https://bugzilla.mindrot.org/show_bug.cgi?id=3879
--- Comment #11 from [email protected] --- Hi, the only reason pkcs11_fetch_x509_pubkey() fails without printing an error() on its own is if pkcs11_record_key() fails, and the only reason for that one to fail without printing an error is if the key is already known - which doesn't constitute an error worth printing at all (and "failed to fetch" is even just wrong). So maybe this error() in pkcs11_fetch_certs() can be dropped? Here's my log snippet: ===== debug1: pkcs11_record_key: RSA key: provider /usr/lib/x86_64-linux-gnu/opensc-pkcs11.so slot 0 keyid 00 debug2: pkcs11_fetch_keys: provider /usr/lib/x86_64-linux-gnu/opensc-pkcs11.so slot 0: RSA SHA256:... debug1: have 1 keys debug1: pkcs11_record_key: RSA key: provider /usr/lib/x86_64-linux-gnu/opensc-pkcs11.so slot 0 keyid 01 debug2: pkcs11_fetch_keys: provider /usr/lib/x86_64-linux-gnu/opensc-pkcs11.so slot 0: RSA SHA256:... debug1: have 2 keys debug1: pkcs11_record_key: RSA key: provider /usr/lib/x86_64-linux-gnu/opensc-pkcs11.so slot 0 keyid 02 debug2: pkcs11_fetch_keys: provider /usr/lib/x86_64-linux-gnu/opensc-pkcs11.so slot 0: RSA SHA256:... debug1: have 3 keys debug1: pkcs11_record_key: RSA key: provider /usr/lib/x86_64-linux-gnu/opensc-pkcs11.so slot 0 keyid 00 debug1: pkcs11_record_key: Already seen this key at provider /usr/lib/x86_64-linux-gnu/opensc-pkcs11.so slot 0 keyid 00 failed to fetch key from x.509 cert debug1: pkcs11_record_key: RSA key: provider /usr/lib/x86_64-linux-gnu/opensc-pkcs11.so slot 0 keyid 02 debug1: pkcs11_record_key: Already seen this key at provider /usr/lib/x86_64-linux-gnu/opensc-pkcs11.so slot 0 keyid 02 failed to fetch key from x.509 cert ===== -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
