version 1.283, 2015/11/20 23:04:01 |
version 1.292, 2016/09/12 03:29:16 |
|
|
*bitsp = sshkey_curve_nid_to_bits(nid); |
*bitsp = sshkey_curve_nid_to_bits(nid); |
if (*bitsp == 0) |
if (*bitsp == 0) |
*bitsp = DEFAULT_BITS_ECDSA; |
*bitsp = DEFAULT_BITS_ECDSA; |
} |
} else |
else |
|
#endif |
#endif |
*bitsp = DEFAULT_BITS; |
*bitsp = DEFAULT_BITS; |
} |
} |
|
|
sshbuf_free(b); |
sshbuf_free(b); |
|
|
/* try the key */ |
/* try the key */ |
if (sshkey_sign(key, &sig, &slen, data, sizeof(data), 0) != 0 || |
if (sshkey_sign(key, &sig, &slen, data, sizeof(data), NULL, 0) != 0 || |
sshkey_verify(key, sig, slen, data, sizeof(data), 0) != 0) { |
sshkey_verify(key, sig, slen, data, sizeof(data), 0) != 0) { |
sshkey_free(key); |
sshkey_free(key); |
free(sig); |
free(sig); |
|
|
{ |
{ |
FILE *f; |
FILE *f; |
struct sshkey *public = NULL; |
struct sshkey *public = NULL; |
char *comment = NULL, *cp, *ep, line[16*1024]; |
char *comment = NULL, *cp, *ep, line[SSH_MAX_PUBKEY_BYTES]; |
int i, invalid = 1; |
int i, invalid = 1; |
const char *path; |
const char *path; |
long int lnum = 0; |
u_long lnum = 0; |
|
|
if (!have_identity) |
if (!have_identity) |
ask_filename(pw, "Enter file in which the key is"); |
ask_filename(pw, "Enter file in which the key is"); |
|
|
} |
} |
/* Retry after parsing leading hostname/key options */ |
/* Retry after parsing leading hostname/key options */ |
if (public == NULL && (public = try_read_key(&cp)) == NULL) { |
if (public == NULL && (public = try_read_key(&cp)) == NULL) { |
debug("%s:%ld: not a public key", path, lnum); |
debug("%s:%lu: not a public key", path, lnum); |
continue; |
continue; |
} |
} |
|
|
|
|
foreach_options |= print_fingerprint ? HKF_WANT_PARSE_KEY : 0; |
foreach_options |= print_fingerprint ? HKF_WANT_PARSE_KEY : 0; |
if ((r = hostkeys_foreach(identity_file, |
if ((r = hostkeys_foreach(identity_file, |
hash_hosts ? known_hosts_hash : known_hosts_find_delete, &ctx, |
hash_hosts ? known_hosts_hash : known_hosts_find_delete, &ctx, |
name, NULL, foreach_options)) != 0) |
name, NULL, foreach_options)) != 0) { |
|
if (inplace) |
|
unlink(tmp); |
fatal("%s: hostkeys_foreach failed: %s", __func__, ssh_err(r)); |
fatal("%s: hostkeys_foreach failed: %s", __func__, ssh_err(r)); |
|
} |
|
|
if (inplace) |
if (inplace) |
fclose(ctx.out); |
fclose(ctx.out); |
|
|
ca = load_identity(tmp); |
ca = load_identity(tmp); |
free(tmp); |
free(tmp); |
|
|
|
if (key_type_name != NULL && |
|
sshkey_type_from_name(key_type_name) != ca->type) { |
|
fatal("CA key type %s doesn't match specified %s", |
|
sshkey_ssh_name(ca), key_type_name); |
|
} |
|
|
for (i = 0; i < argc; i++) { |
for (i = 0; i < argc; i++) { |
/* Split list of principals */ |
/* Split list of principals */ |
n = 0; |
n = 0; |
|
|
&public->cert->signature_key)) != 0) |
&public->cert->signature_key)) != 0) |
fatal("key_from_private (ca key): %s", ssh_err(r)); |
fatal("key_from_private (ca key): %s", ssh_err(r)); |
|
|
if (sshkey_certify(public, ca) != 0) |
if ((r = sshkey_certify(public, ca, key_type_name)) != 0) |
fatal("Couldn't not certify key %s", tmp); |
fatal("Couldn't certify key %s: %s", tmp, ssh_err(r)); |
|
|
if ((cp = strrchr(tmp, '.')) != NULL && strcmp(cp, ".pub") == 0) |
if ((cp = strrchr(tmp, '.')) != NULL && strcmp(cp, ".pub") == 0) |
*cp = '\0'; |
*cp = '\0'; |
|
|
struct stat st; |
struct stat st; |
int r, is_stdin = 0, ok = 0; |
int r, is_stdin = 0, ok = 0; |
FILE *f; |
FILE *f; |
char *cp, line[2048]; |
char *cp, line[SSH_MAX_PUBKEY_BYTES]; |
const char *path; |
const char *path; |
long int lnum = 0; |
u_long lnum = 0; |
|
|
if (!have_identity) |
if (!have_identity) |
ask_filename(pw, "Enter file in which the key is"); |
ask_filename(pw, "Enter file in which the key is"); |
|
|
close(fd); |
close(fd); |
sshbuf_free(kbuf); |
sshbuf_free(kbuf); |
ssh_krl_free(krl); |
ssh_krl_free(krl); |
if (ca != NULL) |
sshkey_free(ca); |
sshkey_free(ca); |
|
} |
} |
|
|
static void |
static void |
|
|
extern int optind; |
extern int optind; |
extern char *optarg; |
extern char *optarg; |
|
|
|
ssh_malloc_init(); /* must be called before any mallocs */ |
/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ |
/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ |
sanitise_stdfd(); |
sanitise_stdfd(); |
|
|
|
|
break; |
break; |
case 'J': |
case 'J': |
lines_to_process = strtoul(optarg, NULL, 10); |
lines_to_process = strtoul(optarg, NULL, 10); |
break; |
break; |
case 'j': |
case 'j': |
start_lineno = strtoul(optarg, NULL, 10); |
start_lineno = strtoul(optarg, NULL, 10); |
break; |
break; |
case 'K': |
case 'K': |
if (strlen(optarg) >= PATH_MAX) |
if (strlen(optarg) >= PATH_MAX) |
fatal("Checkpoint filename too long"); |
fatal("Checkpoint filename too long"); |