The branch main has been updated by ngie:
URL:
https://cgit.FreeBSD.org/src/commit/?id=52b63df9b6dfc157fb0b9f61a770b64e3663dee9
commit 52b63df9b6dfc157fb0b9f61a770b64e3663dee9
Author: Enji Cooper <n...@freebsd.org>
AuthorDate: 2023-05-27 01:02:34 +0000
Commit: Enji Cooper <n...@freebsd.org>
CommitDate: 2023-05-27 01:05:04 +0000
dumpon: provide diag info when `PEM_read_RSA_PUBKEY` fails
This change modifies dumpon to print out the last error from OpenSSL
when `PEM_read_RSA_PUBKEY` fails. This allows end-users to diagnose why
reading in RSA pubkey files fails so they can adjust the usage to meet
the needs of the command.
MFC after: 1 week
---
sbin/dumpon/dumpon.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/sbin/dumpon/dumpon.c b/sbin/dumpon/dumpon.c
index 626350427595..c530c9ad59ed 100644
--- a/sbin/dumpon/dumpon.c
+++ b/sbin/dumpon/dumpon.c
@@ -270,7 +270,8 @@ _genkey(const char *pubkeyfile, struct diocskerneldump_arg
*kdap)
fclose(fp);
fp = NULL;
if (pubkey == NULL)
- errx(1, "Unable to read data from %s.", pubkeyfile);
+ errx(1, "Unable to read data from %s: %s", pubkeyfile,
+ ERR_error_string(ERR_get_error(), NULL));
/*
* RSA keys under ~1024 bits are trivially factorable (2018). OpenSSL
