Apply suggestions from code review

yosuke-wolfssl · Copilot · web-flow · commit ceed474af445 · 2026-06-11T08:09:14.000+09:00
Co-authored-by: Copilot Autofix powered by AI &lt;175728472+Copilot@users.noreply.github.com&gt;
diff --git a/apps/wolfsshd/test/run_all_sshd_tests.sh b/apps/wolfsshd/test/run_all_sshd_tests.sh
@@ -104,11 +104,21 @@ run_hostkey_perm_check() {
         return
     fi
 
-    HK_WORK=`mktemp -d 2>/dev/null` || HK_WORK=`mktemp -d -t sshdperm`
-    cp "$HK_KEY" "$HK_WORK/hostkey.pem"
+    HK_WORK=$(mktemp -d 2>/dev/null) || HK_WORK=$(mktemp -d -t sshdperm)
+    if [ -z "$HK_WORK" ] || [ ! -d "$HK_WORK" ]; then
+        printf "SKIPPED (mktemp failed)\n"
+        SKIPPED=$((SKIPPED+1))
+        return
+    fi
+
+    cp "$HK_KEY" "$HK_WORK/hostkey.pem" || {
+        printf "SKIPPED (could not prepare hostkey)\n"
+        SKIPPED=$((SKIPPED+1))
+        rm -rf "$HK_WORK"
+        return
+    }
     chmod 600 "$HK_WORK/hostkey.pem"
     touch "$HK_WORK/authorized_keys"
-
     hk_cfg() {
         cat > "$HK_WORK/cfg" <<EOF
 Port $HK_PORT
diff --git a/apps/wolfsshd/test/start_sshd.sh b/apps/wolfsshd/test/start_sshd.sh
@@ -20,9 +20,14 @@ start_wolfsshd() {
     # copies root-owned, and emit a temp config pointing at them. The
     # version-controlled files are left untouched so the suite stays re-runnable.
     if grep -qE '^(HostKey|HostCertificate|TrustedUserCAKeys)[[:space:]]' "$ORIGCFG"; then
-        SSHD_KEYDIR=`mktemp -d 2>/dev/null` || SSHD_KEYDIR=`mktemp -d -t sshdkeys`
-        CONFIG="$SSHD_KEYDIR/sshd_config"
-        : > "$CONFIG"
+        SSHD_KEYDIR=$(mktemp -d 2>/dev/null) || SSHD_KEYDIR=$(mktemp -d -t sshdkeys)
+        if [ -z "$SSHD_KEYDIR" ] || [ ! -d "$SSHD_KEYDIR" ]; then
+            printf "WARNING: could not create temp dir for trust-anchor copies; using original config\n" >&2
+            SSHD_KEYDIR=""
+        else
+            CONFIG="$SSHD_KEYDIR/sshd_config"
+            : > "$CONFIG" || { printf "WARNING: could not write %s; using original config\n" "$CONFIG" >&2; CONFIG="$ORIGCFG"; rm -rf "$SSHD_KEYDIR"; SSHD_KEYDIR=""; }
+        fi
         n=0
         # Rewrite the config line by line. For each trust-anchor directive copy
         # the file to a counter-named destination (so distinct directories with
diff --git a/apps/wolfsshd/wolfsshd.c b/apps/wolfsshd/wolfsshd.c
@@ -479,7 +479,7 @@ static int SetupCTX(WOLFSSHD_CONFIG* conf, WOLFSSH_CTX** ctx,
             data = getBufferFromFile(hostCert, &dataSz, heap, 1);
             if (data == NULL) {
                 wolfSSH_Log(WS_LOG_ERROR,
-                    "[SSHD] Error reading host key file.");
+                    "[SSHD] Error reading host certificate file.");
                 ret = WS_MEMORY_E;
 
             }

Original file line number	Diff line number	Diff line change
`@@ -479,7 +479,7 @@ static int SetupCTX(WOLFSSHD_CONFIG* conf, WOLFSSH_CTX** ctx,`
`479`	`479`	`data = getBufferFromFile(hostCert, &dataSz, heap, 1);`
`480`	`480`	`if (data == NULL) {`
`481`	`481`	`wolfSSH_Log(WS_LOG_ERROR,`
`482`		`- "[SSHD] Error reading host key file.");`
	`482`	`+ "[SSHD] Error reading host certificate file.");`
`483`	`483`	`ret = WS_MEMORY_E;`
`484`	`484`
`485`	`485`	`}`