===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/sshconnect.c,v
retrieving revision 1.340
retrieving revision 1.341
diff -u -r1.340 -r1.341
--- src/usr.bin/ssh/sshconnect.c	2020/10/12 08:36:37	1.340
+++ src/usr.bin/ssh/sshconnect.c	2020/10/18 11:32:02	1.341
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect.c,v 1.340 2020/10/12 08:36:37 kn Exp $ */
+/* $OpenBSD: sshconnect.c,v 1.341 2020/10/18 11:32:02 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -140,7 +140,7 @@
 		 */
 		if (!debug_flag && options.control_path != NULL &&
 		    options.control_persist && stdfd_devnull(0, 0, 1) == -1)
-			error("%s: stdfd_devnull failed", __func__);
+			error_f("stdfd_devnull failed");
 
 		argv[0] = shell;
 		argv[1] = "-c";
@@ -223,7 +223,7 @@
 		 */
 		if (!debug_flag && options.control_path != NULL &&
 		    options.control_persist && stdfd_devnull(0, 0, 1) == -1)
-			error("%s: stdfd_devnull failed", __func__);
+			error_f("stdfd_devnull failed");
 
 		argv[0] = shell;
 		argv[1] = "-c";
@@ -301,8 +301,7 @@
 				    htonl(INADDR_LOOPBACK))
 					continue;
 				if (*rlenp < sizeof(struct sockaddr_in)) {
-					error("%s: v4 addr doesn't fit",
-					    __func__);
+					error_f("v4 addr doesn't fit");
 					return -1;
 				}
 				*rlenp = sizeof(struct sockaddr_in);
@@ -316,8 +315,7 @@
 				    IN6_IS_ADDR_LOOPBACK(v6addr)))
 					continue;
 				if (*rlenp < sizeof(struct sockaddr_in6)) {
-					error("%s: v6 addr doesn't fit",
-					    __func__);
+					error_f("v6 addr doesn't fit");
 					return -1;
 				}
 				*rlenp = sizeof(struct sockaddr_in6);
@@ -387,15 +385,14 @@
 	}
 	if ((r = getnameinfo((struct sockaddr *)&bindaddr, bindaddrlen,
 	    ntop, sizeof(ntop), NULL, 0, NI_NUMERICHOST)) != 0) {
-		error("%s: getnameinfo failed: %s", __func__,
-		    ssh_gai_strerror(r));
+		error_f("getnameinfo failed: %s", ssh_gai_strerror(r));
 		goto fail;
 	}
 	if (bind(sock, (struct sockaddr *)&bindaddr, bindaddrlen) != 0) {
 		error("bind %s: %s", ntop, strerror(errno));
 		goto fail;
 	}
-	debug("%s: bound to %s", __func__, ntop);
+	debug_f("bound to %s", ntop);
 	/* success */
 	goto out;
 fail:
@@ -428,7 +425,7 @@
 	char ntop[NI_MAXHOST], strport[NI_MAXSERV];
 	struct addrinfo *ai;
 
-	debug2("%s", __func__);
+	debug3_f("entering");
 	memset(ntop, 0, sizeof(ntop));
 	memset(strport, 0, sizeof(strport));
 
@@ -452,7 +449,7 @@
 			    ntop, sizeof(ntop), strport, sizeof(strport),
 			    NI_NUMERICHOST|NI_NUMERICSERV) != 0) {
 				oerrno = errno;
-				error("%s: getnameinfo failed", __func__);
+				error_f("getnameinfo failed");
 				errno = oerrno;
 				continue;
 			}
@@ -523,7 +520,7 @@
 		    (out = dup(STDOUT_FILENO)) == -1) {
 			if (in >= 0)
 				close(in);
-			error("%s: dup() in/out failed", __func__);
+			error_f("dup() in/out failed");
 			return -1; /* ssh_packet_set_connection logs error */
 		}
 		if ((ssh_packet_set_connection(ssh, in, out)) == NULL)
@@ -582,16 +579,15 @@
 	}
 	if ((r = sshkey_check_cert_sigtype(key,
 	    options.ca_sign_algorithms)) != 0) {
-		logit("%s: certificate signature algorithm %s: %s", __func__,
+		logit_fr(r, "certificate signature algorithm %s",
 		    (key->cert == NULL || key->cert->signature_type == NULL) ?
-		    "(null)" : key->cert->signature_type, ssh_err(r));
+		    "(null)" : key->cert->signature_type);
 		return 0;
 	}
 	/* Do not attempt hostkey update if a certificate was successful */
 	if (options.update_hostkeys != 0) {
 		options.update_hostkeys = 0;
-		debug3("%s: certificate host key in use; disabling "
-		    "UpdateHostkeys", __func__);
+		debug3_f("certificate host key in use; disabling UpdateHostkeys");
 	}
 	return 1;
 }
@@ -629,7 +625,7 @@
 		if (options.proxy_command == NULL) {
 			if (getnameinfo(hostaddr, hostaddr->sa_len,
 			    ntop, sizeof(ntop), NULL, 0, NI_NUMERICHOST) != 0)
-			fatal("%s: getnameinfo failed", __func__);
+			fatal_f("getnameinfo failed");
 			*hostfile_ipaddr = put_host_port(ntop, port);
 		} else {
 			*hostfile_ipaddr = xstrdup("<no hostip for proxy "
@@ -785,8 +781,8 @@
 		    path_in_hostfiles(ip_found->file,
 		    system_hostfiles, num_system_hostfiles)))) {
 			options.update_hostkeys = 0;
-			debug3("%s: host key found in GlobalKnownHostsFile; "
-			    "disabling UpdateHostkeys", __func__);
+			debug3_f("host key found in GlobalKnownHostsFile; "
+			    "disabling UpdateHostkeys");
 		}
 		if (options.check_host_ip && ip_status == HOST_NEW) {
 			if (readonly || want_cert)
@@ -809,7 +805,7 @@
 			ra = sshkey_fingerprint(host_key,
 			    options.fingerprint_hash, SSH_FP_RANDOMART);
 			if (fp == NULL || ra == NULL)
-				fatal("%s: sshkey_fingerprint fail", __func__);
+				fatal_f("sshkey_fingerprint failed");
 			logit("Host key fingerprint is %s\n%s", fp, ra);
 			free(ra);
 			free(fp);
@@ -856,7 +852,7 @@
 			ra = sshkey_fingerprint(host_key,
 			    options.fingerprint_hash, SSH_FP_RANDOMART);
 			if (fp == NULL || ra == NULL)
-				fatal("%s: sshkey_fingerprint fail", __func__);
+				fatal_f("sshkey_fingerprint failed");
 			msg2[0] = '\0';
 			if (options.verify_host_key_dns) {
 				if (matching_host_key_dns)
@@ -1093,8 +1089,8 @@
 	}
 
 	if (!hostkey_trusted && options.update_hostkeys) {
-		debug("%s: hostkey not known or explicitly trusted: "
-		    "disabling UpdateHostkeys", __func__);
+		debug_f("hostkey not known or explicitly trusted: "
+		    "disabling UpdateHostkeys");
 		options.update_hostkeys = 0;
 	}
 
@@ -1114,10 +1110,9 @@
 		 */
 		debug("No matching CA found. Retry with plain key");
 		if ((r = sshkey_from_private(host_key, &raw_key)) != 0)
-			fatal("%s: sshkey_from_private: %s",
-			    __func__, ssh_err(r));
+			fatal_fr(r, "decode key");
 		if ((r = sshkey_drop_cert(raw_key)) != 0)
-			fatal("Couldn't drop certificate: %s", ssh_err(r));
+			fatal_r(r, "Couldn't drop certificate");
 		host_key = raw_key;
 		goto retry;
 	}
@@ -1142,7 +1137,7 @@
 
 	if ((fp = sshkey_fingerprint(host_key,
 	    options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL) {
-		error("%s: fingerprint host key: %s", __func__, ssh_err(r));
+		error_fr(r, "fingerprint host key");
 		r = -1;
 		goto out;
 	}
@@ -1150,8 +1145,7 @@
 	if (sshkey_is_cert(host_key)) {
 		if ((cafp = sshkey_fingerprint(host_key->cert->signature_key,
 		    options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL) {
-			error("%s: fingerprint CA key: %s",
-			    __func__, ssh_err(r));
+			error_fr(r, "fingerprint CA key");
 			r = -1;
 			goto out;
 		}
@@ -1173,8 +1167,8 @@
 	}
 
 	if (sshkey_equal(previous_host_key, host_key)) {
-		debug2("%s: server host key %s %s matches cached key",
-		    __func__, sshkey_type(host_key), fp);
+		debug2_f("server host key %s %s matches cached key",
+		    sshkey_type(host_key), fp);
 		r = 0;
 		goto out;
 	}
@@ -1192,9 +1186,9 @@
 			r = -1;
 			goto out;
 		default:
-			error("Error checking host key %s %s in "
-			    "revoked keys file %s: %s", sshkey_type(host_key),
-			    fp, options.revoked_host_keys, ssh_err(r));
+			error_r(r, "Error checking host key %s %s in "
+			    "revoked keys file %s", sshkey_type(host_key),
+			    fp, options.revoked_host_keys);
 			r = -1;
 			goto out;
 		}
@@ -1309,7 +1303,7 @@
 		ra = sshkey_fingerprint(found->key,
 		    options.fingerprint_hash, SSH_FP_RANDOMART);
 		if (fp == NULL || ra == NULL)
-			fatal("%s: sshkey_fingerprint fail", __func__);
+			fatal_f("sshkey_fingerprint fail");
 		logit("WARNING: %s key found for host %s\n"
 		    "in %s:%lu\n"
 		    "%s key fingerprint %s.",
@@ -1333,7 +1327,7 @@
 	fp = sshkey_fingerprint(host_key, options.fingerprint_hash,
 	    SSH_FP_DEFAULT);
 	if (fp == NULL)
-		fatal("%s: sshkey_fingerprint fail", __func__);
+		fatal_f("sshkey_fingerprint fail");
 
 	error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
 	error("@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @");