src/usr.bin/ssh/ssh-keygen.c - diff

Return to ssh-keygen.c CVS log

Up to [local] / src / usr.bin / ssh

Diff for /src/usr.bin/ssh/ssh-keygen.c between version 1.423 and 1.430

version 1.423, 2020/10/29 03:01:18

version 1.430, 2021/07/05 01:16:46

Line 26

#include <fcntl.h>

#include <netdb.h>

#include <pwd.h>

#include <stdarg.h>

#include <stdio.h>

#include <stdlib.h>

#include <string.h>

#include <stdarg.h>

#include <unistd.h>

#include <limits.h>

#include <locale.h>

Line 55

#include "sshsig.h"

#include "ssh-sk.h"

#include "sk-api.h" /* XXX for SSH_SK_USER_PRESENCE_REQD; remove */

#include "cipher.h"

#ifdef ENABLE_PKCS11

#include "ssh-pkcs11.h"

Line 1317

Line 1318

foreach_options |= print_fingerprint ? HKF_WANT_PARSE_KEY : 0;

if ((r = hostkeys_foreach(identity_file, (find_host || !hash_hosts) ?

known_hosts_find_delete : known_hosts_hash, &ctx, name, NULL,

foreach_options)) != 0) {

foreach_options, 0)) != 0) {

if (inplace)

unlink(tmp);

fatal_fr(r, "hostkeys_foreach");

Line 1831

Line 1832

}

r = sshkey_certify(public, ca, key_type_name,

sk_provider, pin);

notify_complete(notifier);

notify_complete(notifier, "User presence confirmed");

if (r != 0)

fatal_r(r, "Couldn't certify key %s", tmp);

}

Line 1985

Line 1986

fatal("Invalid source-address list");

certflags_src_addr = xstrdup(val);

} else if (strncasecmp(opt, "extension:", 10) == 0 ||

(iscrit = (strncasecmp(opt, "critical:", 9) == 0))) {

val = xstrdup(strchr(opt, ':') + 1);

if ((cp = strchr(val, '=')) != NULL)

*cp++ = '\0';

Line 2705

Line 2706

fatal_f("sshkey_fingerprint failed");

if (principal == NULL) {

printf("Good \"%s\" signature with %s key %s\n",

sig_namespace, sshkey_type(sign_key), fp);

} else {

printf("Good \"%s\" signature for %s with %s key %s\n",

sig_namespace, principal,

sshkey_type(sign_key), fp);

}

} else {

printf("Could not verify signature.\n");

Line 3044

Line 3045

"usage: ssh-keygen [-q] [-a rounds] [-b bits] [-C comment] [-f output_keyfile]\n"

" [-m format] [-N new_passphrase] [-O option]\n"

" [-w provider]\n"

" [-w provider] [-Z cipher]\n"

" ssh-keygen -p [-a rounds] [-f keyfile] [-m format] [-N new_passphrase]\n"

" [-P old_passphrase]\n"

" [-P old_passphrase] [-Z cipher]\n"

" ssh-keygen -i [-f input_keyfile] [-m key_format]\n"

" ssh-keygen -e [-f input_keyfile] [-m key_format]\n"

" ssh-keygen -y [-f input_keyfile]\n"

Line 3129

Line 3130

pw = getpwuid(getuid());

if (!pw)

fatal("No user exists for uid %lu", (u_long)getuid());

pw = pwcopy(pw);

if (gethostname(hostname, sizeof(hostname)) == -1)

fatal("gethostname: %s", strerror(errno));

Line 3234

Line 3236

break;

case 'Z':

openssh_format_cipher = optarg;

if (cipher_by_name(openssh_format_cipher) == NULL)

fatal("Invalid OpenSSH-format cipher '%s'",

openssh_format_cipher);

break;

case 'C':

identity_comment = optarg;

Line 3340

Line 3345

if (strncmp(sign_op, "find-principals", 15) == 0) {

if (ca_key_path == NULL) {

error("Too few arguments for find-principals:"

"missing signature file");

exit(1);

}

if (!have_identity) {

error("Too few arguments for find-principals:"

"missing allowed keys file");

exit(1);

}

return sig_find_principals(ca_key_path, identity_file);

Line 3366

Line 3371

} else if (strncmp(sign_op, "check-novalidate", 16) == 0) {

if (ca_key_path == NULL) {

error("Too few arguments for check-novalidate: "

"missing signature file");

exit(1);

}

return sig_verify(ca_key_path, cert_principals,