src/usr.bin/ssh/ssh-keygen.c - diff

Return to ssh-keygen.c CVS log

Up to [local] / src / usr.bin / ssh

Diff for /src/usr.bin/ssh/ssh-keygen.c between version 1.260 and 1.261

version 1.260, 2015/01/30 00:59:19

version 1.261, 2015/01/30 01:10:33

Line 1955

}

static void

update_krl_from_file(struct passwd *pw, const char *file,

update_krl_from_file(struct passwd *pw, const char *file, int wild_ca,

const struct sshkey *ca, struct ssh_krl *krl)

{

struct sshkey *key = NULL;

Line 1997

if (*cp == '\0')

continue;

if (strncasecmp(cp, "serial:", 7) == 0) {

if (ca == NULL) {

if (ca == NULL && !wild_ca) {

fatal("revoking certificates by serial number "

"requires specification of a CA key");

}

Line 2034

__func__);

}

} else if (strncasecmp(cp, "id:", 3) == 0) {

if (ca == NULL) {

if (ca == NULL && !wild_ca) {

fatal("revoking certificates by key ID "

"requires specification of a CA key");

}

Line 2085

struct ssh_krl *krl;

struct stat sb;

struct sshkey *ca = NULL;

int fd, i, r;

int fd, i, r, wild_ca = 0;

char *tmp;

struct sshbuf *kbuf;

Line 2099

fatal("KRL \"%s\" does not exist", identity_file);

}

if (ca_key_path != NULL) {

tmp = tilde_expand_filename(ca_key_path, pw->pw_uid);

if (strcasecmp(ca_key_path, "none") == 0)

if ((r = sshkey_load_public(tmp, &ca, NULL)) != 0)

wild_ca = 1;

fatal("Cannot load CA public key %s: %s",

else {

tmp, ssh_err(r));

tmp = tilde_expand_filename(ca_key_path, pw->pw_uid);

free(tmp);

if ((r = sshkey_load_public(tmp, &ca, NULL)) != 0)

fatal("Cannot load CA public key %s: %s",

tmp, ssh_err(r));

free(tmp);

}

if (updating)

Line 2117

Line 2121

ssh_krl_set_comment(krl, identity_comment);

for (i = 0; i < argc; i++)

update_krl_from_file(pw, argv[i], ca, krl);

update_krl_from_file(pw, argv[i], wild_ca, ca, krl);

if ((kbuf = sshbuf_new()) == NULL)

fatal("sshbuf_new failed");