version 1.428, 2021/03/12 03:43:40 |
version 1.429, 2021/04/03 06:18:41 |
|
|
fatal("Invalid source-address list"); |
fatal("Invalid source-address list"); |
certflags_src_addr = xstrdup(val); |
certflags_src_addr = xstrdup(val); |
} else if (strncasecmp(opt, "extension:", 10) == 0 || |
} else if (strncasecmp(opt, "extension:", 10) == 0 || |
(iscrit = (strncasecmp(opt, "critical:", 9) == 0))) { |
(iscrit = (strncasecmp(opt, "critical:", 9) == 0))) { |
val = xstrdup(strchr(opt, ':') + 1); |
val = xstrdup(strchr(opt, ':') + 1); |
if ((cp = strchr(val, '=')) != NULL) |
if ((cp = strchr(val, '=')) != NULL) |
*cp++ = '\0'; |
*cp++ = '\0'; |
|
|
fatal_f("sshkey_fingerprint failed"); |
fatal_f("sshkey_fingerprint failed"); |
if (principal == NULL) { |
if (principal == NULL) { |
printf("Good \"%s\" signature with %s key %s\n", |
printf("Good \"%s\" signature with %s key %s\n", |
sig_namespace, sshkey_type(sign_key), fp); |
sig_namespace, sshkey_type(sign_key), fp); |
|
|
} else { |
} else { |
printf("Good \"%s\" signature for %s with %s key %s\n", |
printf("Good \"%s\" signature for %s with %s key %s\n", |
sig_namespace, principal, |
sig_namespace, principal, |
sshkey_type(sign_key), fp); |
sshkey_type(sign_key), fp); |
} |
} |
} else { |
} else { |
printf("Could not verify signature.\n"); |
printf("Could not verify signature.\n"); |
|
|
if (strncmp(sign_op, "find-principals", 15) == 0) { |
if (strncmp(sign_op, "find-principals", 15) == 0) { |
if (ca_key_path == NULL) { |
if (ca_key_path == NULL) { |
error("Too few arguments for find-principals:" |
error("Too few arguments for find-principals:" |
"missing signature file"); |
"missing signature file"); |
exit(1); |
exit(1); |
} |
} |
if (!have_identity) { |
if (!have_identity) { |
error("Too few arguments for find-principals:" |
error("Too few arguments for find-principals:" |
"missing allowed keys file"); |
"missing allowed keys file"); |
exit(1); |
exit(1); |
} |
} |
return sig_find_principals(ca_key_path, identity_file); |
return sig_find_principals(ca_key_path, identity_file); |
|
|
} else if (strncmp(sign_op, "check-novalidate", 16) == 0) { |
} else if (strncmp(sign_op, "check-novalidate", 16) == 0) { |
if (ca_key_path == NULL) { |
if (ca_key_path == NULL) { |
error("Too few arguments for check-novalidate: " |
error("Too few arguments for check-novalidate: " |
"missing signature file"); |
"missing signature file"); |
exit(1); |
exit(1); |
} |
} |
return sig_verify(ca_key_path, cert_principals, |
return sig_verify(ca_key_path, cert_principals, |