From ce9cf3213c0e2f17fd90abafb308f14a0246e6b4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Lesimple?=
 <stephane.lesimple+bastion@ovhcloud.com>
Date: Mon, 2 Oct 2023 08:39:56 +0000
Subject: [PATCH] enh: connect.pl: report empty ttyrec as ttyrec_empty instead
 of ttyrec_error

---
 bin/shell/connect.pl | 40 ++++++++++++++++++++++++++++++----------
 1 file changed, 30 insertions(+), 10 deletions(-)

diff --git a/bin/shell/connect.pl b/bin/shell/connect.pl
index e8c15fd5b..1b446e724 100755
--- a/bin/shell/connect.pl
+++ b/bin/shell/connect.pl
@@ -147,22 +147,41 @@ sub exit_sig {
 # now guessify if the ssh worked or not
 my @comments;
 my $header;
-if (open(my $fh_ttyrec, '<', $saveFile)) {
-    read $fh_ttyrec, $header, 2000;    # 2K if there's the host key changed warning
-    close($fh_ttyrec);
+
+if (-e $saveFile) {
+    if (-z _) {
+        push @comments, 'ttyrec_empty';
+    }
+    else {
+        if (open(my $fh_ttyrec, '<', $saveFile)) {
+            read $fh_ttyrec, $header, 2000;    # 2K if there's the host key changed warning
+            close($fh_ttyrec);
+        }
+    }
 }
-elsif (-r "$saveFile.zst") {
-    my $fnret =
-      OVH::Bastion::execute(cmd => ['zstd', '-d', '-c', "$saveFile.zst"], max_stdout_bytes => 2000, must_succeed => 1);
-    $header = join("\n", @{$fnret->value->{'stdout'} || []}) if $fnret;
+elsif (-e "$saveFile.zst") {
+    if (-z _) {
+        push @comments, 'ttyrec_empty';
+    }
+    else {
+        my $fnret = OVH::Bastion::execute(
+            cmd              => ['zstd', '-d', '-c', "$saveFile.zst"],
+            max_stdout_bytes => 2000,
+            must_succeed     => 1
+        );
+        $header = join("\n", @{$fnret->value->{'stdout'} || []}) if $fnret;
+    }
+}
+else {
+    push @comments, 'ttyrec_none';
 }
 
 if ($header) {
     if ($header =~ /Permission denied \(publickey/) {
         push @comments, 'permission_denied';
         OVH::Bastion::osh_crit(
-            "BASTION SAYS: The remote server ($ip) refused all the keys we tried (see the list just above), there are FOUR things to verify:"
-        );
+                "BASTION SAYS: The remote server ($ip) refused all the keys we tried (see the list just above), "
+              . "there are FOUR things to verify:");
         OVH::Bastion::osh_warn(
             "1) Check the remote account's authorized_keys on $ip, did you add the proper key there? (personal key or group key)\n2) Did you tell the bastion you added a key to the remote server, so it knows it has to use it? See the actually used keys just above. If you didn't, do it with selfAddPersonalAccess or groupAddServer.\n3) Check the from=\"\" part of the remote account's authorized_keys' keyline. Are all the bastion IPs present? Master and slave(s)? See groupInfo or selfListEgressKeys to get the proper keyline to copy/paste.\n4) Did you check the 3 above points carefully? Really? Because if you did, you wouldn't be reading this 4th bullet point, as your problem would already be fixed ;)"
         );
@@ -220,7 +239,8 @@ sub exit_sig {
         );
     }
 }
-else {
+elsif (!@comments) {
+    # if $header is empty and we didn't push ttyrec_none or ttyrec_empty to @comments, it's weird
     push @comments, 'ttyrec_error';
 }