019/11/25 00:51:37 djm Exp $ */ +/* $OpenBSD: auth2-hostbased.c,v 1.43 2020/10/18 11:32:01 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -74,9 +74,9 @@ userauth_hostbased(struct ssh *ssh) (r = sshpkt_get_cstring(ssh, &chost, NULL)) != 0 || (r = sshpkt_get_cstring(ssh, &cuser, NULL)) != 0 || (r = sshpkt_get_string(ssh, &sig, &slen)) != 0) - fatal("%s: packet parsing: %s", __func__, ssh_err(r)); + fatal_fr(r, "parse packet"); - debug("%s: cuser %s chost %s pkalg %s slen %zu", __func__, + debug_f("cuser %s chost %s pkalg %s slen %zu", cuser, chost, pkalg, slen); #ifdef DEBUG_PK debug("signature:"); @@ -85,21 +85,21 @@ userauth_hostbased(struct ssh *ssh) pktype = sshkey_type_from_name(pkalg); if (pktype == KEY_UNSPEC) { /* this is perfectly legal */ - logit("%s: unsupported public key algorithm: %s", - __func__, pkalg); + logit_f("unsupported public key algorithm: %s", + pkalg); goto done; } if ((r = sshkey_from_blob(pkblob, blen, &key)) != 0) { - error("%s: key_from_blob: %s", __func__, ssh_err(r)); + error_fr(r, "key_from_blob"); goto done; } if (key == NULL) { - error("%s: cannot decode key: %s", __func__, pkalg); + error_f("cannot decode key: %s", pkalg); goto done; } if (key->type != pktype) { - error("%s: type mismatch for decoded key " - "(received %d, expected %d)", __func__, key->type, pktype); + error_f("type mismatch for decoded key " + "(received %d, expected %d)", key->type, pktype); goto done; } if (sshkey_type_plain(key->type) == KEY_RSA && @@ -109,25 +109,25 @@ userauth_hostbased(struct ssh *ssh) goto done; } if (match_pattern_list(pkalg, options.hostbased_key_types, 0) != 1) { - logit("%s: key type %s not in HostbasedAcceptedKeyTypes", - __func__, sshkey_type(key)); + logit_f("key type %s not in HostbasedAcceptedKeyTypes", + sshkey_type(key)); goto done; } if ((r = sshkey_check_cert_sigtype(key, options.ca_sign_algorithms)) != 0) { - logit("%s: certificate signature algorithm %s: %s", __func__, + logit_fr(r, "certificate signature algorithm %s", (key->cert == NULL || key->cert->signature_type == NULL) ? - "(null)" : key->cert->signature_type, ssh_err(r)); + "(null)" : key->cert->signature_type); goto done; } if (!authctxt->valid || authctxt->user == NULL) { - debug2("%s: disabled because of invalid user", __func__); + debug2_f("disabled because of invalid user"); goto done; } if ((b = sshbuf_new()) == NULL) - fatal("%s: sshbuf_new failed", __func__); + fatal_f("sshbuf_new failed"); /* reconstruct packet */ if ((r = sshbuf_put_string(b, session_id2, session_id2_len)) != 0 || (r = sshbuf_put_u8(b, SSH2_MSG_USERAUTH_REQUEST)) != 0 || @@ -138,7 +138,7 @@ userauth_hostbased(struct ssh *ssh) (r = sshbuf_put_string(b, pkblob, blen)) != 0 || (r = sshbuf_put_cstring(b, chost)) != 0 || (r = sshbuf_put_cstring(b, cuser)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); + fatal_fr(r, "reconstruct packet"); #ifdef DEBUG_PK sshbuf_dump(b, stderr); #endif @@ -157,7 +157,7 @@ userauth_hostbased(struct ssh *ssh) auth2_record_key(authctxt, authenticated, key); sshbuf_free(b); done: - debug2("%s: authenticated %d", __func__, authenticated); + debug2_f("authenticated %d", authenticated); sshkey_free(key); free(pkalg); free(pkblob); @@ -183,7 +183,7 @@ hostbased_key_allowed(struct ssh *ssh, struct passwd *pw, resolvedname = auth_get_canonical_hostname(ssh, options.use_dns); ipaddr = ssh_remote_ipaddr(ssh); - debug2("%s: chost %s resolvedname %s ipaddr %s", __func__, + debug2_f("chost %s resolvedname %s ipaddr %s", chost, resolvedname, ipaddr); if (((len = strlen(chost)) > 0) && chost[len - 1] == '.') { @@ -193,9 +193,8 @@ hostbased_key_allowed(struct ssh *ssh, struct passwd *pw, if (options.hostbased_uses_name_from_packet_only) { if (auth_rhosts2(pw, cuser, chost, chost) == 0) { - debug2("%s: auth_rhosts2 refused " - "user \"%.100s\" host \"%.100s\" (from packet)", - __func__, cuser, chost); + debug2_f("auth_rhosts2 refused user \"%.100s\" " + "host \"%.100s\" (from packet)", cuser, chost); return 0; } lookup = chost; @@ -205,14 +204,14 @@ hostbased_key_allowed(struct ssh *ssh, struct passwd *pw, "client sends %s, but we resolve %s to %s", chost, ipaddr, resolvedname); if (auth_rhosts2(pw, cuser, resolvedname, ipaddr) == 0) { - debug2("%s: auth_rhosts2 refused " + debug2_f("auth_rhosts2 refused " "user \"%.100s\" host \"%.100s\" addr \"%.100s\"", - __func__, cuser, resolvedname, ipaddr); + cuser, resolvedname, ipaddr); return 0; } lookup = resolvedname; } - debug2("%s: access allowed by auth_rhosts2", __func__); + debug2_f("access allowed by auth_rhosts2"); if (sshkey_is_cert(key) && sshkey_cert_check_authority(key, 1, 0, lookup, &reason)) { @@ -237,7 +236,7 @@ hostbased_key_allowed(struct ssh *ssh, struct passwd *pw, if (sshkey_is_cert(key)) { if ((fp = sshkey_fingerprint(key->cert->signature_key, options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL) - fatal("%s: sshkey_fingerprint fail", __func__); + fatal_f("sshkey_fingerprint fail"); verbose("Accepted certificate ID \"%s\" signed by " "%s CA %s from %s@%s", key->cert->key_id, sshkey_type(key->cert->signature_key), fp, @@ -245,7 +244,7 @@ hostbased_key_allowed(struct ssh *ssh, struct passwd *pw, } else { if ((fp = sshkey_fingerprint(key, options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL) - fatal("%s: sshkey_fingerprint fail", __func__); + fatal_f("sshkey_fingerprint fail"); verbose("Accepted %s public key %s from %s@%s", sshkey_type(key), fp, cuser, lookup); } -- cgit v1.2.1