commit d04758dc4c001104933ce3e2088ac46d461ec1f1
author Darren Tucker <dtucker@zip.com.au> Tue Jan 12 19:41:57 2010 +1100
committer Darren Tucker <dtucker@zip.com.au> Tue Jan 12 19:41:57 2010 +1100
tree 7d70fff202b0f415f74fd17815abc3e682a0bfd6
parent d4c86b13254d7c84b27b7cb8d32dcc7036ca3788

   - djm@cvs.openbsd.org 2010/01/11 10:51:07
     [ssh-keygen.c]
     when converting keys, truncate key comments at 72 chars as per RFC4716;
     bz#1630 reported by tj AT castaglia.org; ok markus@

ssh-keygen.c

diff --git a/ssh-keygen.c b/ssh-keygen.c
index 4f90ac5..7f5185f 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.175 2009/08/27 17:33:49 djm Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.176 2010/01/11 10:51:07 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -181,6 +181,7 @@
 	Key *k;
 	u_int len;
 	u_char *blob;
+	char comment[61];
 	struct stat st;
 
 	if (!have_identity)
@@ -203,11 +204,14 @@
 		fprintf(stderr, "key_to_blob failed\n");
 		exit(1);
 	}
-	fprintf(stdout, "%s\n", SSH_COM_PUBLIC_BEGIN);
-	fprintf(stdout,
-	    "Comment: \"%u-bit %s, converted from OpenSSH by %s@%s\"\n",
+	/* Comment + surrounds must fit into 72 chars (RFC 4716 sec 3.3) */
+	snprintf(comment, sizeof(comment),
+	    "%u-bit %s, converted by %s@%s from OpenSSH",
 	    key_size(k), key_type(k),
 	    pw->pw_name, hostname);
+
+	fprintf(stdout, "%s\n", SSH_COM_PUBLIC_BEGIN);
+	fprintf(stdout, "Comment: \"%s\"\n", comment);
 	dump_base64(stdout, blob, len);
 	fprintf(stdout, "%s\n", SSH_COM_PUBLIC_END);
 	key_free(k);