Ping.
Janus, would this make you happy?
Do you think this fix should go in?
Stefan
On Wed, Mar 03, 2010 at 05:08:41PM +0100, Stefan Sperling wrote:
> On Wed, Mar 03, 2010 at 04:06:08PM +0100, Janus Weil wrote:
> > Dear subversion team,
> >
> > I noticed that recent svn releases fail to display many error messages.
> >
> > Example: Doing "svn co svn+ssh://some...@gcc.gnu.org/svn/gcc/trunk
> > trunk" without having the proper ssh keys for user 'someone'. The svn
> > versions I tried were 1.6.3, 1.6.5 and 1.6.9. With 1.6.3 I get:
> >
> > Permission denied (publickey,gssapi-with-mic).
> > svn: Network connection closed unexpectedly
> >
> > But if I do the same with 1.6.5 or 1.6.9, the first line is missing
> > and I only get the rather nebulous message about the unexpected
> > closing of the network connection, without seeing the reason for that.
> >
> > It's even worse if e.g. my private key has the wrong permissions for
> > some reason. In this case svn 1.6.3 displays a very bold warning:
> >
> > @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> > @ WARNING: UNPROTECTED PRIVATE KEY FILE! @
> > @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> > Permissions 0755 for '~/.ssh/id_dsa' are too open.
> > It is recommended that your private key files are NOT accessible by others.
> > This private key will be ignored.
> > bad permissions: ignore key: ~/.ssh/id_dsa
> > Permission denied (publickey,gssapi-with-mic).
> > svn: Network connection closed unexpectedly
> >
> > Again, with newer releases one only gets the last line, without any
> > chance of finding out what the problem is.
> >
> > Is this a known bug?
>
> This is probably a side-effect of the fix for issue #2580 done in
> Subversion 1.6.5. Since then, Subversion passes '-q' to ssh to avoid
> the message 'Terminated by signal 15' being printed whenever ssh exists
> upon being terminated by Subversion in a friendly manner.
> This particular output from ssh would confuse users assuming the output
> came from svn, and make them believe svn had crashed. Of course, '-q'
> might also suppress some other messages printed by ssh, such as the
> "unprotected key file" warning.
>
> I guess we should make the error message for svn+ssh connection failures
> advise people to remove the '-q' flag from the ssh invocation in
> ~/.subversion/config to debug SSH connection problems.
> The patch below does this:
>
> $ svn ls svn+ssh://svntest/
> svn: Unable to connect to a repository at URL 'svn+ssh://svntest'
> svn: To better debug SSH connection problems, remove the -q option from
> 'ssh' in the [tunnels] section of your Subversion configuration file.
> svn: Network connection closed unexpectedly
>
> (Above, 'svntest' is an SSH host alias to localhost with a port where nothing
> is listening.)
>
> Do you think this would help?
>
> Stefan
>
>
> Index: subversion/libsvn_ra_svn/client.c
> ===================================================================
> --- subversion/libsvn_ra_svn/client.c (revision 918491)
> +++ subversion/libsvn_ra_svn/client.c (working copy)
> @@ -463,6 +463,7 @@ static svn_error_t *make_tunnel(const char **args,
> apr_status_t status;
> apr_proc_t *proc;
> apr_procattr_t *attr;
> + svn_error_t *err;
>
> status = apr_procattr_create(&attr, pool);
> if (status == APR_SUCCESS)
> @@ -516,7 +517,15 @@ static svn_error_t *make_tunnel(const char **args,
>
> /* Guard against dotfile output to stdout on the server. */
> *conn = svn_ra_svn_create_conn(NULL, proc->out, proc->in, pool);
> - SVN_ERR(svn_ra_svn_skip_leading_garbage(*conn, pool));
> + err = svn_ra_svn_skip_leading_garbage(*conn, pool);
> +
> + if (err)
> + return svn_error_quick_wrap(
> + err,
> + _("To better debug SSH connection problems, remove the -q "
> + "option from 'ssh' in the [tunnels] section of your "
> + "Subversion configuration file."));
> +
> return SVN_NO_ERROR;
> }
>
