version 1.449, 2022/03/18 02:31:25 |
version 1.451, 2022/05/08 22:58:35 |
|
|
char *privpath = xstrdup(keypath); |
char *privpath = xstrdup(keypath); |
static const char * const suffixes[] = { "-cert.pub", ".pub", NULL }; |
static const char * const suffixes[] = { "-cert.pub", ".pub", NULL }; |
struct sshkey *ret = NULL, *privkey = NULL; |
struct sshkey *ret = NULL, *privkey = NULL; |
int r; |
int r, waspub = 0; |
|
struct stat st; |
|
|
/* |
/* |
* If passed a public key filename, then try to locate the corresponding |
* If passed a public key filename, then try to locate the corresponding |
|
|
privpath[plen - slen] = '\0'; |
privpath[plen - slen] = '\0'; |
debug_f("%s looks like a public key, using private key " |
debug_f("%s looks like a public key, using private key " |
"path %s instead", keypath, privpath); |
"path %s instead", keypath, privpath); |
|
waspub = 1; |
} |
} |
if ((privkey = load_identity(privpath, NULL)) == NULL) { |
if (waspub && stat(privpath, &st) != 0 && errno == ENOENT) |
error("Couldn't load identity %s", keypath); |
fatal("No private key found for public key \"%s\"", keypath); |
goto done; |
if ((r = sshkey_load_private(privpath, "", &privkey, NULL)) != 0 && |
} |
(r != SSH_ERR_KEY_WRONG_PASSPHRASE)) { |
|
debug_fr(r, "load private key \"%s\"", privpath); |
|
fatal("No private key found for \"%s\"", privpath); |
|
} else if (privkey == NULL) |
|
privkey = load_identity(privpath, NULL); |
|
|
if (!sshkey_equal_public(pubkey, privkey)) { |
if (!sshkey_equal_public(pubkey, privkey)) { |
error("Public key %s doesn't match private %s", |
error("Public key %s doesn't match private %s", |
keypath, privpath); |
keypath, privpath); |
|
|
return sig_sign(identity_file, cert_principals, |
return sig_sign(identity_file, cert_principals, |
argc, argv, opts, nopts); |
argc, argv, opts, nopts); |
} else if (strncmp(sign_op, "check-novalidate", 16) == 0) { |
} else if (strncmp(sign_op, "check-novalidate", 16) == 0) { |
|
/* NB. cert_principals is actually namespace, via -n */ |
if (cert_principals == NULL || |
if (cert_principals == NULL || |
*cert_principals == '\0') { |
*cert_principals == '\0') { |
error("Too few arguments for check-novalidate: " |
error("Too few arguments for check-novalidate: " |