src/usr.bin/ssh/ssh-keygen.c - diff

Return to ssh-keygen.c CVS log

Up to [local] / src / usr.bin / ssh

Diff for /src/usr.bin/ssh/ssh-keygen.c between version 1.349 and 1.350

version 1.349, 2019/09/06 07:53:40

version 1.350, 2019/09/16 03:23:02

Line 2649

}

if ((r = sshsig_check_allowed_keys(allowed_keys, sign_key,

if (allowed_keys != NULL &&

principal, sig_namespace)) != 0) {

(r = sshsig_check_allowed_keys(allowed_keys, sign_key,

principal, sig_namespace)) != 0) {

debug3("sshsig_check_allowed_keys failed: %s", ssh_err(r));

goto done;

}

Line 2664

Line 2665

fatal("%s: sshkey_fingerprint failed",

__func__);

}

printf("Good \"%s\" signature for %s with %s key %s\n",

if (principal == NULL) {

sig_namespace, principal,

printf("Good \"%s\" signature with %s key %s\n",

sshkey_type(sign_key), fp);

sig_namespace, sshkey_type(sign_key), fp);

} else {

printf("Good \"%s\" signature for %s with %s key %s\n",

sig_namespace, principal,

sshkey_type(sign_key), fp);

}

} else {

printf("Could not verify signature.\n");

}

Line 2718

Line 2725

" ssh-keygen -Q -f krl_file file ...\n"

" ssh-keygen -Y sign -f sign_key -n namespace\n"

" ssh-keygen -Y verify -I signer_identity -s signature_file\n"

" -n namespace -f allowed_keys [-r revoked_keys]\n");

" -n namespace -f allowed_keys [-r revoked_keys]\n"

" ssh-keygen -Y check-novalidate -s signature_file -n namespace\n");

exit(1);

}

Line 3016

Line 3024

exit(1);

}

return sign(identity_file, cert_principals, argc, argv);

} else if (strncmp(sign_op, "check-novalidate", 16) == 0) {

if (ca_key_path == NULL) {

error("Too few arguments for check-novalidate: "

"missing signature file");

exit(1);

}

return verify(ca_key_path, cert_principals,

NULL, NULL, NULL);

} else if (strncmp(sign_op, "verify", 6) == 0) {

if (ca_key_path == NULL) {

error("Too few arguments for verify: "