- OpenBSD CVS updates to v1.2.3
[ssh.h atomicio.c]
- int atomicio -> ssize_t (for alpha). ok deraadt@
[auth-rsa.c]
- delay MD5 computation until client sends response, free() early, cleanup.
[cipher.c]
- void* -> unsigned char*, ok niels@
[hostfile.c]
- remove unused variable 'len'. fix comments.
- remove unused variable
[log-client.c log-server.c]
- rename a cpp symbol, to avoid param.h collision
[packet.c]
- missing xfree()
- getsockname() requires initialized tolen; andy@guildsoftware.com
- use getpeername() in packet_connection_is_on_socket(), fixes sshd -i;
from Holger.Trapp@Informatik.TU-Chemnitz.DE
[pty.c pty.h]
- register cleanup for pty earlier. move code for pty-owner handling to
pty.c ok provos@, dugsong@
[readconf.c]
- turn off x11-fwd for the client, too.
[rsa.c]
- PKCS#1 padding
[scp.c]
- allow '.' in usernames; from jedgar@fxp.org
[servconf.c]
- typo: ignore_user_known_hosts int->flag; naddy@mips.rhein-neckar.de
- sync with sshd_config
[ssh-keygen.c]
- enable ssh-keygen -l -f ~/.ssh/known_hosts, ok deraadt@
[ssh.1]
- Change invalid 'CHAT' loglevel to 'VERBOSE'
[ssh.c]
- suppress AAAA query host when '-4' is used; from shin@nd.net.fujitsu.co.jp
- turn off x11-fwd for the client, too.
[sshconnect.c]
- missing xfree()
- retry rresvport_af(), too. from sumikawa@ebina.hitachi.co.jp.
- read error vs. "Connection closed by remote host"
[sshd.8]
- ie. -> i.e.,
- do not link to a commercial page..
- sync with sshd_config
[sshd.c]
- no need for poll.h; from bright@wintelcom.net
- log with level log() not fatal() if peer behaves badly.
- don't panic if client behaves strange. ok deraadt@
- make no-port-forwarding for RSA keys deny both -L and -R style fwding
- delay close() of pty until the pty has been chowned back to root
- oops, fix comment, too.
- missing xfree()
- move XAUTHORITY to subdir. ok dugsong@. fixes debian bug #57907, too.
(http://cgi.debian.org/cgi-bin/bugreport.cgi?archive=no&bug=57907)
- register cleanup for pty earlier. move code for pty-owner handling to
pty.c ok provos@, dugsong@
- create x11 cookie file
- fix pr 1113, fclose() -> pclose(), todo: remote popen()
- version 1.2.3
- Cleaned up
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 2b67467..bf7f0ce 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -7,7 +7,7 @@
*/
#include "includes.h"
-RCSID("$Id: ssh-keygen.c,v 1.10 1999/11/25 00:54:59 damien Exp $");
+RCSID("$Id: ssh-keygen.c,v 1.11 2000/03/09 10:27:51 damien Exp $");
#include "rsa.h"
#include "ssh.h"
@@ -80,8 +80,11 @@
void
do_fingerprint(struct passwd *pw)
{
- char *comment;
+ FILE *f;
+ BIGNUM *e, *n;
RSA *public_key;
+ char *comment = NULL, *cp, *ep, line[16*1024];
+ int i, skip = 0, num = 1, invalid = 1;
struct stat st;
if (!have_identity)
@@ -90,38 +93,71 @@
perror(identity_file);
exit(1);
}
+
public_key = RSA_new();
- if (!load_public_key(identity_file, public_key, &comment)) {
- char *cp, line[1024];
- BIGNUM *e, *n;
- int dummy, invalid = 0;
- FILE *f = fopen(identity_file, "r");
+ if (load_public_key(identity_file, public_key, &comment)) {
+ printf("%d %s %s\n", BN_num_bits(public_key->n),
+ fingerprint(public_key->e, public_key->n),
+ comment);
+ RSA_free(public_key);
+ exit(0);
+ }
+ RSA_free(public_key);
+
+ f = fopen(identity_file, "r");
+ if (f != NULL) {
n = BN_new();
e = BN_new();
- if (f && fgets(line, sizeof(line), f)) {
- cp = line;
- line[strlen(line) - 1] = '\0';
- if (auth_rsa_read_key(&cp, &dummy, e, n)) {
- public_key->e = e;
- public_key->n = n;
- comment = xstrdup(cp ? cp : "no comment");
- } else {
- invalid = 1;
+ while (fgets(line, sizeof(line), f)) {
+ i = strlen(line) - 1;
+ if (line[i] != '\n') {
+ error("line %d too long: %.40s...", num, line);
+ skip = 1;
+ continue;
}
- } else {
- invalid = 1;
+ num++;
+ if (skip) {
+ skip = 0;
+ continue;
+ }
+ line[i] = '\0';
+
+ /* Skip leading whitespace, empty and comment lines. */
+ for (cp = line; *cp == ' ' || *cp == '\t'; cp++)
+ ;
+ if (!*cp || *cp == '\n' || *cp == '#')
+ continue ;
+ i = strtol(cp, &ep, 10);
+ if (i == 0 || ep == NULL || (*ep != ' ' && *ep != '\t')) {
+ int quoted = 0;
+ comment = cp;
+ for (; *cp && (quoted || (*cp != ' ' && *cp != '\t')); cp++) {
+ if (*cp == '\\' && cp[1] == '"')
+ cp++; /* Skip both */
+ else if (*cp == '"')
+ quoted = !quoted;
+ }
+ if (!*cp)
+ continue;
+ *cp++ = '\0';
+ }
+ ep = cp;
+ if (auth_rsa_read_key(&cp, &i, e, n)) {
+ invalid = 0;
+ comment = *cp ? cp : comment;
+ printf("%d %s %s\n", BN_num_bits(n),
+ fingerprint(e, n),
+ comment ? comment : "no comment");
+ }
}
- if (invalid) {
- printf("%s is not a valid key file.\n", identity_file);
- BN_free(e);
- BN_free(n);
- exit(1);
- }
+ BN_free(e);
+ BN_free(n);
+ fclose(f);
}
- printf("%d %s %s\n", BN_num_bits(public_key->n),
- fingerprint(public_key->e, public_key->n),
- comment);
- RSA_free(public_key);
+ if (invalid) {
+ printf("%s is not a valid key file.\n", identity_file);
+ exit(1);
+ }
exit(0);
}
@@ -314,7 +350,7 @@
usage(void)
{
printf("ssh-keygen version %s\n", SSH_VERSION);
- printf("Usage: %s [-b bits] [-p] [-c] [-f file] [-P pass] [-N new-pass] [-C comment]\n", __progname);
+ printf("Usage: %s [-b bits] [-p] [-c] [-l] [-f file] [-P pass] [-N new-pass] [-C comment]\n", __progname);
exit(1);
}