summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authordjm@openbsd.org <djm@openbsd.org>2019-01-23 04:16:22 +0000
committerDamien Miller <djm@mindrot.org>2019-01-23 15:33:04 +1100
commit851f80328931975fe68f71af363c4537cb896da2 (patch)
tree47d556b9a1f421d080a76999d9b0ab130ab2ae8a
parent2265402dc7d701a9aca9f8a7b7b0fd45b65c479f (diff)
upstream: move a bunch of global flag variables to main(); make the
rest static OpenBSD-Commit-ID: fa431d92584e81fe99f95882f4c56b43fe3242dc
-rw-r--r--ssh-keygen.c176
1 files changed, 82 insertions, 94 deletions
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 6077bb20e..ffb92fd94 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-keygen.c,v 1.324 2019/01/22 20:48:01 djm Exp $ */ 1/* $OpenBSD: ssh-keygen.c,v 1.325 2019/01/23 04:16:22 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -71,75 +71,38 @@
71#define DEFAULT_BITS 2048 71#define DEFAULT_BITS 2048
72#define DEFAULT_BITS_DSA 1024 72#define DEFAULT_BITS_DSA 1024
73#define DEFAULT_BITS_ECDSA 256 73#define DEFAULT_BITS_ECDSA 256
74u_int32_t bits = 0;
75 74
76/* 75static int quiet = 0;
77 * Flag indicating that we just want to change the passphrase. This can be
78 * set on the command line.
79 */
80int change_passphrase = 0;
81
82/*
83 * Flag indicating that we just want to change the comment. This can be set
84 * on the command line.
85 */
86int change_comment = 0;
87
88int quiet = 0;
89
90int log_level = SYSLOG_LEVEL_INFO;
91
92/* Flag indicating that we want to hash a known_hosts file */
93int hash_hosts = 0;
94/* Flag indicating that we want lookup a host in known_hosts file */
95int find_host = 0;
96/* Flag indicating that we want to delete a host from a known_hosts file */
97int delete_host = 0;
98
99/* Flag indicating that we want to show the contents of a certificate */
100int show_cert = 0;
101 76
102/* Flag indicating that we just want to see the key fingerprint */ 77/* Flag indicating that we just want to see the key fingerprint */
103int print_fingerprint = 0; 78static int print_fingerprint = 0;
104int print_bubblebabble = 0; 79static int print_bubblebabble = 0;
105 80
106/* Hash algorithm to use for fingerprints. */ 81/* Hash algorithm to use for fingerprints. */
107int fingerprint_hash = SSH_FP_HASH_DEFAULT; 82static int fingerprint_hash = SSH_FP_HASH_DEFAULT;
108 83
109/* The identity file name, given on the command line or entered by the user. */ 84/* The identity file name, given on the command line or entered by the user. */
110char identity_file[1024]; 85static char identity_file[1024];
111int have_identity = 0; 86static int have_identity = 0;
112 87
113/* This is set to the passphrase if given on the command line. */ 88/* This is set to the passphrase if given on the command line. */
114char *identity_passphrase = NULL; 89static char *identity_passphrase = NULL;
115 90
116/* This is set to the new passphrase if given on the command line. */ 91/* This is set to the new passphrase if given on the command line. */
117char *identity_new_passphrase = NULL; 92static char *identity_new_passphrase = NULL;
118
119/* This is set to the new comment if given on the command line. */
120char *identity_comment = NULL;
121
122/* Path to CA key when certifying keys. */
123char *ca_key_path = NULL;
124
125/* Prefer to use agent keys for CA signing */
126int prefer_agent = 0;
127
128/* Certificate serial number */
129unsigned long long cert_serial = 0;
130 93
131/* Key type when certifying */ 94/* Key type when certifying */
132u_int cert_key_type = SSH2_CERT_TYPE_USER; 95static u_int cert_key_type = SSH2_CERT_TYPE_USER;
133 96
134/* "key ID" of signed key */ 97/* "key ID" of signed key */
135char *cert_key_id = NULL; 98static char *cert_key_id = NULL;
136 99
137/* Comma-separated list of principal names for certifying keys */ 100/* Comma-separated list of principal names for certifying keys */
138char *cert_principals = NULL; 101static char *cert_principals = NULL;
139 102
140/* Validity period for certificates */ 103/* Validity period for certificates */
141u_int64_t cert_valid_from = 0; 104static u_int64_t cert_valid_from = 0;
142u_int64_t cert_valid_to = ~0ULL; 105static u_int64_t cert_valid_to = ~0ULL;
143 106
144/* Certificate options */ 107/* Certificate options */
145#define CERTOPT_X_FWD (1) 108#define CERTOPT_X_FWD (1)
@@ -149,9 +112,9 @@ u_int64_t cert_valid_to = ~0ULL;
149#define CERTOPT_USER_RC (1<<4) 112#define CERTOPT_USER_RC (1<<4)
150#define CERTOPT_DEFAULT (CERTOPT_X_FWD|CERTOPT_AGENT_FWD| \ 113#define CERTOPT_DEFAULT (CERTOPT_X_FWD|CERTOPT_AGENT_FWD| \
151 CERTOPT_PORT_FWD|CERTOPT_PTY|CERTOPT_USER_RC) 114 CERTOPT_PORT_FWD|CERTOPT_PTY|CERTOPT_USER_RC)
152u_int32_t certflags_flags = CERTOPT_DEFAULT; 115static u_int32_t certflags_flags = CERTOPT_DEFAULT;
153char *certflags_command = NULL; 116static char *certflags_command = NULL;
154char *certflags_src_addr = NULL; 117static char *certflags_src_addr = NULL;
155 118
156/* Arbitrary extensions specified by user */ 119/* Arbitrary extensions specified by user */
157struct cert_userext { 120struct cert_userext {
@@ -159,41 +122,37 @@ struct cert_userext {
159 char *val; 122 char *val;
160 int crit; 123 int crit;
161}; 124};
162struct cert_userext *cert_userext; 125static struct cert_userext *cert_userext;
163size_t ncert_userext; 126static size_t ncert_userext;
164 127
165/* Conversion to/from various formats */ 128/* Conversion to/from various formats */
166int convert_to = 0;
167int convert_from = 0;
168enum { 129enum {
169 FMT_RFC4716, 130 FMT_RFC4716,
170 FMT_PKCS8, 131 FMT_PKCS8,
171 FMT_PEM 132 FMT_PEM
172} convert_format = FMT_RFC4716; 133} convert_format = FMT_RFC4716;
173int print_public = 0;
174int print_generic = 0;
175 134
176char *key_type_name = NULL; 135static char *key_type_name = NULL;
177 136
178/* Load key from this PKCS#11 provider */ 137/* Load key from this PKCS#11 provider */
179char *pkcs11provider = NULL; 138static char *pkcs11provider = NULL;
180 139
181/* Use new OpenSSH private key format when writing SSH2 keys instead of PEM */ 140/* Use new OpenSSH private key format when writing SSH2 keys instead of PEM */
182int use_new_format = 1; 141static int use_new_format = 1;
183 142
184/* Cipher for new-format private keys */ 143/* Cipher for new-format private keys */
185char *new_format_cipher = NULL; 144static char *new_format_cipher = NULL;
186 145
187/* 146/*
188 * Number of KDF rounds to derive new format keys / 147 * Number of KDF rounds to derive new format keys /
189 * number of primality trials when screening moduli. 148 * number of primality trials when screening moduli.
190 */ 149 */
191int rounds = 0; 150static int rounds = 0;
192 151
193/* argv0 */ 152/* argv0 */
194extern char *__progname; 153extern char *__progname;
195 154
196char hostname[NI_MAXHOST]; 155static char hostname[NI_MAXHOST];
197 156
198#ifdef WITH_OPENSSL 157#ifdef WITH_OPENSSL
199/* moduli.c */ 158/* moduli.c */
@@ -823,7 +782,7 @@ do_download(struct passwd *pw)
823 fatal("%s: sshkey_fingerprint fail", __func__); 782 fatal("%s: sshkey_fingerprint fail", __func__);
824 printf("%u %s %s (PKCS11 key)\n", sshkey_size(keys[i]), 783 printf("%u %s %s (PKCS11 key)\n", sshkey_size(keys[i]),
825 fp, sshkey_type(keys[i])); 784 fp, sshkey_type(keys[i]));
826 if (log_level >= SYSLOG_LEVEL_VERBOSE) 785 if (log_level_get() >= SYSLOG_LEVEL_VERBOSE)
827 printf("%s\n", ra); 786 printf("%s\n", ra);
828 free(ra); 787 free(ra);
829 free(fp); 788 free(fp);
@@ -871,7 +830,7 @@ fingerprint_one_key(const struct sshkey *public, const char *comment)
871 fatal("%s: sshkey_fingerprint failed", __func__); 830 fatal("%s: sshkey_fingerprint failed", __func__);
872 mprintf("%u %s %s (%s)\n", sshkey_size(public), fp, 831 mprintf("%u %s %s (%s)\n", sshkey_size(public), fp,
873 comment ? comment : "no comment", sshkey_type(public)); 832 comment ? comment : "no comment", sshkey_type(public));
874 if (log_level >= SYSLOG_LEVEL_VERBOSE) 833 if (log_level_get() >= SYSLOG_LEVEL_VERBOSE)
875 printf("%s\n", ra); 834 printf("%s\n", ra);
876 free(ra); 835 free(ra);
877 free(fp); 836 free(fp);
@@ -1019,6 +978,7 @@ do_gen_all_hostkeys(struct passwd *pw)
1019 { NULL, NULL, NULL } 978 { NULL, NULL, NULL }
1020 }; 979 };
1021 980
981 u_int bits = 0;
1022 int first = 0; 982 int first = 0;
1023 struct stat st; 983 struct stat st;
1024 struct sshkey *private, *public; 984 struct sshkey *private, *public;
@@ -1142,6 +1102,9 @@ struct known_hosts_ctx {
1142 int has_unhashed; /* When hashing, original had unhashed hosts */ 1102 int has_unhashed; /* When hashing, original had unhashed hosts */
1143 int found_key; /* For find/delete, host was found */ 1103 int found_key; /* For find/delete, host was found */
1144 int invalid; /* File contained invalid items; don't delete */ 1104 int invalid; /* File contained invalid items; don't delete */
1105 int hash_hosts; /* Hash hostnames as we go */
1106 int find_host; /* Search for specific hostname */
1107 int delete_host; /* Delete host from known_hosts */
1145}; 1108};
1146 1109
1147static int 1110static int
@@ -1161,7 +1124,7 @@ known_hosts_hash(struct hostkey_foreach_line *l, void *_ctx)
1161 */ 1124 */
1162 if (was_hashed || has_wild || l->marker != MRK_NONE) { 1125 if (was_hashed || has_wild || l->marker != MRK_NONE) {
1163 fprintf(ctx->out, "%s\n", l->line); 1126 fprintf(ctx->out, "%s\n", l->line);
1164 if (has_wild && !find_host) { 1127 if (has_wild && !ctx->find_host) {
1165 logit("%s:%lu: ignoring host name " 1128 logit("%s:%lu: ignoring host name "
1166 "with wildcard: %.64s", l->path, 1129 "with wildcard: %.64s", l->path,
1167 l->linenum, l->hosts); 1130 l->linenum, l->hosts);
@@ -1207,7 +1170,7 @@ known_hosts_find_delete(struct hostkey_foreach_line *l, void *_ctx)
1207 rep = print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_DEFAULT; 1170 rep = print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_DEFAULT;
1208 1171
1209 if (l->status == HKF_STATUS_MATCHED) { 1172 if (l->status == HKF_STATUS_MATCHED) {
1210 if (delete_host) { 1173 if (ctx->delete_host) {
1211 if (l->marker != MRK_NONE) { 1174 if (l->marker != MRK_NONE) {
1212 /* Don't remove CA and revocation lines */ 1175 /* Don't remove CA and revocation lines */
1213 fprintf(ctx->out, "%s\n", l->line); 1176 fprintf(ctx->out, "%s\n", l->line);
@@ -1223,7 +1186,7 @@ known_hosts_find_delete(struct hostkey_foreach_line *l, void *_ctx)
1223 ctx->host, l->linenum); 1186 ctx->host, l->linenum);
1224 } 1187 }
1225 return 0; 1188 return 0;
1226 } else if (find_host) { 1189 } else if (ctx->find_host) {
1227 ctx->found_key = 1; 1190 ctx->found_key = 1;
1228 if (!quiet) { 1191 if (!quiet) {
1229 printf("# Host %s found: line %lu %s\n", 1192 printf("# Host %s found: line %lu %s\n",
@@ -1231,7 +1194,7 @@ known_hosts_find_delete(struct hostkey_foreach_line *l, void *_ctx)
1231 l->linenum, l->marker == MRK_CA ? "CA" : 1194 l->linenum, l->marker == MRK_CA ? "CA" :
1232 (l->marker == MRK_REVOKE ? "REVOKED" : "")); 1195 (l->marker == MRK_REVOKE ? "REVOKED" : ""));
1233 } 1196 }
1234 if (hash_hosts) 1197 if (ctx->hash_hosts)
1235 known_hosts_hash(l, ctx); 1198 known_hosts_hash(l, ctx);
1236 else if (print_fingerprint) { 1199 else if (print_fingerprint) {
1237 fp = sshkey_fingerprint(l->key, fptype, rep); 1200 fp = sshkey_fingerprint(l->key, fptype, rep);
@@ -1242,7 +1205,7 @@ known_hosts_find_delete(struct hostkey_foreach_line *l, void *_ctx)
1242 fprintf(ctx->out, "%s\n", l->line); 1205 fprintf(ctx->out, "%s\n", l->line);
1243 return 0; 1206 return 0;
1244 } 1207 }
1245 } else if (delete_host) { 1208 } else if (ctx->delete_host) {
1246 /* Retain non-matching hosts when deleting */ 1209 /* Retain non-matching hosts when deleting */
1247 if (l->status == HKF_STATUS_INVALID) { 1210 if (l->status == HKF_STATUS_INVALID) {
1248 ctx->invalid = 1; 1211 ctx->invalid = 1;
@@ -1254,7 +1217,8 @@ known_hosts_find_delete(struct hostkey_foreach_line *l, void *_ctx)
1254} 1217}
1255 1218
1256static void 1219static void
1257do_known_hosts(struct passwd *pw, const char *name) 1220do_known_hosts(struct passwd *pw, const char *name, int find_host,
1221 int delete_host, int hash_hosts)
1258{ 1222{
1259 char *cp, tmp[PATH_MAX], old[PATH_MAX]; 1223 char *cp, tmp[PATH_MAX], old[PATH_MAX];
1260 int r, fd, oerrno, inplace = 0; 1224 int r, fd, oerrno, inplace = 0;
@@ -1273,6 +1237,9 @@ do_known_hosts(struct passwd *pw, const char *name)
1273 memset(&ctx, 0, sizeof(ctx)); 1237 memset(&ctx, 0, sizeof(ctx));
1274 ctx.out = stdout; 1238 ctx.out = stdout;
1275 ctx.host = name; 1239 ctx.host = name;
1240 ctx.hash_hosts = hash_hosts;
1241 ctx.find_host = find_host;
1242 ctx.delete_host = delete_host;
1276 1243
1277 /* 1244 /*
1278 * Find hosts goes to stdout, hash and deletions happen in-place 1245 * Find hosts goes to stdout, hash and deletions happen in-place
@@ -1437,7 +1404,8 @@ do_change_passphrase(struct passwd *pw)
1437 * Print the SSHFP RR. 1404 * Print the SSHFP RR.
1438 */ 1405 */
1439static int 1406static int
1440do_print_resource_record(struct passwd *pw, char *fname, char *hname) 1407do_print_resource_record(struct passwd *pw, char *fname, char *hname,
1408 int print_generic)
1441{ 1409{
1442 struct sshkey *public; 1410 struct sshkey *public;
1443 char *comment = NULL; 1411 char *comment = NULL;
@@ -1464,7 +1432,7 @@ do_print_resource_record(struct passwd *pw, char *fname, char *hname)
1464 * Change the comment of a private key file. 1432 * Change the comment of a private key file.
1465 */ 1433 */
1466static void 1434static void
1467do_change_comment(struct passwd *pw) 1435do_change_comment(struct passwd *pw, const char *identity_comment)
1468{ 1436{
1469 char new_comment[1024], *comment, *passphrase; 1437 char new_comment[1024], *comment, *passphrase;
1470 struct sshkey *private; 1438 struct sshkey *private;
@@ -1676,7 +1644,8 @@ agent_signer(const struct sshkey *key, u_char **sigp, size_t *lenp,
1676} 1644}
1677 1645
1678static void 1646static void
1679do_ca_sign(struct passwd *pw, int argc, char **argv) 1647do_ca_sign(struct passwd *pw, const char *ca_key_path, int prefer_agent,
1648 unsigned long long cert_serial, int argc, char **argv)
1680{ 1649{
1681 int r, i, fd, found, agent_fd = -1; 1650 int r, i, fd, found, agent_fd = -1;
1682 u_int n; 1651 u_int n;
@@ -2302,7 +2271,9 @@ update_krl_from_file(struct passwd *pw, const char *file, int wild_ca,
2302} 2271}
2303 2272
2304static void 2273static void
2305do_gen_krl(struct passwd *pw, int updating, int argc, char **argv) 2274do_gen_krl(struct passwd *pw, int updating, const char *ca_key_path,
2275 unsigned long long krl_version, const char *krl_comment,
2276 int argc, char **argv)
2306{ 2277{
2307 struct ssh_krl *krl; 2278 struct ssh_krl *krl;
2308 struct stat sb; 2279 struct stat sb;
@@ -2337,10 +2308,10 @@ do_gen_krl(struct passwd *pw, int updating, int argc, char **argv)
2337 else if ((krl = ssh_krl_init()) == NULL) 2308 else if ((krl = ssh_krl_init()) == NULL)
2338 fatal("couldn't create KRL"); 2309 fatal("couldn't create KRL");
2339 2310
2340 if (cert_serial != 0) 2311 if (krl_version != 0)
2341 ssh_krl_set_version(krl, cert_serial); 2312 ssh_krl_set_version(krl, krl_version);
2342 if (identity_comment != NULL) 2313 if (krl_comment != NULL)
2343 ssh_krl_set_comment(krl, identity_comment); 2314 ssh_krl_set_comment(krl, krl_comment);
2344 2315
2345 for (i = 0; i < argc; i++) 2316 for (i = 0; i < argc; i++)
2346 update_krl_from_file(pw, argv[i], wild_ca, ca, krl); 2317 update_krl_from_file(pw, argv[i], wild_ca, ca, krl);
@@ -2439,9 +2410,17 @@ main(int argc, char **argv)
2439 struct passwd *pw; 2410 struct passwd *pw;
2440 struct stat st; 2411 struct stat st;
2441 int r, opt, type, fd; 2412 int r, opt, type, fd;
2413 int change_passphrase = 0, change_comment = 0, show_cert = 0;
2414 int find_host = 0, delete_host = 0, hash_hosts = 0;
2442 int gen_all_hostkeys = 0, gen_krl = 0, update_krl = 0, check_krl = 0; 2415 int gen_all_hostkeys = 0, gen_krl = 0, update_krl = 0, check_krl = 0;
2416 int prefer_agent = 0, convert_to = 0, convert_from = 0;
2417 int print_public = 0, print_generic = 0;
2418 unsigned long long cert_serial = 0;
2419 char *identity_comment = NULL, *ca_key_path = NULL;
2420 u_int bits = 0;
2443 FILE *f; 2421 FILE *f;
2444 const char *errstr; 2422 const char *errstr;
2423 int log_level = SYSLOG_LEVEL_INFO;
2445#ifdef WITH_OPENSSL 2424#ifdef WITH_OPENSSL
2446 /* Moduli generation/screening */ 2425 /* Moduli generation/screening */
2447 char out_file[PATH_MAX], *checkpoint = NULL; 2426 char out_file[PATH_MAX], *checkpoint = NULL;
@@ -2710,7 +2689,8 @@ main(int argc, char **argv)
2710 usage(); 2689 usage();
2711 } 2690 }
2712 if (gen_krl) { 2691 if (gen_krl) {
2713 do_gen_krl(pw, update_krl, argc, argv); 2692 do_gen_krl(pw, update_krl, ca_key_path,
2693 cert_serial, identity_comment, argc, argv);
2714 return (0); 2694 return (0);
2715 } 2695 }
2716 if (check_krl) { 2696 if (check_krl) {
@@ -2720,12 +2700,15 @@ main(int argc, char **argv)
2720 if (ca_key_path != NULL) { 2700 if (ca_key_path != NULL) {
2721 if (cert_key_id == NULL) 2701 if (cert_key_id == NULL)
2722 fatal("Must specify key id (-I) when certifying"); 2702 fatal("Must specify key id (-I) when certifying");
2723 do_ca_sign(pw, argc, argv); 2703 do_ca_sign(pw, ca_key_path, prefer_agent, cert_serial,
2704 argc, argv);
2724 } 2705 }
2725 if (show_cert) 2706 if (show_cert)
2726 do_show_cert(pw); 2707 do_show_cert(pw);
2727 if (delete_host || hash_hosts || find_host) 2708 if (delete_host || hash_hosts || find_host) {
2728 do_known_hosts(pw, rr_hostname); 2709 do_known_hosts(pw, rr_hostname, find_host,
2710 delete_host, hash_hosts);
2711 }
2729 if (pkcs11provider != NULL) 2712 if (pkcs11provider != NULL)
2730 do_download(pw); 2713 do_download(pw);
2731 if (print_fingerprint || print_bubblebabble) 2714 if (print_fingerprint || print_bubblebabble)
@@ -2733,7 +2716,7 @@ main(int argc, char **argv)
2733 if (change_passphrase) 2716 if (change_passphrase)
2734 do_change_passphrase(pw); 2717 do_change_passphrase(pw);
2735 if (change_comment) 2718 if (change_comment)
2736 do_change_comment(pw); 2719 do_change_comment(pw, identity_comment);
2737#ifdef WITH_OPENSSL 2720#ifdef WITH_OPENSSL
2738 if (convert_to) 2721 if (convert_to)
2739 do_convert_to(pw); 2722 do_convert_to(pw);
@@ -2746,23 +2729,28 @@ main(int argc, char **argv)
2746 unsigned int n = 0; 2729 unsigned int n = 0;
2747 2730
2748 if (have_identity) { 2731 if (have_identity) {
2749 n = do_print_resource_record(pw, 2732 n = do_print_resource_record(pw, identity_file,
2750 identity_file, rr_hostname); 2733 rr_hostname, print_generic);
2751 if (n == 0) 2734 if (n == 0)
2752 fatal("%s: %s", identity_file, strerror(errno)); 2735 fatal("%s: %s", identity_file, strerror(errno));
2753 exit(0); 2736 exit(0);
2754 } else { 2737 } else {
2755 2738
2756 n += do_print_resource_record(pw, 2739 n += do_print_resource_record(pw,
2757 _PATH_HOST_RSA_KEY_FILE, rr_hostname); 2740 _PATH_HOST_RSA_KEY_FILE, rr_hostname,
2741 print_generic);
2758 n += do_print_resource_record(pw, 2742 n += do_print_resource_record(pw,
2759 _PATH_HOST_DSA_KEY_FILE, rr_hostname); 2743 _PATH_HOST_DSA_KEY_FILE, rr_hostname,
2744 print_generic);
2760 n += do_print_resource_record(pw, 2745 n += do_print_resource_record(pw,
2761 _PATH_HOST_ECDSA_KEY_FILE, rr_hostname); 2746 _PATH_HOST_ECDSA_KEY_FILE, rr_hostname,
2747 print_generic);
2762 n += do_print_resource_record(pw, 2748 n += do_print_resource_record(pw,
2763 _PATH_HOST_ED25519_KEY_FILE, rr_hostname); 2749 _PATH_HOST_ED25519_KEY_FILE, rr_hostname,
2750 print_generic);
2764 n += do_print_resource_record(pw, 2751 n += do_print_resource_record(pw,
2765 _PATH_HOST_XMSS_KEY_FILE, rr_hostname); 2752 _PATH_HOST_XMSS_KEY_FILE, rr_hostname,
2753 print_generic);
2766 if (n == 0) 2754 if (n == 0)
2767 fatal("no keys found."); 2755 fatal("no keys found.");
2768 exit(0); 2756 exit(0);