Add extra help information on ssh early failure

Resolves: RHEL-33809
2024-10-21 11:03:50 +02:00 · 2024-10-21 11:03:50 +02:00 · 48c1a09ba9
commit 48c1a09ba9
parent 2a5b657c60
2 changed files with 47 additions and 1 deletions
--- a/openssh-8.7p1-redhat-help.patch
+++ b/openssh-8.7p1-redhat-help.patch
@ -0,0 +1,40 @@
+diff -up openssh-8.7p1/ssh.c.xxx openssh-8.7p1/ssh.c
+--- openssh-8.7p1/ssh.c.xxx	2024-09-11 14:24:06.711088878 +0200
+++ openssh-8.7p1/ssh.c	2024-09-11 14:35:12.883765718 +0200
+@@ -175,6 +175,16 @@ extern int muxserver_sock;
+ extern u_int muxclient_command;
+ 
+ /* Prints a help message to the user.  This function never returns. */
+static void
+redhat_usage(void)
+{
+    if(isatty(fileno(stderr))) {
+	fprintf(stderr,
+"\nYou can find some explanations for typical errors at this link:\n"
+"	    https://red.ht/support_rhel_ssh\n"
+	);
+    }
+}
+ 
+ static void
+ usage(void)
+@@ -188,6 +196,7 @@ usage(void)
+ "           [-Q query_option] [-R address] [-S ctl_path] [-W host:port]\n"
+ "           [-w local_tun[:remote_tun]] destination [command]\n"
+ 	);
+	redhat_usage();
+ 	exit(255);
+ }
+ 
+@@ -1609,8 +1618,10 @@ main(int ac, char **av)
+ 	/* Open a connection to the remote host. */
+ 	if (ssh_connect(ssh, host, host_arg, addrs, &hostaddr, options.port,
+ 	    options.connection_attempts,
+-	    &timeout_ms, options.tcp_keep_alive) != 0)
+	    &timeout_ms, options.tcp_keep_alive) != 0) {
+		redhat_usage();
+ 		exit(255);
+	}
+ 
+ 	if (addrs != NULL)
+ 		freeaddrinfo(addrs);
--- a/openssh.spec
+++ b/openssh.spec
@ -47,7 +47,7 @@

 # Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1
 %global openssh_ver 8.7p1
-%global openssh_rel 43
+%global openssh_rel 44
 %global pam_ssh_agent_ver 0.10.4
 %global pam_ssh_agent_rel 5

@ -293,6 +293,7 @@ Patch1019: openssh-9.6p1-CVE-2023-51385.patch
 #upstream commit 96faa0de6c673a2ce84736eba37fc9fb723d9e5c
 Patch1020: openssh-8.7p1-sigpipe.patch
 Patch1021: openssh-9.8p1-upstream-cve-2024-6387.patch
+Patch1022: openssh-8.7p1-redhat-help.patch

 License: BSD
 Requires: /sbin/nologin
@ -519,6 +520,7 @@ popd
 %patch1019 -p1 -b .cve-2023-51385
 %patch1020 -p1 -b .earlypipe
 %patch1021 -p1 -b .cve-2024-6387
+%patch1022 -p1 -b .redhat-help

 autoreconf
 pushd pam_ssh_agent_auth-pam_ssh_agent_auth-%{pam_ssh_agent_ver}
@ -806,6 +808,10 @@ test -f %{sysconfig_anaconda} && \
 %endif

 %changelog
+* Mon Oct 21 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-44
+- Add extra help information on ssh early failure
+  Resolves: RHEL-33809
+
 * Tue Jul 09 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-43
 - Possible remote code execution due to a race condition (CVE-2024-6409)
  Resolves: RHEL-45741