=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/ssh-keygen.c,v retrieving revision 1.292 retrieving revision 1.296 diff -u -r1.292 -r1.296 --- src/usr.bin/ssh/ssh-keygen.c 2016/09/12 03:29:16 1.292 +++ src/usr.bin/ssh/ssh-keygen.c 2017/03/03 06:13:11 1.296 @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.292 2016/09/12 03:29:16 dtucker Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.296 2017/03/03 06:13:11 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -28,6 +28,7 @@ #include #include #include +#include #include "xmalloc.h" #include "sshkey.h" @@ -47,6 +48,7 @@ #include "atomicio.h" #include "krl.h" #include "digest.h" +#include "utf8.h" #ifdef ENABLE_PKCS11 #include "ssh-pkcs11.h" @@ -829,7 +831,7 @@ ra = sshkey_fingerprint(public, fingerprint_hash, SSH_FP_RANDOMART); if (fp == NULL || ra == NULL) fatal("%s: sshkey_fingerprint failed", __func__); - printf("%u %s %s (%s)\n", sshkey_size(public), fp, + mprintf("%u %s %s (%s)\n", sshkey_size(public), fp, comment ? comment : "no comment", sshkey_type(public)); if (log_level >= SYSLOG_LEVEL_VERBOSE) printf("%s\n", ra); @@ -1066,6 +1068,7 @@ struct known_hosts_ctx *ctx = (struct known_hosts_ctx *)_ctx; char *hashed, *cp, *hosts, *ohosts; int has_wild = l->hosts && strcspn(l->hosts, "*?!") != strlen(l->hosts); + int was_hashed = l->hosts[0] == HASH_DELIM; switch (l->status) { case HKF_STATUS_OK: @@ -1074,8 +1077,7 @@ * Don't hash hosts already already hashed, with wildcard * characters or a CA/revocation marker. */ - if ((l->match & HKF_MATCH_HOST_HASHED) != 0 || - has_wild || l->marker != MRK_NONE) { + if (was_hashed || has_wild || l->marker != MRK_NONE) { fprintf(ctx->out, "%s\n", l->line); if (has_wild && !find_host) { logit("%s:%ld: ignoring host name " @@ -1150,7 +1152,7 @@ known_hosts_hash(l, ctx); else if (print_fingerprint) { fp = sshkey_fingerprint(l->key, fptype, rep); - printf("%s %s %s %s\n", ctx->host, + mprintf("%s %s %s %s\n", ctx->host, sshkey_type(l->key), fp, l->comment); free(fp); } else @@ -1301,7 +1303,7 @@ fatal("Failed to load key %s: %s", identity_file, ssh_err(r)); } if (comment) - printf("Key has comment '%s'\n", comment); + mprintf("Key has comment '%s'\n", comment); /* Ask the new passphrase (twice). */ if (identity_new_passphrase) { @@ -1425,7 +1427,10 @@ sshkey_free(private); exit(1); } - printf("Key now has comment '%s'\n", comment); + if (comment) + printf("Key now has comment '%s'\n", comment); + else + printf("Key now has no comment\n"); if (identity_comment) { strlcpy(new_comment, identity_comment, sizeof(new_comment)); @@ -2189,11 +2194,17 @@ } #endif +#ifdef WITH_SSH1 +# define RSA1_USAGE " | rsa1" +#else +# define RSA1_USAGE "" +#endif + static void usage(void) { fprintf(stderr, - "usage: ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa | rsa1]\n" + "usage: ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa%s]\n" " [-N new_passphrase] [-C comment] [-f output_keyfile]\n" " ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile]\n" " ssh-keygen -i [-m key_format] [-f input_keyfile]\n" @@ -2201,7 +2212,7 @@ " ssh-keygen -y [-f input_keyfile]\n" " ssh-keygen -c [-P passphrase] [-C comment] [-f keyfile]\n" " ssh-keygen -l [-v] [-E fingerprint_hash] [-f input_keyfile]\n" - " ssh-keygen -B [-f input_keyfile]\n"); + " ssh-keygen -B [-f input_keyfile]\n", RSA1_USAGE); #ifdef ENABLE_PKCS11 fprintf(stderr, " ssh-keygen -D pkcs11\n"); @@ -2259,6 +2270,8 @@ OpenSSL_add_all_algorithms(); log_init(argv[0], SYSLOG_LEVEL_INFO, SYSLOG_FACILITY_USER, 1); + + setlocale(LC_CTYPE, ""); /* we need this for the home * directory. */ pw = getpwuid(getuid());