tyler.durden/openssh-portable
1
0
Fork 0
mirror of https://github.com/PowerShell/openssh-portable.git synced 2025-07-27 15:54:22 +02:00
Code Issues Packages Projects Releases Wiki Activity

upstream: Log errors in kex_exchange_identification() with level

Browse Source 
verbose instead of error to reduce preauth log spam. All of those get logged
with a more generic error message by sshpkt_fatal().

feedback from sthen@
ok djm@

OpenBSD-Commit-ID: bd47dab4695b134a44c379f0e9a39eed33047809
This commit is contained in:
tobhe@openbsd.org 2023-08-21 21:16:18 +00:00 committed by Damien Miller
parent 9d7193a835
commit d2d247938b
No known key found for this signature in database
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
kex.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: kex.c,v 1.179 2023/08/18 01:37:41 djm Exp $ */ /* $OpenBSD: kex.c,v 1.180 2023/08/21 21:16:18 tobhe Exp $ */
/* /*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
* *
@ -1353,7 +1353,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms,
len = atomicio(read, ssh_packet_get_connection_in(ssh), len = atomicio(read, ssh_packet_get_connection_in(ssh),
&c, 1); &c, 1);
if (len != 1 && errno == EPIPE) { if (len != 1 && errno == EPIPE) {
error_f("Connection closed by remote host"); verbose_f("Connection closed by remote host");
r = SSH_ERR_CONN_CLOSED; r = SSH_ERR_CONN_CLOSED;
goto out; goto out;
} else if (len != 1) { } else if (len != 1) {
@ -1369,7 +1369,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms,
if (c == '\n') if (c == '\n')
break; break;
if (c == '\0' || expect_nl) { if (c == '\0' || expect_nl) {
error_f("banner line contains invalid " verbose_f("banner line contains invalid "
"characters"); "characters");
goto invalid; goto invalid;
} }
@ -1379,7 +1379,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms,
goto out; goto out;
} }
if (sshbuf_len(peer_version) > SSH_MAX_BANNER_LEN) { if (sshbuf_len(peer_version) > SSH_MAX_BANNER_LEN) {
error_f("banner line too long"); verbose_f("banner line too long");
goto invalid; goto invalid;
} }
} }
@ -1395,7 +1395,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms,
} }
/* Do not accept lines before the SSH ident from a client */ /* Do not accept lines before the SSH ident from a client */
if (ssh->kex->server) { if (ssh->kex->server) {
error_f("client sent invalid protocol identifier " verbose_f("client sent invalid protocol identifier "
"\"%.256s\"", cp); "\"%.256s\"", cp);
free(cp); free(cp);
goto invalid; goto invalid;